"Blauer Kreis" neben Windows Pfeil blinkt ständig

Man19321 · 23.10.2016, 07:34

Seid heute blint der blaue Kreis ständig als würde der Rechner auf etwas zugreifen wollen.
Was könnte denn da die Ursache sein?

deeprybka · 23.10.2016, 11:06

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Man19321 · 23.10.2016, 13:20

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von Didi (Administrator) auf DIETMAR (23-10-2016 14:12:20)
Gestartet von C:\Users\Didi\Downloads
Geladene Profile: Didi (Verfügbare Profile: Didi)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Dropbox, Inc.) C:\WINDOWS\System32\DbxSvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(Dritek System INC.) C:\WINDOWS\RfBtnSvc64.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avpui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\WINDOWS\System32\SkyDrive.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
(Intel Corporation) C:\WINDOWS\System32\igfxTray.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\WINDOWS\System32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
() C:\Mouse driver\mouse_driver.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtPreLoad.exe [64640 2013-01-28] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-09-01] (Apple Inc.)
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1828136 2007-08-08] (Nero AG)
HKLM-x32\...\Run: [uni mouse driver] => C:\Mouse driver\mouse_driver.exe [2972672 2011-11-09] ()
HKLM-x32\...\Run: [uni mouse driver tilt] => C:\Mouse driver\wh_exec.exe [147456 2010-10-05] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25366584 2016-10-10] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1429076904-2917619043-331896613-1002\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-21] (Nero AG)
HKU\S-1-5-21-1429076904-2917619043-331896613-1002\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2012-09-27] ()
HKU\S-1-5-21-1429076904-2917619043-331896613-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-1429076904-2917619043-331896613-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-1429076904-2917619043-331896613-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-1429076904-2917619043-331896613-1002\...\Run: [Epson Stylus SX125] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1429076904-2917619043-331896613-1002\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-07-08] (Apple Inc.)
HKU\S-1-5-18\...\Run: [SOS_Agent] => "C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe" -agent
HKU\S-1-5-18\...\Run: [SOS Browser Monitor] => "C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [170688 2016-10-18] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148016 2016-10-18] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-09-03]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-10-10] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ATTENTION
HKU\S-1-5-21-1429076904-2917619043-331896613-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1429076904-2917619043-331896613-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1429076904-2917619043-331896613-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1429076904-2917619043-331896613-1002 -> DefaultScope {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL = 
SearchScopes: HKU\S-1-5-21-1429076904-2917619043-331896613-1002 -> {1A36B4D0-DCFF-4AE1-A358-D288D012B9A5} URL = 
SearchScopes: HKU\S-1-5-21-1429076904-2917619043-331896613-1002 -> {5A09D5D9-81DC-4DE2-84FA-A5A3BBF05DFB} URL = https://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-01-28] (Qualcomm Atheros Commnucations)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-05-27] (DVDVideoSoft Ltd.)
BHO: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\x64\ie_engine.dll [2016-07-15] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-30] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-30] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-07-16] (DVDVideoSoft Ltd.)
BHO-x32: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\ie_engine.dll [2016-07-15] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3E66DC7E-1DDF-4498-AC18-B67AAEC37C10}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{58172FD2-50FC-4D4E-BF44-395E1E0C88B3}: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default
FF NewTab: www.google.de
FF SelectedSearchEngine: Google Default
FF Homepage: https://www.google.de/?gfe_rd=cr&ei=OBaZVLf5JsiI8QfWqYGQBA&gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-08-25] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-30] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll [2014-01-29] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll No File
FF Plugin HKU\S-1-5-21-1429076904-2917619043-331896613-1002: @phonostar.de/phonostar-Player -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll Keine Datei
FF Plugin HKU\S-1-5-21-1429076904-2917619043-331896613-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Didi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-10-14] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\user.js [2014-07-23]
FF Plugin ProgramFiles/Appdata: C:\Users\Didi\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\searchplugins\google-images.xml [2015-09-18]
FF SearchPlugin: C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\searchplugins\google-maps.xml [2015-09-18]
FF SearchPlugin: C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\searchplugins\youtube.xml [2015-11-13]
FF Extension: Toolbar für amazon.de - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\0001.amztoolbar@minimalarts.de [2014-07-28]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\artur.dubovoy@gmail.com [2016-07-31]
FF Extension: Quick Start - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\lightningnewtab@gmail.com [2014-02-20]
FF Extension: Flash and Video Download - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-09-19]
FF Extension: Cliqz - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\cliqz@cliqz.com.xpi [2015-09-18]
FF Extension: Firefox Hotfix - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-02]
FF Extension: Universal Downloader - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d}.xpi [2013-03-29]
FF Extension: Video DownloadHelper - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-15]
FF Extension: Adblock Plus - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-01]
FF Extension: BetterPrivacy - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-10-04]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-10-21]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: Kein Name - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-04-29]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKU\S-1-5-21-1429076904-2917619043-331896613-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-07-09]
FF HKU\S-1-5-21-1429076904-2917619043-331896613-1002\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: C:\Users\Didi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Didi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-22]
CHR Extension: (Google Docs) - C:\Users\Didi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-22]
CHR Extension: (Google Drive) - C:\Users\Didi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-22]
CHR Extension: (YouTube) - C:\Users\Didi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-22]
CHR Extension: (Google Search) - C:\Users\Didi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-22]
CHR Extension: (Google Sheets) - C:\Users\Didi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-22]
CHR Extension: (Avira Browser Safety) - C:\Users\Didi\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-07-31]
CHR Extension: (Google Docs Offline) - C:\Users\Didi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (What's your name?) - C:\Users\Didi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-26]
CHR Extension: (Video DownloadHelper) - C:\Users\Didi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2016-09-28]
CHR Extension: (Black carbon + silver metal) - C:\Users\Didi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lodhggoaglindpoejnjldimdlikkphph [2016-09-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Didi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-22]
CHR Extension: (Gmail) - C:\Users\Didi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-22]
CHR Extension: (Chrome Media Router) - C:\Users\Didi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-21]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - https://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - https://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - https://clients2.google.com/service/update2/crx

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [Datei ist nicht signiert]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2787584 2013-10-30] (Acer Incorporated)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-07] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-07] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [38000 2016-10-10] (Dropbox, Inc.)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135352 2015-07-29] (ELAN Microelectronics Corp.)
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-09-26] (WildTangent)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [836904 2007-08-08] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-21] (Nero AG)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-02] (NTI Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-10-18] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-09-30] (NVIDIA Corporation)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [Datei ist nicht signiert]
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-27] (Dritek System INC.)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2014-12-16] (Copyright 2013 SAMSUNG)
S3 tonlinedeBrowser7Maintenance; C:\Program Files (x86)\t-online.de Browser 7 Maintenance Service\maintenanceservice.exe [147176 2016-07-19] (t-online.de)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2014-08-11] () [Datei ist nicht signiert]
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2012-08-29] (Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [237400 2016-08-17] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-10-23] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [992600 2016-08-17] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [51288 2016-04-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-08-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [110424 2016-08-17] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
S3 LGJoyHidFilter; C:\Windows\system32\drivers\LGJoyHidFilter.sys [58144 2015-06-11] (Logitech Inc.)
S3 LGJoyHidLo; C:\Windows\system32\drivers\LGJoyHidLo.sys [47656 2015-06-11] (Logitech Inc.)
S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2014-08-11] () [Datei ist nicht signiert]
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-09-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47672 2016-09-17] (NVIDIA Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-27] (Dritek System Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 whfltr2k; C:\Windows\System32\drivers\whfltr2k.sys [10368 2009-09-16] ()
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-23 14:12 - 2016-10-23 14:13 - 00035491 _____ C:\Users\Didi\Downloads\FRST.txt
2016-10-23 14:11 - 2016-10-23 14:12 - 00000000 ____D C:\FRST
2016-10-23 14:11 - 2016-10-23 14:11 - 02169856 _____ (Farbar) C:\Users\Didi\Downloads\FRST64.exe
2016-10-23 08:10 - 2016-10-23 09:49 - 00000154 _____ C:\WINDOWS\setupact.log
2016-10-23 08:10 - 2016-10-23 08:10 - 00000000 _____ C:\WINDOWS\setuperr.log
2016-10-21 21:11 - 2016-10-23 08:08 - 00000000 ____D C:\Users\Didi\AppData\Local\AcerPortal
2016-10-21 21:10 - 2016-10-21 21:10 - 00000000 ____D C:\Users\Didi\AppData\Local\AOP SDK
2016-10-21 21:10 - 2016-10-21 21:10 - 00000000 ____D C:\Users\Didi\AppData\Local\abFiles
2016-10-21 20:26 - 2016-10-21 20:26 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2016-10-21 20:26 - 2016-10-21 20:26 - 00000000 ____D C:\WINDOWS\system32\NV
2016-10-21 20:21 - 2016-09-13 01:48 - 00085680 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-21 20:21 - 2016-09-10 00:52 - 00921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2016-10-21 20:21 - 2016-09-10 00:14 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2016-10-21 20:21 - 2016-09-09 16:15 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-10-21 20:21 - 2016-09-09 16:09 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2016-10-21 20:21 - 2016-09-09 16:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-21 20:21 - 2016-09-09 16:03 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-10-21 20:21 - 2016-09-09 16:02 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-10-21 20:21 - 2016-09-09 15:38 - 01629184 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-21 20:21 - 2016-09-09 15:38 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-21 20:21 - 2016-09-09 15:38 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-21 20:21 - 2016-09-03 20:20 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsidsc.dll
2016-10-21 20:21 - 2016-09-03 20:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2016-10-21 20:21 - 2016-09-03 19:21 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsidsc.dll
2016-10-21 20:21 - 2016-09-03 18:12 - 00512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-10-21 20:21 - 2016-09-03 18:05 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-10-21 20:21 - 2016-09-03 17:58 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-10-21 20:21 - 2016-09-02 16:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-10-21 20:21 - 2016-09-02 16:05 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-10-21 20:21 - 2016-09-01 16:33 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-10-21 20:21 - 2016-09-01 16:33 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-10-21 20:21 - 2016-09-01 16:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-10-21 20:21 - 2016-08-30 16:11 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-10-21 20:21 - 2016-08-30 04:45 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll
2016-10-21 20:21 - 2016-08-30 04:18 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-10-21 20:21 - 2016-08-30 04:18 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-10-21 20:21 - 2016-08-30 04:03 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-10-21 20:21 - 2016-08-22 15:34 - 01628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-21 20:20 - 2016-09-09 15:38 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-21 20:20 - 2016-09-09 15:38 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-21 20:20 - 2016-09-09 15:38 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-21 20:20 - 2016-09-09 15:38 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-21 20:20 - 2016-09-09 15:38 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-10-21 20:20 - 2016-09-09 15:38 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-21 19:59 - 2016-10-21 19:59 - 00001276 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2016-10-21 19:59 - 2016-10-21 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2016-10-21 19:40 - 2016-10-21 20:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-21 19:36 - 2016-10-21 19:36 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-10-21 19:36 - 2016-10-18 21:52 - 07471705 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-10-21 19:36 - 2016-10-18 21:52 - 06386232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-10-21 19:36 - 2016-10-18 21:52 - 02477624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-10-21 19:36 - 2016-10-18 21:52 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-10-21 19:36 - 2016-10-18 21:52 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-10-21 19:36 - 2016-10-18 21:52 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-10-21 19:36 - 2016-10-18 21:52 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-10-21 19:36 - 2016-10-18 21:52 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-10-21 19:36 - 2016-09-09 20:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-10-21 19:36 - 2016-09-09 20:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-10-21 19:36 - 2016-09-09 20:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-10-21 19:36 - 2016-09-09 20:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-10-21 19:26 - 2016-10-18 23:23 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 35222464 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 34699712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 28167616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 19917400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 17426520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 17338792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 14394528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 14018496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-10-21 19:26 - 2016-10-18 23:23 - 10910184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 10754624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 10295048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 09099400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 08912488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 08692872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 03930688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 03629624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 03469408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 03191744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437557.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437557.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 01035712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 00973760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 00492560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 00407248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 00170688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 00153368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 00148016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 00131720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-10-21 19:26 - 2016-10-18 23:23 - 00041344 _____ C:\WINDOWS\system32\nvinfo.pb
2016-10-21 19:26 - 2016-10-18 23:23 - 00038336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2016-10-21 19:26 - 2016-10-18 23:23 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-10-21 19:26 - 2016-10-18 23:23 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-10-19 04:16 - 2016-10-23 08:08 - 00000000 ____D C:\Users\Didi\Desktop\OpenOffice 4.1.3 (de) Installation Files
2016-10-19 04:14 - 2016-10-19 04:14 - 171330228 _____ C:\Users\Didi\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_de.exe
2016-10-18 03:50 - 2016-10-18 03:50 - 00000000 ____D C:\Users\Didi\AppData\Local\Facebook
2016-10-18 03:49 - 2016-10-18 03:49 - 00110912 _____ () C:\Users\Didi\Downloads\FacebookGameroom.exe
2016-10-15 05:48 - 2016-10-15 05:48 - 00000424 _____ C:\Users\Didi\Desktop\Dieser PC - Verknüpfung.lnk
2016-10-14 04:52 - 2016-10-14 04:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-10-12 04:05 - 2016-10-01 02:22 - 07444312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-12 04:05 - 2016-09-30 09:55 - 25765376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-12 04:05 - 2016-09-30 08:25 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-12 04:05 - 2016-09-30 08:25 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-12 04:05 - 2016-09-30 08:12 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-10-12 04:05 - 2016-09-30 08:09 - 06048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-12 04:05 - 2016-09-30 07:47 - 20306944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-12 04:05 - 2016-09-30 07:42 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-12 04:05 - 2016-09-30 07:41 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-12 04:05 - 2016-09-30 07:38 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-12 04:05 - 2016-09-30 07:33 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-10-12 04:05 - 2016-09-30 07:33 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-10-12 04:05 - 2016-09-30 07:32 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-12 04:05 - 2016-09-30 07:32 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-10-12 04:05 - 2016-09-30 07:31 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-10-12 04:05 - 2016-09-30 07:21 - 15257088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-12 04:05 - 2016-09-30 07:17 - 02920960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-12 04:05 - 2016-09-30 07:12 - 04608512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-12 04:05 - 2016-09-30 07:11 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-12 04:05 - 2016-09-30 07:06 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-10-12 04:05 - 2016-09-30 07:05 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-10-12 04:05 - 2016-09-30 07:05 - 01544192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-12 04:05 - 2016-09-30 07:05 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-12 04:05 - 2016-09-30 07:03 - 13653504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-12 04:05 - 2016-09-30 06:54 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-12 04:05 - 2016-09-30 06:46 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-12 04:05 - 2016-09-30 06:43 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-12 04:05 - 2016-09-30 06:42 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-10-12 04:05 - 2016-09-17 20:16 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-12 04:05 - 2016-09-17 19:53 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-10-12 04:05 - 2016-09-17 19:21 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-12 04:05 - 2016-09-17 19:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-10-12 04:05 - 2016-09-17 19:02 - 01446400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-12 04:05 - 2016-09-14 03:53 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-12 04:05 - 2016-09-14 03:53 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-12 04:05 - 2016-09-14 03:53 - 01490112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-12 04:05 - 2016-09-14 03:53 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-12 04:05 - 2016-09-13 00:03 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-12 04:05 - 2016-09-12 23:01 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-12 04:05 - 2016-09-09 16:17 - 04170752 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-10-12 04:05 - 2016-09-08 22:41 - 00121176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-12 04:05 - 2016-09-08 16:00 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-12 04:05 - 2016-09-08 16:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-12 04:05 - 2016-09-08 00:07 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-12 04:05 - 2016-09-07 23:59 - 01754112 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-12 04:05 - 2016-09-07 23:59 - 01377792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-12 04:05 - 2016-09-07 23:57 - 01560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-12 04:05 - 2016-09-07 23:56 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-12 04:05 - 2016-08-31 19:22 - 03754496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-12 04:05 - 2016-08-31 18:33 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-12 03:57 - 2016-10-23 07:49 - 00496303 _____ C:\WINDOWS\WindowsUpdate.log
2016-10-10 20:30 - 2016-10-10 20:30 - 00074352 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-10-10 20:30 - 2016-10-10 20:30 - 00074352 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-10-10 20:30 - 2016-10-10 20:30 - 00074352 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-10-10 20:30 - 2016-10-10 20:30 - 00038000 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-10-05 14:35 - 2016-10-05 14:35 - 00002128 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-10-05 14:35 - 2016-10-05 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-09-29 11:20 - 2016-10-07 06:58 - 00001392 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-09-29 11:19 - 2016-10-18 21:45 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-09-29 11:19 - 2016-10-07 06:58 - 00003778 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-09-29 11:19 - 2016-10-07 06:57 - 00003590 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-09-29 11:19 - 2016-09-30 06:24 - 01842624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-09-29 11:19 - 2016-09-30 06:24 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-09-29 11:19 - 2016-09-30 06:24 - 01444288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-09-29 11:19 - 2016-09-30 06:24 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-09-29 11:19 - 2016-09-30 06:24 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-09-29 11:19 - 2016-09-29 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-09-29 11:18 - 2016-10-07 06:57 - 00003828 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-09-29 11:18 - 2016-10-07 06:57 - 00003828 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-09-29 11:18 - 2016-10-07 06:57 - 00003766 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-09-29 11:18 - 2016-10-07 06:57 - 00003530 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-09-29 10:00 - 2016-09-29 10:09 - 00000000 ____D C:\ProgramData\Ashampoo
2016-09-29 10:00 - 2016-09-29 10:09 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2016-09-29 07:41 - 2016-09-29 07:41 - 00000000 ___HD C:\$Windows.~WS
2016-09-29 07:14 - 2016-09-29 07:14 - 00000000 ____D C:\WINDOWS\pss
2016-09-28 06:11 - 2016-09-29 07:44 - 00000000 ____D C:\ESD
2016-09-28 06:10 - 2016-09-29 07:44 - 00000000 ____D C:\WINDOWS\Panther

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-23 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2016-10-23 13:55 - 2015-11-20 21:10 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-10-23 13:50 - 2015-11-07 04:45 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-10-23 13:42 - 2012-12-01 21:54 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1429076904-2917619043-331896613-1002
2016-10-23 13:40 - 2013-03-07 06:13 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-23 13:38 - 2014-10-02 05:44 - 00000000 ___RD C:\Users\Didi\iCloudDrive
2016-10-23 13:37 - 2015-11-07 04:45 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-10-23 13:37 - 2014-07-08 22:57 - 00000000 __RDO C:\Users\Didi\OneDrive
2016-10-23 13:37 - 2014-07-08 22:08 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-23 09:49 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-23 09:48 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-10-23 09:39 - 2012-12-08 07:18 - 00000000 ____D C:\Users\Didi\AppData\Local\CrashDumps
2016-10-23 09:32 - 2013-03-07 06:13 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-23 09:30 - 2013-12-10 20:54 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-10-23 08:24 - 2014-07-08 23:27 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-23 08:11 - 2014-07-08 22:20 - 00000000 ____D C:\Users\Didi
2016-10-23 08:10 - 2015-02-05 08:26 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2016-10-23 08:08 - 2013-11-16 07:20 - 00000000 ____D C:\Users\Didi\AppData\Local\AcerRemoteFile
2016-10-23 08:08 - 2012-12-01 21:56 - 00000000 ____D C:\Users\Didi\AppData\Local\clear.fi
2016-10-23 08:08 - 2012-09-03 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-10-23 07:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\registration
2016-10-23 07:52 - 2013-09-03 07:06 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2016-10-23 07:51 - 2012-09-03 13:21 - 00000000 ____D C:\Program Files (x86)\Acer
2016-10-21 20:33 - 2014-03-18 12:03 - 01804156 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-21 20:33 - 2014-03-18 11:25 - 00775588 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-21 20:33 - 2014-03-18 11:25 - 00163774 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-21 20:25 - 2012-12-01 22:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-21 20:22 - 2014-12-11 22:56 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-21 20:22 - 2014-07-08 23:48 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-10-21 20:22 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-10-21 20:21 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-21 19:59 - 2015-11-20 21:10 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-10-21 19:50 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-21 19:43 - 2015-01-22 10:02 - 00002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-21 19:43 - 2015-01-22 10:02 - 00002159 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-21 19:37 - 2014-07-08 22:08 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-10-21 19:36 - 2014-07-08 22:08 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-21 19:36 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Help
2016-10-16 18:29 - 2014-07-12 11:02 - 00150016 ___SH C:\Users\Didi\Downloads\Thumbs.db
2016-10-15 06:06 - 2012-12-08 07:37 - 00000000 ____D C:\Users\Didi\AppData\Roaming\vlc
2016-10-15 06:00 - 2012-12-02 05:00 - 00000000 ____D C:\Users\Didi\dwhelper
2016-10-15 05:53 - 2014-12-30 08:59 - 00004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-10-15 05:52 - 2015-07-14 22:00 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-15 05:45 - 2014-07-09 13:41 - 00041472 ___SH C:\Users\Didi\Desktop\Thumbs.db
2016-10-14 04:53 - 2015-11-07 04:45 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-10-14 04:52 - 2014-08-09 23:17 - 00000222 _____ C:\Users\Didi\BullseyeCoverageError.txt
2016-10-12 06:30 - 2013-12-10 20:54 - 00003636 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-10-12 06:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-10-12 06:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-10-12 04:22 - 2013-08-22 16:44 - 00362792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-12 04:22 - 2013-03-21 19:18 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-12 04:22 - 2013-03-21 19:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-12 04:14 - 2013-07-10 23:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 04:08 - 2013-03-21 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-12 04:08 - 2012-12-12 00:25 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-07 19:41 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-10-07 07:19 - 2014-07-08 22:08 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-10-05 21:09 - 2013-10-27 02:02 - 00000000 ____D C:\ProgramData\iRinger
2016-10-05 21:03 - 2014-01-29 05:54 - 00000000 ____D C:\Users\Didi\Documents\iRinger Tones
2016-10-05 14:35 - 2013-03-07 06:13 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-01 02:15 - 2016-09-18 08:37 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-01 02:15 - 2016-09-18 08:37 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-29 11:20 - 2014-01-08 13:55 - 00000000 ____D C:\Users\Didi\AppData\Local\NVIDIA Corporation
2016-09-29 11:19 - 2014-01-08 13:52 - 00000000 ____D C:\Users\Didi\AppData\Local\NVIDIA
2016-09-29 10:52 - 2012-09-03 13:26 - 00002158 _____ C:\WINDOWS\System32\Tasks\iuEmailOutlookAgent
2016-09-29 10:52 - 2012-09-03 13:26 - 00002152 _____ C:\WINDOWS\System32\Tasks\iuBrowserIEAgent
2016-09-29 07:44 - 2014-07-08 22:16 - 00038577 _____ C:\WINDOWS\diagwrn.xml
2016-09-29 07:44 - 2014-07-08 22:16 - 00035507 _____ C:\WINDOWS\diagerr.xml
2016-09-29 07:15 - 2014-07-08 23:26 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-09-29 04:39 - 2014-07-08 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-09-29 04:39 - 2013-11-10 21:21 - 00001078 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-09-25 16:46 - 2013-03-07 06:13 - 00000000 ____D C:\Users\Didi\AppData\Local\Google
2016-09-25 07:47 - 2014-07-09 10:23 - 00003778 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B359B1B8-EB73-4B1C-8189-F5625C3DF0CD}

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-30 19:39 - 2015-08-30 19:39 - 6420480 _____ () C:\Program Files (x86)\GUT204D.tmp
2013-09-03 07:56 - 2013-09-03 07:56 - 0005892 _____ () C:\Users\Didi\AppData\Local\HWVendorDetection.log
2013-01-25 08:37 - 2013-03-05 08:35 - 0007597 _____ () C:\Users\Didi\AppData\Local\Resmon.ResmonCfg
2012-09-27 12:04 - 2012-09-27 12:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Didi\AppData\Local\Temp\BullseyeCoverage-2-x86.dll


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-30 01:04

==================== Ende von log ============================

Man19321 · 23.10.2016, 13:22

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015
durchgeführt von Didi (2016-10-23 14:13:19)
Gestartet von C:\Users\Didi\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1429076904-2917619043-331896613-500 - Administrator - Disabled)
Didi (S-1-5-21-1429076904-2917619043-331896613-1002 - Administrator - Enabled) => C:\Users\Didi
Gast (S-1-5-21-1429076904-2917619043-331896613-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1429076904-2917619043-331896613-1008 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

"Dresden - Nürnberg" - 2. ProTrain Perfect Addon 1.0 (HKLM-x32\...\"Dresden - Nürnberg" - 2. ProTrain Perfect Addon 1.0) (Version: 1.0 - Blue Sky Interactive)
"Dresden - Nürnberg" - 2. V 1.1 1.0 (HKLM-x32\...\"Dresden - Nürnberg" - 2. V 1.1 1.0) (Version: 1.0 - Blue Sky Interactive)
"Nürnberg - München" - ProTrain Perfect Addon 1.0 (HKLM-x32\...\"Nürnberg - München" - ProTrain Perfect Addon 1.0) (Version: 1.0 - Blue Sky Interactive)
"Saalfeld-Nürnberg" - ProTrain Perfect Addon 1.0 (HKLM-x32\...\"Saalfeld-Nürnberg" - ProTrain Perfect Addon 1.0) (Version: 1.0 - Blue Sky Interactive)
"S-Bahn Leipzig" -  2 CAB Edition ( V1.1B ) 1.1B (HKLM-x32\...\"S-Bahn Leipzig" -  2 CAB Edition ( V1.1B ) 1.1B) (Version: 1.1B - Blue Sky Interactive)
"S-Bahn Leipzig" -  2 CAB Edition ( V1.2B ) 1.2B (HKLM-x32\...\"S-Bahn Leipzig" -  2 CAB Edition ( V1.2B ) 1.2B) (Version: 1.2B - Blue Sky Interactive)
"S-Bahn Leipzig" -  Update 1.1A 1.1A (HKLM-x32\...\"S-Bahn Leipzig" -  Update 1.1A 1.1A) (Version: 1.1A - Blue Sky Interactive)
"S-Bahn Leipzig" - 1. ProTrain Perfect Addon - 2 Cab Edition 1.2B (HKLM-x32\...\"S-Bahn Leipzig" - 1. ProTrain Perfect Addon - 2 Cab Edition 1.2B) (Version: 1.2B - Blue Sky Interactive)
"Stuttgart - München Update" - 3. ProTrain Perfect Addon 1.0 (HKLM-x32\...\"Stuttgart - München Update" - 3. ProTrain Perfect Addon 1.0) (Version: 1.0 - Blue Sky Interactive)
"Stuttgart - München" - 3. ProTrain Perfect Addon 1.0 (HKLM-x32\...\"Stuttgart - München" - 3. ProTrain Perfect Addon 1.0) (Version: 1.0 - Blue Sky Interactive)
7-Zip 9.34 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0934-000001000000}) (Version: 9.34.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.02.2001 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.03.2004.0 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.03.2004.0 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.03.2005 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.01.2002 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Ansel (Version: 375.57 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Backup Manager v4 (x32 Version: 4.0.0.0071 - NTI Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
clear.fi SDK - Video 2 (x32 Version: 2.1.2308 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2112 - CyberLink Corp.) Hidden
CLIQZ (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 1.0.0 - CLIQZ.com)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 12.4.22 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
Druckerdeinstallation für EPSON SX125 Series (HKLM\...\EPSON SX125 Series) (Version:  - SEIKO EPSON Corporation)
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
ETDWare PS/2-X64 11.6.8.001_WHQL (HKLM\...\Elantech) (Version: 11.6.8.001 - ELAN Microelectronic Corp.)
Free Audio Converter version 5.0.45.716 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.45.716 - DVDVideoSoft Ltd.)
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.6.716 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.41.623 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.41.623 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.0.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.0.128 - DVDVideoSoft Ltd.)
FVD Converter 1.0.0 (HKLM-x32\...\FVD Converter_is1) (Version:  - flashvideodownloader.org)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Earth (HKLM-x32\...\{2C44ABB9-8621-4EF5-AF34-0886DCDA7C21}) (Version: 7.1.7.2600 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{2C74A102-DC39-4158-A831-02BDE2EC7D5D}) (Version: 8.0.5.485 - Kaspersky Lab)
Kaspersky Password Manager (x32 Version: 8.0.5.485 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.5 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Acer Incorporated)
Loksim3D (HKLM\...\Loksim3D_is1) (Version: 2.9.1 - Loksim3D)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mouse driver v1.0 (HKLM-x32\...\uni mouse driver) (Version:  - )
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Nero 8 (HKLM-x32\...\{2B8F4D70-F9CA-4E94-B2A5-49AAD4CE1031}) (Version: 8.0.228 - Nero AG)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.57 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.03.2002 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.03.2002 - Acer)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
ProTrain Perfect Addon 3 - Leipzig - Berlin  - Bonus (HKLM-x32\...\{4CCC4D41-4417-4086-A6DB-37D0FD5E23A2}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect Extra 2 - Addon 1.0 (HKLM-x32\...\ProTrain Perfect Extra 2 - Addon 1.0) (Version: 1.0 - Blue Sky Interactive)
PTP (HKLM-x32\...\{5ED9E38C-9A96-49D8-89B3-92E278003FCF}) (Version: 1.00.000 - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.41 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Remote Mouse version 3.002 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.002 - Remote Mouse)
Samsung Link 2.0.0.1412161531 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1412161531 - Copyright 2013 SAMSUNG)
SecurDisc Viewer (HKLM-x32\...\{4BC5B788-1670-44CA-90A2-F85193431031}) (Version: 1.1.18 - Nero AG)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 7.1.0.17 - WildTangent, Inc.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Test Drive Unlimited (HKLM-x32\...\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}) (Version: 0.10.0000 - Ihr Firmenname)
t-online.de Browser 7 47.0.112 (x86 de) (HKLM-x32\...\t-online.de Browser 7 47.0.112 (x86 de)) (Version: 47.0.112 - t-online.de)
t-online.de Browser 7 Maintenance Service (HKLM-x32\...\tonlinedeBrowser7MaintenanceService) (Version: 47.0.112 - t-online.de)
Unity Web Player (HKU\S-1-5-21-1429076904-2917619043-331896613-1002\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
Zwangs-Update-Killer (HKLM-x32\...\{8E446BC1-620B-47AE-A0B1-ED592A4A758C}_is1) (Version: 1.0.0.0 - pXc-coding.com)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1429076904-2917619043-331896613-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Wiederherstellungspunkte =========================

12-10-2016 04:05:53 Windows Update
19-10-2016 04:17:37 OpenOffice 4.1.3 wird installiert
21-10-2016 20:50:07 OpenOffice 4.1.3 wird installiert
23-10-2016 07:46:33 Wiederherstellungsvorgang

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2012-07-26 07:26 - 2013-11-10 17:26 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0078DD55-B2C1-4C4F-80EC-0C8E8545CAA0} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {07564642-8CED-421D-BF2A-118D4E73DCC5} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08] (Oracle Corporation)
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent No Task File <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator No Task File <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance No Task File <==== ATTENTION
Task: {17D7F92A-8656-4B78-A1AC-D99923A30D95} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-07] (Dropbox, Inc.)
Task: {1ED0F278-3B56-427F-A6A5-C0EB405A7D30} - System32\Tasks\{A8D6F943-B633-4AA9-A447-2E0A2F56D464} => pcalua.exe -a D:\Toolbar.exe -d D:\
Task: {1F069D73-D2DA-4AAF-A370-6B1C036D7A3D} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {29443F70-DE82-4F24-A840-4833E89256A8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation)
Task: {3B04812C-632E-440A-9B5B-B3AEF5B353AF} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] ()
Task: {3D389B1B-BDDF-45D2-BF61-78003577EC09} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {40525C58-79C2-47A1-9AA2-F1D7FC4F0691} - \Microsoft\Windows\WindowsBackup\ConfigNotification No Task File <==== ATTENTION
Task: {47D21ECF-5C49-400B-BB96-64F96E35A2D7} - System32\Tasks\{9FF3B2A1-D9DC-4468-972D-AD36BBB9EE76} => pcalua.exe -a C:\Users\Didi\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=vtt <==== ATTENTION
Task: {4CAD9D49-C5D3-4B34-BD65-E9CFC8176C56} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {503E062C-2126-4FBB-8E29-9D32E22B2E77} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {52D97ED0-3649-45B0-B227-C3D30F15FB48} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation)
Task: {5E59D8DB-F42F-4440-94A2-A1D75CEFC91B} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-10-30] (Acer Incorporated)
Task: {6A859413-B568-4E9D-B8FC-2E1D950F20D2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-10-12] (Microsoft Corporation)
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance No Task File <==== ATTENTION
Task: {8E3344A2-81D7-4A16-A1E4-F0DF726BEAD9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {9A7D299D-242F-43C4-B074-428FD294F935} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-07] (Dropbox, Inc.)
Task: {9AE768C8-A135-4E00-AB93-2EED112A5830} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance No Task File <==== ATTENTION
Task: {B7FF15ED-EA7E-4BD3-861B-A8B8547E91C3} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-18] (CyberLink)
Task: {C0694891-DBB4-43F8-A509-9BDD4CD763E5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {C29914B2-FB69-4A6D-ADCA-C1C36A633DD5} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {C481BA8D-9402-4659-90CC-D759B25A0EA8} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1429076904-2917619043-331896613-1002
Task: {CCA0BAF9-EC48-4055-A497-8734CB90B24E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {CEDAB060-F54A-42B8-BFD4-65CDCA82D8CE} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask No Task File <==== ATTENTION
Task: {D633A06F-0EF9-4E78-9C27-D85687577938} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {E1B232EC-44E8-4A4C-974B-D2ECB59CF591} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] ()
Task: {E3A2E92C-8A5E-469E-83FB-DFCC1F111F33} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {EA5DEA61-C596-4E50-82D6-ADFA642C3D2C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-12] (Adobe Systems Incorporated)
Task: {F2869863-4E4C-4DAD-A25C-428D3CF5AE76} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {F988D88A-3CC9-4CA0-A9B0-8EBF34221BAD} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-29 11:19 - 2016-09-30 06:24 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-29 11:19 - 2016-09-30 06:24 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-29 11:19 - 2016-09-30 06:24 - 00418240 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-02 07:31 - 2016-06-25 08:52 - 00018432 _____ () C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
2014-01-02 10:59 - 2014-12-16 16:31 - 00025088 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2014-01-02 10:59 - 2014-12-16 16:31 - 02633728 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2014-01-02 10:59 - 2014-12-16 16:31 - 02540544 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-12-21 12:25 - 2013-12-21 12:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 12:26 - 2013-12-21 12:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 12:27 - 2013-12-21 12:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 10:52 - 2013-10-22 10:52 - 00030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-10-22 10:52 - 2013-10-22 10:52 - 00908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 12:27 - 2013-12-21 12:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2016-09-29 07:18 - 2016-09-29 07:18 - 00669696 _____ () C:\WINDOWS\Temp\sqlite-3.7.151-amd64-sqlitejdbc.dll
2016-10-21 19:36 - 2016-10-18 21:52 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-09-27 12:20 - 2012-09-27 12:20 - 01193176 _____ () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
2011-11-09 02:45 - 2011-11-09 02:45 - 02972672 _____ () C:\Mouse driver\mouse_driver.exe
2013-12-11 17:46 - 2013-12-11 17:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-22 10:48 - 2013-10-22 10:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 17:38 - 2013-04-19 17:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-10-25 20:49 - 2013-10-25 20:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2015-12-22 02:47 - 2015-12-22 02:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\kpcengine.2.3.dll
2012-11-02 17:38 - 2012-11-02 17:38 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-11-02 17:37 - 2012-11-02 17:37 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-11-02 17:38 - 2012-11-02 17:38 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-11-02 17:37 - 2012-11-02 17:37 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-11-02 17:37 - 2012-11-02 17:37 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-11-02 17:37 - 2012-11-02 17:37 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-11-02 17:37 - 2012-11-02 17:37 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2012-09-27 12:08 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-09-29 11:19 - 2016-09-30 06:24 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Didi\OneDrive:ms-properties

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1429076904-2917619043-331896613-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Didi\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\desktop-hintergrund.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "BtPreLoad"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"
HKLM\...\StartupApproved\Run: => "Samsung Link"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LManager"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "uni mouse driver tilt"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-1429076904-2917619043-331896613-1002\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"
HKU\S-1-5-21-1429076904-2917619043-331896613-1002\...\StartupApproved\StartupFolder: => "Ramaplorer.lnk"
HKU\S-1-5-21-1429076904-2917619043-331896613-1002\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-1429076904-2917619043-331896613-1002\...\StartupApproved\Run: => "SOS_Agent"
HKU\S-1-5-21-1429076904-2917619043-331896613-1002\...\StartupApproved\Run: => "Epson Stylus SX125"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{546D5510-68AB-4840-8D69-6D8C7833AA18}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{DB1A320C-6F4C-4D23-BBAF-AD332BDD2394}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{0160DD8B-521D-4DE8-8E6D-2CD994AF8387}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{4C35ADC9-F565-48C7-95A3-B8B3CA73F2EF}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{C5A0F7AD-3A52-450D-A1A9-C0479966B754}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{AF86519A-5FD8-4815-89F4-B4B1CAF75859}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{4D1FEBE6-5245-4487-B85A-B130C7EDB542}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{22ED4849-A0F2-4C9D-BAD4-78250E36434D}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{B7ACEE51-48B3-410F-B227-37D65DD71C51}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{74015759-15E6-4C85-93E7-BC1C41B5E388}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{159A0C9F-B014-49CF-8055-8C3037102F97}] => (Allow) LPort=1900
FirewallRules: [{3D685940-1957-4E64-A824-681A65DCC0D9}] => (Allow) LPort=7900
FirewallRules: [{251E9587-E921-430E-834F-1E5430A07330}] => (Allow) LPort=24234
FirewallRules: [{DEE1F40F-6E34-44F2-86A1-895D1523B587}] => (Allow) LPort=7679
FirewallRules: [{9A4436CB-0979-44A3-9CCF-10B43E7B9688}] => (Allow) LPort=7676
FirewallRules: [{2A83A87B-7419-4D53-981F-F4C8E968C61E}] => (Allow) LPort=8643
FirewallRules: [{C49121F9-C214-4E6C-B46E-E4B757E50036}] => (Allow) LPort=8743
FirewallRules: [{3AE3F1BF-EB23-4CC1-8816-280D21F6B019}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{52D04AE7-4A9A-4C24-BD46-89C9B5378005}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{FC4D72C5-D34A-4F75-8377-3406528F3DC2}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{3790821C-49E8-4D2E-8023-A6F5DFE69600}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{2CA71E0D-7404-4B5D-BBBD-AC434C99B0D7}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{DB03DA74-9FF5-421F-A555-7B0935C11F3D}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{5C50313D-122E-47E9-8AB0-38324D755CA6}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{4246C6FB-2D6D-42E0-B788-A3F8B98466A5}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{CA7212CC-1FC5-4F5A-B2F7-9F1F2EBAC708}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{ED822121-3163-4C12-BD18-7561A5D4C3C7}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{23BAEB2F-0CF7-476A-8F70-54178FFAE30A}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{ED9FF9F5-B90F-4B05-AA3A-8C1CF816972A}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{B9B2DCA0-BAE3-4647-8979-54C128647AB4}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{E5B10507-9FB8-4430-9ABD-378D58B0C3EF}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{6568AF6A-D068-42E7-954D-2FFAA593E8E2}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{68DC2BE4-1E42-4189-B5D4-834651CDA679}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{112A2874-ECE2-4330-8753-7CD7F10D4F3B}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{466C528D-9975-41D4-98BF-BA824055966D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{96D78EC1-E2B7-4F7A-B122-755E965FE667}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{89E7EF98-EC1D-41A0-B5FF-C943A8E14446}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{4D8EF681-2191-4143-88E2-630871AF308D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{7139930C-8C09-4BCA-9EF8-1F0E37B41895}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0459645F-A6C6-4D53-841A-E773E3847CF4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AEB793F8-6A39-4120-9F6E-23F302069C98}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B9BF679D-81E3-4877-94FB-FBA7671798D2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E139369A-8F53-4254-A895-3F610547DBB5}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{9618EF00-3E76-4DFB-A125-6DC7ED6EFE46}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{7F69A02B-9E67-49A3-9A81-8BCB6E0A0FE0}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{5E8E8423-B869-4138-A0FD-D37E72302A3E}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{281114BB-88DC-4970-B757-F6D404C80772}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{CC5035AA-DF2F-4B96-B683-DA8AC3A66F48}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{27BAFC03-21A3-47A9-A91D-6DCB035EDA1B}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [{55D705E4-C8C1-4D34-B8D8-E9F28428D9A6}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{5EEA826D-0773-40FF-9904-39F1B8E44827}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{DD7B6771-0C7A-42BB-9668-5394585CFA6E}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{0D1B378F-4ECB-4C21-8559-5ABEB579F4E3}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{76A9FD06-F5A1-494A-8A4E-66076135A690}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{FEDE7CD0-85FF-4B91-A2C7-619800162E04}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{37A856B0-BCE4-4809-B2B6-54C5BEAF7B83}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5298B1C5-010A-4E35-BD1B-47BB09503840}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{759D21FA-6A4C-4DCF-A04A-8C82141BB1F5}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{A0034B7D-7F4F-4D5B-BF72-65F05B5B3D4A}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{4BBD55D8-2652-4428-8937-6313A73DB74D}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{3A0F57C1-4061-447F-8605-1FE7B98847B1}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [TCP Query User{EF2216A6-511E-431A-8433-8BE6886FB2CD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{EDE547D2-35F0-4617-8FE6-B4D316DA8F9B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{069B81C7-B1CF-4172-8E4D-16F638A56856}C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe] => (Allow) C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe
FirewallRules: [UDP Query User{E1A7A4CE-88FB-4FB5-9C96-49112203C206}C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe] => (Allow) C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe
FirewallRules: [TCP Query User{C2979FD1-AE46-4D26-B9D5-E4D984FF6BC7}C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe] => (Allow) C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe
FirewallRules: [UDP Query User{B4E9233C-6FCF-4719-9B3A-4D28CC656412}C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe] => (Allow) C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe
FirewallRules: [TCP Query User{B30471C8-A4E6-495B-8D66-966FDDD36071}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{57125AB6-BBDA-4C5A-9202-F10650FD2BDD}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{8AFB22EE-6703-438C-8F33-04BC7447C275}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{30C78965-63E5-4AB7-9838-92DFC8EFE2AE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2365AA7B-3270-4A75-A8A1-AD01BE383AF4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0261BECF-73D0-4B76-AE09-65F01CAE9135}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5ECC78DE-F3ED-4BDB-A010-72C0636DBC33}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6D57D4DE-E3B1-48F8-BCA5-CD405D75314C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CC5904EF-61F9-41E4-82EB-218DDDD99FBF}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{0D0BEB67-4241-4B65-A53F-46606B9489B3}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{82AEAA24-15F7-4277-903E-40D63EF62DA2}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{F6EF9BB6-3D4B-4D3A-B031-753CBF7DF79A}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{813589CF-CF4A-4CB2-811E-63AB54C6A1BC}] => (Allow) C:\Program Files (x86)\t-online.de\Browser 7\Browser7.exe
FirewallRules: [{CFD519F8-22D9-4C45-9691-782EEFDBCB26}] => (Allow) C:\Program Files (x86)\t-online.de\Browser 7\Browser7.exe
FirewallRules: [{268D434B-EB19-4C1D-89DB-E2723AC69B45}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{40603E41-12F5-4290-A948-D62CFF46B62C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{D8C03710-1B64-4448-A686-2ADCABFD011F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0DE04F77-E2A4-4683-BB0E-152FA5FD0404}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E20E951C-B35F-4AA0-B7C8-4EDB49965E43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E981EC07-8212-4ABC-9701-AC593638089A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{287345B8-D5BA-46D8-B25A-020BBF46F0D6}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{9C568A36-185F-4AD7-A8D7-96A5FCAD8D90}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/23/2016 02:10:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DIETMAR)
Description: Bei der Aktivierung der App „52756PaulHenke.Abfahrtsmonitor_z6fr3e9yarz1a!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/23/2016 01:55:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DIETMAR)
Description: Bei der Aktivierung der App „52756PaulHenke.Abfahrtsmonitor_z6fr3e9yarz1a!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/23/2016 01:48:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvspcaps64.exe, Version: 3.0.7.34, Zeitstempel: 0x57ed4d59
Name des fehlerhaften Moduls: nvd3d9wrapx.dll, Version: 21.21.13.7557, Zeitstempel: 0x580672da
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003cee
ID des fehlerhaften Prozesses: 0x1d00
Startzeit der fehlerhaften Anwendung: 0xnvspcaps64.exe0
Pfad der fehlerhaften Anwendung: nvspcaps64.exe1
Pfad des fehlerhaften Moduls: nvspcaps64.exe2
Berichtskennung: nvspcaps64.exe3
Vollständiger Name des fehlerhaften Pakets: nvspcaps64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvspcaps64.exe5

Error: (10/23/2016 01:48:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvspcaps64.exe, Version: 3.0.7.34, Zeitstempel: 0x57ed4d59
Name des fehlerhaften Moduls: nvd3d9wrapx.dll, Version: 21.21.13.7557, Zeitstempel: 0x580672da
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003cee
ID des fehlerhaften Prozesses: 0x1188
Startzeit der fehlerhaften Anwendung: 0xnvspcaps64.exe0
Pfad der fehlerhaften Anwendung: nvspcaps64.exe1
Pfad des fehlerhaften Moduls: nvspcaps64.exe2
Berichtskennung: nvspcaps64.exe3
Vollständiger Name des fehlerhaften Pakets: nvspcaps64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvspcaps64.exe5

Error: (10/23/2016 01:48:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvspcaps64.exe, Version: 3.0.7.34, Zeitstempel: 0x57ed4d59
Name des fehlerhaften Moduls: nvd3d9wrapx.dll, Version: 21.21.13.7557, Zeitstempel: 0x580672da
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003cee
ID des fehlerhaften Prozesses: 0x288c
Startzeit der fehlerhaften Anwendung: 0xnvspcaps64.exe0
Pfad der fehlerhaften Anwendung: nvspcaps64.exe1
Pfad des fehlerhaften Moduls: nvspcaps64.exe2
Berichtskennung: nvspcaps64.exe3
Vollständiger Name des fehlerhaften Pakets: nvspcaps64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvspcaps64.exe5

Error: (10/23/2016 01:48:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvspcaps64.exe, Version: 3.0.7.34, Zeitstempel: 0x57ed4d59
Name des fehlerhaften Moduls: nvd3d9wrapx.dll, Version: 21.21.13.7557, Zeitstempel: 0x580672da
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003cee
ID des fehlerhaften Prozesses: 0x2ff8
Startzeit der fehlerhaften Anwendung: 0xnvspcaps64.exe0
Pfad der fehlerhaften Anwendung: nvspcaps64.exe1
Pfad des fehlerhaften Moduls: nvspcaps64.exe2
Berichtskennung: nvspcaps64.exe3
Vollständiger Name des fehlerhaften Pakets: nvspcaps64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvspcaps64.exe5

Error: (10/23/2016 01:48:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvspcaps64.exe, Version: 3.0.7.34, Zeitstempel: 0x57ed4d59
Name des fehlerhaften Moduls: nvd3d9wrapx.dll, Version: 21.21.13.7557, Zeitstempel: 0x580672da
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003cee
ID des fehlerhaften Prozesses: 0x12a8
Startzeit der fehlerhaften Anwendung: 0xnvspcaps64.exe0
Pfad der fehlerhaften Anwendung: nvspcaps64.exe1
Pfad des fehlerhaften Moduls: nvspcaps64.exe2
Berichtskennung: nvspcaps64.exe3
Vollständiger Name des fehlerhaften Pakets: nvspcaps64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvspcaps64.exe5

Error: (10/23/2016 01:48:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvspcaps64.exe, Version: 3.0.7.34, Zeitstempel: 0x57ed4d59
Name des fehlerhaften Moduls: nvd3d9wrapx.dll, Version: 21.21.13.7557, Zeitstempel: 0x580672da
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003cee
ID des fehlerhaften Prozesses: 0x2c2c
Startzeit der fehlerhaften Anwendung: 0xnvspcaps64.exe0
Pfad der fehlerhaften Anwendung: nvspcaps64.exe1
Pfad des fehlerhaften Moduls: nvspcaps64.exe2
Berichtskennung: nvspcaps64.exe3
Vollständiger Name des fehlerhaften Pakets: nvspcaps64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvspcaps64.exe5

Error: (10/23/2016 01:48:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvspcaps64.exe, Version: 3.0.7.34, Zeitstempel: 0x57ed4d59
Name des fehlerhaften Moduls: nvd3d9wrapx.dll, Version: 21.21.13.7557, Zeitstempel: 0x580672da
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003cee
ID des fehlerhaften Prozesses: 0x874
Startzeit der fehlerhaften Anwendung: 0xnvspcaps64.exe0
Pfad der fehlerhaften Anwendung: nvspcaps64.exe1
Pfad des fehlerhaften Moduls: nvspcaps64.exe2
Berichtskennung: nvspcaps64.exe3
Vollständiger Name des fehlerhaften Pakets: nvspcaps64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvspcaps64.exe5

Error: (10/23/2016 01:48:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvspcaps64.exe, Version: 3.0.7.34, Zeitstempel: 0x57ed4d59
Name des fehlerhaften Moduls: nvd3d9wrapx.dll, Version: 21.21.13.7557, Zeitstempel: 0x580672da
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003cee
ID des fehlerhaften Prozesses: 0x25f0
Startzeit der fehlerhaften Anwendung: 0xnvspcaps64.exe0
Pfad der fehlerhaften Anwendung: nvspcaps64.exe1
Pfad des fehlerhaften Moduls: nvspcaps64.exe2
Berichtskennung: nvspcaps64.exe3
Vollständiger Name des fehlerhaften Pakets: nvspcaps64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvspcaps64.exe5


Systemfehler:
=============
Error: (10/23/2016 09:56:15 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Intel(R) Management and Security Application User Notification Service" wurde nicht richtig gestartet.

Error: (10/23/2016 09:50:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (10/23/2016 09:50:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (10/23/2016 09:48:10 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst CCDMonitorService erreicht.

Error: (10/23/2016 08:14:31 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "Windows Search" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (10/23/2016 08:11:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (10/23/2016 08:11:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (10/23/2016 07:27:27 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "Windows Search" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (10/23/2016 07:24:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (10/23/2016 07:24:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577


Microsoft Office:
=========================
Error: (10/23/2016 02:10:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DIETMAR)
Description: 52756PaulHenke.Abfahrtsmonitor_z6fr3e9yarz1a!App-2144927148

Error: (10/23/2016 01:55:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DIETMAR)
Description: 52756PaulHenke.Abfahrtsmonitor_z6fr3e9yarz1a!App-2144927148

Error: (10/23/2016 01:48:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvspcaps64.exe3.0.7.3457ed4d59nvd3d9wrapx.dll21.21.13.7557580672dac00000050000000000003cee1d0001d22d23600f5a4bC:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exeC:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll9f940631-9916-11e6-8ea9-b888e3a5db27

Error: (10/23/2016 01:48:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvspcaps64.exe3.0.7.3457ed4d59nvd3d9wrapx.dll21.21.13.7557580672dac00000050000000000003cee118801d22d235e1b324dC:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exeC:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll9d935e6f-9916-11e6-8ea9-b888e3a5db27

Error: (10/23/2016 01:48:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvspcaps64.exe3.0.7.3457ed4d59nvd3d9wrapx.dll21.21.13.7557580672dac00000050000000000003cee288c01d22d235c267a5aC:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exeC:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll9b9da1f1-9916-11e6-8ea9-b888e3a5db27

Error: (10/23/2016 01:48:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvspcaps64.exe3.0.7.3457ed4d59nvd3d9wrapx.dll21.21.13.7557580672dac00000050000000000003cee2ff801d22d235a2c767cC:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exeC:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll99aa7dfa-9916-11e6-8ea9-b888e3a5db27

Error: (10/23/2016 01:48:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvspcaps64.exe3.0.7.3457ed4d59nvd3d9wrapx.dll21.21.13.7557580672dac00000050000000000003cee12a801d22d235827e5d6C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exeC:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll97b07a98-9916-11e6-8ea9-b888e3a5db27

Error: (10/23/2016 01:48:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvspcaps64.exe3.0.7.3457ed4d59nvd3d9wrapx.dll21.21.13.7557580672dac00000050000000000003cee2c2c01d22d23562de1cfC:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exeC:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll95ac2c20-9916-11e6-8ea9-b888e3a5db27

Error: (10/23/2016 01:48:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvspcaps64.exe3.0.7.3457ed4d59nvd3d9wrapx.dll21.21.13.7557580672dac00000050000000000003cee87401d22d23542d026bC:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exeC:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll93b1e536-9916-11e6-8ea9-b888e3a5db27

Error: (10/23/2016 01:48:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvspcaps64.exe3.0.7.3457ed4d59nvd3d9wrapx.dll21.21.13.7557580672dac00000050000000000003cee25f001d22d23523587ccC:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exeC:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll91b105d6-9916-11e6-8ea9-b888e3a5db27


CodeIntegrity:
===================================
  Date: 2016-10-23 09:50:21.906
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-10-23 09:50:18.078
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-10-23 08:11:16.623
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-10-23 08:11:13.356
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-10-23 07:24:21.468
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-10-23 07:24:17.468
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-10-21 20:25:57.293
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-10-21 20:25:56.465
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-10-21 19:30:27.120
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-10-21 19:30:22.182
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 36%
Total physical RAM: 6481.27 MB
Available physical RAM: 4110.06 MB
Total Virtual: 7505.27 MB
Available Virtual: 5007.13 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:679.75 GB) (Free:556.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 77B898BD)

Partition: GPT Partition Type.

==================== Ende von log ============================

deeprybka · 23.10.2016, 13:55

Hi,

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Download und Anleitung
Starte Malwarebytes' Anti-Malware (MBAM).
Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Man19321 · 23.10.2016, 14:22

Code:

ATTFilter

# AdwCleaner v6.030 - Bericht erstellt am 23/10/2016 um 15:16:16
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-10-23.2 [Server]
# Betriebssystem : Windows 8.1  (X64)
# Benutzername : Didi - DIETMAR
# Gestartet von : C:\Users\Didi\Downloads\AdwCleaner_6.030.exe
# Modus: LÃ¶schen
# UnterstÃ¼tzung : hxxps://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelÃ¶scht: C:\Users\Didi\AppData\Local\YSearchUtil
[-] Ordner gelÃ¶scht: C:\Program Files (x86)\Yahoo!\yset
[-] Ordner gelÃ¶scht: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
[-] Ordner gelÃ¶scht: C:\Users\Didi\AppData\Roaming\Mozilla\Firefox\Profiles\iywk4e9y.default\extensions\lightningnewtab@gmail.com


***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ VerknÃ¼pfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{712bc135-b9a4-47a4-be8e-a604af6cd42d}
[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f76c2d2b-474a-44c2-a61f-a2dd08eb3c0c}
[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Wpm
[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Wpm
[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] SchlÃ¼ssel gelÃ¶scht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] SchlÃ¼ssel gelÃ¶scht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Wert gelÃ¶scht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] SchlÃ¼ssel gelÃ¶scht: HKU\S-1-5-21-1429076904-2917619043-331896613-1002\Software\ForumerIT
[-] SchlÃ¼ssel gelÃ¶scht: HKU\S-1-5-21-1429076904-2917619043-331896613-1002\Software\Mozilla\Extends
[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: HKCU\Software\ForumerIT
[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: HKCU\Software\Mozilla\Extends
[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\ForumerIT
[#] SchlÃ¼ssel mit Neustart gelÃ¶scht: [x64] HKCU\Software\Mozilla\Extends
[-] Wert gelÃ¶scht: HKU\S-1-5-21-1429076904-2917619043-331896613-1002\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Wert mit Neustart gelÃ¶scht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Wert mit Neustart gelÃ¶scht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Wert gelÃ¶scht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [ApnTBMon]
[-] Wert gelÃ¶scht: HKU\S-1-5-21-1429076904-2917619043-331896613-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [NTRedirect]
[-] Wert gelÃ¶scht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [Speedup_umh]
[-] Wert gelÃ¶scht: HKU\S-1-5-21-1429076904-2917619043-331896613-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [WebCake Desktop]
[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Classes\c
[-] Wert gelÃ¶scht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelÃ¶scht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelÃ¶scht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelÃ¶scht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelÃ¶scht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelÃ¶scht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelÃ¶scht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelÃ¶scht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelÃ¶scht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelÃ¶scht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelÃ¶scht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelÃ¶scht: [x64] HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[-] SchlÃ¼ssel gelÃ¶scht: HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo


***** [ Browser ] *****

[-] Firefox Einstellungen bereinigt: "extensions.7go@7go.com.id" -  "\"af38bb98-2f27-7efb-675e-a88e160aa33a\""
[-] Firefox Einstellungen bereinigt: "extensions.7go@7go.com.install-event-fired" -  true
[-] Firefox Einstellungen bereinigt: "extensions.7go@7go.com.mzID" -  "93"
[-] Firefox Einstellungen bereinigt: "extensions.7go@7go.com.uuid" -  "\"bdfb77bb-145e-11e3-8099-0025901ef77c\""
[-] Firefox Einstellungen bereinigt: 
[-] Firefox Einstellungen bereinigt: "extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_102.name" -  "dealply_m"
[-] Firefox Einstellungen bereinigt: "extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_124.code" -  "if (typeof appAPI.internal.monetization === \"undefined\") { appAPI.internal.monetization = {}; }\nif (typeof appAPI.internal.monetization.plugins === \"undefined\") { appAPI.internal.monetization.plugins = {}; }\n\nappAPI.internal.monetization.plugins[124] = function() {\n\n	if (typeof appAPI.internal.monetization.verticals !== \"undefined\") {\n		if (!appAPI.internal.monetization.verticals.shopping){\n			return;\n		}\n	}\n\n	if (!(/^hxxps\\:\\/\\//.test(document.location.href))) {\n		appAPI.dom.addRemoteJS(\"hxxp://www.superfish.com/ws/sf_main.jsp?dlsource=ormjcvg&userId=abc&CTID=\" + appAPI.internal.monetization.getSubId());\n	}\n};"
[-] Firefox Einstellungen bereinigt: "extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_128.code" -  "if (typeof appAPI.internal.monetization === \"undefined\") { appAPI.internal.monetization = {}; }\nif (typeof appAPI.internal.monetization.plugins === \"undefined\") { appAPI.internal.monetization.plugins = {}; }\n\nappAPI.internal.monetization.plugins[128] = function() {\n\n	if (typeof appAPI.internal.monetization.verticals !== \"undefined\") {\n		if (!appAPI.internal.monetization.verticals.shopping){\n			return;\n		}\n	}\n\n	if (!(/^hxxps\\:\\/\\//.test(document.location.href))) {\n		appAPI.dom.addRemoteJS(\"hxxp://www.superfish.com/ws/sf_main.jsp?dlsource=rpxtpvm&userId=abc&CTID=\"+appAPI.internal.monetization.getSubId());\n	}\n\n};"
[-] Firefox Einstellungen bereinigt: "extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_93.code" -  "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal.monetization={};}if(typeof appAPI.internal.monetization.plugins===\"undefined\"){appAPI.internal.monetization.plugins={};}appAPI.internal.monetization.plugins[93]=function(){if(typeof appAPI.internal.monetization.verticals!==\"undefined\"){if(!appAPI.internal.monetization.verticals.shopping){return;}}try{if(!appAPI.dom.ishxxps()){appAPI.dom.addRemoteJS({url:\"hxxp://www.superfish.com/ws/sf_main.jsp?dlsource=hhvzmikw&userId=abc&CTID=\"+appAPI.internal.monetization.getSubId()});}}catch(a){throw new Error(\"something_went_wrong_in_superfish_\"+a.message);}};"
[-] Firefox Einstellungen bereinigt: "extensions.fvd_single.seopack.b_surfcanyon" -  true
[-] Firefox Einstellungen bereinigt: "extensions.fvd_single.surfcanyon.ramp.start_time" -  "1394052936933"
[-] Firefox Einstellungen bereinigt: "extensions.irmysearch.aflt" -  "irmsd0103aw"
[-] Firefox Einstellungen bereinigt: "extensions.irmysearch.cd" -  "2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtA0AyD0D0BtByByEyB0B0DtN0D0Tzu0SyByDyDtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R"
[-] Firefox Einstellungen bereinigt: "extensions.irmysearch.cr" -  "2061776371"
[-] Firefox Einstellungen bereinigt: "extensions.irmysearch.instlRef" -  ""
[-] Firefox Einstellungen bereinigt: "extensions.quick_start.enable_search1" -  false
[-] Firefox Einstellungen bereinigt: "extensions.quick_start.sd.closeWindowWithLastTab_prev_state" -  false
[-] Firefox Einstellungen bereinigt: "extensions.zonealarm.hmpgUrl" -  "hxxp://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=DE&gu=bca870a6f54f474fb26d2d70249452ce&tu=11Jiy00Eq1D13P0&sku=&tstsId=&ver=&"
[-] Firefox Einstellungen bereinigt: "extensions.zonealarm.kw_url" -  "hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=DE&gu=bca870a6f54f474fb26d2d70249452ce&tu=11Jiy00Eq1D13P0&sku=&tstsId=&ver=&&q="
[-] Firefox Einstellungen bereinigt: "extensions.zonealarm.lastB" -  "hxxp://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=DE&gu=bca870a6f54f474fb26d2d70249452ce&tu=11Jiy00Eq1D13P0&sku=&tstsId=&ver=&"
[-] Firefox Einstellungen bereinigt: "extensions.zonealarm.newTabUrl" -  "hxxp://search.zonealarm.com/?src=nt&tbid=HFA5&Lan=DE&gu=bca870a6f54f474fb26d2d70249452ce&tu=11Jiy00Eq1D13P0&sku=&tstsId=&ver=&"
[-] Firefox Einstellungen bereinigt: "extensions.zonealarm.srchPrvdr" -  "Search By ZoneAlarm"
[-] Firefox Einstellungen bereinigt: "extensions.zonealarm.tlbrSrchUrl" -  "hxxp://search.zonealarm.com/search?src=tb&tbid=HFA5&Lan={dfltLng}&gu=bca870a6f54f474fb26d2d70249452ce&tu=11Jiy00Eq1D13P0&sku=&tstsId=&ver=&&q="
[-] [C:\Users\Didi\AppData\Local\Google\Chrome\User Data\Default] [extension] GelÃ¶scht: npdicihegicnhaangkdmcgbjceoemeoo


*************************

:: "Tracing" SchlÃ¼ssel gelÃ¶scht
:: Winsock Einstellungen zurÃ¼ckgesetzt

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [10597 Bytes] - [23/10/2016 15:16:16]
C:\AdwCleaner\AdwCleaner[R0].txt - [100772 Bytes] - [10/11/2013 21:36:19]
C:\AdwCleaner\AdwCleaner[S0].txt - [97597 Bytes] - [10/11/2013 21:37:02]
C:\AdwCleaner\AdwCleaner[S1].txt - [10226 Bytes] - [23/10/2016 15:10:17]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [10894 Bytes] ##########

deeprybka · 23.10.2016, 14:39

Ja, und gleich MBAM...

23.10.2016, 14:39	#7
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	"Blauer Kreis" neben Windows Pfeil blinkt ständig Ja, und gleich MBAM... __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

"Blauer Kreis" neben Windows Pfeil blinkt ständig

Plagegeister aller Art und deren Bekämpfung: "Blauer Kreis" neben Windows Pfeil blinkt ständig