mam Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 22.11.2015
Suchlaufzeit: 10:19
Protokolldatei: mam.txt
Administrator: Ja
Version: 2.2.0.1024
Malware-Datenbank: v2015.11.22.01
Rootkit-Datenbank: v2015.11.14.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: i7i5
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 411786
Abgelaufene Zeit: 24 Min., 44 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswerte: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Dateien: 0
(keine bösartigen Elemente erkannt)
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end) adwcleaner Code:
# AdwCleaner v5.021 - Bericht erstellt am 22/11/2015 um 10:46:12
# Aktualisiert am 14/11/2015 von Xplode
# Datenbank : 2015-11-19.4 [Server]
# Betriebssystem : Windows 10 Pro (x64)
# Benutzername : i7i5 - PC
# Gestartet von : C:\Users\basteln\Desktop\AdwCleaner_5.021.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
########## EOF - \AdwCleaner\AdwCleaner[S2].txt - [612 Bytes] ########## jrt Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.0 (11.12.2015)
Operating System: Windows 10 Pro x64
Ran by i7i5 (Administrator) on 22.11.2015 at 10:48:12,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 1
Successfully deleted: C:\WINDOWS\prefetch\ASKPASS.EXE-F7195FBB.pf (File)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.11.2015 at 10:49:50,83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Addition Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-11-2015
durchgeführt von i7i5 (2015-11-22 10:55:17)
Gestartet von C:\Users\basteln\Desktop
Windows 10 Pro (X64) (2015-11-17 16:05:03)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2744740071-4010058839-1931898771-500 - Administrator - Disabled)
basteln (S-1-5-21-2744740071-4010058839-1931898771-1002 - Limited - Enabled) => C:\Users\basteln
DefaultAccount (S-1-5-21-2744740071-4010058839-1931898771-503 - Limited - Disabled)
Gast (S-1-5-21-2744740071-4010058839-1931898771-501 - Limited - Disabled)
i7i5 (S-1-5-21-2744740071-4010058839-1931898771-1001 - Administrator - Enabled) => C:\Users\i7i5
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (32 Bit) (HKLM-x32\...\{2614BC86-757D-4293-9E25-E4E16F370A9E}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.0.0.11 - Swiss Academic Software)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
f.lux (HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\Flux) (Version: - )
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Genymotion version 2.5.4 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.5.4 - Genymobile)
Git version 1.9.5-preview20150319 (HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{9086D601-50B7-491D-A143-28193DADE36B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.5.0.001 - HTC Corporation)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java SE Development Kit 8 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180510}) (Version: 8.0.510.16 - Oracle Corporation)
Java SE Development Kit 8 Update 51 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180510}) (Version: 8.0.510.16 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MiKTeX 2.9 (HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Firefox 42.0 (x86 de) (HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.1.0 - Mozilla)
Mozilla Thunderbird 38.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.1.0 (x86 de)) (Version: 38.1.0 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Oracle VM VirtualBox 5.0.4 (HKLM\...\{FC191F32-1A67-4231-91D0-0059A57C99A8}) (Version: 5.0.4 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
ownCloud (HKLM-x32\...\ownCloud) (Version: 2.0.2.5569 - ownCloud)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.102 - Realtek Semiconductor Corp.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - )
SourceTree (HKLM-x32\...\SourceTree 1.6.23) (Version: 1.6.23 - Atlassian)
SourceTree (x32 Version: 1.6.23 - Atlassian) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StudNET Login Client (HKLM-x32\...\{A30EE8A6-6B9F-4973-B5ED-2A60B40576E4}_is1) (Version: 4.3 - Dossin-Brade GbR Leipzig)
Sublime Text Build 3092 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeXstudio 2.10.0 (HKLM-x32\...\TeXstudio_is1) (Version: 2.10.0 - Benito van der Zander)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2744740071-4010058839-1931898771-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\i7i5\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2744740071-4010058839-1931898771-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2744740071-4010058839-1931898771-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-7D3CEBAB4773}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2744740071-4010058839-1931898771-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\basteln\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2744740071-4010058839-1931898771-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2744740071-4010058839-1931898771-1002_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> P:\Git\git-cheetah\git_shell_ext64.dll ()
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 12:04 - 2015-09-10 22:37 - 00001025 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0718A3C1-24C3-422B-869B-EF808D1E0188} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {181EF958-CF2C-45C1-BFE2-0048458E3EFC} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice
Task: {2300B6D1-D409-499E-92DF-030662B73A6B} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6
Task: {2353A234-8E5A-42EA-893A-789D8E6D06D8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {3059E59B-D6E4-4CB3-ABFA-E66ED8253F7A} - System32\Tasks\CCleanerSkipUAC => P:\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {317107BF-13F6-48B4-AA5A-BA0B03A02F4B} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate
Task: {33046BDC-2974-457F-A198-055760713D46} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization
Task: {34DFA6BC-39DE-4868-A80B-ABB04284A726} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {3627755F-6629-4D94-850A-FBE43D28BEB8} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask
Task: {4208A7BF-D622-476E-A1A3-F9EB2719ECD4} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [2015-11-13] (Microsoft Corporation)
Task: {45A1E736-EAAA-4735-ABBA-A9C5CF2BDAEF} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1
Task: {4A944005-EAD7-4E3D-A0CB-E36A03948234} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck
Task: {4E3CB8C2-8A0C-4570-A32E-7319C6E8E432} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24
Task: {5B137F1C-205D-4EEE-A261-705B687DCA75} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {697E18DD-943C-470A-B9E3-6E5DDCB42D05} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange
Task: {6B696BCF-C866-41CA-B4E4-3D19FB1E9250} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\SpaceMan.exe [2015-10-30] (Microsoft Corporation)
Task: {6CFACA9F-1ABD-4B77-B33C-D9F67ED66C0E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-11-10] (Microsoft Corporation)
Task: {71E53243-3A2D-47EE-9DAB-6D71B2366657} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate
Task: {860F596C-A1D8-4651-B747-D134041D80AD} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense => Rundll32.exe %windir%\system32\StorageUsage.dll,GetStorageUsageInfo
Task: {90D79106-3D12-40AF-A9BA-231F2327770C} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [2015-10-30] (Microsoft Corporation)
Task: {A483A62A-BEE2-43EF-B43D-C4B6555D6F1E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange
Task: {AD0F6D49-B037-4281-9C34-9B02DFEBC706} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-09-10] ()
Task: {AE01BD66-0EA2-4E63-8342-8F603FA22364} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {C881A742-1A15-4EAC-96B9-9C6EA38AC7FA} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork
Task: {E03596C8-B2A4-4553-B379-B678F0EBCA95} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff
Task: {E92D4A58-DF98-4199-876D-0DEC11B57770} - System32\Tasks\avast! Emergency Update => P:\Avast\AvastEmUpdate.exe [2015-09-27] (AVAST Software)
Task: {F120A436-C215-4927-87AA-934387AF5782} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange
Task: {FEBF0AE5-C68F-41BB-8FB8-05BD0B1A49E7} - System32\Tasks\AdobeAAMUpdater-1.0-DU-i7i5 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-01 09:21 - 2013-07-01 09:21 - 01127736 _____ () P:\Shrew Soft VPN\iked.exe
2013-07-01 00:16 - 2013-07-01 00:16 - 00628224 _____ () P:\Shrew Soft VPN\libike.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 00039936 _____ () P:\Shrew Soft VPN\libvnet.dll
2013-07-01 00:15 - 2013-07-01 00:15 - 00018432 _____ () P:\Shrew Soft VPN\libith.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 00029184 _____ () P:\Shrew Soft VPN\libpfk.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 00017920 _____ () P:\Shrew Soft VPN\libdtp.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 00035840 _____ () P:\Shrew Soft VPN\libvflt.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 00013312 _____ () P:\Shrew Soft VPN\liblog.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 00116736 _____ () P:\Shrew Soft VPN\libip.dll
2013-07-01 00:15 - 2013-07-01 00:15 - 00022016 _____ () P:\Shrew Soft VPN\libidb.dll
2015-10-19 15:12 - 2012-12-07 16:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-07-01 09:21 - 2013-07-01 09:21 - 00810808 _____ () P:\Shrew Soft VPN\ipsecd.exe
2015-10-30 08:17 - 2015-10-30 08:17 - 02652784 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 02652784 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-09-11 19:02 - 2015-09-11 19:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () P:\FileZilla FTP Client\fzshellext_64.dll
2015-09-10 22:15 - 2015-03-19 22:33 - 00736962 _____ () P:\Git\git-cheetah\git_shell_ext64.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-30 08:18 - 2015-10-30 19:46 - 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-30 08:18 - 2015-10-30 19:46 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-30 08:18 - 2015-10-30 19:46 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-30 08:18 - 2015-10-30 19:46 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-22 02:29 - 2015-11-22 02:29 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-11-22 02:29 - 2015-11-22 02:29 - 11526656 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-11-20 00:40 - 2015-11-20 00:40 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-09-27 04:42 - 2015-09-27 04:42 - 00103376 _____ () P:\Avast\log.dll
2015-09-27 04:42 - 2015-09-27 04:42 - 00123976 _____ () P:\Avast\JsonRpcServer.dll
2015-11-21 13:10 - 2015-11-21 13:10 - 02994176 _____ () P:\Avast\defs\15112100\algo.dll
2015-09-27 04:42 - 2015-09-27 04:42 - 40539648 _____ () P:\Avast\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2744740071-4010058839-1931898771-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\basteln\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-2744740071-4010058839-1931898771-1001\...\StartupApproved\Run: => "Steam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2BB4A38C-147F-4678-963D-CB0B0E3192E2}] => (Allow) D:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{90A75009-679A-4C49-AD89-2675AC0184FA}] => (Allow) D:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8CFA0298-F9BA-42A1-9927-3968FFC26AEF}] => (Allow) P:\Steam\bin\steamwebhelper.exe
FirewallRules: [{B54CDCF9-D478-4383-8D3F-F097B831CFE1}] => (Allow) P:\Steam\bin\steamwebhelper.exe
FirewallRules: [{6172CDDB-2C88-416C-AE71-4C6C219E1ADB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{45B883DF-3119-48B9-BCF1-7A4640D30F46}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A620A3DA-397A-4310-BC2D-545A8EBE61C6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{983B396A-98EB-4379-8810-0A7FF81B06E2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{402A2773-C8ED-486A-A4A7-451EFAD3A304}P:\eclipse\eclipse.exe] => (Allow) P:\eclipse\eclipse.exe
FirewallRules: [TCP Query User{83C654E5-A249-4D6E-B9CC-9420CA55D96E}P:\eclipse\eclipse.exe] => (Allow) P:\eclipse\eclipse.exe
FirewallRules: [UDP Query User{08A55A3B-91FD-42C7-A139-E1F230725274}C:\users\basteln\desktop\ba test\eclipse\eclipse.exe] => (Allow) C:\users\basteln\desktop\ba test\eclipse\eclipse.exe
FirewallRules: [TCP Query User{62C743AD-4839-4E35-8764-CAA5659C653F}C:\users\basteln\desktop\ba test\eclipse\eclipse.exe] => (Allow) C:\users\basteln\desktop\ba test\eclipse\eclipse.exe
FirewallRules: [UDP Query User{50DB55C5-26A1-4B6B-AF14-C5A80C025FB5}P:\java\x64\jdk1.8.0_51\bin\java.exe] => (Allow) P:\java\x64\jdk1.8.0_51\bin\java.exe
FirewallRules: [TCP Query User{156F2E0B-43F3-4735-894C-1EB89131589D}P:\java\x64\jdk1.8.0_51\bin\java.exe] => (Allow) P:\java\x64\jdk1.8.0_51\bin\java.exe
FirewallRules: [UDP Query User{5598B00D-6174-4D01-B092-FB7BF2E7D0FD}P:\android studio\bin\studio64.exe] => (Allow) P:\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{0268CE47-8844-47D3-A6D0-96408FB5C562}P:\android studio\bin\studio64.exe] => (Allow) P:\android studio\bin\studio64.exe
FirewallRules: [{525D74E7-8286-4575-94EA-176492D05B21}] => (Allow) P:\Steam\Steam.exe
FirewallRules: [{5F144371-5AB1-4172-A343-F532F36204C6}] => (Allow) P:\Steam\Steam.exe
FirewallRules: [UDP Query User{814FE1F6-6755-4377-803F-C160B887C141}P:\twitch\livestreamer-v1.12.2\livestreamer.exe] => (Allow) P:\twitch\livestreamer-v1.12.2\livestreamer.exe
FirewallRules: [TCP Query User{1AC67C1B-D5A2-4A5F-AFF9-1FEC1CF424E4}P:\twitch\livestreamer-v1.12.2\livestreamer.exe] => (Allow) P:\twitch\livestreamer-v1.12.2\livestreamer.exe
FirewallRules: [{DA603F64-7F37-49D2-A342-D030C4855CB2}] => (Allow) P:\Microsoft Office\Office15\outlook.exe
FirewallRules: [{F8C0A2E8-27B6-4AD5-B4D7-A81CAE5E2183}] => (Allow) P:\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F0DA012B-8723-4559-AFDB-36D36060D40C}] => (Allow) P:\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F273C9D0-645D-4807-A622-158526390D72}] => (Allow) P:\Microsoft Office\Office15\lync.exe
FirewallRules: [{6F2E88D9-062E-4282-B5A2-17AD24917787}] => (Allow) P:\Microsoft Office\Office15\lync.exe
FirewallRules: [{981EA90F-1E76-4B62-B2E5-E171750A9B72}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{12B0C56E-5556-4F35-8318-0CC32F3843D5}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
FirewallRules: [{DA09CB18-8159-4CAA-A0CA-21AB7EEBBE0E}] => (Allow) C:\Program Files\HP\HP Officejet 6700\Bin\DeviceSetup.exe
FirewallRules: [{25E62B04-6F81-407D-AE2B-F66AE6B3AC3D}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\SendAFax.exe
FirewallRules: [{F4B3D6FC-96B4-4EBD-BBFE-1FA8E88FF111}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\DigitalWizards.exe
FirewallRules: [{A0969A31-43FF-4F65-852D-A2DB77EE3633}] => (Allow) C:\Program Files\HP\HP Officejet 6700\bin\FaxApplications.exe
FirewallRules: [{88CAA281-9F8D-4A0C-BD6E-AAD2FD9C3CF6}] => (Allow) P:\Mozilla Firefox\firefox.exe
FirewallRules: [{724E1B4C-41B1-4C84-82D3-F881B8BFA308}] => (Allow) P:\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [P:\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [P:\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [P:\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [P:\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/22/2015 10:48:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Microsoft.Photos.exe, Version: 15.1120.13270.0, Zeitstempel: 0x564f95c1
Name des fehlerhaften Moduls: CoreUIComponents.dll, Version: 0.0.0.0, Zeitstempel: 0x5632cefa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000780dd
ID des fehlerhaften Prozesses: 0xe84
Startzeit der fehlerhaften Anwendung: 0xMicrosoft.Photos.exe0
Pfad der fehlerhaften Anwendung: Microsoft.Photos.exe1
Pfad des fehlerhaften Moduls: Microsoft.Photos.exe2
Berichtskennung: Microsoft.Photos.exe3
Vollständiger Name des fehlerhaften Pakets: Microsoft.Photos.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.Photos.exe5
Error: (11/22/2015 10:40:07 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (11/22/2015 10:23:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DU)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/22/2015 10:16:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DU)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/22/2015 10:16:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DU)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/22/2015 02:56:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1062
Error: (11/22/2015 02:56:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1062
Error: (11/22/2015 02:56:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/21/2015 09:28:04 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (11/20/2015 08:53:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1141
Systemfehler:
=============
Error: (11/22/2015 10:23:59 AM) (Source: DCOM) (EventID: 10010) (User: DU)
Description: App.AppX65n3t4j73ch7cremsjxn7q8bph1ma8jw.mca
Error: (11/22/2015 10:16:26 AM) (Source: DCOM) (EventID: 10010) (User: DU)
Description: App.AppX65n3t4j73ch7cremsjxn7q8bph1ma8jw.mca
Error: (11/22/2015 10:16:19 AM) (Source: DCOM) (EventID: 10010) (User: DU)
Description: App.AppX65n3t4j73ch7cremsjxn7q8bph1ma8jw.mca
Error: (11/22/2015 02:56:23 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/22/2015 02:30:07 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft Photos
Error: (11/21/2015 03:12:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/21/2015 09:05:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SAService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (11/21/2015 01:20:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_40246" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/21/2015 01:20:35 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/21/2015 00:14:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Xbox
CodeIntegrity:
===================================
Date: 2015-11-20 00:23:34.038
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-19 08:24:27.426
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-17 17:00:16.741
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-17 16:58:29.735
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-11-17 16:40:15.898
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-11-17 16:40:15.895
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-11-17 16:40:15.891
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
Date: 2015-11-17 16:38:42.469
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 24%
Installierter physikalischer RAM: 8060.85 MB
Verfügbarer physikalischer RAM: 6109.93 MB
Summe virtueller Speicher: 9980.85 MB
Verfügbarer virtueller Speicher: 8139.71 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:99.51 GB) (Free:58.48 GB) NTFS
Drive d: (Daten) (Fixed) (Total:285.76 GB) (Free:76.95 GB) NTFS
Drive p: (Programme) (Fixed) (Total:80 GB) (Free:55.47 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C3FFC3FF)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=80 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=285.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================ frst Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-11-2015
durchgeführt von i7i5 (Administrator) auf DU (22-11-2015 10:51:09)
Gestartet von C:\Users\basteln\Desktop
Geladene Profile: i7i5 & basteln (Verfügbare Profile: i7i5 & basteln)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) P:\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
() P:\Shrew Soft VPN\iked.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() P:\Shrew Soft VPN\ipsecd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) P:\Avast\avastui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Mozilla Corporation) P:\Mozilla Firefox\firefox.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-09-10] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-09-10] (Vimicro)
HKLM-x32\...\Run: [AvastUI.exe] => P:\Avast\AvastUI.exe [6133520 2015-11-11] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => P:\Adobe\x86\Acrobat XI Pro\Acrobat\Acrotray.exe [3498728 2015-09-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer\Run: [Adobe Flash Player] => C:\ProgramData\Adobe\adobe_flash_player.exe [112640 2015-08-09] (Abobe Systems Incorporated)
HKU\S-1-5-21-2744740071-4010058839-1931898771-1001\...\Run: [Steam] => P:\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\Run: [f.lux] => C:\Users\basteln\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\Run: [RocketDock] => P:\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\Run: [ownCloud] => P:\ownCloud\owncloud.exe [1704974 2015-10-21] ()
HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2744740071-4010058839-1931898771-1002\...\RunOnce: [Uninstall C:\Users\basteln\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\basteln\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => P:\Avast\ashShA64.dll [2015-09-27] (AVAST Software)
Startup: C:\Users\basteln\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk [2015-10-02]
ShortcutTarget: Tintenwarnungen überwachen - .lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{019c4ed0-e6af-452d-a347-9c21d036e1f3}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{efbba1a2-babf-4e16-b0a2-575ff4cda385}: [NameServer] 141.57.1.94
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> P:\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-21] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> P:\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-21] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-21] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-21] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - P:\Microsoft Office\Office15\MSOSB.DLL [2015-08-12] (Microsoft Corporation)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2015-10-30] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2015-10-30] (Microsoft Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-21] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> P:\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> P:\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> P:\Adobe\x86\Acrobat XI Pro\Acrobat\Air\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - P:\Adobe\x86\Acrobat XI Pro\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - P:\Adobe\x86\Acrobat XI Pro\Acrobat\Browser\WCFirefoxExtn [2015-10-22] [ist nicht signiert]
StartMenuInternet: FIREFOX.EXE - P:\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - P:\Adobe\x86\Acrobat XI Pro\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-09-27]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-29] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 avast! Antivirus; P:\Avast\AvastSvc.exe [146600 2015-09-27] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-09-10] (Broadcom Corporation.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-22] (Intel Corporation)
R2 iked; P:\Shrew Soft VPN\iked.exe [1127736 2013-07-01] ()
R2 ipsecd; P:\Shrew Soft VPN\ipsecd.exe [810808 2013-07-01] ()
S2 MBAMService; P:\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MessagingService; C:\Windows\System32\MessagingService.dll [52736 2015-10-30] (Microsoft Corporation)
S3 MessagingService_3aa71; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 MessagingService_3aa71; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
R2 OneSyncSvc_3aa71; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
R2 OneSyncSvc_3aa71; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]
S3 PimIndexMaintenanceSvc_3aa71; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_3aa71; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-09-10] (Synaptics Incorporated)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [290304 2015-10-30] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [87040 2015-11-13] (Microsoft Corporation)
S3 UnistoreSvc_3aa71; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 UnistoreSvc_3aa71; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S3 UserDataSvc_3aa71; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 UserDataSvc_3aa71; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) |