|
Vermutlich Virenbefall mit mehreren Symthomen (u.a. "Herzlichen Glückwunsch Windowsbenutzer"-Pop-Up Liste der Anhänge anzeigen (Anzahl: 1) Hallo Zusammen, bin über eine google-suche und diesen Link auf eure Seite gestoßen. Habe bereits FRST-64Bit heruntergeladen. Dort habe ich dann diese Anweisungen befolgt: -Starte jetzt FRST. -Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen. - Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop. - Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken) FRST.txt ------------------------------------------------------------------------------------- Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-05-2016 01 durchgeführt von robin (Administrator) auf LENOVO-PC (25-05-2016 02:52:40) Gestartet von C:\Users\robin\Downloads Geladene Profile: robin (Verfügbare Profile: robin) Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Pulse Secure, LLC) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Lenovo) C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe (Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe (Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe (LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe () C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe (Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe ( Rsupport Corporation) C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe (pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe (© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe (Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe (RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe (RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncagent.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe (RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserverui.exe (SecurityUtility) C:\ProgramData\SecurityUtility\SecurityUtility.exe (SecurityUtility) C:\ProgramData\SecurityUtility\SecurityUtility.exe (Rsupport corporation) C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenTray.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Program Files\WebBar\4.7.5947.22349\wbmain.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe () C:\Program Files\Lenovo\LenovoUtility\utility.exe (Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OnekeyOptimizerUpdata.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe (© 2015 Microsoft Corporation) C:\Users\robin\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe () C:\Program Files (x86)\RSUPPORT\MobizenService\dat\adb.exe () C:\Program Files\Lenovo PhoneCompanion\adb.exe () C:\Program Files\Lenovo PhoneCompanion\adb.exe () C:\Program Files (x86)\RSUPPORT\MobizenService\dat\adb.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323312 2015-01-27] (Intel Corporation) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2858152 2015-01-11] (Synaptics Incorporated) HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [4060376 2014-10-22] (Realtek semiconductor) HKLM\...\Run: [LENOVO.TPKNRRES] => rundll32.exe "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791368 2015-05-13] () HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [802800 2015-05-13] (Lenovo) HKLM\...\Run: [OneKeyOptimizer] => C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [559896 2014-11-18] (Lenovo(beijing) Limited) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-03-12] (Bitdefender) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-12-16] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare) HKU\S-1-5-21-103355345-793745233-351899426-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd) HKU\S-1-5-21-103355345-793745233-351899426-1001\...\Run: [BingSvc] => C:\Users\robin\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation) HKU\S-1-5-21-103355345-793745233-351899426-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1438480 2015-10-04] (Lavasoft) HKU\S-1-5-21-103355345-793745233-351899426-1001\...\Run: [Bitdefender-Geldb�rse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-01-15] (Bitdefender) HKU\S-1-5-21-103355345-793745233-351899426-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-103355345-793745233-351899426-1001\...\Run: [Jing] => C:\Program Files (x86)\TechSmith\Jing\Jing.exe [2911224 2015-09-11] (TechSmith Corporation) HKU\S-1-5-21-103355345-793745233-351899426-1001\...\MountPoints2: {0917be5d-09b4-11e6-8294-68f728c54870} - "E:\Startme.exe" AppInit_DLLs: C:\ProgramData\SecurityUtility\SecurityUtility64.dll => Keine Datei ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog9 01 C:\WINDOWS\system32\LavasoftTcpService.dll Keine Datei Winsock: Catalog9 02 C:\WINDOWS\system32\LavasoftTcpService.dll Keine Datei Winsock: Catalog9 03 C:\WINDOWS\system32\LavasoftTcpService.dll Keine Datei Winsock: Catalog9 04 C:\WINDOWS\system32\LavasoftTcpService.dll Keine Datei Winsock: Catalog9 16 C:\WINDOWS\system32\LavasoftTcpService.dll Keine Datei Winsock: Catalog9-x64 01 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-10-04] (Lavasoft Limited) Winsock: Catalog9-x64 02 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-10-04] (Lavasoft Limited) Winsock: Catalog9-x64 03 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-10-04] (Lavasoft Limited) Winsock: Catalog9-x64 04 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-10-04] (Lavasoft Limited) Winsock: Catalog9-x64 16 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-10-04] (Lavasoft Limited) Hosts: 0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\Parameters: [NameServer] 82.163.142.7 95.211.158.134 Tcpip\..\Interfaces\{48CF8031-F6B9-4E89-98D8-3696665FDA01}: [NameServer] 82.163.142.7 95.211.158.134 Tcpip\..\Interfaces\{48CF8031-F6B9-4E89-98D8-3696665FDA01}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{4D467D10-F205-4007-9750-58C36F8D3DAA}: [NameServer] 82.163.142.7 95.211.158.134 Tcpip\..\Interfaces\{4D467D10-F205-4007-9750-58C36F8D3DAA}: [DhcpNameServer] 82.163.142.7 Tcpip\..\Interfaces\{B811E4AF-2D33-4530-82D4-A780940D11DB}: [NameServer] 82.163.142.7 95.211.158.134 Tcpip\..\Interfaces\{B811E4AF-2D33-4530-82D4-A780940D11DB}: [DhcpNameServer] 82.163.142.7 Tcpip\..\Interfaces\{D68D49CF-6E3E-44F4-A8E0-96B69BAF5794}: [NameServer] 82.163.142.7 95.211.158.134 Tcpip\..\Interfaces\{D68D49CF-6E3E-44F4-A8E0-96B69BAF5794}: [DhcpNameServer] 82.163.142.7 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-103355345-793745233-351899426-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=de-de HKU\S-1-5-21-103355345-793745233-351899426-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-103355345-793745233-351899426-1001 -> DefaultScope {6EA2F91A-F1F9-4B48-A1BA-97C5839D6BE9} URL = hxxps://duckduckgo.com/?q={searchTerms} SearchScopes: HKU\S-1-5-21-103355345-793745233-351899426-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-103355345-793745233-351899426-1001 -> {6EA2F91A-F1F9-4B48-A1BA-97C5839D6BE9} URL = hxxps://duckduckgo.com/?q={searchTerms} SearchScopes: HKU\S-1-5-21-103355345-793745233-351899426-1001 -> {83BCBC7A-ED16-47F3-91C9-21806B10CD01} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default SearchScopes: HKU\S-1-5-21-103355345-793745233-351899426-1001 -> {9EE8070D-2E48-4E17-9FAA-F7FF995FC2F8} URL = BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation) BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender) BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-01-15] (pdfforge GmbH) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-05] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-05] (Oracle Corporation) Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender) Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender) Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-01-15] (pdfforge GmbH) DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://vertrieb.tecis.de/dana-cached/sc/JuniperSetupClient.cab Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-07-22] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\robin\AppData\Roaming\Mozilla\Firefox\Profiles\xhcvms61.default-1462378764182 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-05] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-05] (Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-07-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-01-15] (pdfforge GmbH) FF Plugin HKU\S-1-5-21-103355345-793745233-351899426-1001: @graphon.com/GoGlobal -> C:\Users\robin\AppData\Local\GraphOn\GO-Global\Client [2015-10-10] () FF Extension: Adblock Plus - C:\Users\robin\AppData\Roaming\Mozilla\Firefox\Profiles\xhcvms61.default-1462378764182\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-25] FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-04-29] FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension FF Extension: PDF Architect 4 Creator - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-02-20] [ist nicht signiert] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-04-01] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-04-01] [ist nicht signiert] FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext FF HKU\S-1-5-21-103355345-793745233-351899426-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\robin\AppData\Roaming\Mozilla\Firefox\Profiles\ofgdohpn.default\extensions\cliqz@cliqz.com => nicht gefunden Chrome: ======= CHR Profile: C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-09] CHR Extension: (Google Docs) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-09] CHR Extension: (Google Drive) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-09] CHR Extension: (YouTube) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-09] CHR Extension: (Adblock Plus) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-12-09] CHR Extension: (Google-Suche) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-09] CHR Extension: (Bitdefender Wallet) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-12-09] CHR Extension: (Google Tabellen) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-09] CHR Extension: (Google Docs Offline) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-09] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-09] CHR Extension: (Google Mail) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-09] CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [599024 2014-08-05] (Lenovo Corporation) S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender) R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [644080 2014-10-22] () R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2829552 2016-03-08] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-31] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-31] (Dropbox, Inc.) R2 dsNcService; C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe [674136 2015-10-23] (Pulse Secure, LLC) R2 FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [191512 2014-11-20] (Lenovo) [Datei ist nicht signiert] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19184 2015-01-27] (Intel Corporation) R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-13] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2014-12-19] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation) R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-10-04] (Lavasoft Limited) S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo) R2 Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2544408 2014-11-18] (Lenovo(beijing) Limited) R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2005320 2014-10-13] (Lenovo Group Limited) R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.) S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [727536 2014-08-05] (Lenovo Corporation) R2 LenovoPAWDService; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [133440 2015-05-13] () R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [258544 2014-06-19] (Lenovo(beijing) Limited) R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [218952 2014-08-25] (Lenovo(beijing) Limited) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272424 2015-08-17] (Lenovo) R2 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [3353872 2015-12-29] ( Rsupport Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-11-19] () R2 OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [113944 2014-11-17] (Lenovo(beijing) Limited) S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2016-01-15] (pdfforge GmbH) S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-01-15] (pdfforge GmbH) R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-01-15] (pdfforge GmbH) R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (© pdfforge GmbH.) R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [321520 2015-05-13] (Lenovo) S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [338416 2015-05-13] (Lenovo) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender) U2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [16656 2015-10-04] () R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [220840 2015-01-11] (Synaptics Incorporated) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender) R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2015-05-13] () R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [5653736 2015-12-07] (RealVNC Ltd) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-03-16] (Bitdefender) S2 wbsvc; C:\Program Files\WebBar\wbsvc.exe [28392 2016-04-13] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileTrans\DriverInstall.exe [103736 2015-08-25] (Wondershare) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-11-19] (Intel® Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-01-14] (BitDefender) R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [262544 2015-01-23] (BitDefender) S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-01-14] (BitDefender) S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender) R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2014-12-15] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC) S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL) S3 BDSandBox; C:\WINDOWS\system32\drivers\bdsandbox.sys [82824 2015-01-09] (BitDefender SRL) R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70168 2014-11-20] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert] S3 ffusb2audio; C:\Windows\system32\DRIVERS\ffusb2audio.sys [127280 2013-09-25] (Focusrite Audio Engineering Limited.) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-02-24] (BitDefender LLC) S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [219592 2014-08-13] (Intel Corporation) R3 KMDFVirtualKbd; C:\Windows\System32\drivers\KMDFVirtualKbd.sys [22264 2014-08-04] () R3 KMDFVirtualMouse; C:\Windows\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-04] () R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3494680 2015-01-20] (Intel Corporation) S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [2584280 2014-10-22] (Realtek Semiconductor Corp.) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31400 2015-01-11] (Synaptics Incorporated) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) R3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-05-2016 01 durchgeführt von robin (2016-05-25 02:55:04) Gestartet von C:\Users\robin\Downloads Windows 8.1 (Update) (X64) (2015-07-15 18:33:05) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-103355345-793745233-351899426-500 - Administrator - Disabled) Gast (S-1-5-21-103355345-793745233-351899426-501 - Limited - Disabled) robin (S-1-5-21-103355345-793745233-351899426-1001 - Administrator - Enabled) => C:\Users\robin ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Bitdefender Antivirus (Disabled - Out of date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Bitdefender Spyware-Schutz (Disabled - Out of date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Firewall (Disabled) {A23392FD-84B9-F933-2C71-81E751F6EF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{E13CC139-F76A-FD1B-7348-7FF200715B65}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) Benutzerhandbücher (x32 Version: 3.0.0.3 - Lenovo) Hidden Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.22.0.1521 - Bitdefender) CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform) CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.1.0.7 - Lenovo) CLIQZ (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 1.0.22 - CLIQZ.com) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.52 - Conexant) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden Dependency Package Update (x32 Version: 1.6.38.00 - Lenovo Group Limited) Hidden Dependency Package Update (x32 Version: 1.6.38.01 - Lenovo Group Limited) Hidden Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc) Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) GO-Global Client - Single User (HKLM-x32\...\{CE1224A4-FEA0-458D-A3EF-3D7D65409338}) (Version: 5.0.0.21811 - GraphOn Corporation) HitFilm 4 Express (HKLM\...\{D87670E3-CBBA-4B89-851E-6B19EBFDF40F}) (Version: 4.0.5227.37263 - FXHOME) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4062 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.6.2.1001 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{5BC2A343-DED5-40E8-8F64-472FD74D80EA}) (Version: 17.1.1433.02 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden Intel® PROSet/Wireless Software (HKLM-x32\...\{21fed2aa-c2b4-4d9e-bd4b-072866d210b7}) (Version: 17.14.1 - Intel Corporation) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation) Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.38.00 - Lenovo Group Limited) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10292 - Realtek Semiconductor Corp.) Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.) Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 2.0.0.19 - Lenovo) Lenovo PhoneCompanion (x32 Version: 2.0.0.19 - Lenovo) Hidden Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1826.01 - CyberLink Corp.) Lenovo Photo Master (x32 Version: 1.0.1826.01 - CyberLink Corp.) Hidden Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6806.52 - CyberLink Corp.) Lenovo PowerDVD10 (x32 Version: 10.0.6806.52 - CyberLink Corp.) Hidden Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.3.5.0 - Lenovo Corporation) Lenovo Settings (HKLM\...\{D14CCBF5-1A3A-4C08-955B-BE6D519835C4}_is1) (Version: 2.0.0.4 - Lenovo) Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.3.3.33 - Lenovo Group Limited) Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.3.0.20 - Lenovo Group Limited) Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.6 - Lenovo Group Limited) Lenovo Settings WiFi (HKLM\...\{86045A6C-C156-4349-A3E2-47A88A42F5C2}_is1) (Version: 2.0.0.2 - Lenovo) Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited) Lenovo Solution Center (HKLM\...\{E92E1FF1-B188-43FE-BECA-2248E227E67D}) (Version: 2.8.005.00 - Lenovo Group Limited) Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.1.14.6181 - Lenovo) LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 2.0.0.5 - Ihr Firmenname) LenovoUtility (x32 Version: 2.0.0.5 - Ihr Firmenname) Hidden Manager (x32 Version: 4.0.1.25166 - 2015 pdfforge GmbH. All rights reserved) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4815.1002 - Microsoft Corporation) Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-103355345-793745233-351899426-1001\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Mobizen (HKLM-x32\...\{BA0D3A44-BCEE-4C8B-BCD4-F7F1E64F41E3}) (Version: 2.20.0.3 - RSUPPORT) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1 - Mozilla) oCam Version 254.0 (HKLM-x32\...\oCam_is1) (Version: 254.0 - hxxp://ohsoft.net/) OEM Application Profile (HKLM-x32\...\{B7A04A71-5DDD-9FA5-66ED-C3CC33152388}) (Version: 1.00.0000 - Ihr Firmenname) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4815.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4815.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4815.1002 - Microsoft Corporation) Hidden One System Care (HKLM-x32\...\OneSystemCare) (Version: 4.3.0.1 - OneSystemCare) <==== ACHTUNG OneKey Optimizer (HKLM-x32\...\InstallShield_{D5D573DC-D989-4769-9B56-D6A7EA503D7F}) (Version: 1.1.20.16 - Lenovo) OneKey Optimizer (x32 Version: 1.1.20.16 - Lenovo) Hidden Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH) PDF Architect 4 Create Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden PDF Architect 4 Edit Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden PDF Architect 4 View Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge) Pulse Secure Network Connect 8.1 (HKLM-x32\...\Pulse Secure Network Connect 8.1) (Version: 8.1.6.39491 - Pulse Secure, LLC) Pulse Secure Setup Client (HKU\S-1-5-21-103355345-793745233-351899426-1001\...\Juniper_Setup_Client) (Version: 8.1.6.61491 - Pulse Secure, LLC) Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Scarlett Plug-in Suite 1.7 (HKLM-x32\...\{D7F912D4-C237-4079-966A-5044A5025CBF}}_is1) (Version: 1.7 - Focusrite) SecurityUtility (HKLM-x32\...\SecurityUtility) (Version: - ) <==== ACHTUNG Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) SopCast 4.0.0 (HKLM-x32\...\SopCast) (Version: 4.0.0 - www.sopcast.com) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.26.13 - Synaptics Incorporated) User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) VNC Server 5.3.0 (HKLM\...\{7390134C-F2E6-48FF-A3E5-90D1D1E765CE}) (Version: 5.3.0.15303 - RealVNC Ltd) VNC Viewer 5.3.0 (HKLM\...\{ED9151DE-3C28-4F25-9178-6C2BC685BCE7}) (Version: 5.3.0.15303 - RealVNC Ltd) Web Companion (HKLM-x32\...\{1bfb747a-464e-4400-b3cf-9471f250596d}) (Version: 2.1.1133.2333 - Lavasoft) WebBar 4.7.5947.22349 (HKLM\...\{0BCE8B0A-1E76-44E5-9909-3CF804D92E4D}_is1) (Version: 4.7.5947.22349 - WebBar) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows-Treiberpaket - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1) (HKLM\...\CF1FC201D237269A9CD51A3A6B14ADBF67175C32) (Version: 09/25/2013 2.5.128.1 - Focusrite) Windows-Treiberpaket - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo) Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) Wondershare MobileTrans ( Version 7.3.3 ) (HKLM-x32\...\{18CDCEAA-A9E4-4A4C-AC0E-C15E87C30EA5}_is1) (Version: 7.3.3 - Wondershare) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-103355345-793745233-351899426-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\robin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll () CustomCLSID: HKU\S-1-5-21-103355345-793745233-351899426-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\robin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {01E42847-30D3-45EA-A45B-CD67FF1089F8} - System32\Tasks\EITUCEOC1 => C:\ProgramData\SecurityUtility\SecurityUtility.exe [2015-09-26] (SecurityUtility) <==== ACHTUNG Task: {0FA879BB-8738-4742-8AE9-10601644BA47} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-31] (Dropbox, Inc.) Task: {1698F829-3716-4D69-B147-E2B7F4533D73} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-12-14] () Task: {2719BAE8-1E7A-4842-91BD-79C476A35D0B} - System32\Tasks\One System CarePeriod => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2016-04-13] () <==== ACHTUNG Task: {27E088A8-E802-4C92-8791-CD4F7911BAA5} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe [2015-11-11] (Bitdefender) Task: {30D41C84-A562-4BE9-9DB8-AC0491378725} - System32\Tasks\{E3ABEB74-65CC-05A7-EA85-0299DB1F146F} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\9c89051a\eb5c1e06.dll" <==== ACHTUNG Task: {36E8CD42-76FE-4C2D-AFCB-F9A274C392CE} - System32\Tasks\One System Care Monitor => C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe [2016-04-13] () <==== ACHTUNG Task: {3ACA6073-063D-4C88-AABF-13272C8C7320} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {41D4F80C-A018-45D0-9363-E8703D8DEBA5} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo) Task: {4B4811AE-40DC-4EC8-BD6B-721A56247812} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] () Task: {4DE15D15-1C53-4AEB-9849-70E64DD59E10} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {830B07C8-9BDB-4F96-8B64-9388C5083BDE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-12] (Adobe Systems Incorporated) Task: {88AD08EA-8211-4F7C-95B2-70E703ADD8E9} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-08-17] (Lenovo) Task: {9936CC64-0345-477D-AB2E-3D22C2580275} - System32\Tasks\WebBarLaunchTask => C:\Program Files\WebBar\wbsvc.exe [2016-04-13] () <==== ACHTUNG Task: {9A7B2456-DF99-4149-9DB9-46994E3709C6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation) Task: {AADCC2EF-C213-42A0-AC47-7D6E0567683C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-03-15] (Microsoft Corporation) Task: {AEA493AB-C9F2-48CB-B2B2-156EF2C99B1A} - System32\Tasks\AutoKMSCustom => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-10-12] () Task: {B264FFA1-A751-4A9B-8F6A-1C22C962C315} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd) Task: {B3238C92-8B53-4BF2-BF9A-3F8EAEDAC5CC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation) Task: {B45D44A9-7B1A-4FF7-A147-0F4D2DF42E6D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {B84BD1A0-B5E8-44C4-BE5B-7855E6F53F91} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation) Task: {C516EE9A-64D7-47DC-A27A-2E2585A44A27} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.) Task: {C9742791-D15D-4350-AE9C-B4752B1DE21E} - System32\Tasks\One System Care Run Delay => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe [2016-04-13] () <==== ACHTUNG Task: {CFC5937F-C8F4-411B-90C2-BC4F381B6D9D} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-103355345-793745233-351899426-1001 => C:\Users\robin\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-21] (Microsoft Corporation) Task: {D2254F68-B02E-4B66-97FE-762E2E359039} - System32\Tasks\One System Care Task => C:\Program Files (x86)\OneSystemCare\SystemConsole.exe [2016-04-13] () <==== ACHTUNG Task: {D28E98F8-77DA-4F52-846F-0544E919D0C9} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] () Task: {D3F1C64D-004A-4CFD-9A17-D2EB34603063} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {EB8AB983-A664-4355-8F5A-FAAE71B1E179} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation) Task: {F1CB6C47-D1DA-4ED8-946F-E5996CA7DA16} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-31] (Dropbox, Inc.) Task: {FA4BE944-0BCF-4C73-AB51-0A6BA35D616A} - System32\Tasks\WebBarUpdateTask => C:\Program Files\WebBar\wbsvc.exe [2016-04-13] () <==== ACHTUNG Task: {FC1A7A0A-0218-4E04-A5F7-D12A16F867E2} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-17] (Lenovo) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\EITUCEOC1.job => C:\ProgramData\SecurityUtility\SecurityUtility.exe <==== ACHTUNG Task: C:\WINDOWS\Tasks\One System CarePeriod.job => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe <==== ACHTUNG ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-11-11 20:55 - 2014-08-27 17:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll 2015-11-11 20:55 - 2013-09-03 15:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll 2015-11-11 20:55 - 2015-04-01 19:05 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui 2015-11-11 20:55 - 2012-10-29 15:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll 2015-12-04 10:08 - 2015-12-04 10:08 - 00876888 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01250_003\ashttpbr.mdl 2015-12-04 10:08 - 2015-12-04 10:08 - 00742976 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01250_003\ashttpdsp.mdl 2015-12-04 10:08 - 2015-12-04 10:08 - 02803536 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01250_003\ashttpph.mdl 2015-12-04 10:08 - 2015-12-04 10:08 - 01415584 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01250_003\ashttprbl.mdl 2015-07-15 21:42 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2015-05-13 22:33 - 2014-11-20 10:43 - 00016920 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\FbServicePS.dll 2015-05-13 22:29 - 2015-05-13 22:29 - 00133440 _____ () C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe 2015-05-13 22:24 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2015-05-13 22:20 - 2015-05-13 22:20 - 00068880 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe 2015-05-13 22:20 - 2015-05-13 22:20 - 00672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll 2015-05-13 22:33 - 2014-11-17 15:35 - 00036632 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Metric.dll 2015-05-13 22:33 - 2014-11-17 15:35 - 00166680 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Lenovo.MetricCollectionMFCx64.dll 2016-05-21 14:29 - 2016-05-21 14:29 - 00959168 _____ () C:\Users\robin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-04-13 17:16 - 2016-04-13 17:16 - 00779464 _____ () C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe 2015-05-13 14:48 - 2014-12-19 06:03 - 00391784 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-04-20 21:34 - 2016-04-13 13:25 - 00201960 _____ () C:\Program Files\WebBar\4.7.5947.22349\wbmain.exe 2016-04-20 21:34 - 2016-04-13 13:25 - 00387816 _____ () C:\Program Files\WebBar\4.7.5947.22349\install_sight_x64.dll 2015-05-13 21:46 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe 2015-05-13 22:20 - 2015-05-13 22:20 - 00791368 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe 2015-05-13 22:20 - 2015-05-13 22:20 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll 2015-05-13 22:33 - 2014-11-17 15:35 - 00047896 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\res_GR_German_DEU.dll 2015-05-13 22:19 - 2014-10-22 10:15 - 00644080 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe 2015-05-13 22:19 - 2014-10-22 10:15 - 00410096 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe 2015-06-01 19:28 - 2015-06-01 19:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2015-05-13 22:33 - 2014-11-20 10:43 - 00159256 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\FbApi.dll 2015-05-13 22:33 - 2014-11-17 15:35 - 00036120 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\zd.dll 2015-05-13 22:33 - 2015-05-13 22:33 - 00019232 _____ () C:\WINDOWS\Microsoft.Net\assembly\GAC_MSIL\Lenovo.MetricCollectionSDK\v4.0_1.1.9.0__d43be3ee47b19ecb\Lenovo.MetricCollectionSDK.dll 2014-11-07 11:06 - 2014-11-07 03:06 - 01016104 _____ () C:\Program Files (x86)\RSUPPORT\MobizenService\dat\adb.exe 2015-05-13 22:29 - 2015-05-13 22:29 - 00815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe 2015-10-04 17:09 - 2015-10-04 17:09 - 00097040 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll 2015-10-04 17:09 - 2015-10-04 17:09 - 00256272 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll 2015-10-04 17:09 - 2015-10-04 17:09 - 00049424 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll 2015-10-04 17:09 - 2015-10-04 17:09 - 00120080 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll 2015-10-04 17:09 - 2015-10-04 17:09 - 00012560 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll 2015-05-13 22:25 - 2014-07-04 06:35 - 00627672 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll 2014-07-04 12:35 - 2014-07-04 12:35 - 00016856 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll 2015-09-18 08:51 - 2014-10-31 16:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2015-09-18 08:51 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2014-09-03 11:03 - 2014-09-03 11:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\robin\Downloads\AirDroid - CHIP-Installer.exe:BDU [0] AlternateDataStreams: C:\Users\robin\Downloads\jing29 - CHIP-Installer.exe:BDU [0] AlternateDataStreams: C:\Users\robin\Downloads\JuniperSetupClientInstaller (1).exe:BDU [0] AlternateDataStreams: C:\Users\robin\Downloads\JuniperSetupClientInstaller(2).exe:BDU [0] AlternateDataStreams: C:\Users\robin\Downloads\JuniperSetupClientInstaller(3).exe:BDU [0] AlternateDataStreams: C:\Users\robin\Downloads\mobizen.exe:BDU [0] AlternateDataStreams: C:\Users\robin\Downloads\MyPhoneExplorer - CHIP-Installer.exe:BDU [0] AlternateDataStreams: C:\Users\robin\Downloads\oCam_v254.0 - CHIP-Installer.exe:BDU [0] AlternateDataStreams: C:\Users\robin\Downloads\PDFCreator-2_2_2-setup.exe:BDU [0] AlternateDataStreams: C:\Users\robin\Downloads\SkypeSetup(1).exe:BDU [0] AlternateDataStreams: C:\Users\robin\Downloads\SkypeSetup(2).exe:BDU [0] AlternateDataStreams: C:\Users\robin\Downloads\SkypeSetup.exe:BDU [0] AlternateDataStreams: C:\Users\robin\Downloads\TeamSpeak3-Client-win64-3.0.18.2.exe:BDU [0] AlternateDataStreams: C:\Users\robin\Downloads\tv.exe:BDU [0] AlternateDataStreams: C:\Users\robin\Downloads\VNC-5.3.0-Windows.exe:BDU [0] AlternateDataStreams: C:\Users\robin\Downloads\wlsetup3528-all.exe:BDU [0] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-103355345-793745233-351899426-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-103355345-793745233-351899426-1001\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2015-12-05 16:38 - 00000942 ____A C:\WINDOWS\system32\Drivers\etc\hosts 0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000 ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-103355345-793745233-351899426-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\robin\Desktop\Arbeit\Youtube.com\Meine Onlinepräsenz\Logos First-think-twice\tt2.jpg DNS Servers: 82.163.142.7 - 95.211.158.134 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist deaktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{DA6D275A-CF4A-40A8-9F8E-5352DEC7D034}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{1F118D03-FD02-42BA-B7DB-3AB2E658FAC2}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{76DA331D-247A-4AEF-B781-2B127AE575C3}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{3AB7AE02-5FA7-4C03-9A0B-F8CBAC8DB759}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{9EB73EB4-896A-4260-9239-9327FF53882C}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{2ED5AE29-7A17-4904-8966-2BECC649A64A}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE FirewallRules: [{96F3329F-FA55-4DD7-B56D-717B9371A79C}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe FirewallRules: [{2BB06BB6-DE11-4FFF-97C0-184ED1412151}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe FirewallRules: [{CE799CF4-6090-48D9-88E3-C55DD9F4756A}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe FirewallRules: [{D57F7F82-8EF6-4E58-B0B2-22AE38652146}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe FirewallRules: [{FCEA5654-CF18-4814-B12A-1978AEA55D71}] => (Allow) LPort=55100 FirewallRules: [{04B4EEA9-DED9-4EE6-BF92-552FF2487E33}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe FirewallRules: [{D9EFDC05-437D-44A8-B6CB-1DB7C6FED664}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{191EDFB4-59FB-4BDC-A4CF-F5CE387F185E}] => (Allow) C:\Users\robin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [TCP Query User{2F9191EF-C100-4453-86AF-09C100CD4BC0}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [UDP Query User{1FBD6E0A-E15D-49D4-B106-ADAFF3838BD4}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [TCP Query User{5CC45AF4-26C4-47ED-B43D-1159B2D3BE45}C:\program files (x86)\airdroid\airdroid.exe] => (Block) C:\program files (x86)\airdroid\airdroid.exe FirewallRules: [UDP Query User{B5FFED29-AFC8-41D4-8DCD-D94F58504C7F}C:\program files (x86)\airdroid\airdroid.exe] => (Block) C:\program files (x86)\airdroid\airdroid.exe FirewallRules: [{793A19B1-001D-4CA0-8693-48F548C180DD}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe FirewallRules: [{4668221C-FF3D-40D5-B596-BBF7E2BCEA25}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe FirewallRules: [{E2E29A9C-60E2-49F8-A2D0-C555C14A1CC9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{1C0BDD88-B198-4416-8C0E-7F31EB89A90B}] => (Allow) LPort=2869 FirewallRules: [{76F01960-4950-4946-A9AB-508655E50342}] => (Allow) LPort=1900 FirewallRules: [{8D2CBA47-CCBB-477A-9324-EE18B4BDC337}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{1E85F649-AB0D-4BF0-A486-F8FFD088EF76}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Wiederherstellungspunkte ========================= 02-05-2016 20:30:44 Geplanter Prüfpunkt 10-05-2016 16:51:18 Installed HitFilm 4 Express 19-05-2016 00:23:06 Geplanter Prüfpunkt 25-05-2016 01:00:25 DirectX wurde installiert 25-05-2016 01:01:20 DirectX wurde installiert ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Intel(R) Wireless Bluetooth(R) Description: Intel(R) Wireless Bluetooth(R) Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Intel Corporation Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (05/25/2016 02:18:49 AM) (Source: VNC Server) (EventID: 256) (User: ) Description: FeatureLicensing: No valid license installed. Error: (05/25/2016 01:22:37 AM) (Source: VNC Server) (EventID: 256) (User: ) Description: FeatureLicensing: No valid license installed. Error: (05/25/2016 01:22:36 AM) (Source: VNC Server) (EventID: 256) (User: ) Description: FeatureLicensing: No valid license installed. Error: (05/25/2016 01:19:20 AM) (Source: VNC Server) (EventID: 256) (User: ) Description: FeatureLicensing: No valid license installed. Error: (05/25/2016 01:18:49 AM) (Source: VNC Server) (EventID: 256) (User: ) Description: FeatureLicensing: No valid license installed. Error: (05/25/2016 01:18:49 AM) (Source: VNC Server) (EventID: 256) (User: ) Description: FeatureLicensing: No valid license installed. Error: (05/25/2016 12:26:42 AM) (Source: VNC Server) (EventID: 256) (User: ) Description: FeatureLicensing: No valid license installed. Error: (05/25/2016 12:26:40 AM) (Source: VNC Server) (EventID: 256) (User: ) Description: FeatureLicensing: No valid license installed. Error: (05/25/2016 12:26:40 AM) (Source: VNC Server) (EventID: 256) (User: ) Description: FeatureLicensing: No valid license installed. Error: (05/25/2016 12:26:37 AM) (Source: VNC Server) (EventID: 256) (User: ) Description: FeatureLicensing: No valid license installed. Systemfehler: ============= Error: (05/25/2016 02:56:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "IE Search Set" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/25/2016 02:55:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "IE Search Set" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/25/2016 02:54:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "IE Search Set" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/25/2016 02:53:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "IE Search Set" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/25/2016 02:52:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "IE Search Set" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/25/2016 02:50:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "IE Search Set" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/25/2016 02:49:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "IE Search Set" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/25/2016 02:48:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "IE Search Set" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/25/2016 02:47:33 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "IE Search Set" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/25/2016 02:46:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "IE Search Set" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. CodeIntegrity: =================================== Date: 2015-11-11 19:34:40.114 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-11 19:34:39.833 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-11 19:34:39.583 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-11 19:34:37.099 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-11 19:34:36.646 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-09 22:06:08.045 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-09 22:06:02.333 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-09 21:54:01.075 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-09 21:54:00.716 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-09 21:53:59.576 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz Prozentuale Nutzung des RAM: 57% Installierter physikalischer RAM: 6064.45 MB Verfügbarer physikalischer RAM: 2603.57 MB Summe virtueller Speicher: 8240.45 MB Verfügbarer virtueller Speicher: 4127.33 MB ==================== Laufwerke ================================ Drive c: (Windows8_OS) (Fixed) (Total:891.54 GB) (Free:817.42 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.83 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 271BA5D0) Partition: GPT. ==================== Ende von Addition.txt ============================ Mehr habe ich nicht gemacht, da mir diese seite sehr seriös vorkommt und ich glaube, dass ich lieber euren anweisungen folgen sollte :abklatsch:. Wahrscheinlich geht das schon aus den kopierten Dateitexten hervor, aber mal noch die Beschreibung von den auftretenden Problemen: :daumenrunter:1. Eine Seite Popt auf und eine niedliche Frauenstimme beglückwünscht mich (windowsbenutzer) zum Gewinn eines Preises :daumenrunter: 2. Diese Seite auf der mir Reimage Repair erzählt wie toll sie sind :daumenrunter: 3. Die One System Care Säuberungs-Konsole popt im linken unteren Bildrand auf und erzählt mir, dass 434 Elemente meinen PC gefährden (Junk-Elemente und Chaoten Dateien) sollen das sein. Dann benutze ich häufig Firefox und relativ selten den Explorer (Wenn Firefox mit Skript debuggen bechäftigt ist) Ich freue mich auf baldige Antwort, nrobeaa |
Zitat:
 Lesestoff:Illegale Software: Cracks, Keygens und Co Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems. |
Ok da ich nicht herausfinden konnte, wie ich den Ursprünglichen Beitrag editieren konnte, hier nun also meine Antwort: Ihr habt natürlich Recht. Mir diese Version von Office geben zu lassen war kein Kavaliersdelikt und ich werde es nicht wieder tun. Habs gelöscht, schaue mich gleich nach der brauchbarsten Freeware um und dann passierts nicht wieder. Wenn jetzt noch was drauf seien sollte, dann weil ich fälschlicherweise von Freeware ausgegangen bin und ich bitte darum mich dann einfach darauf hinzuweisen. FRST Logfile: Code: Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-05-2016 01Ne neue Addition.txt erstellts mir irgendwie nicht. LG, nrobeaa |
Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Untersuchen klicken. http://www.trojaner-board.de/picture...&pictureid=611 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
|
Ok, done. FRST: Code: Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-05-2016 01Code: Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-05-2016 01 |
Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Danach MBAR: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
|
Hab alles gemacht wie erklärt und beim zweiten Durchlauf wurde zum Glück nichts mehr gefunden. 1. Durchlauf Code: Malwarebytes Anti-Rootkit BETA 1.9.3.1001Code: Malwarebytes Anti-Rootkit BETA 1.9.3.1001 |
Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
|
Logdaten ADW Cleaner: Code: # AdwCleaner v5.117 - Bericht erstellt am 26/05/2016 um 21:31:50Code: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken http://www.trojaner-board.de/picture...&pictureid=611 |
FRST Code: Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-05-2016Code: Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-05-2016 |
FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code: Task: {30D41C84-A562-4BE9-9DB8-AC0491378725} - System32\Tasks\{E3ABEB74-65CC-05A7-EA85-0299DB1F146F} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\9c89051a\eb5c1e06.dll" <==== ACHTUNGSpeichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
|
Fixlog.txt Code: Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-05-2016 02 |
Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
|
| Alle Zeitangaben in WEZ +1. Es ist jetzt 23:26 Uhr. |
Copyright ©2000-2025, Trojaner-Board
dann auf 
und dann auf 
. 
