Borsti1971 | 14.08.2016 22:47 | Erstmal vielen Dank für die genaue Anleitung und natürlich für die Hilfe. Hat etwas länger gedauert da mein firefox nicht mehr funktionierte.
Hier die Logfiles
Adweare: Code:
# AdwCleaner v6.000 - Bericht erstellt am 14/08/2016 um 20:58:29
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-08-13.3 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Vetter - VETTER-PC
# Gestartet von : C:\Users\Vetter\Desktop\adwcleaner_6.000.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\Vetter\AppData\Local\Babylon
[-] Ordner gelöscht: C:\Users\Vetter\AppData\Roaming\Babylon
[-] Ordner gelöscht: C:\Users\Vetter\AppData\Roaming\DigitalSites
[-] Ordner gelöscht: C:\Users\Vetter\AppData\Roaming\DriverCure
[-] Ordner gelöscht: C:\Users\Vetter\AppData\Roaming\ParetoLogic
[-] Ordner gelöscht: C:\Users\Vetter\AppData\Roaming\RHEng
[-] Ordner gelöscht: C:\Users\Vetter\AppData\Roaming\tencent
[-] Ordner gelöscht: C:\Users\Vetter\AppData\Roaming\Yahoo!\Companion
[#] Ordner mit Neustart gelöscht: C:\Users\Vetter\AppData\Roaming\digitalsites
[#] Ordner mit Neustart gelöscht: C:\Users\Vetter\AppData\Roaming\Tencent
[-] Ordner gelöscht: C:\ProgramData\Babylon
[-] Ordner gelöscht: C:\ProgramData\ParetoLogic
[-] Ordner gelöscht: C:\ProgramData\lavasoft\web companion
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Ordner gelöscht: C:\Program Files (x86)\lavasoft\web companion
[-] Ordner gelöscht: C:\Program Files (x86)\Common Files\ParetoLogic
[-] Ordner gelöscht: C:\Users\Public\Documents\dmp
[-] Ordner gelöscht: C:\Users\Vetter\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
[-] Ordner gelöscht: C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\npnkeeiehehhefofiekoflfedgehcdhl
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Aufgabe gelöscht: paretologic registration3
[-] Aufgabe gelöscht: paretologic update version3
[-] Aufgabe gelöscht: ParetoLogic Update Version3 Startup Task
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SOFTWARE\c96c6664-f8af-44c0-9550-74e66291b265
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Applications\iLividSetup-r390-n-bi.exe
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Applications\iLividSetup-r706-n-bi.exe
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f35037b2-2cf0-438a-9772-069e2022e893}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f35037b2-2cf0-438a-9772-069e2022e893}
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WebCakeUpdaterService
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ioloToolService.ToolManager
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\pc-mechanic
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Prod.cap
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\uus3url-pl
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{7D831388-D405-4272-9511-A07440AD2927}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{F51C15D4-3D0A-4DBA-A095-EBCC09F24DA2}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35B-6118-11DC-9C72-001320C79847}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35C-6118-11DC-9C72-001320C79847}]
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\IM
[-] Schlüssel gelöscht: HKU\S-1-5-21-370278466-1842527618-776855722-1001\Software\eSupport.com
[-] Schlüssel gelöscht: HKU\S-1-5-21-370278466-1842527618-776855722-1001\Software\GlobalUpdate
[-] Schlüssel gelöscht: HKU\S-1-5-21-370278466-1842527618-776855722-1001\Software\Myfree Codec
[-] Schlüssel gelöscht: HKU\S-1-5-21-370278466-1842527618-776855722-1001\Software\OCS
[-] Schlüssel gelöscht: HKU\S-1-5-21-370278466-1842527618-776855722-1001\Software\ParetoLogic
[-] Schlüssel gelöscht: HKU\S-1-5-21-370278466-1842527618-776855722-1001\Software\Snoozer
[-] Schlüssel gelöscht: HKU\S-1-5-21-370278466-1842527618-776855722-1001\Software\UpdateStar
[-] Schlüssel gelöscht: HKU\S-1-5-21-370278466-1842527618-776855722-1001\Software\Yahoo\Companion
[-] Schlüssel gelöscht: HKU\S-1-5-21-370278466-1842527618-776855722-1001\Software\Yahoo\YFriendsBar
[-] Schlüssel gelöscht: HKU\S-1-5-21-370278466-1842527618-776855722-1001\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-370278466-1842527618-776855722-1001\Software\LemurLeap
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\IM
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\eSupport.com
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\GlobalUpdate
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Myfree Codec
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\OCS
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\ParetoLogic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Snoozer
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\UpdateStar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Yahoo\Companion
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Yahoo\YFriendsBar
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Updater By Sweetpacks
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel gelöscht: HKLM\SOFTWARE\GlobalUpdate
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Myfree Codec
[-] Schlüssel gelöscht: HKLM\SOFTWARE\ParetoLogic
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Uniblue
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Yahoo\Companion
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Lavasoft\Web Companion
[-] Schlüssel gelöscht: HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\20E71B53321C641458DBDAF83979D193
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\20E71B53321C641458DBDAF83979D193
[-] Wert gelöscht: HKU\S-1-5-21-370278466-1842527618-776855722-1001\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Wert mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [AndroidServer.exe]
[-] Wert gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
[#] Wert mit Neustart gelöscht: HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
***** [ Browser ] *****
[-] Firefox Einstellungen bereinigt: "browser.search.hiddenOneOffs" - "Yahoo,Bing,DuckDuckGo,oursurfing"
[-] Firefox Einstellungen bereinigt:
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [13012 Bytes] - [14/08/2016 20:58:29]
C:\AdwCleaner\AdwCleaner[R0].txt - [25666 Bytes] - [02/12/2013 17:44:27]
C:\AdwCleaner\AdwCleaner[R1].txt - [1789 Bytes] - [30/12/2013 14:27:50]
C:\AdwCleaner\AdwCleaner[R2].txt - [8483 Bytes] - [28/10/2014 22:45:04]
C:\AdwCleaner\AdwCleaner[R3].txt - [1302 Bytes] - [28/10/2014 22:53:59]
C:\AdwCleaner\AdwCleaner[S0].txt - [24095 Bytes] - [02/12/2013 17:48:23]
C:\AdwCleaner\AdwCleaner[S1].txt - [1850 Bytes] - [30/12/2013 14:29:26]
C:\AdwCleaner\AdwCleaner[S2].txt - [7737 Bytes] - [28/10/2014 22:48:07]
C:\AdwCleaner\AdwCleaner[S3].txt - [17409 Bytes] - [14/08/2016 20:56:14]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [13673 Bytes] ##########
Jung: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Pro x64
Ran by Vetter (Administrator) on 14.08.2016 at 21:04:44,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 7
Successfully deleted: C:\ProgramData\iobit\driver booster (Folder)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\Vetter\AppData\Roaming\iobit\driver booster (Folder)
Successfully deleted: C:\Users\Vetter\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\staged (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Vetter) (Task)
Successfully deleted: C:\WINDOWS\wininit.ini (File)
Successfully deleted: C:\WINDOWS\prefetch\FREEAUDIOCONVERTER.EXE-49BAF362.pf (File)
Registry: 3
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\WBSVC (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.08.2016 at 21:11:01,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ First: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2016
durchgeführt von Vetter (Administrator) auf VETTER-PC (14-08-2016 22:03:43)
Gestartet von C:\Users\Vetter\Desktop\Programme\FRST
Geladene Profile: Vetter (Verfügbare Profile: Vetter & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.7.0.76\nsbu.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security with Backup\Engine\22.7.0.76\nsbu.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8521472 2015-08-27] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-05-03] (Alcor Micro Corp.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [970264 2016-06-09] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [3556920 2016-08-11] (Simply Super Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [970264 2016-06-09] (BlueStack Systems, Inc.)
HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\RunOnce: [Uninstall C:\Users\Vetter\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vetter\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine64\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\System Mechanic.lnk [2016-07-25]
ShortcutTarget: System Mechanic.lnk -> C:\Program Files (x86)\iolo\System Mechanic\SystemMechanic.exe (iolo technologies, LLC)
Startup: C:\Users\Vetter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk [2015-08-01]
Startup: C:\Users\Vetter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk [2016-06-20]
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
BootExecute: autocheck autochk *
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{3800a190-e8a9-4bf1-afa9-712423411bc1}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{d277ab90-1edc-4a07-953e-50a633555628}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=N360&pvid=21.7.0.11
HKU\S-1-5-21-370278466-1842527618-776855722-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11DEDE/WOL_WCP
SearchScopes: HKU\.DEFAULT -> {e4a1ece8-ed94-4f93-80ea-75f978ceaf24} URL =
SearchScopes: HKU\S-1-5-21-370278466-1842527618-776855722-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-370278466-1842527618-776855722-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NSBU&chn=1003&geo=DE&ver=22&locale=de_DE&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-370278466-1842527618-776855722-1001 -> {e4a1ece8-ed94-4f93-80ea-75f978ceaf24} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-03-31] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine64\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Kein Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Keine Datei
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-31] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security with Backup\Engine\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-27] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-27] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine64\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security with Backup\Engine\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-31] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-31] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Vetter\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-28] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-28] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-27] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-07] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-370278466-1842527618-776855722-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-09-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-09-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-09-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-09-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-09-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Vetter\AppData\Roaming\Mozilla\Firefox\Profiles\lduvjc0b.default-1381870987013\searchplugins\google-images.xml [2014-10-28]
FF SearchPlugin: C:\Users\Vetter\AppData\Roaming\Mozilla\Firefox\Profiles\lduvjc0b.default-1381870987013\searchplugins\google-maps.xml [2014-10-28]
FF SearchPlugin: C:\Users\Vetter\AppData\Roaming\Mozilla\Firefox\Profiles\lduvjc0b.default-1381870987013\searchplugins\youtube.xml [2015-11-15]
FF Extension: Stylish - C:\Users\Vetter\AppData\Roaming\Mozilla\Firefox\Profiles\lduvjc0b.default-1381870987013\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2016-01-25]
FF Extension: download extension - C:\Users\Vetter\AppData\Roaming\Mozilla\Firefox\Profiles\lduvjc0b.default-1381870987013\Extensions\{661a24ef-507f-46db-9f07-c48db5775986}.xpi [2016-03-15] [ist nicht signiert]
FF Extension: SpeedConverter - C:\Users\Vetter\AppData\Roaming\Mozilla\Firefox\Profiles\lduvjc0b.default-1381870987013\Extensions\{87f4a14c-a59f-4db4-ac3a-9ac67e75f804}.xpi [2015-12-19] [ist nicht signiert]
FF Extension: Live HTTP headers - C:\Users\Vetter\AppData\Roaming\Mozilla\Firefox\Profiles\lduvjc0b.default-1381870987013\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2015-05-29]
FF Extension: Tamper Data - C:\Users\Vetter\AppData\Roaming\Mozilla\Firefox\Profiles\lduvjc0b.default-1381870987013\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2015-05-29]
FF Extension: Adblock Plus - C:\Users\Vetter\AppData\Roaming\Mozilla\Firefox\Profiles\lduvjc0b.default-1381870987013\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-26]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.2.15\coFFAddon [2016-06-21]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NSBU_22.5.2.15\coFFAddon
FF HKLM-x32\...\Firefox\Extensions: [@greatdealz] - C:\Users\Vetter\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\@greatdealz.xpi => nicht gefunden
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-07-01] <==== ACHTUNG
Chrome:
=======
CHR HomePage: Default -> hxxp://www.facebook.de/
CHR StartupUrls: Default -> "hxxps://www.facebook.com/"
CHR Profile: C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-31]
CHR Extension: (Google Docs) - C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Norton Security Toolbar) - C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-07-14]
CHR Extension: (Google-Suche) - C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tampermonkey) - C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-08-04]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-01-06]
CHR Extension: (Google+) - C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2015-12-16]
CHR Extension: (Stylish) - C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2016-04-25]
CHR Extension: (Google Docs Offline) - C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-04]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2013-11-13] [UpdateUrl: hxxp://www.interoperabilitybridges.com/ChromeWMP/wmpChromeupdates.xml] <==== ACHTUNG
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (PAYBACK Internet Assistant) - C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbfjbhoglggakhkngkbfehgghkaadeba [2016-07-15]
CHR Extension: (Google Mail) - C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Vetter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-04]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.7.0.76\Exts\Chrome.crx [2016-06-21]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security with Backup\Engine\22.7.0.76\Exts\Chrome.crx [2016-06-21]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-11-16] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
S4 backupsvc5; C:\Program Files (x86)\Digital Dynamic\Advanced Backup Manager\backupsvc5.exe [1454592 2014-03-13] (Digital Dynamic) [Datei ist nicht signiert]
S3 Browser7Maintenance; C:\Program Files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe [148792 2015-10-27] (Deutsche Telekom AG)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [441880 2016-06-09] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [421400 2016-06-09] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [458264 2016-06-09] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2823920 2016-03-20] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [384512 2016-06-27] (Digital Wave Ltd.) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NSBU; C:\Program Files (x86)\Norton Security with Backup\Engine\22.7.0.76\NSBU.exe [289080 2016-06-17] (Symantec Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [203296 2016-03-19] (Microsoft Corporation) [Datei ist nicht signiert]
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe [126392 2011-11-07] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdide64; C:\Windows\System32\drivers\amdide64.sys [13848 2015-10-13] (Advanced Micro Devices Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.2.15\Definitions\BASHDefs\20160810.001\BHDrvx64.sys [1832176 2016-05-13] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [152672 2016-06-09] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2016-05-30] (Bluestack System Inc. )
R1 ccSet_NSBU; C:\Windows\system32\drivers\NSBUx64\1607000.04C\ccSetx64.sys [174328 2016-06-02] (Symantec Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2015-10-11] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2015-10-11] (Windows (R) Win 7 DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-07] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-07] (Symantec Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-10-13] (REALiX(tm))
R1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.2.15\Definitions\IPSDefs\20160812.001\IDSvia64.sys [876760 2016-07-08] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-14] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R1 RawDisk3; C:\WINDOWS\system32\drivers\rawdsk3.sys [41576 2016-02-19] (EldoS Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [888064 2015-08-19] (Realtek )
R1 SRTSP; C:\Windows\System32\Drivers\NSBUx64\1607000.04C\SRTSP64.SYS [773368 2016-07-20] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSBUx64\1607000.04C\SRTSPX64.SYS [48888 2016-06-02] (Symantec Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\Windows\System32\drivers\NSBUx64\1607000.04C\SYMEFASI64.SYS [1627352 2016-06-02] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NSBUx64\1607000.04C\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [101112 2016-06-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSBUx64\1607000.04C\Ironx64.SYS [291056 2016-06-02] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSBUx64\1607000.04C\SYMNETS.SYS [567536 2016-06-02] (Symantec Corporation)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U4 idsvc; kein ImagePath
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.2.15\Definitions\SDSDefs\20160620.021\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.2.15\Definitions\SDSDefs\20160620.021\EX64.SYS [X]
S0 vsoc; System32\drivers\uqhmd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-14 21:11 - 2016-08-14 21:11 - 00001432 _____ C:\Users\Vetter\Desktop\JRT.txt
2016-08-14 21:03 - 2016-08-14 21:57 - 00000000 ____D C:\Users\Vetter\Desktop\1
2016-08-14 20:45 - 2016-08-14 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-08-14 20:45 - 2016-08-14 20:45 - 00000000 ____D C:\Program Files\VS Revo Group
2016-08-11 21:16 - 2016-08-11 21:16 - 00000000 ____D C:\Users\Vetter\Documents\Simply Super Software
2016-08-11 21:16 - 2016-08-11 21:16 - 00000000 ____D C:\Users\Vetter\AppData\Roaming\Simply Super Software
2016-08-11 21:16 - 2016-08-11 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2016-08-11 21:15 - 2016-08-11 21:17 - 00000000 ____D C:\Program Files (x86)\Trojan Remover
2016-07-27 22:18 - 2016-07-27 22:18 - 00000798 _____ C:\Users\Vetter\Desktop\Nr1 - Verknüpfung.lnk
2016-07-25 17:00 - 2016-07-25 17:00 - 00074703 _____ C:\WINDOWS\SysWOW64\mfc45.dat
2016-07-25 17:00 - 2016-07-25 17:00 - 00004032 _____ C:\WINDOWS\System32\Tasks\ioloSmartUpdater
2016-07-25 17:00 - 2016-07-25 17:00 - 00003916 _____ C:\WINDOWS\System32\Tasks\ioloToaster
2016-07-25 17:00 - 2016-07-25 17:00 - 00003820 _____ C:\WINDOWS\System32\Tasks\ioloActiveCare
2016-07-25 17:00 - 2016-07-25 17:00 - 00003196 _____ C:\WINDOWS\System32\Tasks\iolo Process Governor
2016-07-25 17:00 - 2016-07-25 17:00 - 00000000 ____D C:\Users\Vetter\AppData\Roaming\ioloGovernor
2016-07-25 17:00 - 2016-07-25 17:00 - 00000000 ____D C:\ProgramData\ioloGovernor
2016-07-25 16:59 - 2016-07-25 16:59 - 00002159 _____ C:\Users\Public\Desktop\System Mechanic.lnk
2016-07-25 16:59 - 2016-07-25 16:59 - 00000000 ____D C:\Users\Vetter\AppData\Local\iolo
2016-07-25 16:59 - 2016-07-25 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic
2016-07-25 16:59 - 2016-07-25 16:59 - 00000000 ____D C:\Program Files\Common Files\iolo
2016-07-17 22:24 - 2016-07-17 22:24 - 00001873 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-07-17 22:23 - 2016-08-14 16:58 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2016-07-17 22:23 - 2016-07-17 22:23 - 00000000 ____D C:\ProgramData\BlueStacks
2016-07-17 22:02 - 2016-07-17 22:24 - 00001873 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2016-07-16 18:08 - 2016-07-16 18:08 - 03229660 _____ (BlueStack Systems Inc.) C:\Users\Vetter\Documents\BlueStacks2_native.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-14 22:03 - 2013-11-30 11:20 - 00000000 ___DC C:\FRST
2016-08-14 21:57 - 2011-12-17 18:57 - 00000000 ___RD C:\Users\Vetter\Desktop\Programme
2016-08-14 21:41 - 2016-04-04 20:08 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2016-08-14 21:38 - 2016-06-21 17:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security with Backup
2016-08-14 21:15 - 2014-12-06 13:57 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-14 21:07 - 2013-10-15 21:59 - 00000000 ____D C:\Users\Vetter\AppData\Roaming\IObit
2016-08-14 21:07 - 2011-12-17 19:01 - 00000000 ____D C:\ProgramData\IObit
2016-08-14 21:00 - 2016-03-19 16:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-14 20:58 - 2016-04-03 20:26 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-08-14 20:58 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-08-14 20:58 - 2013-12-02 17:44 - 00000000 ___DC C:\AdwCleaner
2016-08-14 20:57 - 2016-05-26 18:13 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2016-08-14 20:57 - 2016-05-26 18:12 - 00000000 ____D C:\ProgramData\Lavasoft
2016-08-14 20:57 - 2011-12-19 17:25 - 00000000 ____D C:\Users\Vetter\AppData\Roaming\Yahoo!
2016-08-14 16:07 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-14 16:07 - 2013-07-07 16:21 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-08-14 16:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\System
2016-08-14 15:27 - 2013-10-15 22:55 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-14 01:08 - 2013-10-15 22:55 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-12 18:55 - 2015-06-06 16:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-12 18:55 - 2014-12-06 13:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-12 09:39 - 2016-03-19 15:49 - 00000000 ____D C:\Users\Vetter
2016-08-12 00:24 - 2013-09-18 20:07 - 00000000 ____D C:\Users\Vetter\AppData\Roaming\UseNeXT
2016-08-12 00:21 - 2011-12-17 16:55 - 00000000 ____D C:\Users\Vetter\Documents\UseNeXT
2016-08-12 00:09 - 2013-03-08 13:08 - 00000000 ____D C:\ProgramData\TEMP
2016-08-11 18:54 - 2016-06-16 11:13 - 00000000 ____D C:\Program Files (x86)\Die Sims 4
2016-08-11 14:16 - 2013-10-15 22:58 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-07 15:44 - 2016-03-19 15:48 - 02087812 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-07 15:44 - 2015-10-30 20:35 - 00888620 _____ C:\WINDOWS\system32\perfh007.dat
2016-08-07 15:44 - 2015-10-30 20:35 - 00197446 _____ C:\WINDOWS\system32\perfc007.dat
2016-08-07 15:44 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-07 14:03 - 2013-10-15 22:55 - 00004196 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-07 14:03 - 2013-10-15 22:55 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-07 13:57 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Web
2016-08-06 21:41 - 2011-12-17 16:55 - 00000000 ____D C:\Program Files (x86)\UseNeXT
2016-08-05 17:13 - 2012-01-08 13:38 - 00000000 ____D C:\Users\Vetter\AppData\Local\QuickPar
2016-08-05 16:02 - 2011-12-17 18:57 - 00000000 ____D C:\Users\Vetter\AppData\Roaming\vlc
2016-08-05 13:16 - 2015-08-04 11:08 - 00000000 ____D C:\Users\Vetter\Desktop\Manfred Musik
2016-08-04 21:50 - 2011-12-19 20:39 - 00000000 ____D C:\Users\Vetter\AppData\Local\CrashDumps
2016-08-04 21:29 - 2016-06-13 12:02 - 00000000 ____D C:\Users\Vetter\Desktop\Die Sims 4 Zeit für Freunde DLC Incl. Update 13 MULTi2 - x.X.RIDDICK.X.x mygully
2016-08-03 14:26 - 2014-12-25 14:15 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-08-03 14:25 - 2015-12-11 17:31 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-29 21:46 - 2014-11-22 18:01 - 00000000 ____D C:\Users\Vetter\AppData\Local\JDownloader 2.0
2016-07-28 14:03 - 2012-08-06 13:15 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-07-25 17:02 - 2016-04-09 19:13 - 00000000 ____D C:\Program Files (x86)\iolo
2016-07-25 17:00 - 2016-04-09 18:41 - 00000000 ____D C:\Users\Vetter\AppData\Roaming\iolo
2016-07-25 17:00 - 2016-04-09 18:41 - 00000000 ____D C:\ProgramData\iolo
2016-07-25 17:00 - 2011-12-09 12:54 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-25 16:51 - 2011-12-22 13:04 - 00000000 ____D C:\Users\Vetter\AppData\Local\Downloaded Installations
2016-07-25 16:50 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-07-21 22:48 - 2016-07-05 21:48 - 00000000 ____D C:\Program Files (x86)\AVG
2016-07-18 15:34 - 2015-09-29 22:41 - 00000000 ____D C:\Users\Vetter\AppData\Local\Packages
2016-07-18 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-17 22:24 - 2015-10-30 09:24 - 00000000 __RHD C:\Users\Public\Libraries
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2011-12-24 12:27 - 2015-10-12 11:47 - 0000171 _____ () C:\Users\Vetter\AppData\Roaming\default.rss
2015-10-11 17:29 - 2015-10-11 17:29 - 0021044 _____ () C:\Users\Vetter\AppData\Roaming\ICSW_0U1E1Q1T2Z1P0S2Z1T1C1V1N1P1G1P1C1L1RtJ1V0S1M1T1C1P1V1L2Z.txt
2014-06-19 11:12 - 2014-06-19 11:12 - 0000024 _____ () C:\Users\Vetter\AppData\Roaming\temp.ini
2012-05-29 12:16 - 2012-06-13 19:26 - 0000600 _____ () C:\Users\Vetter\AppData\Roaming\winscp.rnd
2013-01-30 19:36 - 2013-01-30 19:36 - 0003584 _____ () C:\Users\Vetter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-30 19:31 - 2013-08-30 19:31 - 0003390 _____ () C:\Users\Vetter\AppData\Local\recently-used.xbel
2012-06-05 13:08 - 2012-06-05 13:09 - 0007605 _____ () C:\Users\Vetter\AppData\Local\resmon.resmoncfg
2015-07-31 19:35 - 2015-07-31 19:35 - 0000006 __RSH () C:\ProgramData\46eb0065973e3bedb34adf8d685bc929c3681a88
2016-03-19 15:43 - 2016-03-19 15:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-07-20 11:28 - 2015-07-20 11:28 - 0000006 __RSH () C:\ProgramData\ff0d90228beb5860b38cefdafa363523d98969e2
2011-12-19 16:47 - 2014-08-11 18:06 - 0049939 _____ () C:\ProgramData\hpzinstall.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Vetter\fv2-xsonicx-4.0.exe
Einige Dateien in TEMP:
====================
C:\Users\Vetter\AppData\Local\Temp\libeay32.dll
C:\Users\Vetter\AppData\Local\Temp\msvcr120.dll
C:\Users\Vetter\AppData\Local\Temp\sqlite3.dll
C:\Users\Vetter\AppData\Local\Temp\Uninstall.exe
C:\Users\Vetter\AppData\Local\Temp\VSUSetup.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-30 18:55
==================== Ende von FRST.txt ============================ Addition: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-08-2016
durchgeführt von Vetter (14-08-2016 22:04:40)
Gestartet von C:\Users\Vetter\Desktop\Programme\FRST
Windows 10 Pro Version 1511 (X64) (2016-03-19 14:29:09)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-370278466-1842527618-776855722-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-370278466-1842527618-776855722-503 - Limited - Disabled)
Gast (S-1-5-21-370278466-1842527618-776855722-501 - Limited - Disabled)
Manfred (S-1-5-21-370278466-1842527618-776855722-1004 - Limited - Enabled)
Vetter (S-1-5-21-370278466-1842527618-776855722-1001 - Administrator - Enabled) => C:\Users\Vetter
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Norton Security Online mit Backup (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Online mit Backup (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security Online mit Backup (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
325 USB PC Camera (HKLM-x32\...\{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}) (Version: 0.6.0.001 - Sonix)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Advanced Backup Manager 4.0.14071.134 (HKLM\...\Advanced Backup Manager) (Version: 4.0.14071.134 - Digital Dynamic)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}) (Version: 1.7.17.25416 - Ihr Firmenname)
Alcor Micro USB Card Reader (x32 Version: 1.7.17.25416 - Ihr Firmenname) Hidden
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.3.29.6222 - BlueStack Systems, Inc.)
Browser 7 der Telekom 39.0.15 (x86 de) (HKLM-x32\...\Browser 7 der Telekom 39.0.15 (x86 de)) (Version: 39.0.15 - Deutsche Telekom AG)
Browser 7 Maintenance Service (HKLM-x32\...\Browser7MaintenanceService) (Version: 31.0.20 - Deutsche Telekom AG)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
CVE-2012-4969 (HKLM\...\{777afb2a-98e5-4f14-b455-378a925cae15}.sdb) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.02.01 - )
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
File Scavenger 3.2 (en) (HKLM-x32\...\QueTek File Scavenger 3.2 (en)) (Version: 3.2.22.0 - QueTek Consulting Corporation)
FMW 1 (Version: 1.102.4 - AVG Technologies) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.96.627 - Digital Wave Ltd)
Free AVI Video Converter version 5.0.57.219 (HKLM-x32\...\Free AVI Video Converter_is1) (Version: 5.0.57.219 - DVDVideoSoft Ltd.)
Free FLAC to MP3 Converter 1.4 (HKLM-x32\...\{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1) (Version: 1.4 - PolySoft Solutions)
Free YouTube Download version 3.2.49.1122 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1122 - DVDVideoSoft Ltd.)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.2.8.17 - Hewlett-Packard Company)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
Internet Explorer (x32 Version: 9 - Microsoft Corporation) Hidden
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Menu Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6741.2021 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional 2016 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 16.0.6741.2021 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 9 (HKLM-x32\...\{d59b286e-f430-4fb6-9c1b-21c2093c6def}) (Version: - Nero AG)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.201 - Deutsche Telekom AG)
Netzmanager (Version: 1.201 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Norton PC Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.17.20 - Symantec Corporation)
Norton Security Online mit Backup (HKLM-x32\...\NSBU) (Version: 22.7.0.76 - Symantec Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6701.1013 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7592 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Revo Uninstaller 2.0.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.0 - VS Revo Group, Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SlimDX Runtime .NET 2.0 (January 2012) (HKLM-x32\...\{014A2868-BE56-4888-A16C-693989B8F153}) (Version: 2.0.13.43 - SlimDX Group)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.10.201407111005 - Sony Mobile Communications AB)
Sony PC Companion 2.10.275 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony)
SoundTrax (x32 Version: 4.4.37.1 - Nero AG) Hidden
System Mechanic (HKLM-x32\...\InstallShield_{49DCB5CB-235B-4A14-BD8E-1E9FC1B0311C}) (Version: 16.0.0.485 - Ihr Firmenname)
System Mechanic (x32 Version: 16.0.0.485 - Ihr Firmenname) Hidden
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Trojan Remover 6.9.4.2945 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.4.2945 - Simply Super Software)
UltraStar Deluxe (HKLM-x32\...\UltraStar Deluxe) (Version: 1.1 - USDX Team)
UltraStar Manager (HKLM-x32\...\UltraStar Manager) (Version: 1.8.2 - uman Community)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.10 Beta 4 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-370278466-1842527618-776855722-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vetter\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {06CF9B98-AA25-4758-B444-B680745C4445} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {07DA3A2C-3114-4BF9-B62E-D7C0C0C2F0E9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {0AD4010A-E3E4-4C25-9561-A59CBDFD16BE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {0D2ECBD3-A13F-42D2-9C55-322919D28CEC} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {0DD1F3A2-500B-4C38-B41F-B76A9D202886} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {0E0A1248-E113-4C8F-B403-D1C389809FA6} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {10CD9422-5B52-4706-9ECA-56BF9E679B37} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {1334A67D-E439-41CF-9870-9EE35AB460E3} - System32\Tasks\{DA8F8257-215B-48AF-8146-25AC6EBE8EA5} => pcalua.exe -a "C:\Users\Vetter\Desktop\Handy Kevin\Neuer Ordner\Setup.exe" -d "C:\Users\Vetter\Desktop\Handy Kevin\Neuer Ordner"
Task: {1640DCAB-7A43-446C-A5C2-5BDB52658412} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {1A7E5D9A-4BBB-4F77-95A5-9AF23488F94C} - System32\Tasks\HEU_KMS_Service_MONTHLY => C:\WINDOWS\kmsonboot\HEU_KMS_Renewal.exe
Task: {1B1D9515-BEE6-4E1F-BA54-D34DC5203415} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\SymErr.exe
Task: {237935B9-1508-4DA3-A4AF-268A88AE32CA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {238E823E-190A-4D87-BDA1-9289178107CB} - System32\Tasks\{76C01721-1875-447D-B505-5EE25201EC5D} => pcalua.exe -a C:\Users\Vetter\AppData\Roaming\qone8\UninstallManager.exe -c -ptid=adks
Task: {23C87508-E5AA-4A5A-B49A-0B42C2CF4444} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-370278466-1842527618-776855722-1001UA => C:\Users\Vetter\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {2E43AAD4-B768-4CD2-AAA8-F4FBD78B87DA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {35CB4635-05EA-4EC7-8677-BD645ABF26BF} - System32\Tasks\{9DDF76FA-03F0-4D3C-9289-C2FF812BD887} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {3EFCF7B4-6076-4EC3-A99D-0F7DFE93111C} - System32\Tasks\{3F5B34F7-6580-411D-872D-C64B1223537A} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {4123D017-C163-487B-B8B8-76CEF7EFECFC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {45AE0201-F43C-4926-B75C-842E200A7F16} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {4FB75542-3540-4F81-A96F-DC2186405855} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {500CA4BC-FB41-416E-AEA6-0E116F93C8C6} - System32\Tasks\Norton Security with Backup\Norton Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.7.0.76\SymErr.exe [2016-05-23] (Symantec Corporation)
Task: {501E27ED-6F8D-4384-B078-EF46EADDC5AF} - \ProtectedSearch\Protected Search -> Keine Datei <==== ACHTUNG
Task: {5118A35D-9733-4E61-88F5-D3CC88E7B1D7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {57290B89-1F1C-4D76-9D4A-4BF68B71AE20} - System32\Tasks\{9502CA87-1FC2-427B-807E-6768391BA1AC} => pcalua.exe -a "C:\Users\Vetter\Documents\UseNeXT\alt.binaries.comp\Neuer Ordner\cx22382a\setup\demo.exe" -d "C:\Users\Vetter\Documents\UseNeXT\alt.binaries.comp\Neuer Ordner\cx22382a\setup"
Task: {6CA72C76-4281-4F05-BE49-7D9CD4F2D28D} - System32\Tasks\Norton Security with Backup\Norton Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.7.0.76\SymErr.exe [2016-05-23] (Symantec Corporation)
Task: {6CBAEDC9-392F-44F6-99EE-2A542CB8E454} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {720E4DE6-F3B9-4276-9F95-79DBA788E9E8} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe [2016-07-20] (iolo technologies, LLC)
Task: {76307BC5-29D1-43EE-BBE0-AB1847352958} - System32\Tasks\ioloSmartUpdater => C:\Program Files (x86)\iolo\System Mechanic\ioloSmartUpdater.exe [2016-07-20] (iolo technologies, LLC)
Task: {7CF651B8-2243-4CF2-9E6D-90ACF060D3AF} - System32\Tasks\Norton 360\Norton Autofix => C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\SymErr.exe
Task: {7EB85A0C-E65C-42A4-9E49-94B8C715904C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {80C09E2B-611B-4034-AF50-38413B7B5112} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {8152D31B-1046-447F-A5FD-F50F22B29035} - System32\Tasks\{C131B2A3-C94F-4469-9734-394613CF9DD9} => pcalua.exe -a "C:\Users\Vetter\Local Settings\Application Data\Bundled software uninstaller\biclient.exe" -c /initurl hxxp://bi.bisrv.com/:affid:/:sid:/:uid:? /affid uninstall /id uninstall /name "Bundled software uninstaller"
Task: {81EBBEB4-725E-49F8-8B4E-3E670F3C6596} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {82A076CD-AB4B-44F1-8B97-35EA630BF6CE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {896C5839-B614-4277-90E4-B225AEFC6713} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {8A093D4C-6763-4DA9-A5E7-B0E6CB2119CC} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Online mit Backup\Upgrade.exe [2016-06-17] (Symantec Corporation)
Task: {8CCD0B49-0A2F-41B8-A641-82A23053C47D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {8F74ABF5-2D69-486C-8CC3-DDDAC8418ACF} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {8FCB713C-6199-4EF3-8B23-DB5059EB1B1F} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec [Argument = /StartRecording]
Task: {9231CF82-60F1-422C-B5F5-738B73C1E869} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-20] (Microsoft Corporation)
Task: {9E688C83-C6EB-4666-B524-1DBF5CC8B582} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec [Argument = /RestartRecording]
Task: {A223A72F-B6FE-4CC4-AEC3-DCD31C6BBDAC} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security with Backup\Engine\22.7.0.76\WSCStub.exe [2016-06-17] (Symantec Corporation)
Task: {AE1CB119-C4CA-4B1E-B53C-28ACEE8C52D4} - System32\Tasks\{D8B74D9F-18EA-4149-88EF-23064E0A5355} => pcalua.exe -a D:\setup.exe -d D:\
Task: {AED75A76-616C-4858-98F6-8F9435D51223} - System32\Tasks\ioloToaster => C:\Program Files (x86)\iolo\System Mechanic\ioloToaster.exe [2016-07-20] (iolo technologies, LLC)
Task: {B4F9208B-A5C8-4489-96C3-3453E9CB357A} - System32\Tasks\ioloActiveCare => C:\Program Files (x86)\iolo\System Mechanic\SystemMechanic.exe [2016-07-20] (iolo technologies, LLC)
Task: {BAF6EB09-118A-45CA-A476-AB3265770C66} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {BB392F91-82F9-454E-9BAB-CCBB6533650A} - System32\Tasks\{A05D3C8F-7B95-40CF-9D54-791EA43A7C17} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/abandoninstall?page=tsProgressBar
Task: {BC80A62C-56A1-4B31-B259-B780F8F14E5A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {BDF5547D-47B7-4D97-A420-D1A988D818AA} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {BFE22656-E034-4365-ACB8-AEA468065F15} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BFF3BE13-4429-4246-BA8D-DA98AB150049} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {C01505DE-CAA9-4613-8B22-1C953A6D744D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C02C8FE1-AE12-47E7-B986-77B567D1EF8F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-03-31] (Microsoft Corporation)
Task: {C12FDEEF-61CD-45D1-A1DF-A45F932AE85D} - kein Dateipfad
Task: {C1BF65AE-3AAA-475E-B45C-B5C43A2742F8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {C2A15A43-C93D-42DB-A5E0-538FD4848F74} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {C352EC25-DB1B-46E8-A342-94F3D05025B3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-370278466-1842527618-776855722-1001Core => C:\Users\Vetter\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {C413A1D7-B5EC-404A-ADB1-0EE2934A2A32} - System32\Tasks\{38509128-679A-453F-B541-F42781A2BE55} => pcalua.exe -a "C:\Program Files (x86)\UseNeXT\UseNeXT.exe" -d "C:\Program Files (x86)\UseNeXT"
Task: {C45A4B7A-90CB-4148-86C4-BB7C7AD0D59F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {C6C18885-5F19-45B5-9E6F-B9E771E89195} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate [Argument = -crl -hms -pscn 15]
Task: {C783E49D-1006-4235-97F1-EC46F99EC17C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {C8277E7B-2067-4294-A172-51613A163A1B} - kein Dateipfad
Task: {CDD8760E-4283-4B0D-B001-9DAB3CB227B4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {CEB87699-292A-44F6-A2A8-F08BB608A611} - System32\Tasks\{8F34365C-E463-4EDD-9164-B718FC6A820D} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {CFE4479C-CF7A-4DB9-8D92-FCC6EFE1166D} - System32\Tasks\{6B6C8E33-E8E0-46FA-B774-C48DF811FDC2} => pcalua.exe -a "C:\Users\Vetter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N8YYKLB0\325USBPCCam_v0.6.0.001.exe" -d C:\Users\Vetter\Desktop
Task: {D1827CC7-25B0-4F11-8B8C-E7A63B26BC08} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate [Argument = $(Arg0)]
Task: {D4D6F351-EA9E-4A6F-A40E-B0D10B547C82} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-04-04] (Advanced Micro Devices, Inc.)
Task: {D733EA03-4F39-4EE1-89AC-5E13860B7BF2} - System32\Tasks\{2BD76D01-718E-48C3-B6BA-994326B1BCE8} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {D787434A-27BE-418D-887D-52E7B5F13EFF} - System32\Tasks\{C48A08FF-4B8D-4B73-A15A-3638B8B10ACD} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {E36CFC54-BEF8-4262-AA24-395A5CFABA69} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-20] (Microsoft Corporation)
Task: {E3AA715F-8838-4C30-932D-356015EA1F75} - kein Dateipfad
Task: {E6B21D7B-83D7-49F0-96C8-DD44983D41E1} - System32\Tasks\{F9C6026F-A804-422A-88BA-FD8F6A4F78B0} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {E7437E31-C8CD-4014-A711-B3585A07AF8F} - System32\Tasks\{81726AB5-C6BE-4792-AABF-BB8647482087} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {E91E3160-6BD2-44F5-BA5B-D6C95E8054BE} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: {E9D0BB7B-4146-49AC-BB49-FF50AFEB67AD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-21] (Microsoft Corporation)
Task: {EA81AEEA-C227-4E2D-9E61-F14256937AAE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {EB2FDA32-B897-49F8-986B-05E0A7CBC8FA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {EC59B5FB-6461-4D2B-9F74-BDDAA66DA168} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-03-11] (Hewlett-Packard)
Task: {F3C3F2BE-F847-4300-8F3A-BDA6B7E6A981} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\SymErr.exe
Task: {F3E8160C-8F8A-492E-8178-C74B60324B70} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {F469473B-3E5C-4D88-8347-2C45AF127BD8} - System32\Tasks\{1B8FB5A7-14A4-44D1-99BF-7B1E39507E14} => pcalua.exe -a C:\Users\Vetter\Downloads\QuickPar-0.9.1.0-DEU.exe -d C:\Users\Vetter\Downloads
Task: {F4771D1A-51C5-40BB-AF13-1FA15D454893} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe
Task: {F70318F3-ACF8-4E87-B719-5DB66A82630D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {F7EB64D7-8AFB-4808-96EE-DCD463635BE9} - System32\Tasks\4815 => Wscript.exe C:\Users\Vetter\AppData\Local\Temp\launchie.vbs //B <==== ACHTUNG
Task: {F8305E74-FFCE-4A7E-AEEF-C3EE72AEBA15} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-28] (Adobe Systems Incorporated)
Task: {F950351F-DCE3-4E39-A0DC-3FF5B953205E} - System32\Tasks\{2515928E-B357-4B9A-A51B-D4D0D8373DF1} => pcalua.exe -a "C:\Users\Vetter\Saved Games\DXSETUP.exe" -d "C:\Users\Vetter\Saved Games"
Task: {FEB13C46-9409-4E33-958B-94F2FC5270AD} - System32\Tasks\Norton Security with Backup\Norton Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.7.0.76\SymErr.exe [2016-05-23] (Symantec Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-370278466-1842527618-776855722-1001Core.job => C:\Users\Vetter\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-370278466-1842527618-776855722-1001UA.job => C:\Users\Vetter\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Vetter\AppData\Local\Microsoft\Windows\GameExplorer\{EBE960C5-F61F-4FFB-865F-34BAC216434C}\SupportTasks\0\Support.lnk -> hxxp://techsupport.ea.com/
Shortcut: C:\Users\Vetter\AppData\Local\Microsoft\Windows\GameExplorer\{A85D8DBD-C4F8-4533-A1FB-FF37EDCB6816}\SupportTasks\0\Weitere Spiele von Microsoft.lnk -> hxxp://www.bluebyte.net/settlers4/
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-10-11 13:23 - 2016-03-20 13:10 - 00173256 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-05-11 22:41 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-11 22:41 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-23 21:49 - 2016-05-23 21:49 - 00959168 _____ () C:\Users\Vetter\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2016-06-21 18:20 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-21 18:20 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-21 18:20 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-21 18:20 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-03-19 15:27 - 2016-03-19 15:27 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 22:41 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2014-11-21 15:57 - 2016-06-27 14:52 - 00112552 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-11-21 15:57 - 2016-06-27 14:52 - 00045992 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2014-11-21 15:57 - 2016-06-27 14:52 - 00105896 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-11-21 15:57 - 2016-06-27 14:52 - 00021928 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [119]
AlternateDataStreams: C:\ProgramData\TEMP:3EFB0FE0 [148]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [119]
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [150]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\1-se.com -> 1-se.com
Da befinden sich 11889 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2013-03-05 14:23 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-370278466-1842527618-776855722-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vetter\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: backupsvc5 => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: Wlansvc => 3
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\StartupApproved\StartupFolder: => "Netzmanager.lnk"
HKU\S-1-5-21-370278466-1842527618-776855722-1001\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{3FEAF94B-8038-4380-81D1-DBF368E4A4DE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{4D0F32A0-F92C-4C76-A35D-7848B7A0D6E2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{DBD05DAB-C2B0-40CC-88B9-191C447FCA71}] => (Allow) LPort=2869
FirewallRules: [{3AE6FE8A-B1A3-4A84-9BE2-7608C1D2209F}] => (Allow) LPort=1900
FirewallRules: [{45E62A88-3E5A-42D1-ABEE-2E056755E1E8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{1EC03B46-5243-44FE-AEA6-F6BF7C6DD349}C:\program files (x86)\usenext\usenext.exe] => (Block) C:\program files (x86)\usenext\usenext.exe
FirewallRules: [UDP Query User{BA268AF1-946D-4B2C-BC0E-E065D9F68AB5}C:\program files (x86)\usenext\usenext.exe] => (Block) C:\program files (x86)\usenext\usenext.exe
FirewallRules: [{9989B56F-5762-40EC-A8BF-FF36018DFD61}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{516B1186-3B44-42E1-89F6-10A046AE906C}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{4E4CEB67-21E1-4C61-9B33-AA1E40DCA49E}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{2BF8B9AB-F34A-4FF3-B9E7-BB0369A8BCCC}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{0C76BAB8-6E60-4215-BF4B-FAE97E8C3CC1}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{8A5C9A7C-2C97-4BDF-BA48-9C58C1DD462A}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{4C85B91C-71EA-4930-A631-60A71D5FA53E}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{92CF51E6-0790-4184-BA6A-66C5C7D57F5C}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{C879FF17-D7B5-44EA-89E8-1150BE63FC9D}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{C44E3E5B-9525-4628-9831-88DD1417E8AB}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{3CA592A8-2EE4-4042-9F40-8817EBAD00AC}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{F86ECE5B-CF49-46A8-9253-C2BE83985AE0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9EAA7063-763C-4196-B736-BA73D7994EC4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{88B1077D-CA9E-4BD1-AC99-51E64D72CB5D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{18285E5A-5A28-44FF-9191-FFF80B36EF79}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CAB2D31E-0ECA-4AE8-961C-A2B8AA15AA80}] => (Allow) C:\Program Files (x86)\Deutsche Telekom AG\Browser 7\Browser7.exe
FirewallRules: [{FDC3D1EE-B30A-4D19-8EC7-045B752353B0}] => (Allow) C:\Program Files (x86)\Deutsche Telekom AG\Browser 7\Browser7.exe
FirewallRules: [{00A9ADCE-FF94-45B1-B91E-46423E3503AA}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{E2CA9CAF-51D6-4C1D-9FA2-0D3938CDA2A6}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{60BD3F01-94AE-43F8-B339-BED07FEE700A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{665EE18F-DB03-42D2-890B-5D26E4EF9FD9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{056BA8A3-1661-4256-8DDA-137AD9A84873}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EB813FCD-5351-4B9D-B1C7-48845A3CB584}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AD2D0853-3445-4B90-BFC9-1C5F8F28CFC0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
25-06-2016 11:54:39 Installed SlimDX Runtime .NET 2.0 (January 2012)
05-07-2016 21:59:36 Removed Visual Studio 2012 x86 Redistributables
14-07-2016 21:34:16 Removed TSR Workshop
25-07-2016 16:58:05 Installiert System Mechanic
14-08-2016 20:46:18 Revo Uninstaller's restore point - Duplicate Cleaner Free 3.2.7
14-08-2016 21:05:04 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/14/2016 09:06:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VETTER-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (08/14/2016 09:05:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (08/14/2016 09:02:50 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
Error: (08/14/2016 09:02:49 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (08/14/2016 09:02:49 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
Error: (08/14/2016 09:02:48 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
Error: (08/14/2016 09:02:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
Error: (08/14/2016 09:02:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
Error: (08/14/2016 09:02:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (08/14/2016 08:46:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (08/14/2016 09:59:24 PM) (Source: DCOM) (EventID: 10016) (User: VETTER-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Vetter-PCVetterS-1-5-21-370278466-1842527618-776855722-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/14/2016 09:59:24 PM) (Source: DCOM) (EventID: 10016) (User: VETTER-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Vetter-PCVetterS-1-5-21-370278466-1842527618-776855722-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/14/2016 09:06:02 PM) (Source: DCOM) (EventID: 10010) (User: VETTER-PC)
Description: App
Error: (08/14/2016 09:04:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Client Virtualization Handler" ist vom Dienst "Application Virtualization Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1070 = Der Dienst konnte nicht gestartet werden.
Error: (08/14/2016 09:04:40 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Application Virtualization Client" wurde nicht richtig gestartet.
Error: (08/14/2016 09:04:08 PM) (Source: DCOM) (EventID: 10016) (User: VETTER-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Vetter-PCVetterS-1-5-21-370278466-1842527618-776855722-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/14/2016 09:04:08 PM) (Source: DCOM) (EventID: 10016) (User: VETTER-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Vetter-PCVetterS-1-5-21-370278466-1842527618-776855722-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (08/14/2016 09:01:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Net.Pipe-Listeneradapter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (08/14/2016 09:01:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NetPipeActivator erreicht.
Error: (08/14/2016 09:00:38 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942402.
CodeIntegrity:
===================================
Date: 2016-07-17 11:15:57.990
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\Temp\{78bed259-b900-504d-9d83-3d2e8d0db935}\B301130\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-17 11:15:57.965
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\Temp\{78bed259-b900-504d-9d83-3d2e8d0db935}\B301130\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-17 11:15:57.901
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\Temp\{78bed259-b900-504d-9d83-3d2e8d0db935}\B301130\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-17 11:15:57.874
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\Temp\{78bed259-b900-504d-9d83-3d2e8d0db935}\B301130\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-17 11:15:57.282
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\Temp\{78bed259-b900-504d-9d83-3d2e8d0db935}\B301130\atikmdag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-17 11:15:56.729
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\Temp\{78bed259-b900-504d-9d83-3d2e8d0db935}\B301130\atikmdag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-17 11:15:56.206
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\Temp\{78bed259-b900-504d-9d83-3d2e8d0db935}\B301130\atikmdag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-17 11:15:55.278
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\Temp\{78bed259-b900-504d-9d83-3d2e8d0db935}\B301130\atikmdag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-17 11:15:53.105
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\Temp\{78bed259-b900-504d-9d83-3d2e8d0db935}\B301130\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-17 11:15:53.069
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\Temp\{78bed259-b900-504d-9d83-3d2e8d0db935}\B301130\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: AMD Phenom(tm) II X4 840 Processor
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 7934.11 MB
Verfügbarer physikalischer RAM: 5871.81 MB
Summe virtueller Speicher: 9214.11 MB
Verfügbarer virtueller Speicher: 7224.83 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:921.31 GB) (Free:162.73 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive k: (Vetter-Clan) (Fixed) (Total:931.51 GB) (Free:860.08 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5B10BB2F)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=921.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 5 (Size: 931.5 GB) (Disk ID: DB76151E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================ |