taschenuhr | 18.12.2016 10:32 | Hallo,
scheinbar gibt es immer noch ein Problem mit "Startfenster.de".
Google Chrome meldet immer noch ein Addon: "Neue Erweiterung hinzugefügt (Startfenster.de Suche)"
Jetzt geht es weiter mit der Fixlog.txt: Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-12-2016
durchgeführt von Ich (18-12-2016 10:02:25) Run:1
Gestartet von C:\Users\Ich\Desktop
Geladene Profile: Ich & (Verfügbare Profile: Ich & eli & marvin)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
========= RemoveProxy: =========
HKU\S-1-5-21-2770051485-1286840321-468354435-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2770051485-1286840321-468354435-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2770051485-1286840321-468354435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12172016092151494\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2770051485-1286840321-468354435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12172016092151494\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2770051485-1286840321-468354435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12172016092420979\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2770051485-1286840321-468354435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12172016092420979\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2770051485-1286840321-468354435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12172016092929982\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2770051485-1286840321-468354435-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12172016092929982\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2770051485-1286840321-468354435-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12172016092015541\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2770051485-1286840321-468354435-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12172016092015541\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 141807666 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 809783 B
Edge => 0 B
Chrome => 13702048 B
Firefox => 142745242 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 7168 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 29504 B
NetworkService => 23290 B
Ich => 157801645 B
eli => 29850707 B
marvin.DESKTOP-NS62E4T => 37564 B
RecycleBin => 3335120346 B
EmptyTemp: => 3.6 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 10:02:50 ==== SystemLook.txt: Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 10:18 on 18/12/2016 by Ich
Administrator - Elevation successful
========== filefind ==========
Searching for "*startfenster*"
C:\AdwCleaner\quarantine\files\icgikfbcltnxyrznftsuhitpmbexlirn\Startfenster.lnk --a---- 1232 bytes [08:09 17/12/2016] [21:29 14/11/2016] C2BD79F90F5FEC4E768A12DA0BB033EE
C:\Users\Ich\AppData\Roaming\Mozilla\Extensions\startfensterde-0.0.1-an+fx-linux.xpi --a---- 13011 bytes [17:03 10/11/2016] [17:03 10/11/2016] 1EE740BA6B84B1D5E8FE6EE9EB40A6C2
C:\Users\Ich\Pictures\Screenshots\Startfenster_chrome.jpg --a---- 15309 bytes [08:46 18/12/2016] [08:46 18/12/2016] 67A68A4D4D1394C8572470A101A88CB4
Searching for "*goodgame*"
No files found.
========== folderfind ==========
Searching for "*startfenster*"
No folders found.
Searching for "*goodgame*"
No folders found.
========== regfind ==========
Searching for "startfenster"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{546CC529-90BC-4E07-BFA7-EBF459F49840}\RecentItems\{2D5D267E-4B7D-4F8B-A64D-2BA578B7F99F}]
"Path"="C:\Users\Ich\Pictures\Screenshots\Startfenster_chrome.jpg"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{546CC529-90BC-4E07-BFA7-EBF459F49840}\RecentItems\{2D5D267E-4B7D-4F8B-A64D-2BA578B7F99F}]
"DisplayName"="Startfenster_chrome.jpg"
[HKEY_USERS\S-1-5-21-2770051485-1286840321-468354435-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{546CC529-90BC-4E07-BFA7-EBF459F49840}\RecentItems\{2D5D267E-4B7D-4F8B-A64D-2BA578B7F99F}]
"Path"="C:\Users\Ich\Pictures\Screenshots\Startfenster_chrome.jpg"
[HKEY_USERS\S-1-5-21-2770051485-1286840321-468354435-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{546CC529-90BC-4E07-BFA7-EBF459F49840}\RecentItems\{2D5D267E-4B7D-4F8B-A64D-2BA578B7F99F}]
"DisplayName"="Startfenster_chrome.jpg"
Searching for "goodgame"
No data found.
Searching for " "
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0]
"ProcessorNameString"="Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz"
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1]
"ProcessorNameString"="Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"=" <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Enabled="true" > <InitializationParameters> <Param Name="PSVersion" Value="5.1"/> </InitializationParameters> <Resources> <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true"> <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/> <Capability Type="Shell"/>
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell.Workflow]
"ConfigXML"=" <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell.workflow" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" UseSharedProcess="true" ProcessIdleTimeoutSec="1209600" RunAsUser="" RunAsPassword="" AutoRestart="false" Enabled="true" > <InitializationParameters> <Param Name="PSVersion" Value="5.1"/> <Param Name="AssemblyName" Value="Microsoft.PowerShell.Workflow.ServiceCore, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"/> <Param Name="PSSessionConfigurationTypeName" Value="Microsoft.PowerShell.Workflow.PSWorkflowSessionConfiguration"/> <Param Name="SessionConfigurationData" Value="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell32" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Architecture="32" Enabled="true" > <InitializationParameters> <Param Name="PSVersion" Value="5.1"/> </InitializationParameters> <Resources> <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" SupportsOptions="true" ExactMatch="true"> <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\GenuineIntel_-_Intel64_Family_6_Model_15_-_Intel(R)_Core(TM)2_CPU__________6400__@_2.13GHz\_1]
"FriendlyName"="Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\ACPI\GenuineIntel_-_Intel64_Family_6_Model_15_-_Intel(R)_Core(TM)2_CPU__________6400__@_2.13GHz\_2]
"FriendlyName"="Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_EPSON&Prod_Storage&Rev_1.00#7&33230f97&0&554D34593139313766&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}]
"DeviceDesc"="Storage "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ACPI\GenuineIntel_-_Intel64_Family_6_Model_15_-_Intel(R)_Core(TM)2_CPU__________6400__@_2.13GHz\_1]
"FriendlyName"="Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\ACPI\GenuineIntel_-_Intel64_Family_6_Model_15_-_Intel(R)_Core(TM)2_CPU__________6400__@_2.13GHz\_2]
"FriendlyName"="Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_EPSON&Prod_Storage&Rev_1.00#7&33230f97&0&554D34593139313766&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}]
"DeviceDesc"="Storage "
-= EOF =-
FRST.txt Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2016
durchgeführt von Ich (Administrator) auf DESKTOP-NS62E4T (18-12-2016 10:24:46)
Gestartet von C:\Users\Ich\Desktop
Geladene Profile: Ich (Verfügbare Profile: Ich & eli & marvin)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029576 2016-11-23] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2786768 2016-11-29] (Malwarebytes)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [916072 2016-11-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_2007_2008_PLUS\TrayServer.exe [90112 2007-03-29] (MAGIX AG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei
Startup: C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2016-10-22]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.72.1
Tcpip\..\Interfaces\{0901351c-8ce5-428d-b637-da41fac8d550}: [DhcpNameServer] 192.168.72.1
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-10-15] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-15] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: c891va88.default
FF ProfilePath: C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\c891va88.default [2016-12-18]
FF Extension: (RESTED) - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\c891va88.default\Extensions\rested@restedclient.xpi [2016-11-18]
FF Extension: (Adblock Plus) - C:\Users\Ich\AppData\Roaming\Mozilla\Firefox\Profiles\c891va88.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-02]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-15] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-15] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.startfenster.de/suche/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Startfenster
CHR DefaultSuggestURL: Default -> hxxp://www.startfenster.de/api/?q={searchTerms}&language={lang}
CHR Profile: C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default [2016-12-18]
CHR Extension: (Google Präsentationen) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-18]
CHR Extension: (Google Docs) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-18]
CHR Extension: (Google Drive) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-18]
CHR Extension: (YouTube) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-18]
CHR Extension: (Search Manager) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\djhangopedggnlnicpbjklghlckmndge [2016-12-18]
CHR Extension: (Google Tabellen) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-18]
CHR Extension: (Avira Browserschutz) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-12-18]
CHR Extension: (Google Docs Offline) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-18]
CHR Extension: (Google Mail) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-18]
CHR Extension: (Chrome Media Router) - C:\Users\Ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-18]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [djhangopedggnlnicpbjklghlckmndge] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1089088 2016-11-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [475232 2016-11-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [475232 2016-11-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1488240 2016-11-01] (Avira Operations GmbH & Co. KG)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation)
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-11-29] (Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-15] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309114.inf_amd64_9133a0f6cb9c56bb\atikmdag.sys [26569872 2016-11-28] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309114.inf_amd64_9133a0f6cb9c56bb\atikmpag.sys [529440 2016-11-28] (Advanced Micro Devices, Inc.)
S3 AtcL001; C:\WINDOWS\System32\drivers\l160x64.sys [65024 2016-07-16] (Atheros Communications, Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4317112 2016-10-30] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-07-24] (Advanced Micro Devices)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-11-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153392 2016-09-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2016-09-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-09-27] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [23640 2016-09-27] (Avira Operations GmbH & Co. KG)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [250816 2016-12-18] (Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-18 10:18 - 2016-12-18 10:21 - 00013322 _____ C:\Users\Ich\Desktop\SystemLook.txt
2016-12-18 10:16 - 2016-12-18 10:17 - 00165376 _____ C:\Users\Ich\Desktop\SystemLook_x64.exe
2016-12-18 10:02 - 2016-12-18 10:02 - 00003938 _____ C:\Users\Ich\Desktop\Fixlog.txt
2016-12-18 09:54 - 2016-12-18 09:54 - 00000000 ____D C:\Users\Ich\Desktop\FRST-OlderVersion
2016-12-18 09:46 - 2016-12-18 09:46 - 00001495 _____ C:\Users\Ich\AppData\Local\recently-used.xbel
2016-12-18 09:46 - 2016-12-18 09:46 - 00000000 ____D C:\Users\Ich\AppData\Local\gtk-2.0
2016-12-18 09:44 - 2016-12-18 09:44 - 00000000 ____D C:\Users\Ich\.thumbnails
2016-12-18 09:43 - 2016-12-18 09:43 - 00000000 ____D C:\Users\Ich\AppData\Local\gegl-0.2
2016-12-18 09:43 - 2016-12-18 09:43 - 00000000 ____D C:\Users\Ich\AppData\Local\fontconfig
2016-12-17 10:53 - 2016-12-18 09:56 - 00036115 _____ C:\Users\Ich\Desktop\Addition.txt
2016-12-17 10:52 - 2016-12-18 10:24 - 00015747 _____ C:\Users\Ich\Desktop\FRST.txt
2016-12-17 10:37 - 2016-12-17 10:37 - 01663040 _____ (Malwarebytes) C:\Users\Ich\Desktop\JRT.exe
2016-12-17 10:27 - 2016-12-17 10:27 - 00001303 _____ C:\Users\Ich\Desktop\MBAM.txt
2016-12-17 09:23 - 2016-12-17 09:23 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\02CF6ABD.sys
2016-12-17 09:20 - 2016-12-17 09:20 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2016-12-17 09:20 - 2016-12-17 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-12-17 09:20 - 2016-11-29 06:27 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2016-12-17 09:19 - 2016-12-17 09:19 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-17 09:18 - 2016-12-17 09:19 - 51969976 _____ (Malwarebytes ) C:\Users\Ich\Downloads\mb3-setup-consumer-3.0.4.1269.exe
2016-12-17 09:00 - 2016-12-17 09:01 - 03968464 _____ C:\Users\Ich\Desktop\AdwCleaner_6.040.exe
2016-12-13 19:05 - 2016-12-13 19:08 - 00039909 _____ C:\Users\Ich\Downloads\Addition.txt
2016-12-13 19:05 - 2016-12-13 19:05 - 02870984 _____ (ESET) C:\Users\Ich\Downloads\esetsmartinstaller_deu(2).exe
2016-12-13 19:02 - 2016-12-13 19:08 - 00062497 _____ C:\Users\Ich\Downloads\FRST.txt
2016-12-13 18:56 - 2016-12-18 09:42 - 00000000 ____D C:\Users\Ich\AppData\Local\Google
2016-12-13 18:51 - 2016-12-18 09:42 - 00002324 _____ C:\Users\Ich\Desktop\Google Chrome.lnk
2016-12-13 18:36 - 2016-12-18 09:54 - 02420224 _____ (Farbar) C:\Users\Ich\Desktop\FRST64.exe
2016-12-09 07:31 - 2016-12-17 09:11 - 00000951 _____ C:\WINDOWS\Tasks\EPSON WF-2660 Series Update {4D77F1AD-BE7E-4A58-A3AD-0573F01759F2}.job
2016-12-09 07:31 - 2016-12-09 07:31 - 00004150 _____ C:\WINDOWS\System32\Tasks\EPSON WF-2660 Series Update {4D77F1AD-BE7E-4A58-A3AD-0573F01759F2}
2016-12-04 11:16 - 2016-12-04 11:33 - 00012711 _____ C:\Users\eli\Documents\Ergo_Kuendigung_04.12.2016.odt
2016-12-04 11:11 - 2016-12-04 11:34 - 00000000 ____D C:\Users\eli\AppData\LocalLow\Mozilla
2016-12-03 06:09 - 2016-12-03 06:09 - 00000000 ____D C:\Users\Ich\AppData\LocalLow\AMD
2016-12-02 22:28 - 2016-12-02 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-12-02 21:58 - 2016-12-10 08:39 - 00000000 ____D C:\Users\Ich\AppData\Roaming\vlc
2016-12-02 21:58 - 2016-12-02 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-12-02 21:58 - 2016-12-02 21:58 - 00000000 ____D C:\Program Files\VideoLAN
2016-12-02 21:56 - 2016-12-02 21:56 - 31717016 _____ C:\Users\Ich\Downloads\vlc-2.2.4-win64.exe
2016-12-02 21:31 - 2016-12-02 21:57 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-12-02 21:10 - 2016-12-02 21:11 - 00448512 _____ (OldTimer Tools) C:\Users\Ich\Downloads\TFC.exe
2016-11-28 21:45 - 2016-11-28 21:45 - 01007640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-11-28 21:45 - 2016-11-28 21:45 - 00121888 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-11-28 21:45 - 2016-11-28 21:45 - 00118320 _____ C:\WINDOWS\system32\kapp_ci.sbin
2016-11-28 21:45 - 2016-11-28 21:45 - 00112664 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-11-28 21:45 - 2016-11-28 21:45 - 00109080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-11-28 21:45 - 2016-11-28 21:45 - 00096792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-11-28 21:45 - 2016-11-28 21:45 - 00029720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2016-11-28 21:45 - 2016-11-28 21:45 - 00029720 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-11-20 11:27 - 2016-11-20 11:27 - 00000000 ____D C:\Program Files (x86)\ESET
2016-11-20 11:26 - 2016-11-20 11:26 - 02870984 _____ (ESET) C:\Users\Ich\Downloads\esetsmartinstaller_deu(1).exe
2016-11-20 10:39 - 2016-11-20 10:39 - 00000000 ____D C:\Users\Ich\Downloads\FRST-OlderVersion
2016-11-20 10:11 - 2016-12-18 10:09 - 00000000 ____D C:\Users\Ich\AppData\LocalLow\Mozilla
2016-11-18 22:24 - 2016-11-18 22:24 - 00002212 _____ C:\Users\Ich\Downloads\eset.txt
2016-11-18 19:28 - 2016-12-17 09:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-18 18:18 - 2016-11-18 18:18 - 02870984 _____ (ESET) C:\Users\Ich\Downloads\esetsmartinstaller_deu.exe
2016-11-18 18:00 - 2016-11-18 18:00 - 00001056 _____ C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JRT.lnk
2016-11-18 17:52 - 2016-12-17 10:40 - 00000665 _____ C:\Users\Ich\Desktop\JRT.txt
2016-11-18 17:47 - 2016-11-18 17:47 - 00001151 _____ C:\Users\Ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdwCleaner_6.030.lnk
2016-11-18 17:35 - 2016-11-18 17:35 - 00000000 ____D C:\Users\Ich\Desktop\Alte Firefox-Daten
2016-11-18 17:30 - 2016-12-17 09:09 - 00000000 ____D C:\AdwCleaner
2016-11-18 17:19 - 2016-12-18 10:08 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-18 17:19 - 2016-12-17 09:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-18 17:19 - 2016-11-18 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-18 17:19 - 2016-11-18 17:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-18 17:19 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-11-18 17:19 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-11-18 17:19 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-11-18 17:12 - 2016-12-18 10:24 - 00000000 ____D C:\FRST
2016-11-18 17:10 - 2016-11-18 17:10 - 03910208 _____ C:\Program Files\AdwCleaner_6.030.exe
2016-11-18 17:10 - 2016-11-18 17:10 - 01631928 _____ (Malwarebytes) C:\Program Files\JRT.exe
2016-11-18 17:09 - 2016-11-20 10:39 - 02413056 _____ (Farbar) C:\Users\Ich\Downloads\FRST64.exe
2016-11-18 17:09 - 2016-11-18 17:11 - 22851472 _____ (Malwarebytes ) C:\Users\Ich\Downloads\mbam-setup-2.2.1.1043.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-18 10:16 - 2016-10-15 09:51 - 01989698 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-18 10:16 - 2016-07-16 23:51 - 00788120 _____ C:\WINDOWS\system32\perfh007.dat
2016-12-18 10:16 - 2016-07-16 23:51 - 00175384 _____ C:\WINDOWS\system32\perfc007.dat
2016-12-18 10:14 - 2016-11-01 10:04 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-12-18 10:13 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-18 10:09 - 2016-11-01 10:05 - 00000000 ___RD C:\Users\Ich\Creative Cloud Files
2016-12-18 10:09 - 2016-11-01 10:05 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-12-18 10:09 - 2016-10-15 13:01 - 00000000 ____D C:\Users\Ich\AppData\Local\Adobe
2016-12-18 10:08 - 2016-10-15 17:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-18 10:08 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-18 10:07 - 2016-10-15 17:04 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-12-18 10:07 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-18 10:02 - 2016-10-15 16:32 - 00000000 ____D C:\Users\eli\AppData\LocalLow\Temp
2016-12-18 09:47 - 2016-10-15 10:32 - 00000000 ____D C:\Users\Ich\.gimp-2.8
2016-12-18 09:44 - 2016-10-15 17:06 - 00000000 ____D C:\Users\Ich
2016-12-18 09:37 - 2016-10-15 17:03 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-17 09:35 - 2016-10-15 10:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-17 09:32 - 2016-10-15 10:34 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-17 09:14 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-17 09:11 - 2016-10-15 11:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-17 09:11 - 2016-10-15 11:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-12-13 19:08 - 2016-10-15 13:07 - 00000000 ____D C:\Program Files\Adobe
2016-12-12 00:56 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 11:15 - 2016-10-15 10:32 - 00000000 ____D C:\Users\Ich\.mediathek3
2016-12-09 07:36 - 2016-10-15 16:01 - 00000000 ____D C:\Users\eli\AppData\Local\Packages
2016-12-04 08:26 - 2014-09-26 06:08 - 00000000 ____D C:\Users\Ich\MediathekView
2016-12-02 22:29 - 2016-10-15 17:14 - 00004296 _____ C:\WINDOWS\System32\Tasks\AMD Updater
2016-12-02 22:27 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-02 22:26 - 2016-10-15 17:04 - 00000000 ____D C:\Program Files\AMD
2016-12-02 22:26 - 2016-10-15 10:27 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-02 22:24 - 2016-10-15 10:26 - 00000000 ____D C:\AMD
2016-12-02 22:13 - 2016-07-16 12:47 - 00000000 __RSD C:\WINDOWS\Media
2016-12-02 20:48 - 2016-10-15 09:45 - 00000000 ____D C:\Users\Ich\AppData\Local\Packages
2016-12-02 20:07 - 2016-10-15 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-12-02 20:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-28 21:45 - 2016-10-01 10:10 - 00475632 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-11-28 21:45 - 2016-10-01 10:10 - 00120384 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-11-28 21:45 - 2016-10-01 10:10 - 00120384 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-11-28 21:45 - 2016-10-01 10:10 - 00102672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-11-28 21:45 - 2016-10-01 10:08 - 00901656 _____ (AMD) C:\WINDOWS\system32\coinst_16.40.dll
2016-11-28 21:45 - 2016-10-01 10:08 - 00291352 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-11-28 21:45 - 2016-10-01 10:08 - 00284696 _____ C:\WINDOWS\system32\GameManager64.dll
2016-11-28 21:45 - 2016-10-01 10:08 - 00278552 _____ C:\WINDOWS\system32\clinfo.exe
2016-11-28 21:45 - 2016-10-01 10:08 - 00249376 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-11-28 21:45 - 2016-10-01 10:08 - 00242712 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-11-28 21:45 - 2016-10-01 10:08 - 00169504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-11-28 21:45 - 2016-10-01 10:08 - 00144408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-11-28 21:45 - 2016-10-01 10:08 - 00138784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-11-28 21:45 - 2016-10-01 10:08 - 00118296 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-11-28 21:45 - 2016-10-01 10:07 - 00145944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-11-28 21:45 - 2016-10-01 10:07 - 00127000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-11-28 21:45 - 2016-10-01 10:06 - 00468000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-11-28 21:45 - 2016-10-01 10:06 - 00298528 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-11-28 21:45 - 2016-10-01 10:06 - 00239640 _____ C:\WINDOWS\system32\atieah64.exe
2016-11-28 21:45 - 2016-10-01 10:06 - 00217624 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-11-28 21:45 - 2016-10-01 10:06 - 00210968 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-11-28 21:45 - 2016-10-01 10:06 - 00184856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-11-28 21:45 - 2016-10-01 10:06 - 00149640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-11-28 21:45 - 2016-10-01 10:06 - 00137256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-11-28 21:45 - 2016-10-01 10:06 - 00119832 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-11-28 21:45 - 2016-10-01 10:06 - 00110104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-11-28 21:45 - 2016-10-01 10:06 - 00098840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-11-28 21:45 - 2016-10-01 10:05 - 09935896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-11-28 21:45 - 2016-10-01 10:05 - 08075288 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-11-28 21:45 - 2016-10-01 10:05 - 02490392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-11-28 21:45 - 2016-10-01 10:05 - 02172952 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-11-28 21:45 - 2016-10-01 10:05 - 01007640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-11-28 21:45 - 2016-10-01 10:05 - 00411672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-11-28 21:45 - 2016-10-01 10:05 - 00069144 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2016-11-28 21:45 - 2016-10-01 10:03 - 00854552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-11-28 21:45 - 2016-10-01 10:03 - 00688672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-11-28 21:45 - 2016-10-01 10:03 - 00092184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-11-28 21:45 - 2016-10-01 10:03 - 00075800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-11-28 21:45 - 2016-10-01 09:57 - 00102672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-11-28 21:45 - 2016-10-01 09:56 - 01342488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-11-28 21:45 - 2016-10-01 09:56 - 00535584 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-11-28 21:45 - 2016-10-01 09:56 - 00277016 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-11-28 21:45 - 2016-09-30 21:29 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-11-28 21:45 - 2016-09-30 21:29 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-11-28 21:45 - 2016-09-30 21:29 - 00761544 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-11-28 21:45 - 2016-09-30 21:29 - 00761544 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-11-28 21:44 - 2016-10-01 10:10 - 00156248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-11-28 21:44 - 2016-10-01 10:10 - 00152096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-11-28 21:44 - 2016-10-01 10:10 - 00135920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-11-28 21:44 - 2016-10-01 10:09 - 00135408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-11-28 21:44 - 2016-10-01 10:03 - 00257560 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-11-28 21:44 - 2016-10-01 10:03 - 00230432 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-11-28 21:44 - 2016-09-30 21:28 - 00000144 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json
2016-11-28 21:44 - 2016-09-30 21:28 - 00000144 _____ C:\WINDOWS\system32\amd-vulkan64.json
2016-11-18 17:49 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-11-18 17:36 - 2016-10-16 08:20 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-11-18 17:24 - 2016-10-15 11:43 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-11-18 17:10 - 2016-11-18 17:10 - 3910208 _____ () C:\Program Files\AdwCleaner_6.030.exe
2016-11-18 17:10 - 2016-11-18 17:10 - 1631928 _____ (Malwarebytes) C:\Program Files\JRT.exe
2016-12-18 09:46 - 2016-12-18 09:46 - 0001495 _____ () C:\Users\Ich\AppData\Local\recently-used.xbel
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-10 07:31
==================== Ende von FRST.txt ============================ Addition.txt: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-12-2016
durchgeführt von Ich (18-12-2016 10:25:48)
Gestartet von C:\Users\Ich\Desktop
Windows 10 Pro Version 1607 (X64) (2016-10-15 16:16:07)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2770051485-1286840321-468354435-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2770051485-1286840321-468354435-503 - Limited - Disabled)
eli (S-1-5-21-2770051485-1286840321-468354435-1002 - Administrator - Enabled) => C:\Users\eli
Gast (S-1-5-21-2770051485-1286840321-468354435-501 - Limited - Disabled)
Ich (S-1-5-21-2770051485-1286840321-468354435-1001 - Administrator - Enabled) => C:\Users\Ich
marvin (S-1-5-21-2770051485-1286840321-468354435-1003 - Limited - Enabled) => C:\Users\marvin.DESKTOP-NS62E4T
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.8 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.23.58 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{ee247a19-722f-4096-884b-47ec3b7ec396}) (Version: 1.2.73.15322 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.73.15322 - Avira Operations GmbH & Co. KG) Hidden
Canon Utilities Digital Photo Professional 3.8 (HKLM-x32\...\DPP) (Version: 3.8.0.0 - Canon Inc.)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.5.0.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.5.0.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1123.1856.34070 - Advanced Micro Devices, Inc.) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.4.37.20160609 - Landesfinanzdirektion Thüringen)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WF-2660 Series Printer Uninstall (HKLM\...\EPSON WF-2660 Series) (Version: - SEIKO EPSON Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Firebird SQL Server - MAGIX Edition 2.0.0.1 (D) (HKLM-x32\...\Firebird SQL Server D) (Version: 2.0.0.1 - MAGIX AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
LibreOffice 5.1 Help Pack (German) (HKLM-x32\...\{93CFFF6D-3F96-49EC-ACE5-705109F2C77B}) (Version: 5.1.5.2 - The Document Foundation)
LibreOffice 5.1.5.2 (HKLM-x32\...\{03E3A5F6-2B2C-4CF6-9C18-FBB28AFA512B}) (Version: 5.1.5.2 - The Document Foundation)
MAGIX Foto Clinic 5.5 5.5.31.0 (D) (HKLM-x32\...\MAGIX Foto Clinic 5.5 D) (Version: 5.5.31.0 - MAGIX AG)
MAGIX Foto Manager 2007 4.1.1.75 (D) (HKLM-x32\...\MAGIX Foto Manager 2007 D) (Version: 4.1.1.75 - MAGIX AG)
MAGIX Goya burnR 2.3.1.3 (D) (HKLM-x32\...\MAGIX Goya burnR D) (Version: 2.3.1.3 - MAGIX AG)
MAGIX Music Manager 2007 8.1.1.108 (D) (HKLM-x32\...\MAGIX Music Manager 2007 D) (Version: 8.1.1.108 - MAGIX AG)
MAGIX Online Druck Service 2.3.2.0 (D) (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 2.3.2.0 - MAGIX AG)
MAGIX Video deluxe 2007 2008 PLUS 7.0.0.25 (D) (HKLM-x32\...\MAGIX Video deluxe 2007 2008 PLUS D) (Version: 7.0.0.25 - MAGIX AG)
Malwarebytes Version 3.0.4.1269 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.4.1269 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Mozilla Thunderbird 45.5.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.5.1 (x86 de)) (Version: 45.5.1 - Mozilla)
Mp3tag v2.79 (HKLM-x32\...\Mp3tag) (Version: v2.79 - Florian Heidenreich)
Phoenix R/C® (HKLM-x32\...\PhoenixRC) (Version: 5.5.l - Runtime Games Ltd)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2770051485-1286840321-468354435-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-0C00548AA61B}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2770051485-1286840321-468354435-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Ich\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileSyncShell64.dll => Keine Da (Der Dateneintrag hat 3 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-2770051485-1286840321-468354435-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Ich\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileSyncShell64.dll => Keine Da (Der Dateneintrag hat 3 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-2770051485-1286840321-468354435-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Ich\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileSyncShell64.dll => Keine Da (Der Dateneintrag hat 3 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-2770051485-1286840321-468354435-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {298FFC15-120F-4425-89B8-5FF0A55E2AB6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-15] (Google Inc.)
Task: {3A92ECF5-4734-4626-BCEB-DC6DF7CC4D9F} - System32\Tasks\EPSON WF-2660 Series Update {4D77F1AD-BE7E-4A58-A3AD-0573F01759F2} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {6FA2273B-6A65-4824-BDBD-A0AE9191F926} - System32\Tasks\EPSON WF-2660 Series Update {9D64AE9D-A19B-42AB-BDC2-C12B32022E9E} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {8D2F43E4-3F94-42A0-80FE-C751C66DC306} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-NS62E4T-Ich => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {C534A7C3-2B6B-4270-8E41-7E6A5C58EBE3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-15] (Google Inc.)
Task: {FFDA070A-D180-48AD-9A51-324466A17ABD} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-11-23] (Advanced Micro Devices, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\EPSON WF-2660 Series Update {4D77F1AD-BE7E-4A58-A3AD-0573F01759F2}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE:/EXE:{4D77F1AD-BE7E-4A58-A3AD-0573F01759F2} /F:UpdateWORKGROUP\DESKTOP-NS62E4T$
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-2660 Series Update {9D64AE9D-A19B-42AB-BDC2-C12B32022E9E}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMAE.EXE:/EXE:{9D64AE9D-A19B-42AB-BDC2-C12B32022E9E} /F:Update WORKGROUP\DESKTOP-NS62E4T$ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-15 17:57 - 2016-10-15 17:57 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-17 09:20 - 2016-11-29 06:27 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-10-15 17:57 - 2016-10-15 17:57 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-10-15 17:57 - 2016-10-15 17:57 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-13 08:27 - 2016-11-02 11:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-13 08:27 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-13 08:27 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-13 08:27 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-13 08:27 - 2016-11-02 11:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-13 08:27 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-13 08:27 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-14 22:30 - 2016-09-14 22:30 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 22:30 - 2016-09-14 22:30 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 22:30 - 2016-09-14 22:30 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 22:30 - 2016-09-14 22:30 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 22:30 - 2016-09-14 22:30 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 22:30 - 2016-09-14 22:30 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2016-12-14 19:21 - 2016-12-17 08:26 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 19:21 - 2016-12-17 08:26 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 19:21 - 2016-12-17 08:34 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 19:21 - 2016-12-17 08:26 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-12-17 09:20 - 2016-11-08 09:46 - 00693248 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-21 08:35 - 2015-07-21 08:35 - 00512000 _____ () C:\Program Files (x86)\Canon\EOS Utility\EDSDK.dll
2016-10-25 10:51 - 2016-10-25 10:51 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-10-12 01:08 - 2016-10-12 01:08 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-12 01:08 - 2016-10-12 01:08 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-12 01:08 - 2016-10-12 01:08 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-10-12 01:08 - 2016-10-12 01:08 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-25 10:49 - 2016-10-25 10:49 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-10-12 01:08 - 2016-10-12 01:08 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-10-10 23:15 - 2016-10-10 23:15 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-10 23:15 - 2016-10-10 23:15 - 00117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2016-10-10 23:15 - 2016-10-10 23:15 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-10 23:17 - 2016-10-10 23:17 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-25 10:41 - 2016-10-25 10:41 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-10-10 23:14 - 2016-10-10 23:14 - 00121856 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2016-10-10 23:14 - 2016-10-10 23:14 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\marvin\Downloads\HERMES_label_2015-10-12_17-46-58.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\marvin\Downloads\HERMES_label_2015-8-25_12-26-5.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\marvin\Downloads\Kirchensteuer-Widerspruchsrecht_1901613_vom_31.12.2014_20150429094544.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\marvin\Downloads\Kontoauszug_1901613__Nr.0012015_vom_31.03.2015_20150429094402.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\marvin\Downloads\Paketschein_45285094975_Bolf_GmbH_121015.pdf:$CmdZnID [26]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2770051485-1286840321-468354435-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.72.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{0C50DA01-BB62-4AE3-BC34-879F3428798F}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{175C82AD-E4FE-4459-9190-CBBC478B9E75}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{695A5326-3720-434E-821B-416D8D76C83F}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{950B4FC4-14DF-485E-A936-1FAD5FDB0DAE}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B00DEE7E-E10C-4957-9727-8892672FE42F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{31F290C7-626A-4EAD-868D-6FBA11FDD2E1}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2F58BE0E-49BC-413D-8E5A-FF1E6064F550}] => C:\Program Files (x86)\PhoenixRC\phoenixRC.exe
FirewallRules: [{AD8B3DF3-E033-468B-84F4-F606472BFFF8}] => C:\Program Files (x86)\PhoenixRC\phoenixRC.exe
FirewallRules: [{1CCDEF20-876B-4559-849D-C4791623EE17}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
02-12-2016 22:26:19 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
10-12-2016 09:05:46 Geplanter Prüfpunkt
17-12-2016 09:31:53 Windows Update
17-12-2016 10:38:17 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller
Description: L1 Gigabit-Ethernet-10/100/1000Base-T-Controller von Atheros
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros
Service: AtcL001
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/18/2016 10:02:18 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (12/18/2016 10:02:11 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (12/18/2016 09:54:41 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (12/18/2016 09:54:35 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (12/18/2016 09:54:29 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (12/18/2016 09:43:19 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (12/18/2016 09:42:35 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (12/18/2016 09:41:41 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (12/18/2016 09:41:19 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (12/18/2016 08:48:04 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Systemfehler:
=============
Error: (12/18/2016 10:02:56 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (12/18/2016 10:02:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/18/2016 10:02:26 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NS62E4T)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (12/18/2016 10:02:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/18/2016 10:02:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 11" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/18/2016 10:02:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Epson Scanner Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/18/2016 10:02:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Genuine Software Integrity Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/18/2016 10:02:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AdobeUpdateService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/18/2016 10:02:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/18/2016 10:02:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD External Events Utility" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 8191.17 MB
Verfügbarer physikalischer RAM: 5218.57 MB
Summe virtueller Speicher: 9471.17 MB
Verfügbarer virtueller Speicher: 6302.97 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:416.44 GB) (Free:331.84 GB) NTFS
Drive e: () (Fixed) (Total:298.09 GB) (Free:31.99 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: () (Fixed) (Total:154.67 GB) (Free:4.07 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 85C785C7)
Partition 1: (Not Active) - (Size=225.3 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 8F150CC5)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=416.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=48.8 GB) - (Type=05)
========================================================
Disk: 2 (Size: 298.1 GB) (Disk ID: AD090B50)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Sooo, dann warte ich gespannt auf Deine nächste Antwort. Ich weiß es sehr zu schätzen, dass Du das hier Deiner Freizeit für mich machst!:dankeschoen: |