| |
| |||||||
Log-Analyse und Auswertung: Windows 8.1 Monate ohne Virenschutz unterwegs - langsam geworden, zahlreiche Funde von AntivirWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
09.01.2016, 13:06
| #1 |
| |  Windows 8.1 Monate ohne Virenschutz unterwegs - langsam geworden, zahlreiche Funde von Antivir Hallo liebe Community, ich, sehr begrenztes PC-Wissen, habe meinen Laptop "aus Versehen" einige Monate ohne echten Virenschutz in Gebrauch gehabt, nach dem ein Bekannter der Meinung war, der Windows Defender sei absolut ausreichend zum Systemschutz. Ich habe in letzter Zeit bemerkt, dass alles etwas länger dauert, insbesondere wenn ich online mehrere Seiten lade, Streams schaue etc. Nach mehrfachen Fehlversuchen beim Upgrade auf Windows 10 habe ich dann zufällig meinen Fehler (s.o.) bemerkt, Avira Antivir runtergeladen und es gab 35 Funde (siehe unten). Ich habe etwas Angst, dass das System insgesamt "verseucht" ist. Wie in der Anleitung beschrieben habe ich mir zudem FRST geholt - die Logfiles folgen unten! Wäre supernett, wenn mir hier jemand helfen kann - vielen Dank dafür schon jetzt! Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-01-2015
durchgeführt von Claude (Administrator) auf ELFRIEDE (09-01-2016 11:45:34)
Gestartet von C:\Users\Claude\Downloads
Geladene Profile: Claude (Verfügbare Profile: Claude)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AuthenTec, Inc) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\cammute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Amazon.com) C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\QuickSnipService\QuickSnipService.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(Lenovo) C:\Program Files\Lenovo\QuickSnipService\QuickSnipInput.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [TpShocks] => C:\WINDOWS\SYSTEM32\TpShocks.exe [228744 2012-09-20] (Lenovo.)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937968 2014-08-12] (Lenovo)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [LMCSSTART1] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,InitSubsystemProcesses
HKLM\...\Run: [LMCSSTART2] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libstartstub2.dll,ProxyStart
HKLM\...\Run: [LMCSSTART3] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,SetupCamplusDrop
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-09-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [64000 2012-08-10] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [741680 2012-11-09] (Lenovo)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-14] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-19] (Apple Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [208424 2013-10-08] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-03] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Claude\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\Run: [Spotify Web Helper] => C:\Users\Claude\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-30] (Spotify Ltd)
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\Run: [DVSSkypeRecorder] => C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe [1056424 2015-04-15] (DVDVideoSoft Ltd.)
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\Run: [Dropbox Update] => C:\Users\Claude\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-09] (Dropbox, Inc.)
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\Run: [Spotify] => C:\Users\Claude\AppData\Roaming\Spotify\Spotify.exe [8387696 2015-12-30] (Spotify Ltd)
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\MountPoints2: D - "D:\bpb_KURZFILM_MACHT_SCHULE.exe"
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\MountPoints2: {8ad8f119-be67-11e4-bee1-a41731c0891a} - "E:\LaunchU3.exe" -a
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Claude\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Claude\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Claude\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Claude\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Claude\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Claude\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Claude\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Unbox.lnk [2014-04-11]
ShortcutTarget: Amazon Unbox.lnk -> C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe (Amazon.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-10-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\Claude\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{2D58E8BB-2B93-471F-942F-3F09184B8BEE}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{768DCEC1-6E2F-48EC-9451-9013B4220393}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {40609452-A71B-4270-977F-6D1C886A8ACF} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8PAAlAQAwbbQsOUgtcFQ1BchQBBA8UDFEaeQ1cAgFIFQAbcR9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWFML3JWDk4=&q={searchTerms}
SearchScopes: HKLM -> {40609452-A71B-4270-977F-6D1C886A8ACF} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8PAAlAQAwbbQsOUgtcFQ1BchQBBA8UDFEaeQ1cAgFIFQAbcR9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWFML3JWDk4=&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\S-1-5-21-1302534699-97203762-3128929895-1002 -> DefaultScope {372BF8C0-43FD-413C-B2E8-B00579F077DD} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8PAAlAQAwbbQsOUgtcFQ1BchQBBA8UDFEaeQ1cAgFIFQAbcR9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWFML3JWDk4=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1302534699-97203762-3128929895-1002 -> OldSearch URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=0a74cffd000000000000a41731c08919&r=930
SearchScopes: HKU\S-1-5-21-1302534699-97203762-3128929895-1002 -> {372BF8C0-43FD-413C-B2E8-B00579F077DD} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8PAAlAQAwbbQsOUgtcFQ1BchQBBA8UDFEaeQ1cAgFIFQAbcR9aFQQTSEcFME0FCFwEURNNfWpdAEsSSWFML3JWDk4=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1302534699-97203762-3128929895-1002 -> {40609452-A71B-4270-977F-6D1C886A8ACF} URL =
SearchScopes: HKU\S-1-5-21-1302534699-97203762-3128929895-1002 -> {C4E2563A-2AC0-4913-B334-C2FDD4D358BC} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-dd__alt__ddc_dss_bd_com&p={searchTerms}
BHO: LyriXeeker-1 -> {11111111-1111-1111-1111-110411181156} -> C:\Program Files (x86)\LyriXeeker-1\LyriXeeker-1-bho64.dll => Keine Datei
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL [2012-08-31] (AuthenTec Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-14] (Oracle Corporation)
BHO-x32: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll [2012-08-31] (AuthenTec Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-14] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\q5s8fadw.default
FF NewTab: hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHAMUIQkJAABJDAcVcwsVVQETExgaJQ9dTF1IGAFHIwEBVQxJEBNBNARaB0tXUUEeGGlxR1dMclBCMlpQNVYealtMNw==
FF DefaultSearchEngine: Default
FF SelectedSearchEngine: Default
FF Homepage: hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggVd1gIUFhIGRgRdgoKTA1JQwcOeVwOBBQVGAwXJFoAWA1EGQQFIk0FA18DB0VXfWFoKB8fHGZGIUtbCW0eTn5NL04=
FF Keyword.URL: hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ8PAAlAQAwbbQsOUgtcFQ1BchQBBA8UDFEaeQ1cAgFIFQAbcR9aFQQTR0cFME0FB18EURNNfWpdAEsSSWFML3JWDk4=&q={searchTerms}
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function FindProxyForURL(url, host) {if ((host == \"www.abc.net.au\")
(host == \"iview.abc.net.au\")
(host == \"iviewmetered-vh.akamaihd.net\")
(url.indexOf(\"proxmate=au\") != -1)
(host == \"livestream.com\")
(host == \"www.livestream.com\")
(host == \"api.new.livestream.com\")
(host == \"player.ooyala.com\")
(host == \"xnewsvidhd-vh.akamaihd.net\")
(host == \"www.animelab.com\")
(host == \"dcgm6i50yfgtk.cloudfront.net\")) { return 'PROXY au-node.proxmate.me:8008' } else if ((url.indexOf(\"proxmate=ca\") != -1)
(host == \"ici.tou.tv\")
(host == \"toutvuniver1-vh.akamaihd.net\")
(host == \"geoip.radio-canada.ca\")
(host == \"api.radio-canada.ca\")
(host == \"images.tou.tv\")
(host == \"player.siriusxm.ca\")
(host == \"primary.hls-streaming.production.streaming.siriusxm.ca\")
(host == \"now.sportsnet.ca\")
(host == \"watch.sportsnet.ca\")
(host == \"player.9c9media.com\")
(host == \"metrics.ctv.ca\")
(host == \"capi.9c9media.com\")
(host == \"www.ctv.ca\")) { return 'PROXY ca-node.proxmate.me:8008' } else if ((host == \"arte.tv\")
(host == \"www.arte.tv\")
(host == \"geoftv-a.akamaihd.net\")
(host == \"hdfauthftv-a.akamaihd.net\")
(host == \"replayftv-vh.akamaihd.net\")
(host == \"ftvingest-vh.akamaihd.net\")
(host == \"live.francetv.fr\")
(host == \"d8.tv\")
(host == \"www.d8.tv\")
(host == \"us-cplus-aka.canal-plus.com\")
(host == \"hds_live_d8_aka-lh.akamaihd.net\")
(host == \"d17.tv\")
(host == \"www.d17.tv\")
(host == \"hds_live_d17_aka-lh.akamaihd.net\")
(url.indexOf(\"proxmate=fr\") != -1)
(host == \"www.6play.fr\")
(host == \"geo.6cloud.fr\")
(host == \"proxy-021.dc3.dailymotion.com\")
(host == \"proxy-67.dailymotion.com\")
(host == \"prof.estat.com\")
(host == \"metrics.dailymotion.com\")
(host == \"www.dailymotion.com\")
(host == \"vmap.snappytv.com\")) { return 'PROXY fr-node.proxmate.me:8008' } else if ((host == \"vod-akamai-psd-hds.p7s1digital.de\")
(host == \"vas.sim-technik.de\")
(url.indexOf(\"proxmate=de\") != -1)
(host == \"nightclub.de\")
(host == \"zdf.de\")
(host == \"www.zdf.de\")
(host == \"zdf_hds_de-f.akamaihd.net\")
(host == \"api.nowtv.de\")
(host == \"delivestream-lh.akamaihd.net\")
(host == \"cdnapi.kaltura.com\")
(host == \"disneychannel.de\")
(host == \"www.southpark.de\")) { return 'PROXY de-node.proxmate.me:8008' } else if ((host == \"www.tg4.ie\")
(url.indexOf(\"proxmate=ie\") != -1)) { return 'PROXY ie-node.proxmate.me:8008' } else if ((host == \"rai.tv\")
(host == \"www.rai.tv\")
(host == \"mediapolis.rai.it\")
(host == \"www.rai.it\")
(host == \"stream5.rai.it\")
(host == \"stream6.rai.it\")
(host == \"stream7.rai.it\")
(host == \"sspushrai1-s.akamaihd.net\")
(host == \"sspushrai2-s.akamaihd.net\")
(host == \"sspushraisport2-s.akamaihd.net\")
(host == \"sspushrai3-s.akamaihd.net\")
(host == \"secondary.adaptiveedge.rai.it\")
(host == \"rai-italia01.wt-eu02.net\")
(host == \"download.rai.tv\")
(host == \"mediapolisvod.rai.it\")
(host == \"ww.rai.tv\")
(host == \".xuniplay.fdnames.com\")
(url.indexOf(\"xuniplay.fdnames.com\") != -1)
(host == \"se-to1-8.se.live3.msf.ticdn.it\")
(host == \"live.shinystat.com\")
(host == \"lic.mediaset.net\")
(host == \"cssr.video.mediaset.it\")
(url.indexOf(\"proxmate=it\") != -1)
(host == \"www.vvvvid.it\")) { return 'PROXY it-node.proxmate.me:8008' } else if ((host == \"telecinco.es\")
(host == \"telecinco1-vh.akamaihd.net\")
(host == \"www.telecinco.es\")
(url.indexOf(\"proxmate=es\") != -1)
(host == \"antena3.com\")
(host == \"www.antena3.com\")
(host == \"geodesprogresiva.antena3.com\")
(host == \"rtve.es\")
(host == \"www.rtve.es\")
(host == \"ztnr.rtve.es\")
(host == \"mvodt.lvlt.rtve.es\")
(host == \"swf.rtve.es\")
(host == \"cuatro.com\")
(host == \"www.cuatro.com\")
(host == \"cuatro1-vh.akamaihd.net\")
(host == \"peliculas-online.atresplayer.com\")
(host == \"servicios.atresplayer.com\")
(host == \"atresplayer.com\")
(host == \"www.atresplayer.com\")
(host == \"k.uecdn.es\")
(host == \"v.uecdn.es\")
(host == \"as.com\")
(host == \"ep00.epimg.net\")) { return 'PROXY es-node.proxmate.me:8008' } else if ((host == \"prosieben.ch\")
(host == \"www.prosieben.ch\")
(host == \"vas.sim-technik.de\")
(host == \"s1tv.ch\")
(host == \"www.s1tv.ch\")
(host == \"zba2-0-hds-live.zahs.tv\")
(host == \"embed-zattoo.com\")
(host == \"chtv.ch\")
(host == \"www.chtv.ch\")
(host == \"zba2-1-hds-live.zahs.tv\")
(host == \"sat1.ch\")
(host == \"www.sat1.ch\")
(host == \"rsi.ch\")
(host == \"www.rsi.ch\")
(host == \"codch-vh.akamaihd.net\")
(host == \"il.srgssr.ch\")
(host == \"ch.viva.tv\")
(host == \"intl.esperanto.mtvi.com\")
(url.indexOf(\"proxmate=ch\") != -1)
(host == \"zattoo.com\")
(host == \"www.srf.ch\")
(host == \"srgssruni1ch-lh.akamaihd.net\")
(host == \"srgssruni2ch-lh.akamaihd.net\")
(host == \"srgssruni3ch-lh.akamaihd.net\")
(host == \"www.teleboy.ch\")
(host == \"aka-cdn-ns.adtech.de\")
(host == \"teleboy.customers.cdn.iptv.ch\")) { return 'PROXY ch-node.proxmate.me:8008' } else if ((host == \"www.bbc.co.uk\")
(host == \"open.live.bbc.co.uk\")
(host == \"fig.bbc.co.uk\")
(host == \"vod-hds-uk-live.edgesuite.net\")
(host == \"vod-hds-uk-live.bbcfmt.vo.llnwd.net\")
(host == \"www.bbc.co.uk\")
(host == \"fig.bbc.co.uk\")
(host == \"open.live.bbc.co.uk\")
(host == \"vs-hds-uk-live.bbcfmt.vo.llnwd.net\")
(host == \"vod-hds-uk-live.edgesuite.net\")
(host == \"www.bbc.co.uk\")
(host == \"fig.bbc.co.uk\")
(host == \"open.live.bbc.co.uk\")
(host == \"vs-hds-uk-live.bbcfmt.vo.llnwd.net\")
(host == \"vs-hds-uk-live.edgesuite.net\")
(host == \"vod-hds-uk-live.bbcfmt.vo.llnwd.net\")
(host == \"c.brightcove.com\")
(host == \"secure.brightcove.com\")
(host == \"metrics.brightcove.com\")
(host == \"stv-ak.cds1.yospace.com\")
(host == \"core.stvfiles.com\")
(host == \"player.stv.tv\")
(host == \"stv.brightcove.com.edgesuite.net\")
(host == \"uk-dev-stv.cdn.videoplaza.tv\")
(host == \"mercury.itv.com\")
(host == \"www.itv.com\")
(host == \"itv.com\")
(host == \"llnw.live.btv.simplestream.com\")
(host == \"players.simplestream.com\")
(host == \"uapi.simplestream.com\")
(host == \"channel5.com\")
(host == \"wwwcdn.channel5.com\")
(host == \"cassie.channel5.com\")
(host == \"player.channel5.com\")
(host == \"deliver-hls.channel5.com\")
(host == \"akahls.channel5.com\")
(host == \"llnwhls.channel5.com\")
(host == \"milkshake.tv\")
(host == \"www.milkshake.tv\")
(host == \"trk-euwest.tidaltv.com\")
(host == \"mp.adverts.itv.com\")
(host == \"req.tidaltv.com\")
(host == \"s1.2mdn.net\")
(host == \"pes.itv.com\")
(host == \"ned.itv.com\")
(host == \"itvdotcom.2cnt.net\")
(host == \"tom.itv.com\")
(host == \"dave.uktv.co.uk\")
(host == \"uktvplay.uktv.co.uk\")
(host == \"uktvhdse.brightcove.com.edgesuite.net\")
(host == \"admin.brightcove.com\")
(host == \"really.uktv.co.uk\")
(host == \"yesterday.uktv.co.uk\")
(host == \"drama.uktv.co.uk\")
(host == \"live.tvplayer.com\")
(host == \"tvplayer.com\")
(host == \"sapi.tvplayer.com\")
(host == \"api.tvplayer.com\")
(host == \"www.gamefront.com\")
(url.indexOf(\"proxmate=uk\") != -1)
(host == \"channel4.com\")
(host == \"ais.channel4.com\")
(host == \"pandr.my.channel4.com\")
(host == \"all4nav.channel4.com\")
(host == \"4id.channel4.com\")) { return 'PROXY uk-node.proxmate.me:8008' } else if ((host == \"link.theplatform.com\")
(host == \"discidevflash-f.akamaihd.net\")
(host == \"api.geoip.dp.discovery.com\")
(host == \"vidtech.cbsinteractive.com\")
(host == \"vidtech.cbsima.com\")
(host == \"om.cbsi.com\")
(host == \"media.mtvnservices.com\")
(host == \"api-manga.crunchyroll.com\")
(host == \"crunchyroll.com\")
(host == \"www.crunchyroll.com\")
(host == \"cdn.wwtv.warnerbros.com\")
(host == \"hlsioscwtv.warnerbros.com\")
(host == \"media.cwtv.com\")
(host == \"servicesaetn-a.akamaihd.net\")
(host == \"live.mlssoccer.com\")
(host == \"tvewnbc-i.akamaihd.net\")
(host == \"tvenbceast-i.akamaihd.net\")
(host == \"nbcmpx-vh.akamaihd.net\")
(host == \"www.pandora.com\")
(host == \"video.pbs.org\")
(host == \"ga.video.cdn.pbs.org\")
(host == \"urs.pbs.org\")
(host == \"play.spotify.com\")
(host == \"www.spotify.com\")
(host == \"play.spotify.edgekey.net\")
(host == \"www.iheart.com\")
(host == \"api2.iheart.com\")
(host == \"api.iheart.com\")
(host == \"iheart.com\")
(host == \"nick.mtvnimages.com\")
(host == \"sni-vh.akamaihd.net\")
(host == \"api.segment.io\")
(host == \"www.vevo.com\")
(host == \"vevo.com\")
(host == \"apiv2.vevo.com\")
(host == \"songza.com\")
(host == \"new.songza.com\")
(host == \"www.daisuki.net\")
(host == \"bngn-vh.akamaihd.net\")
(host == \"bngnwww.b-ch.com\")
(host == \"www.hbogo.com\")
(host == \"catalog.lv3.hbogo.com\")
(host == \"profile.lv3.hbogo.com\")
(host == \"profile.hbogo.com\")
(url.indexOf(\".lv3.hbogo.com\") != -1)
(host == \"register.hbogo.com\")
(host == \"play.google.com\")
(host == \"checkout.google.com\")
(host == \"store.google.com\")
(host == \"apis.google.com\")
(host == \"amc350888def-vh.akamaihd.net\")
(host == \"a564avoddashnsus-a.akamaihd.net\")
(host == \"atv-ps.amazon.com\")
(host == \"secure.brightcove.com\")
(host == \"metrics.brightcove.com\")
(host == \"phds-vod.cdn.turner.com\")
(host == \"token.vgtf.net\")
(host == \"www.ondemandkorea.com\")
(host == \"www.fxnetworks.com\")
(host == \"fxvcms-f.akamaihd.net\")
(host == \"tvetelemundo-vh.akamaihd.net\")
(host == \"feed.theplatform.com\")
(host == \"fsvideohds-vh.akamaihd.net\")
(host == \"watchable.com\")
(host == \"cilhlsvod-f.akamaihd.net\")
(host == \"oxygenvod-vh.akamaihd.net\")
(host == \"tvesyfy-vh.akamaihd.net\")
(host == \"www.smithsonianchannel.com\")
(host == \"metrics.brightcove.com\")
(host == \"c.brightcove.com\")
(host == \"brightcove01.brightcove.com\")
(host == \"edge.api.brightcove.com\")
(host == \"www.eonline.com\")
(host == \"link.theplatform.com\")
(host == \"api.listenlive.co\")
(host == \"playerservices.streamtheworld.com\")
(host == \"player.listenlive.co\")
(url.indexOf(\"live.streamtheworld.com\") != -1)
(host == \"www.cartoonnetwork.com\")
(host == \"www.viki.com\")
(host == \"\\\"www.viki.com\")
(host == \"www.origin.com\")
(host == \"ht.cdn.turner.com\")
(host == \"aolvideoshd-vh.akamaihd.net\")
(host == \"syn.5min.com\")
(host == \"stvideos.5min.com\")) { return 'PROXY us-node.proxmate.me:8008' } else if ((host == \"livestreams.omroep.nl\")
(host == \".npostreaming.nl\")
(host == \"ida.omroep.nl\")
(host == \"npoplayer.omroep.nl\")
(host == \"www.zapp.nl\")
(host == \"tellerapi.omroep.nl\")
(host == \"e.omroep.nl\")
(url.indexOf(\"proxmate=nl\") != -1)) { return 'PROXY nl-node.proxmate.me:8008' } else if ((host == \"tvthek.orf.at\")
(host == \"apasfiisl.apa.at\")
(host == \"orf.oewabox.at\")
(host == \"atvplus.oewabox.at\")
(host == \"cdn.atv.at\")
(url.indexOf(\"proxmate=at\") != -1)
(host == \"hdsvodsportsman-vh.akamaihd.net\")
(host == \"streamaccess.unas.tv\")
(host == \"www.laola1.tv\")
(host == \"www.livestation.com\")
(host == \"livestation.com\")
(url.indexOf(\".emigrantas.tv\") != -1)) { return 'PROXY at-node.proxmate.me:8008' } else if ((host == \"netflix.com\")
(host == \"www.netflix.com\")
(host == \"cbp-us.nccp.netflix.com\")
(host == \"secure.netflix.com\")
(host == \"api-global.netflix.com\")
(host == \"ichnaea.netflix.com\")
(host == \"customerevents.netflix.com\")
(host == \"s.thebrighttag.com\")
(url.indexOf(\"proxmate=us\") != -1)) { return 'PROXY usnet-node.proxmate.me:8008' } else if ((host == \"s.hulu.com\")
(host == \"www.funimation.com\")
(host == \"wpc.8c48.edgecastcdn.net\")
(host == \"southpark.cc.com\")
(host == \"api.utils.watchabc.go.com\")
(host == \"www.dramafever.com\")
(host == \"www.logotv.com\")
(host == \"media.mtvnservices.com\")
(host == \"api.watchabc.go.com\")
(host == \"theanimenetwork.com\")
(host == \"huluim.com\")
(host == \"www.hulu.com\")
(host == \"t2.hulu.com\")
(host == \"urlcheck.hulu.com\")
(host == \"t.hulu.com\")
(host == \"s.hulu.com\")
(host == \"play.hulu.com\")
(host == \"t2.huluim.com\")) { return 'PROXY ush-node.proxmate.me:8008' } else if ((host == \"player.ooyala.com\")
(host == \"l.ooyala.com\")) { return 'PROXY auv-node.proxmate.me:8008' } else if ((host == \"web-api-us.crackle.com\")
(host == \"legacyweb-us.crackle.com\")) { return 'PROXY us2-node.proxmate.me:8000' } else if ((host == \"counter.yadro.ru\")
(host == \"turbik.tv\")
(host == \"player.rutv.ru\")
(host == \"api.rutv.ru\")
(host == \"cdnng.v.rtr-vesti.ru\")
(host == \"player.vgtrk.com\")
(host == \"stream.1tv.ru\")
(host == \"mobdrm.1tv.ru\")) { return 'PROXY ru-node.proxmate.me:8008' } else if ((host == \"security.video.globo.com\")
(host == \"api.globovideos.com\")
(host == \"s.videos.globo.com\")
(host == \"gshow.globo.com\")
(host == \"voddownload02.video.globo.com\")
(host == \"secure.nuuvem.com\")) { return 'PROXY br-node.proxmate.me:8008' } else { return 'DIRECT'; }}"
FF NetworkProxy: "backup.ftp", "192.168.50.12"
FF NetworkProxy: "backup.ftp_port", 800
FF NetworkProxy: "backup.socks", "192.168.50.12"
FF NetworkProxy: "backup.socks_port", 800
FF NetworkProxy: "backup.ssl", "192.168.50.12"
FF NetworkProxy: "backup.ssl_port", 800
FF NetworkProxy: "ftp", "192.168.50.12"
FF NetworkProxy: "ftp_port", 800
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "192.168.50.12"
FF NetworkProxy: "socks_port", 800
FF NetworkProxy: "ssl", "192.168.50.12"
FF NetworkProxy: "ssl_port", 800
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll [2012-08-31] (AuthenTec, Inc)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-09-11] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-01-09] (Nitro PDF)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1302534699-97203762-3128929895-1002: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Claude\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-1302534699-97203762-3128929895-1002: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2012-12-14] (Intel)
FF Plugin HKU\S-1-5-21-1302534699-97203762-3128929895-1002: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2012-12-14] (Intel)
FF user.js: detected! => C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\q5s8fadw.default\user.js [2016-01-06]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\q5s8fadw.default\searchplugins\default.xml [2016-01-06]
FF SearchPlugin: C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\q5s8fadw.default\searchplugins\softonic.xml [2013-11-27]
FF Extension: ProxMate - C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\q5s8fadw.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2016-01-07]
FF Extension: Search Too Know - C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\q5s8fadw.default\Extensions\{4728ba22-69f3-4051-85ae-00171af3c040}.xpi [2016-01-06] [ist nicht signiert]
FF Extension: Easy Youtube Video Downloader Express - C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\q5s8fadw.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2015-12-26]
FF Extension: Adblock Plus - C:\Users\Claude\AppData\Roaming\Mozilla\Firefox\Profiles\q5s8fadw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2016-01-07] [ist nicht signiert]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Claude\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Claude\AppData\Local\Google\Chrome\User Data\default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-11-27]
CHR HKLM-x32\...\Chrome\Extension: [iokmdlapebooifaijckgcmncjdpojmjl] - C:\Program Files\Lenovo Fingerprint Reader\x86\tschrome.crx [2012-08-02]
StartMenuInternet: Google Chrome - Chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ADVService; C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe [25704 2011-11-23] (Amazon.com) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-01-21] (Lenovo Corporation)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [959192 2013-02-26] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [139568 2012-11-09] (Lenovo)
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139496 2012-08-31] (AuthenTec, Inc)
R2 Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [235488 2012-12-14] (LENOVO INCORPORATED.)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2016472 2015-01-23] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [576992 2012-12-14] (LENOVO INCORPORATED.)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [626120 2015-01-21] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [474608 2014-08-12] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [469720 2015-01-09] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272864 2015-12-10] (Lenovo)
R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [226624 2011-01-27] ()
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-01-09] (Nitro PDF Software)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [Datei ist nicht signiert]
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2015-11-11] ()
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-03] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6835784 2013-05-07] (Broadcom Corporation)
R3 btwpanfl; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [63792 2012-11-09] (Windows (R) Win 7 DDK provider)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
R3 RCUVCAVS; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [149632 2012-10-22] (Ricoh co.,Ltd.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288480 2012-12-13] (Realtek Semiconductor Corp.)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [28912 2013-03-18] (Synaptics Incorporated)
S3 SWIX64; C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [34976 2015-06-29] (Lenovo Group Limited)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-09 11:45 - 2016-01-09 11:47 - 00044953 _____ C:\Users\Claude\Downloads\FRST.txt
2016-01-09 11:45 - 2016-01-09 11:45 - 00000000 ____D C:\FRST
2016-01-09 11:42 - 2016-01-09 11:44 - 02370560 _____ (Farbar) C:\Users\Claude\Downloads\FRST64.exe
2016-01-09 02:34 - 2016-01-09 02:34 - 00092978 _____ C:\Users\Claude\Desktop\avira scan 09.01..txt
2016-01-08 20:23 - 2016-01-08 20:23 - 00000000 ____D C:\Users\Claude\AppData\Roaming\Avira
2016-01-08 20:21 - 2016-01-08 20:21 - 00002051 _____ C:\Users\Public\Desktop\Avira Antivirus.lnk
2016-01-08 20:21 - 2016-01-08 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-01-08 20:18 - 2016-01-08 20:18 - 00000000 ____D C:\ProgramData\Avira
2016-01-08 20:18 - 2016-01-08 20:18 - 00000000 ____D C:\Program Files (x86)\Avira
2016-01-08 20:18 - 2015-12-03 15:24 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-01-08 20:18 - 2015-12-03 15:24 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-01-08 20:18 - 2015-12-03 15:24 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-01-08 20:18 - 2015-12-03 15:24 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-01-08 19:57 - 2016-01-08 20:10 - 221795056 _____ C:\Users\Claude\Downloads\avira_antivirus_de129-de(1).exe
2016-01-08 14:24 - 2016-01-08 14:24 - 00502412 _____ C:\Users\Claude\Downloads\zugticket thies hamburg.pdf
2016-01-08 14:23 - 2016-01-08 14:23 - 00502162 _____ C:\Users\Claude\Downloads\FLT_8GV4HN2592_0.pdf
2016-01-08 13:10 - 2016-01-08 13:10 - 00000000 ___HD C:\$Windows.~WS
2016-01-08 13:07 - 2016-01-08 13:10 - 18446336 _____ (Microsoft Corporation) C:\Users\Claude\Downloads\MediaCreationTool.exe
2016-01-08 12:25 - 2016-01-08 12:25 - 00000000 ____D C:\Users\Claude\Desktop\Isas Stick
2016-01-07 15:35 - 2016-01-07 22:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-06 18:41 - 2016-01-06 18:41 - 07635472 _____ (Microsoft Corporation) C:\Users\Claude\Downloads\GetWindows10-Web_Default_Attr.exe
2016-01-06 18:40 - 2016-01-09 02:32 - 00000000 ____D C:\Program Files (x86)\Search Too Know
2016-01-06 18:40 - 2016-01-08 20:34 - 00000000 ____D C:\ProgramData\457082ba-095e-4f86-8a98-c078f3146538
2016-01-06 18:40 - 2016-01-06 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2016-01-06 18:40 - 2016-01-06 18:40 - 00000000 ____D C:\Program Files (x86)\Magical Jelly Bean
2016-01-03 17:43 - 2016-01-03 17:43 - 00591849 _____ C:\Users\Claude\Desktop\sparkasse amazon.pdf
2015-12-21 08:42 - 2015-12-21 08:44 - 221795056 _____ C:\Users\Claude\Downloads\avira_antivirus_de129-de.exe
2015-12-18 08:59 - 2015-12-18 09:07 - 00000000 ____D C:\Users\Claude\AppData\Roaming\LSC
2015-12-18 00:10 - 2015-12-18 00:10 - 00002018 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2015-12-18 00:06 - 2015-12-18 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-12-17 19:39 - 2015-12-17 19:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-17 19:39 - 2015-12-17 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-11 00:22 - 2015-12-11 00:22 - 00188104 _____ C:\ods.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-09 11:46 - 2015-06-09 14:35 - 00001246 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1302534699-97203762-3128929895-1002UA.job
2016-01-09 11:45 - 2014-08-22 10:43 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-09 11:45 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-09 11:28 - 2013-08-28 15:55 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1302534699-97203762-3128929895-1002
2016-01-09 11:05 - 2013-05-07 15:21 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2016-01-09 11:02 - 2014-01-22 07:36 - 00000000 __RDO C:\Users\Claude\SkyDrive
2016-01-09 11:02 - 2013-08-26 21:36 - 00000000 ____D C:\Users\Claude\AppData\LocalLow\AuthenTec
2016-01-09 00:42 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-08 23:23 - 2014-02-02 00:24 - 00003934 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C4422E06-7432-4E3B-BE2C-FD84CCCEE099}
2016-01-08 22:46 - 2015-06-09 14:35 - 00001194 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1302534699-97203762-3128929895-1002Core.job
2016-01-08 19:56 - 2014-01-21 20:32 - 00000000 ___DC C:\WINDOWS\Panther
2016-01-08 12:30 - 2013-11-14 08:27 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-08 12:30 - 2013-11-14 08:11 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-08 12:30 - 2013-11-14 08:11 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-07 22:53 - 2013-10-20 12:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-07 22:48 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2016-01-07 22:34 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-07 21:08 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-07 21:03 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Registration
2016-01-07 21:02 - 2014-01-21 20:42 - 00028578 _____ C:\WINDOWS\diagwrn.xml
2016-01-07 21:02 - 2014-01-21 20:42 - 00028578 _____ C:\WINDOWS\diagerr.xml
2016-01-07 15:48 - 2013-08-26 21:36 - 00000000 ____D C:\Users\Claude\AppData\Local\Packages
2016-01-07 15:48 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-07 15:48 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-07 15:32 - 2013-09-30 17:11 - 00000000 ___RD C:\Users\Claude\Dropbox
2016-01-07 15:32 - 2013-09-30 17:02 - 00000000 ____D C:\Users\Claude\AppData\Roaming\Dropbox
2016-01-07 15:17 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-06 18:40 - 2013-11-27 19:22 - 00000000 ____D C:\Users\Claude\AppData\Roaming\OpenCandy
2016-01-06 12:43 - 2014-07-28 14:22 - 00000000 ____D C:\Users\Claude\AppData\Local\Spotify
2016-01-06 12:41 - 2014-07-28 14:21 - 00000000 ____D C:\Users\Claude\AppData\Roaming\Spotify
2016-01-06 10:05 - 2013-09-17 20:48 - 00000000 ____D C:\Users\Claude\AppData\Roaming\vlc
2016-01-05 21:17 - 2013-10-26 20:19 - 00000000 ____D C:\Users\Claude\AppData\Roaming\dvdcss
2015-12-30 00:25 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-29 22:45 - 2014-08-22 10:43 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-27 19:59 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-26 18:58 - 2015-09-08 14:12 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-26 09:48 - 2015-04-17 07:11 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-26 09:48 - 2015-04-17 07:11 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-21 12:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-12-21 08:32 - 2014-02-28 16:40 - 00000000 ____D C:\Temp
2015-12-18 16:43 - 2015-04-06 11:54 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-12-18 16:43 - 2015-04-06 11:54 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-12-18 00:10 - 2013-05-07 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-12-18 00:10 - 2013-05-07 15:01 - 00000000 ____D C:\Program Files\Lenovo
2015-12-18 00:10 - 2013-05-07 15:01 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-12-18 00:09 - 2013-05-07 15:20 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2015-12-18 00:07 - 2013-05-07 23:59 - 00000000 ____D C:\ProgramData\Lenovo
2015-12-18 00:07 - 2013-05-07 15:21 - 00000000 ____D C:\WINDOWS\System32\Tasks\TVT
2015-12-17 23:52 - 2013-09-17 18:48 - 00000000 ____D C:\Users\Claude\AppData\Local\ElevatedDiagnostics
2015-12-17 22:55 - 2013-09-14 23:22 - 00000000 ____D C:\Users\Claude\AppData\Roaming\Skype
2015-12-17 19:39 - 2014-05-03 20:58 - 00000000 ____D C:\Users\Claude\AppData\Local\Skype
2015-12-17 19:39 - 2014-05-03 20:57 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-17 19:39 - 2013-09-14 23:21 - 00000000 ____D C:\ProgramData\Skype
2015-12-16 20:15 - 2013-08-28 17:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-16 20:09 - 2013-08-28 17:24 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-16 09:50 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-16 09:48 - 2013-09-09 20:36 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-12-14 19:55 - 2015-03-03 07:13 - 00000000 ____D C:\Users\Claude\Desktop\7. Klasse Geschichte
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-08-26 21:37 - 2013-09-09 20:47 - 0005275 _____ () C:\Users\Claude\AppData\Roaming\AbsoluteReminder.xml
2013-05-07 15:04 - 2013-05-07 15:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-05-07 15:30 - 2013-05-07 15:30 - 0000198 ____H () C:\ProgramData\Lenovo-9248.vbs
2013-05-07 15:36 - 2014-12-26 10:42 - 0916874 _____ () C:\ProgramData\MH_ErrorLog.txt
2013-05-07 15:27 - 2013-05-07 15:27 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log
2013-05-07 15:22 - 2013-05-07 15:24 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2013-05-07 15:24 - 2013-05-07 15:26 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2013-05-07 15:26 - 2013-05-07 15:27 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log
Einige Dateien in TEMP:
====================
C:\Users\Claude\AppData\Local\Temp\avgnt.exe
C:\Users\Claude\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplzkzwg.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-01-07 22:45
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-01-2015
durchgeführt von Claude (2016-01-09 11:47:24)
Gestartet von C:\Users\Claude\Downloads
Windows 8.1 (X64) (2014-01-21 20:35:06)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1302534699-97203762-3128929895-500 - Administrator - Disabled)
Claude (S-1-5-21-1302534699-97203762-3128929895-1002 - Administrator - Enabled) => C:\Users\Claude
Gast (S-1-5-21-1302534699-97203762-3128929895-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.9 - Absolute Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.204 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon Unbox Video (HKLM-x32\...\InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}) (Version: 2.2.0.153 - Amazon.com)
Amazon Unbox Video (x32 Version: 2.2.0.153 - Amazon.com) Hidden
AMD Catalyst Install Manager (HKLM\...\{34C59E48-C7B8-E65A-6887-D8992F1CE88B}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.33.00 - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.59.91 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-J4510DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
Dot4 (HKLM\...\{DD411225-A527-4C56-91BE-15D888B3CCDE}) (Version: 1.0.0.0 - HP)
Dropbox (HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Fingerprint Reader (HKLM\...\{1CACE706-D749-44CA-BBFE-AF60946D1B18}) (Version: 6.0.200.75 - AuthenTec, Inc.)
Integrated Camera Driver Installer Package Ver.1.0.0.26 (HKLM-x32\...\{F8754583-7893-4CD8-9E51-1A08F3D4C1A9}) (Version: 1.0.0.26 - RICOH)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41651) (Version: 3.8.0.41651.58 - Intel)
Intel(R) Update Manager (x32 Version: 1.0.0.34813 - Intel Corporation) Hidden
iTunes (HKLM\...\{37D0157F-45C6-4DB2-9AE5-489DD98CE169}) (Version: 11.1.2.31 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.02 - )
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.6000 - Broadcom Corporation)
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.03.13 - )
Lenovo QuickLaunch (HKLM-x32\...\{FF80FE61-64E6-4DDC-93E5-5E47969AAB24}) (Version: 1.2.0010 - Lenovo Group Limited)
Lenovo Settings - Power (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 7.49.4 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{4386A5EF-BD23-49F4-9DAD-CD76B4F6A8BF}) (Version: 2.8.006.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0019 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Lexware Info Service (HKLM-x32\...\{85BF9FDB-BD5B-407C-9CAE-3542E5164783}) (Version: 4.00.00.0075 - Haufe-Lexware GmbH & Co.KG)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4779.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
ModEco (HKLM-x32\...\{36C99A75-436C-49DB-9A33-601606A04903}) (Version: 1.0.0 - UCMerced)
MotoHelper 2.0.45 Driver 5.0.0 (HKLM-x32\...\MotoHelper) (Version: 2.0.45 - Motorola)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 5.0.0 (Version: 5.0.0 - Motorola Inc.) Hidden
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nitro Pro 8 (HKLM\...\{73CBF5CA-73F0-41A7-87CD-190746E41263}) (Version: 8.0.10.9 - Nitro)
Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PowerDVD Create (HKLM-x32\...\InstallShield_{DE485075-8CD3-4A1E-9ABC-6412EBA44872}) (Version: 10.0 - CyberLink Corp.)
PowerDVD Create 10 (x32 Version: 10.0.1.2020 - CyberLink Corp.) Hidden
PowerXpressHybrid (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
QuickSteuer 2014 (HKLM-x32\...\{52DD1288-FA17-4062-8280-532C89A7E2F2}) (Version: 20.06.00.0001 - Haufe-Lexware GmbH & Co.KG)
RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 2.1.1.0 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.29048 - Realtek Semiconductor Corp.)
Scansoft PDF Professional (x32 Version: - ) Hidden
Search Too Know (HKLM-x32\...\Search Too Know) (Version: 2.0.5849.8578 - Search Too Know) <==== ACHTUNG
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)
SopCast 3.2.9 (HKLM-x32\...\SopCast) (Version: 3.2.9 - www.sopcast.com)
Spotify (HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
SteuerSparErklärung 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.14.99 - Akademische Arbeitsgemeinschaft)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.80.99066 - SugarSync, Inc.)
tax 2015 (HKLM-x32\...\{4CF96070-DEE5-43B5-B6A7-23AC07BC0C77}) (Version: 22.00.8811 - Buhl Data Service GmbH)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.9 - Lenovo)
VideoLAN Movie Creator (HKLM-x32\...\VLMC) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WaveEditor (x32 Version: 1.0.1.4406 - CyberLink Corp.) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Lenovo 1.66.00.07 (08/15/2012 1.66.00.07) (HKLM\...\E56A6B34B44A7A597FFEBE0E14D81095E0FD4D73) (Version: 08/15/2012 1.66.00.07 - Lenovo)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1302534699-97203762-3128929895-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Claude\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1302534699-97203762-3128929895-1002_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-1302534699-97203762-3128929895-1002_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-1302534699-97203762-3128929895-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Claude\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1302534699-97203762-3128929895-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Claude\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1302534699-97203762-3128929895-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Claude\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1302534699-97203762-3128929895-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Claude\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1302534699-97203762-3128929895-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Claude\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1302534699-97203762-3128929895-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Claude\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1302534699-97203762-3128929895-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Claude\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1302534699-97203762-3128929895-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Claude\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1302534699-97203762-3128929895-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Claude\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1302534699-97203762-3128929895-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Claude\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00AE243A-5812-4537-9482-09971F8BED71} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {243A5439-40BB-46E8-B568-98AFB804B026} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-16] (Microsoft Corporation)
Task: {33092261-62D8-4B6B-95AE-304755C92363} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1302534699-97203762-3128929895-1002Core => C:\Users\Claude\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-09] (Dropbox, Inc.)
Task: {3438D4E9-5210-4701-A3D9-D50037E5C999} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-12-10] (Lenovo)
Task: {3B82BB0F-1B98-4FA8-907E-06D3D02F1249} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {4676C8E3-1725-44F4-906C-96959137CFCA} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.EXE
Task: {57E3A0CC-9CD3-4763-BFDC-B51E2155134E} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-12-10] (Lenovo)
Task: {650C3DF0-71D8-463E-A91E-0129F9F6E07F} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {6C88AFB6-2780-44A7-BF26-E58A8C003BEA} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-12-10] (Lenovo)
Task: {7592C5B8-45F4-414B-9A37-EB3F3B59C8B0} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {773BDAA5-EF98-4BE9-BAD0-26E27F1F55F2} - System32\Tasks\StartPowerDVDService => C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
Task: {7B01E239-0AF4-4147-BE74-6BD42770E56E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1302534699-97203762-3128929895-1002UA => C:\Users\Claude\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-09] (Dropbox, Inc.)
Task: {7E70FA0C-750F-443C-9B55-8AC87A202A62} - System32\Tasks\Lenovo\Lenovo-9248 => C:\ProgramData\Lenovo-9248.vbs [2013-05-07] ()
Task: {81E4B4D1-B489-4CC9-B0AC-9EBF2504CA97} - System32\Tasks\CLMLSvc => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2012-05-24] (CyberLink)
Task: {870F7FA1-1378-44CE-9D82-A85B033E519D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {8A58A0EF-1C6F-4957-9E95-A9F9D971C472} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {909C6F03-FD65-4EDA-86E5-30D06FC725D6} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {94A0AA6D-F6FF-42F2-9D87-4A4CA91AE8DD} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {96A8D137-8A00-4FDF-9C77-D450B489A795} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-11-11] ()
Task: {980DA238-94F3-4BEC-9A7C-B2A3543472CC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated)
Task: {9B5FF9C9-014A-4FEE-A8CF-BE887C31AE10} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-12-10] (Lenovo)
Task: {9F96B875-F657-40FB-8396-033B27A9A4B9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-12-15] (Microsoft Corporation)
Task: {B6276827-EC74-400A-AE6C-69F505466D6A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {C0D20A9F-6956-4D21-8C9C-C96FADB3DDBA} - System32\Tasks\Dolby => c:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
Task: {C920ABFA-ADAD-4AF1-8A7E-8CA57399825C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {CC30E4BC-E29F-43AF-9584-B07C71CB423E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-12-10] (Lenovo)
Task: {D86B6250-E405-4B8E-9958-E2CDCABA65B7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {E01A724B-421F-400E-A782-F47284E4325B} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {F0C49891-A191-4D8B-BD78-1D11F2C515DE} - \EPUpdater -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1302534699-97203762-3128929895-1002Core.job => C:\Users\Claude\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1302534699-97203762-3128929895-1002UA.job => C:\Users\Claude\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-05-07 15:34 - 2015-01-16 07:49 - 00118272 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.dll
2015-07-01 08:45 - 2015-07-01 08:45 - 00022528 _____ () C:\WINDOWS\System32\us005lm.dll
2008-10-24 15:35 - 2008-10-24 15:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2013-02-26 17:46 - 2013-02-26 17:46 - 00049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2014-03-23 13:05 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-01-27 22:13 - 2011-01-27 22:13 - 00226624 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
2014-01-06 16:56 - 2005-04-22 05:36 - 00143360 ____N () C:\WINDOWS\system32\BrSNMP64.dll
2015-11-17 10:30 - 2015-11-17 10:30 - 01259520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\84819467f44d3da49aa14236af8fcc9a\Windows.Networking.ni.dll
2013-02-05 18:01 - 2015-01-09 15:40 - 00469720 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
2012-08-31 03:43 - 2012-08-31 03:43 - 01130344 _____ () C:\Program Files\Lenovo Fingerprint Reader\DataManager.dll
2012-08-31 03:43 - 2012-08-31 03:43 - 00087400 _____ () C:\Program Files\Lenovo Fingerprint Reader\ssutil.dll
2011-01-27 22:13 - 2011-01-27 22:13 - 00673088 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
2013-02-05 18:01 - 2015-01-09 15:40 - 00013528 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
2013-05-07 15:34 - 2015-01-16 07:49 - 00118272 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2012-08-31 03:44 - 2012-08-31 03:44 - 04622184 _____ () C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
2013-09-13 18:51 - 2013-09-13 18:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 18:51 - 2013-09-13 18:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-07 15:34 - 2015-01-07 09:29 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2013-05-07 15:34 - 2015-01-07 09:29 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2011-11-23 20:21 - 2011-11-23 20:21 - 00105576 ____R () C:\Program Files (x86)\Amazon\Amazon Unbox Video\LimelightDownloadManager.dll
2015-11-20 10:09 - 2015-11-20 10:09 - 00799232 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\86865ced79f3180ebdfa736d895e5edb\Windows.Networking.ni.dll
2015-11-18 10:23 - 2015-11-18 10:23 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\16c3eb7650767d95d002c998d0c73eb5\Windows.Foundation.ni.dll
2012-05-24 20:19 - 2012-05-24 20:19 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2012-05-24 20:19 - 2012-05-24 20:19 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-08-31 03:44 - 2012-08-31 03:44 - 00900456 _____ () C:\Program Files\Lenovo Fingerprint Reader\x86\DataManager.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Claude\Desktop\2015-03-17 18.43.25.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Amazon Unbox.lnk"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "LenovoOptMouseUpdate"
HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run: => "LnvMobHotspotClient"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "TpShocks"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "LMCSSTART3"
HKLM\...\StartupApproved\Run: => "LMCSSTART2"
HKLM\...\StartupApproved\Run: => "LMCSSTART1"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "Intel AppUp(R) center"
HKLM\...\StartupApproved\Run32: => "Fastboot"
HKLM\...\StartupApproved\Run32: => "RotateImage"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "PDF5 Registry Controller"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\StartupApproved\Run: => "AmazonMP3DownloaderHelper"
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\StartupApproved\Run: => "DVSSkypeRecorder"
HKU\S-1-5-21-1302534699-97203762-3128929895-1002\...\StartupApproved\Run: => "Dropbox Update"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{97718295-6F5F-4405-847E-B3991D93CBA0}C:\users\claude\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\claude\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{31B1530D-DFD2-4916-8882-28DDD6F294E9}C:\users\claude\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\claude\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{8493A31C-6ADD-45FB-BC3A-02BFABE55A98}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{0D073ACD-063C-4703-87D2-11D47C359E80}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4B2DF9CA-6D51-4ED7-B260-36AF9838B700}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A45F280F-44A6-4762-AF0E-0B4B474A3CCF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{ACFA914E-DB06-4FAB-8672-CF7F0D3135CC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CEEF3685-D7BA-4F50-A83F-BFC137C30474}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{5B9BAFEB-DBA5-4B14-B8C9-526BCB8EF961}] => (Allow) C:\Users\Claude\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{EA61EA75-7708-467A-B36B-03B7D8B50DCD}] => (Allow) C:\Users\Claude\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1F8E0674-45AE-41BD-B4BC-64C3DCC508C5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8A5F19B0-EB73-407E-A636-65694EC9194D}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [TCP Query User{6EEDE75A-E3BE-4DEA-B067-836E30E86AFF}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{4E7117BE-7F5A-4821-BEC6-13CE20353632}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{A41BD5A4-14FB-4CC1-8168-2A6B7FCDBCE7}] => (Allow) C:\Program Files (x86)\Brother\Brmfl12b\FAXRX.exe
FirewallRules: [{481176A5-9600-454A-8433-F5F0DB2BD7C0}] => (Allow) C:\Program Files (x86)\Brother\Brmfl12b\FAXRX.exe
FirewallRules: [{C1062C16-3F00-4056-A44C-3177E855CCFF}] => (Allow) LPort=54925
FirewallRules: [{D5C93201-2C77-434F-B09F-4D2EFB6E98AA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [TCP Query User{491BEFD4-1B25-468E-ACC4-4DAF74AA07AE}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{F7004D79-09D4-434A-90F6-848E6434708C}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{420C893C-96DC-4AA9-8D4F-F21494151ABB}C:\users\claude\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\claude\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{68A15C5D-54C2-4D01-8CAA-631EA8BB6DCF}C:\users\claude\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\claude\appdata\roaming\spotify\spotify.exe
FirewallRules: [{01839CE2-49F6-4266-B48F-7527FD020A90}] => (Block) C:\users\claude\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A3A2109D-4564-4F62-8CFA-D8B94656582B}] => (Block) C:\users\claude\appdata\roaming\spotify\spotify.exe
FirewallRules: [{111CD306-B00F-4FB6-9F23-1F675F6ABDB3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0E382712-190C-4CAD-9C75-B780B533A078}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F1F6A53C-6386-4522-B846-9620B75AA5A9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2BE11CBF-9DEB-4D76-A4E9-B816F9F20B5A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{AB743C0E-01D2-410E-AEBC-412B015BC6FE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D960D86D-24DC-48E1-ADDD-25B4D548B518}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0BDD76FD-B176-4B30-ACCC-A14AF1968EAA}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{CE381AB9-ABC7-4F03-AB11-77A5010C4CC6}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/08/2016 01:45:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1a2c
Startzeit: 01d14a11c7e8d791
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: bd6bf45c-b605-11e5-bf0b-a41731c0891a
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (01/08/2016 10:56:07 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/07/2016 11:37:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15438
Error: (01/07/2016 11:37:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15438
Error: (01/07/2016 11:37:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/07/2016 08:43:58 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe AIR -- Error 1606. Could not access network location (computed).
Error: (01/07/2016 08:43:58 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe AIR -- Error 1606. Could not access network location (computed).
Error: (01/07/2016 03:11:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ELFRIEDE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/07/2016 02:51:46 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe AIR -- Error 1606. Could not access network location (computed).
Error: (01/07/2016 02:51:46 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe AIR -- Error 1606. Could not access network location (computed).
Systemfehler:
=============
Error: (01/08/2016 08:31:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Update Mgr SearchTooKnow" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/08/2016 08:31:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Service Mgr SearchTooKnow" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/08/2016 12:39:58 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.109
registriert werden. Der Computer mit IP-Adresse 192.168.1.106 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/07/2016 10:34:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AppEx Networks Accelerator LWF" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error: (01/07/2016 10:34:24 PM) (Source: APXACC) (EventID: 1003) (User: )
Description: The NDIS6 LWF initialization has failed. (0xC0000001)
Error: (01/07/2016 10:34:02 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (01/07/2016 09:08:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062
Error: (01/07/2016 09:02:24 PM) (Source: DCOM) (EventID: 10010) (User: ELFRIEDE)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (01/07/2016 04:26:47 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "ISABEL",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{768DCEC1-6E2F-48EC-9451-9013B4220393}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (01/07/2016 03:29:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AppEx Networks Accelerator LWF" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
CodeIntegrity:
===================================
Date: 2016-01-08 14:03:24.371
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-08 14:03:24.012
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-08 14:03:23.604
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-08 14:03:23.197
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-08 14:03:22.791
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-08 14:03:22.354
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-08 14:02:57.721
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-08 14:02:57.034
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-08 14:02:56.440
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-08 14:02:55.971
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD A6-4400M APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 3506.98 MB
Verfügbarer physikalischer RAM: 1611 MB
Summe virtueller Speicher: 4210.98 MB
Verfügbarer virtueller Speicher: 1852.07 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:686.64 GB) (Free:554.87 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 69677AFB)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
| Themen zu Windows 8.1 Monate ohne Virenschutz unterwegs - langsam geworden, zahlreiche Funde von Antivir |
| 0xc0000001, antivir, antivirus, avira, bildschirm, bonjour, computer, desktop, dnsapi.dll, feedback, fehler, festplatte, firefox, flash player, homepage, hotspot, iexplore.exe, langsam, mozilla, object, office 365, prozesse, realtek, registry, rundll, scan, software, super, svchost.exe, taskmanager, windows |
Baum-Darstellung