Hallo cosinus
Ok - Avira und Spybot Search & Destroy deinstalliert
Schritt 1 - OK AdwCleaner(C1) Code:
# AdwCleaner v5.033 - Bericht erstellt am 07/02/2016 um 19:59:49
# Aktualisiert am 07/02/2016 von Xplode
# Datenbank : 2016-02-07.1 [Server]
# Betriebssystem : Windows 10 Pro (x64)
# Benutzername : cad - VISIOO01
# Gestartet von : C:\Users\cad\Desktop\adwcleaner_5.033.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\ProgramData\Uniblue
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\OB
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1826 Bytes] ##########
AdwCleaner(S1) Code:
# AdwCleaner v5.033 - Bericht erstellt am 07/02/2016 um 19:55:16
# Aktualisiert am 07/02/2016 von Xplode
# Datenbank : 2016-02-07.1 [Server]
# Betriebssystem : Windows 10 Pro (x64)
# Benutzername : cad - VISIOO01
# Gestartet von : C:\Users\cad\Desktop\adwcleaner_5.033.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
Ordner Gefunden : C:\ProgramData\Uniblue
***** [ Dateien ] *****
Datei Gefunden : C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
***** [ DLL ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\OB
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gefunden : HKLM\SOFTWARE\Uniblue
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.oursurfing.com/?type=hp&ts=1431012311&z=384dbbe4c70701be6317731g6z0c2gfe7g4o4c0e9b&from=2sq&uid=SamsungXSSDX850XEVOX250GB_S21PNSAFC67325E
Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.oursurfing.com/web/?type=ds&ts=1431012311&z=384dbbe4c70701be6317731g6z0c2gfe7g4o4c0e9b&from=2sq&uid=SamsungXSSDX850XEVOX250GB_S21PNSAFC67325E&q={searchTerms}
Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.oursurfing.com/?type=hp&ts=1431012311&z=384dbbe4c70701be6317731g6z0c2gfe7g4o4c0e9b&from=2sq&uid=SamsungXSSDX850XEVOX250GB_S21PNSAFC67325E
Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.oursurfing.com/?type=hp&ts=1431012311&z=384dbbe4c70701be6317731g6z0c2gfe7g4o4c0e9b&from=2sq&uid=SamsungXSSDX850XEVOX250GB_S21PNSAFC67325E
Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.oursurfing.com/web/?type=ds&ts=1431012311&z=384dbbe4c70701be6317731g6z0c2gfe7g4o4c0e9b&from=2sq&uid=SamsungXSSDX850XEVOX250GB_S21PNSAFC67325E&q={searchTerms}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
***** [ Internetbrowser ] *****
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2369 Bytes] ########## Schritt 2 Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 10 Pro x64
Ran by cad (Administrator) on 07.02.2016 at 20:06:12,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 8
Failed to delete: C:\ProgramData\lavasoft\web companion (Folder)
Failed to delete: C:\Program Files (x86)\lavasoft\web companion (Folder)
Successfully deleted: C:\Users\cad\AppData\Roaming\lavasoft\web companion (Folder)
Successfully deleted: C:\WINDOWS\wininit.ini (File)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERSCANNER.EXE-70AA0025.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERSCANNER.EXE-9FCCB5AD.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERSCANNER.TMP-B05F021E.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERSCANNER.TMP-BB751896.pf (File)
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{85A60A59-D3D8-468F-B598-FB4393789EF4} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.02.2016 at 20:07:04,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Schritt 3
Addition.txt Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von cad (2016-02-07 20:11:22)
Gestartet von C:\Users\cad\Desktop
Windows 10 Pro (X64) (2015-12-09 05:01:46)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-201849509-2042764125-1615774-500 - Administrator - Disabled)
cad (S-1-5-21-201849509-2042764125-1615774-1000 - Administrator - Enabled) => C:\Users\cad
DefaultAccount (S-1-5-21-201849509-2042764125-1615774-503 - Limited - Disabled)
Gast (S-1-5-21-201849509-2042764125-1615774-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)
ACA & MEP 2016 Object Enabler (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
AutoCAD 2015 - Deutsch (German) (Version: 20.0.210.0 - Autodesk) Hidden
AutoCAD 2015 - Deutsch (German) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - Deutsch (German) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2016 - Deutsch (German) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - Deutsch (German) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk)
Autodesk AutoCAD 2015 - Deutsch (German) (HKLM\...\AutoCAD 2015 - Deutsch (German)) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD 2015 - Deutsch (German) SP2 (HKLM\...\AutoCAD 2015 - Deutsch (German) SP2) (Version: 20.0.210.0 - Autodesk)
Autodesk AutoCAD 2016 - Deutsch (German) (HKLM\...\AutoCAD 2016 - Deutsch (German)) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk CAD Manager Tools (HKLM\...\{5783F2D7-0111-0409-0110-0060B0CE6BBA}) (Version: 16.0.0.65 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2016 (HKLM-x32\...\{415A5A54-325E-4815-9940-62A889CA3877}) (Version: 6.3.0.15 - Autodesk)
Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.12.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
Autodesk ReCap (Version: 1.3.1.39 - Autodesk) Hidden
Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)
Autodesk ReCap 2016 (Version: 1.5.0.33 - Autodesk) Hidden
Brother MFL-Pro Suite MFC-J6510DW (HKLM-x32\...\{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}) (Version: 1.0.20.0 - Brother Industries, Ltd.)
Canon iPF6400 User Manual (HKLM-x32\...\{3838ADB3-71A6-409F-9F39-EEF235441BBA}) (Version: 1.10 - Canon)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.2.100.14 - Citrix Systems, Inc.)
F140 (HKLM\...\{d1e17d14-cabc-4f6f-9f46-c7ecf813645e}.sdb) (Version: - )
GDR 2269 for SQL Server 2014 (KB3045324) (64-bit) (HKLM\...\KB3045324) (Version: 12.0.2269.0 - Microsoft Corporation)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Good Sync version 4.6.10 (HKLM-x32\...\Good Sync_is1) (Version: - Siber Systems, Inc.)
imagePROGRAF Color Calibration Management Console (HKLM-x32\...\{6BFF9E09-9DCD-4EC9-9EBB-289940BDE848}) (Version: 1.00.00 - Canon)
imagePROGRAF Device Setup Utility (HKLM-x32\...\{B3BDF1F4-0312-4307-811B-DE5E452A7AE6}) (Version: 4.60 - )
imagePROGRAF Printer Driver Extra Kit (HKLM-x32\...\{A2FF9286-F7D9-43B9-8CA2-11D48A08810B}) (Version: 2.11.00 - Canon)
imagePROGRAF Status Monitor (HKLM-x32\...\{66392B7C-C522-450D-97B7-B3E41E170C3B}) (Version: 25.20.001 - Canon)
iPF6400 Media Configuration Tool (HKLM-x32\...\{9D4C0BFB-9F0A-4304-809D-AA744D22C3BB}) (Version: 5.10.00 - Canon)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
JTL-Wawi (HKLM-x32\...\JTL-Wawi_is1) (Version: 1.0.6.0 - JTL-Software-GmbH)
MergeModule_x86 (x32 Version: 9.3.00 - Sony Corporation) Hidden
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{7D1C6D7B-8E3F-4724-94C8-AA7EB7F60AE0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{37C44B5C-E839-4A9D-9E20-A93E1B2FD35A}) (Version: 12.0.2269.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2014 (HKLM\...\{D390AADD-C825-4B31-8C79-83A9461D5524}) (Version: 12.0.2000.8 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
MySQL Connector Net 6.8.3 (HKLM-x32\...\{38157422-F952-42F7-88AA-CC16A63CD109}) (Version: 6.8.3 - Oracle)
Nuance PaperPort 12 (HKLM-x32\...\{2A770862-7142-4C77-8117-F933E4110A3F}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Online Plug-in (x32 Version: 14.2.100.14 - Citrix Systems, Inc.) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF24 Creator 7.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.0.00.08250 - Sony Corporation)
PMB_ModeEditor (x32 Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 10.0.00 - Sony Corporation) Hidden
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
QNAP Qfinder (HKLM-x32\...\QNAP_FINDER) (Version: 5.0.1.0225 - QNAP Systems, Inc.)
rayout 5.92 (HKLM\...\rayout 5.92_is1) (Version: - GAMMA-RAY Service-Center GmbH)
RSO GammaRay (HKLM\...\RSO GammaRay_is1) (Version: - GAMMA-RAY Service-Center GmbH)
Scansoft PDF Professional (x32 Version: - ) Hidden
Self-Service Plug-in (x32 Version: 4.2.100.5943 - Citrix Systems, Inc.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
SketchUp-Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 31.3.22220 - Sonos, Inc.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.6.201504291043 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.275 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony)
SQL Server 2014 Common Files (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2014 (HKLM-x32\...\{B7312B95-77C6-497E-A63F-596A77B20F31}) (Version: 12.0.2000.8 - Microsoft Corporation)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TREPCAD St 3 (HKLM-x32\...\{5F2347F6-069D-4587-A046-6D90774E0677}) (Version: 3.12.0000 - TREPCAD GmbH)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{D8125A39-ADEE-4187-B04D-DB6CF489AF61}) (Version: 10.3.5500.0 - Microsoft Corporation)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version: - Microsoft)
Verfügbare Autodesk-Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Verfügbare Autodesk-Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Web Companion (HKLM-x32\...\{f8b6073c-1bcc-4b74-9543-291a4d560172}) (Version: 2.2.1305.2570 - Lavasoft)
Wunderlist - Wunderlist (HKLM-x32\...\Wunderlist Wunderlist) (Version: 3.4.3 - Wunderlist)
Zubehör (HKLM\...\Zubehör_is1) (Version: - GAMMA-RAY Service-Center GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-201849509-2042764125-1615774-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-201849509-2042764125-1615774-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-201849509-2042764125-1615774-1000_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-201849509-2042764125-1615774-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\cad\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-201849509-2042764125-1615774-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\de-DE\acadficn.dll (Autodesk, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0488B963-3FE4-4A80-8904-05D9F153F720} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {09373EBA-27FD-4638-B806-950B8B133824} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {1820286A-D5A5-457B-BAE0-B16D67C7F460} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {1B9A191D-BFFC-4379-8B4E-DCA9454A9630} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {31A1D19D-D579-49CA-8E19-0853719C576C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {34EB3EAA-34D2-491C-80CE-B3064A9625FA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {389E8060-E0A1-4BFC-BC53-F59579F57A94} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {3A69E721-F448-4B4C-A442-BB373F3D29A8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {3AB74651-3C0B-46E4-8239-9745FF9C1ADC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {41B43087-10E0-43C1-B3EA-DF16F32E7AC2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {58B5435F-B9B2-47D8-8339-0C1FEEF3E12C} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {64AE5250-FD3F-4D7B-86C7-EE72DB01D269} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {6607C06F-9825-4550-B3D4-927581ABA57E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6A4F39C5-D28C-4B56-9158-006D68FD2A30} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {6B9EBC3D-F8E0-404C-A1EC-3AD4FF430619} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {7181A568-36C6-4422-8AB3-290E9C4B53B8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7800EEE1-DE68-4867-8C33-77FBBD1F7D3F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {7DC1156E-DADB-45D4-8E24-1F3835C0998B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {800E37D6-E9A9-4694-ABF4-F608E9CD1B9B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {878FB5B4-EB38-4A9B-9657-3B5ABFFF3426} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {87F75D74-20F2-4D6F-8EBF-4B31DA4DD3ED} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {8906221B-55FE-4214-9B81-7FA109458EBB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {8C7E4258-A1B6-470A-8F9A-53531E56A5E3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {95E1819B-D490-4D02-BBB8-87E4542BF120} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {9F44612F-B0F2-41E6-B392-D66E60E03B10} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A3B57C8B-92CF-4665-9ACD-8043A70BA9A6} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {A52C3721-2842-43E2-880E-01EF77B914A6} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {AA05A078-33CD-45D9-B4F0-8CD4D086BE4D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {B27DD202-C73C-4B27-A3FA-63437D1E108C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {BB86E117-55AA-4301-8DFD-7E5F006D9D33} - System32\Tasks\{5CD9AB22-5F15-4095-9E55-C7F0F77BDE36} => pcalua.exe -a E:\paperport\PP12Installer.exe -d E:\paperport
Task: {BC41677D-C3EB-4F71-BA2F-9A5A934999BF} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {CB4F1F46-B609-4B5C-9630-8F412A133EEB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {DA4D374A-8E6E-453C-8F79-A942C77594EF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-16] (Microsoft Corporation)
Task: {DCD1806C-186B-4DF0-8ABC-ABE7571126DF} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [2015-02-25] ()
Task: {DE369432-7992-47C1-8052-7D4E1A023C68} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {E0677BF6-4472-43D8-BA62-BF84D07ABBDA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {E50E9A3A-4870-45C3-8F51-A6A3E443AE50} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {EAB57786-D0EE-4D1A-9F0B-2D729466C0BD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {F8C0BE92-0704-44E7-B14D-E29D986E5CFE} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {F970A557-9AC1-434E-A557-DDB981D6C044} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {FDACF98F-9907-4954-9C3D-6125ADF0F9C3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\cad\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.google.at
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.google.at
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-09 19:41 - 2015-12-12 13:01 - 00017168 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
2015-12-09 19:41 - 2015-12-12 13:01 - 00008976 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll
2015-12-09 19:41 - 2015-12-12 13:01 - 00028944 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll
2015-04-10 07:07 - 2010-03-16 00:04 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2015-12-09 03:42 - 2015-12-09 03:42 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-22 07:50 - 2016-01-22 07:50 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-09 03:42 - 2015-12-09 03:42 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-20 09:35 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-20 09:35 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 08:45 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 08:45 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 07:09 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 07:09 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-12 11:06 - 2014-12-05 03:27 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2015-03-12 11:06 - 2014-12-05 03:27 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2016-01-22 07:50 - 2016-01-22 07:50 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 07:50 - 2016-01-22 07:50 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7870 mehr Seiten.
IE trusted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7870 mehr Seiten.
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\123simsen.com -> www.123simsen.com
Da befinden sich 7870 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-03-31 17:28 - 2015-07-09 11:02 - 00450778 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
127.0.0.1 123simsen.com
Da befinden sich 15463 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-201849509-2042764125-1615774-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^imagePROGRAF Status Monitor.lnk => C:\Windows\pss\imagePROGRAF Status Monitor.lnk.CommonStartup
MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_134_Plugin.exe -update plugin
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: Redirector => "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
HKLM\...\StartupApproved\Run: => "AdAwareTray"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\StartupApproved\Run: => "Autodesk Sync"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{616C00C9-F932-4C04-A6A8-64449D220807}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F496A538-FC77-48C4-9365-3B2BD7FCD260}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F82CFF0E-9CA6-49D4-BB51-0B462ACEF1B4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9D530D4B-D0D8-4A2A-9C53-B4CF6134EECB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9F0373BA-1BA7-4148-B4C3-43F04AA2EBA0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F55EF96D-D3B1-45E0-8F2F-8BD511251438}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{F9393561-418B-445A-A355-9150DA68A7EC}] => (Allow) LPort=50248
FirewallRules: [{D3135B03-D6C2-4561-BCFA-F5CB71453ED9}] => (Allow) C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
FirewallRules: [{5D19BC18-951D-4202-A2FC-0B2D036A8C23}] => (Allow) C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
FirewallRules: [{D0CE188F-429E-4130-B751-3DA989D4445F}] => (Allow) C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
FirewallRules: [{7655783C-D1C4-46DF-9C28-AD3CA923891B}] => (Allow) C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
FirewallRules: [{00ACB28A-5325-43B8-A7EB-396275BA7342}] => (Allow) C:\Program Files (x86)\Canon\imagePROGRAF Device Setup Utility\cnwids.exe
FirewallRules: [{9C220AB8-0CD4-42C2-9499-6A0764A6B116}] => (Allow) C:\Program Files (x86)\Canon\imagePROGRAF Device Setup Utility\cnwids.exe
FirewallRules: [{8C407079-E96D-4D00-8A11-6C9B6DC04CA7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{002340D8-3627-498C-B75A-790CE85D9A8B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5BC83716-6B06-406A-9EF5-21E8015F3FAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{850B6240-193A-49A8-9743-D0C709FE5B4E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{128E3EDC-BAB1-47D7-A249-D9667F3038B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0FBC3436-9867-4122-B36E-0287D08318DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AEA532B8-9411-4805-AEF4-DD44AB099380}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{D3AEDE2D-B2E9-4C29-9680-609644B98F62}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe
FirewallRules: [UDP Query User{C90BE9A1-FBC0-4D85-B875-22D441158096}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe
FirewallRules: [{E81FAEA5-08E7-46CF-8E98-9D7D0B99DE4B}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{12673B1D-AA51-4333-A807-5847E1F4B781}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [TCP Query User{0806C589-ADB7-458D-9B37-C017314FE9E8}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{B9852D56-31D1-476A-B225-7E030CE7CA48}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{6EC0FA44-BEF7-42CC-A681-5CD9C650A9A8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B3A504D2-75AC-42AE-B437-CA9D5E8E02AA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{4535E863-F895-43AB-9F13-CB6C6899C26C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{EE8EC136-3830-4D41-A1A5-C136BAB853D4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{ED4A6501-80EE-4C65-8CAA-5CEDD1E62133}] => (Allow) C:\Users\cad\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{D2AF78F6-BD01-4DFD-9BBA-E2BC8D560B63}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{6EEA0F92-E45C-4287-939A-4EAE9A15B30D}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [TCP Query User{844CDA10-2C8F-4B1F-B469-A2B20B42E8BF}C:\program files (x86)\qnap\qfinder\qfinder.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinder.exe
FirewallRules: [UDP Query User{7F1D1344-22C5-430C-A11C-91BE50A362B4}C:\program files (x86)\qnap\qfinder\qfinder.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinder.exe
FirewallRules: [TCP Query User{F34CF203-B8BD-41B5-A522-A1316103FBC1}C:\program files (x86)\qnap\qfinder\qfinder.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinder.exe
FirewallRules: [UDP Query User{BD8BCF43-2312-4B57-B8B6-1175846B0F50}C:\program files (x86)\qnap\qfinder\qfinder.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinder.exe
FirewallRules: [{E7CE9232-D14E-41D2-9443-D00FE424D5BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D4ACFF95-DA98-41BF-8F39-DF7B5E2C78A6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1F1688D4-40B9-4A8A-A33A-942D4B65BE70}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BBB7BE95-A20B-40A7-A42B-AD57D1188D56}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Wiederherstellungspunkte =========================
31-01-2016 19:00:09 Windows-Sicherung
03-02-2016 09:09:09 Uniblue DriverScanner installation
07-02-2016 19:00:07 Windows-Sicherung
07-02-2016 20:06:14 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/07/2016 08:06:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (02/07/2016 08:01:26 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
Error: (02/07/2016 08:01:26 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]
Error: (02/07/2016 07:51:10 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
Error: (02/07/2016 07:51:10 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]
Error: (02/07/2016 07:29:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (02/07/2016 07:13:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (02/07/2016 07:13:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (02/07/2016 07:13:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (02/07/2016 07:00:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (02/07/2016 08:06:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/07/2016 08:06:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/07/2016 08:01:25 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (02/07/2016 08:00:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IE Search Set" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109
Error: (02/07/2016 08:00:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SQL Server-Browser" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (02/07/2016 08:00:48 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "SQLBrowser" konnte sich nicht als "NT AUTHORITY\LOCALSERVICE" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (02/07/2016 08:00:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LavasoftTcpService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109
Error: (02/07/2016 08:00:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_38265" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/07/2016 08:00:18 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (02/07/2016 07:59:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2016-02-07 19:55:02.829
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-03 09:37:13.524
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-02-01 19:55:35.354
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-30 09:58:20.714
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-29 07:48:51.015
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-28 07:14:53.265
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-15 08:58:13.960
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-14 14:08:16.196
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-08 09:59:58.956
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-03 22:45:14.481
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 4087.05 MB
Verfügbarer physikalischer RAM: 2489.5 MB
Summe virtueller Speicher: 8183.05 MB
Verfügbarer virtueller Speicher: 6427.51 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.35 GB) (Free:130.23 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:193.23 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: B4A5187F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8E1FD5A0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
FRST.txt Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
durchgeführt von cad (Administrator) auf VISIOO01 (07-02-2016 20:10:50)
Gestartet von C:\Users\cad\Desktop
Geladene Profile: cad & MSSQL$JTLWAWI (Verfügbare Profile: cad & MSSQL$JTLWAWI & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(CANON INC.) C:\Windows\System32\cnwiols6.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(CANON INC) C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.JTLWAWI\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [CnwiDeviceAgent] => C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe [72024 2012-03-08] (CANON INC.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (Schneider Electric)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [47432 2013-08-15] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2687520 2015-08-25] (Sony Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [221216 2015-11-18] (Geek Software GmbH)
HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)
HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-201849509-2042764125-1615774-1000\...\Policies\Explorer: []
HKU\S-1-5-80-2266128050-168046786-4118164591-2120174550-663538628\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2015-03-12]
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{1e5b6237-8a07-4cac-80aa-be252de4951e}: [DhcpNameServer] 192.168.0.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-201849509-2042764125-1615774-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-201849509-2042764125-1615774-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-06-16] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\cad\AppData\Roaming\Mozilla\Firefox\Profiles\e0x8rna6.default-1431071232833
FF NewTab: hxxps://www.google.com/
FF DefaultSearchEngine: Bing®
FF SelectedSearchEngine: Bing®
FF Homepage: hxxps://www.google.com/
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-28] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-28] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-04-08] (Citrix Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-201849509-2042764125-1615774-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\cad\AppData\Roaming\Mozilla\Firefox\Profiles\e0x8rna6.default-1431071232833\searchplugins\google-lavasoft.xml [2015-12-12]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 Canon imagePROGRAF Status Monitor; C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe [752472 2012-03-08] (CANON INC)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-01-16] (NVIDIA Corporation)
R2 iPFDeviceAgentService; C:\Windows\system32\cnwiols6.exe [206848 2012-01-17] (CANON INC.) [Datei ist nicht signiert]
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-12-12] (Lavasoft Limited)
R2 MSSQL$JTLWAWI; C:\Program Files\Microsoft SQL Server\MSSQL12.JTLWAWI\MSSQL\Binn\sqlservr.exe [370368 2015-06-10] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-01-16] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-01-16] (NVIDIA Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [496160 2015-08-25] (Sony Corporation)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17168 2015-12-12] ()
S4 SQLAgent$JTLWAWI; C:\Program Files\Microsoft SQL Server\MSSQL12.JTLWAWI\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-10] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [33240 2015-12-09] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-01-16] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S4 RsFx0300; C:\Windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-07 20:10 - 2016-02-07 20:11 - 00018542 _____ C:\Users\cad\Desktop\FRST.txt
2016-02-07 20:07 - 2016-02-07 20:09 - 00001281 _____ C:\Users\cad\Desktop\JRT.txt
2016-02-07 19:55 - 2016-02-07 20:04 - 00000000 ____D C:\AdwCleaner
2016-02-07 19:54 - 2016-02-07 19:54 - 01508352 _____ C:\Users\cad\Desktop\adwcleaner_5.033.exe
2016-02-07 19:47 - 2016-02-07 19:47 - 00002852 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-02-07 19:47 - 2016-02-07 19:47 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-02-07 19:47 - 2016-02-07 19:47 - 00000000 ____D C:\Program Files\CCleaner
2016-02-07 19:37 - 2016-02-07 20:10 - 02370560 _____ (Farbar) C:\Users\cad\Desktop\FRST64.exe
2016-02-07 19:36 - 2016-02-07 20:06 - 01609032 _____ (Malwarebytes) C:\Users\cad\Desktop\JRT.exe
2016-02-05 13:08 - 2016-02-07 10:56 - 00000198 ____H C:\Users\cad\Documents\Zeichnung1.dwl2
2016-02-05 13:08 - 2016-02-07 10:56 - 00000048 ____H C:\Users\cad\Documents\Zeichnung1.dwl
2016-02-04 19:22 - 2016-02-04 20:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-04 19:22 - 2016-02-04 19:43 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-04 19:22 - 2016-02-04 19:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-04 19:19 - 2016-02-04 19:42 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-03 17:38 - 2016-02-07 20:10 - 00000000 ____D C:\FRST
2016-02-03 17:08 - 2016-02-03 17:08 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-02-03 17:07 - 2016-02-03 17:30 - 00207400 _____ C:\WINDOWS\ntbtlog.txt
2016-02-03 14:21 - 2015-07-09 11:02 - 00450778 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20160203-142121.backup
2016-02-03 13:14 - 2015-07-09 11:02 - 00450778 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20160203-131440.backup
2016-02-03 13:13 - 2015-07-09 11:02 - 00450778 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20160203-131355.backup
2016-02-03 13:12 - 2015-07-09 11:02 - 00450778 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160203-131250.backup
2016-02-03 13:09 - 2016-02-03 13:09 - 00000000 ____D C:\Program Files\Common Files\AV
2016-02-03 13:08 - 2016-02-07 19:51 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-02-03 13:08 - 2016-02-03 13:08 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-02-03 09:10 - 2016-02-03 09:10 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-01-28 07:09 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-28 07:09 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-28 07:09 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-28 07:09 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-28 07:09 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 07:09 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 07:09 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-28 07:09 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-28 07:09 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-28 07:09 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 07:09 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-28 07:09 - 2016-01-16 07:21 - 22572624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-01-28 07:09 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-28 07:09 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 07:09 - 2016-01-16 07:20 - 06600904 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-01-28 07:09 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-28 07:09 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-28 07:09 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-28 07:09 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-28 07:09 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-28 07:09 - 2016-01-16 07:17 - 21125400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-01-28 07:09 - 2016-01-16 07:16 - 05238360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-01-28 07:09 - 2016-01-16 07:13 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-01-28 07:09 - 2016-01-16 07:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-01-28 07:09 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-28 07:09 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-28 07:09 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-28 07:09 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-28 07:09 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-28 07:09 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 07:09 - 2016-01-16 06:44 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-28 07:09 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-28 07:09 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 07:09 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-28 07:09 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 07:09 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 07:09 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-28 07:09 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 07:09 - 2016-01-16 06:40 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-01-28 07:09 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-28 07:09 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-28 07:09 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-28 07:09 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-28 07:09 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-28 07:09 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 07:09 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-28 07:09 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-28 07:09 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-28 07:09 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 07:09 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-28 07:09 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 07:09 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 07:09 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-28 07:09 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 07:09 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-28 07:09 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-28 07:09 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 07:09 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 07:09 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-28 07:09 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-28 07:09 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 07:09 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-28 07:09 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 07:09 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-28 07:09 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-28 07:09 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 07:09 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-28 07:09 - 2016-01-16 06:32 - 24602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-28 07:09 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 07:09 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-28 07:09 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-28 07:09 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-28 07:09 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 07:09 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 07:09 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-28 07:09 - 2016-01-16 06:30 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-28 07:09 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-28 07:09 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-28 07:09 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-28 07:09 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-28 07:09 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-28 07:09 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 07:09 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-28 07:09 - 2016-01-16 06:28 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-01-28 07:09 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-28 07:09 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 07:09 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-28 07:09 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-28 07:09 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-28 07:09 - 2016-01-16 06:26 - 19338752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-28 07:09 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-28 07:09 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 07:09 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-28 07:09 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 07:09 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-28 07:09 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 07:09 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-28 07:09 - 2016-01-16 06:24 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-28 07:09 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 07:09 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-28 07:09 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-28 07:09 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-28 07:09 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-28 07:09 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-28 07:09 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-28 07:09 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-28 07:09 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 07:09 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-28 07:09 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-28 07:09 - 2016-01-16 06:19 - 12126208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-28 07:09 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-28 07:09 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-28 07:09 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-28 07:09 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 07:09 - 2016-01-16 06:18 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-01-28 07:09 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-28 07:09 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-28 07:09 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-28 07:09 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-28 07:09 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-28 07:09 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-28 07:09 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-28 07:09 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-28 07:09 - 2016-01-16 06:09 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-01-25 07:53 - 2016-01-24 15:11 - 07747948 _____ C:\Users\cad\Desktop\2016-PL-Pivot-Test_02 -Original-Jochen.xlsx
2016-01-13 08:45 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 08:45 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-13 08:45 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-13 08:45 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 08:45 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 08:45 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 08:45 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 08:45 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-13 08:45 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 08:45 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 08:45 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 08:45 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 08:45 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-13 08:45 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-13 08:45 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 08:45 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 08:45 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 08:45 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 08:45 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-13 08:45 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-13 08:45 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 08:45 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-13 08:45 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 08:45 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 08:45 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-13 08:45 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-13 08:45 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-13 08:45 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-13 08:45 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-13 08:45 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-13 08:44 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-13 08:44 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-13 08:44 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 08:44 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 08:44 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-13 08:44 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-13 08:44 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 08:44 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-13 08:44 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 08:44 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 08:44 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 08:44 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-13 08:44 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-13 08:44 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-13 08:44 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-13 08:44 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-13 08:44 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-13 08:44 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-13 08:44 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-13 08:44 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-13 08:44 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-13 08:44 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-13 08:44 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 08:44 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-13 08:44 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-13 08:44 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-13 08:44 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-13 08:44 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-13 08:44 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 08:44 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 08:44 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 08:44 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-13 08:44 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 08:44 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-13 08:44 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-13 08:44 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 08:44 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-13 08:44 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-13 08:44 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-13 08:44 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 08:44 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-13 08:44 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-07 20:06 - 2015-12-09 19:41 - 00000000 ____D C:\Users\cad\AppData\Roaming\Lavasoft
2016-02-07 20:06 - 2015-12-09 03:47 - 02408304 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-07 20:06 - 2015-10-30 19:35 - 01012106 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-07 20:06 - 2015-10-30 19:35 - 00250116 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-07 20:06 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-07 20:01 - 2015-12-09 05:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-07 20:01 - 2015-12-09 03:46 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-07 20:00 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-07 19:51 - 2015-03-11 14:48 - 00000000 ____D C:\Program Files (x86)\Avira
2016-02-07 19:50 - 2015-03-23 18:48 - 00000000 ____D C:\Users\cad\Documents\Outlook-Dateien
2016-02-07 19:50 - 2015-03-11 14:48 - 00000000 ____D C:\ProgramData\Avira
2016-02-07 19:48 - 2015-12-09 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-02-07 19:48 - 2015-12-09 19:30 - 00000000 ____D C:\ProgramData\Lavasoft
2016-02-07 19:40 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-07 19:40 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-07 19:40 - 2015-08-13 08:43 - 00000000 ____D C:\Users\cad\AppData\Local\Packages
2016-02-07 18:18 - 2015-12-28 13:34 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CFB6CBBD-4699-470E-ABED-E62E4E27FF57}
2016-02-07 10:33 - 2015-03-25 20:36 - 00000000 ____D C:\Users\cad\AppData\Local\Wunderlist
2016-02-05 19:13 - 2015-03-30 19:42 - 00000000 ____D C:\Vendoc
2016-02-05 14:20 - 2015-07-21 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCADtoGAMMA-RAY
2016-02-05 09:08 - 2015-08-13 08:45 - 00002373 _____ C:\Users\cad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-03 17:04 - 2015-12-09 03:45 - 00415856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-03 16:23 - 2015-03-13 11:09 - 00000000 ____D C:\Users\cad\AppData\Roaming\TeamViewer
2016-02-03 09:31 - 2015-05-08 06:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-02-03 09:23 - 2015-03-22 14:13 - 00007599 _____ C:\Users\cad\AppData\Local\resmon.resmoncfg
2016-02-02 11:11 - 2015-12-09 03:47 - 00000000 ____D C:\Users\cad
2016-01-31 12:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-01-29 09:08 - 2015-03-13 11:20 - 00002916 _____ C:\Users\cad\Documents\acad.err
2016-01-29 07:59 - 2015-12-28 13:28 - 00002103 _____ C:\Users\Public\Desktop\AutoCAD 2016 - RSO 15.1.lnk
2016-01-29 07:47 - 2015-08-13 08:43 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-01-29 07:45 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-29 07:45 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-29 07:45 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-29 07:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-29 07:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-29 07:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-29 07:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-28 07:15 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-25 21:10 - 2015-04-15 10:20 - 00000000 ____D C:\Users\cad\AppData\Roaming\MyPhoneExplorer
2016-01-21 18:37 - 2015-04-03 10:22 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2016-01-19 10:41 - 2015-04-20 16:37 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2016-01-19 10:41 - 2015-04-20 16:37 - 00001028 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2016-01-19 10:41 - 2015-04-20 16:37 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-01-16 17:05 - 2015-08-12 07:14 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-16 16:03 - 2015-08-12 07:14 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-14 14:03 - 2016-01-07 07:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-14 14:03 - 2015-05-20 12:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 14:03 - 2015-05-20 12:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-14 14:03 - 2015-03-12 10:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-13 11:27 - 2015-05-20 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 11:23 - 2009-07-14 03:34 - 00000478 _____ C:\WINDOWS\win.ini
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-09-26 17:54 - 2015-09-26 17:54 - 0004608 _____ () C:\Users\cad\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-03 10:03 - 2015-12-03 10:03 - 0005636 _____ () C:\Users\cad\AppData\Local\recently-used.xbel
2015-03-22 14:13 - 2016-02-03 09:23 - 0007599 _____ () C:\Users\cad\AppData\Local\resmon.resmoncfg
2015-03-12 11:03 - 2015-03-12 11:03 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\cad\en_res.dll
C:\Users\cad\es_res.dll
C:\Users\cad\fr_res.dll
C:\Users\cad\grm_res.dll
C:\Users\cad\it_res.dll
C:\Users\cad\jp_res.dll
C:\Users\cad\mfc80u.dll
C:\Users\cad\msvcr80.dll
C:\Users\cad\PCPE Setup.exe
C:\Users\cad\pt_res.dll
C:\Users\cad\ResourceReader.dll
C:\Users\cad\ru_res.dll
C:\Users\cad\zh_res.dll
Einige Dateien in TEMP:
====================
C:\Users\cad\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-02-03 09:37
==================== Ende von FRST.txt ============================
ich hoffe ich habe alles richtig gemacht. Also bis bald und nocheinmal Danke.
Visioo |