Hallo Cosinus :-)
Sorry wegen der neuen Scans :-( In einem JRT-Log von vor einem Monat tauchte Pokki auf, wurde allerdings gelöscht. Das Problem blieb leider bestehen.
Bei Avira gab es nie Funde. Es folgen die von FLogs von Farbar: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03-08-2016
durchgeführt von Anc (Administrator) auf BABA (03-08-2016 21:07:50)
Gestartet von C:\Users\Anc\Desktop
Geladene Profile: Anc & (Verfügbare Profile: Anc)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
() C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [317240 2014-12-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-03] (Conexant Systems, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [TpShocks] => C:\windows\system32\TpShocks.exe [555760 2014-12-09] (Lenovo.)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [341448 2014-11-07] (Lenovo Group Limited)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [939976 2015-02-20] (Lenovo)
HKLM\...\Run: [LMCSSTART1] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [35856 2016-04-12] (Lenovo Corporation)
HKLM\...\Run: [LMCSSTART2] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [35856 2016-04-12] (Lenovo Corporation)
HKLM\...\Run: [LMCSSTART3] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [35856 2016-04-12] (Lenovo Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1723040 2014-09-01] (SunplusIT, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [831064 2016-07-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-07-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1521067798-215275598-965948813-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-10] (Valve Corporation)
HKU\S-1-5-21-1521067798-215275598-965948813-1001\...\Run: [Dropbox Update] => C:\Users\Anc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-05] (Dropbox, Inc.)
HKU\S-1-5-21-1521067798-215275598-965948813-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-1521067798-215275598-965948813-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-10] (Valve Corporation)
HKU\S-1-5-21-1521067798-215275598-965948813-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Anc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-05] (Dropbox, Inc.)
HKU\S-1-5-21-1521067798-215275598-965948813-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.)
Startup: C:\Users\Anc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-07-05]
ShortcutTarget: Dropbox.lnk -> C:\Users\Anc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{081E20C7-0355-4A0F-96A9-D3624A803AA3}: [DhcpNameServer] 134.245.10.7 134.245.1.36
Tcpip\..\Interfaces\{CA4559C2-5A55-40CC-8733-0123AB50AEB7}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-1521067798-215275598-965948813-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-1521067798-215275598-965948813-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-1521067798-215275598-965948813-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://home.lenovo.com
HKU\S-1-5-21-1521067798-215275598-965948813-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://home.lenovo.com
HKU\S-1-5-21-1521067798-215275598-965948813-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-1521067798-215275598-965948813-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-1521067798-215275598-965948813-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://home.lenovo.com
HKU\S-1-5-21-1521067798-215275598-965948813-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://home.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1521067798-215275598-965948813-1001 -> DefaultScope {985DA726-F6F0-4EEB-904F-4EE4D66CE5B0} URL =
SearchScopes: HKU\S-1-5-21-1521067798-215275598-965948813-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {985DA726-F6F0-4EEB-904F-4EE4D66CE5B0} URL =
SearchScopes: HKU\S-1-5-21-1521067798-215275598-965948813-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {985DA726-F6F0-4EEB-904F-4EE4D66CE5B0} URL =
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
FireFox:
========
FF ProfilePath: C:\Users\Anc\AppData\Roaming\Mozilla\Firefox\Profiles\0bjm9mf7.default
FF Homepage: facebook.com
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-05-04] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-05-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-05-16] (Nitro PDF)
FF Plugin-x32: @nitropdf.com/NitroPDF.PrevVerNPR -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-05-16] (Nitro PDF)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Extension: Exif Viewer - C:\Users\Anc\AppData\Roaming\Mozilla\Firefox\Profiles\0bjm9mf7.default\extensions\exif_viewer@mozilla.doslash.org.xpi [2016-04-27]
FF Extension: GMX MailCheck - C:\Users\Anc\AppData\Roaming\Mozilla\Firefox\Profiles\0bjm9mf7.default\extensions\mailcheck@gmx.net [2016-07-22]
FF Extension: Avira Browser Safety - C:\Users\Anc\AppData\Roaming\Mozilla\Firefox\Profiles\0bjm9mf7.default\Extensions\abs@avira.com [2016-07-15]
FF Extension: Adblock Shield - C:\Users\Anc\AppData\Roaming\Mozilla\Firefox\Profiles\0bjm9mf7.default\Extensions\{260bcf81-425a-4632-bf14-88baa173022a}.xpi [2016-05-18] [ist nicht signiert]
FF Extension: quicktime compiler - C:\Users\Anc\AppData\Roaming\Mozilla\Firefox\Profiles\0bjm9mf7.default\Extensions\{320753cf-34ad-449e-9e5d-7690a6e2305a}.xpi [2015-12-19] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Anc\AppData\Roaming\Mozilla\Firefox\Profiles\0bjm9mf7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-07-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [472112 2016-07-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [472112 2016-07-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1453696 2016-07-27] (Avira Operations GmbH & Co. KG)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [87384 2014-11-06] (Alps Electric Co., Ltd.)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [566288 2016-04-12] (Lenovo Corporation)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-07-11] (Avira Operations GmbH & Co. KG)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9954096 2014-04-01] (DisplayLink Corp.)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121304 2014-08-11] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-11-25] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [95624 2015-01-24] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [619776 2014-12-06] (Lenovo)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2023592 2015-09-25] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [631312 2016-04-12] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-09] (Lenovo Group Limited)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [22576 2014-02-22] (Lenovo)
S3 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [480712 2015-03-23] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [469720 2015-05-12] ()
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-12-04] ()
R2 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe [327320 2016-03-03] (Nitro PDF Software)
R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-05-16] (Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [417944 2016-03-03] ()
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38240 2016-02-01] (The OpenVPN Project)
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-12-05] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [328488 2014-12-05] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-05-25] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-12-04] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-07-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-07-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-13] (Avira Operations GmbH & Co. KG)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32768 2014-11-21] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [394520 2014-09-29] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [220104 2014-08-11] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [77992 2014-04-30] (Intel Corporation)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-08] (Lenovo)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-31] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3494680 2014-12-08] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [14368 1999-11-02] () [Datei ist nicht signiert]
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [682272 2014-09-04] (Sunplus)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-03 21:07 - 2016-08-03 21:08 - 00021739 _____ C:\Users\Anc\Desktop\FRST.txt
2016-08-03 21:07 - 2016-08-03 21:07 - 00000000 ____D C:\FRST
2016-08-03 21:06 - 2016-08-03 21:06 - 02393600 _____ (Farbar) C:\Users\Anc\Desktop\FRST64.exe
2016-08-03 20:12 - 2016-08-03 20:12 - 00001199 _____ C:\Users\Anc\Desktop\malwareb.txt
2016-07-26 13:21 - 2016-07-26 13:21 - 00001165 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-07-24 15:54 - 1999-11-02 21:47 - 00014368 ____R C:\windows\SysWOW64\Drivers\SECDRV.SYS
2016-07-24 15:53 - 2016-07-24 15:53 - 00003024 _____ C:\windows\System32\Tasks\{BA120178-CCBE-436C-BEE1-2058F63D040A}
2016-07-24 15:51 - 2016-07-24 16:05 - 00001010 _____ C:\Users\Anc\Desktop\Pharaoh - Verknüpfung.lnk
2016-07-24 15:50 - 2016-07-24 15:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2016-07-24 15:46 - 2016-07-24 15:50 - 00000301 _____ C:\windows\SIERRA.INI
2016-07-24 15:46 - 2016-07-24 15:46 - 00000000 ____D C:\SIERRA
2016-07-24 15:46 - 2016-07-24 15:46 - 00000000 ____D C:\Program Files (x86)\Sierra On-Line
2016-07-24 15:46 - 1998-01-23 12:20 - 00305664 _____ (InstallShield Software Corporation ) C:\windows\IsUn0407.exe
2016-07-22 15:26 - 2016-07-22 15:26 - 00082978 _____ C:\Users\Anc\Documents\Jobcenter Papa 220716.pdf
2016-07-17 18:36 - 2016-07-17 18:36 - 00000000 ____D C:\Users\Anc\AppData\Local\ESET
2016-07-17 18:35 - 2016-07-17 18:35 - 06858912 _____ (ESET spol. s r.o.) C:\Users\Anc\Downloads\esetonlinescanner_enu.exe
2016-07-17 16:00 - 2016-07-17 16:00 - 03712064 _____ C:\Users\Anc\Downloads\adwcleaner_5.201.exe
2016-07-15 23:05 - 2016-07-15 23:05 - 00002112 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2016-07-13 12:49 - 2016-05-25 15:22 - 00875712 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2016-07-13 12:49 - 2016-05-25 15:22 - 00536768 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2016-07-13 12:49 - 2016-05-25 15:12 - 00869576 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
2016-07-13 12:49 - 2016-05-25 15:12 - 00678600 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2016-07-13 11:56 - 2016-06-25 20:13 - 00165376 _____ (Microsoft Corporation) C:\windows\system32\inetpp.dll
2016-07-13 11:56 - 2016-06-25 18:24 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\ntprint.dll
2016-07-13 11:56 - 2016-06-25 18:15 - 01094656 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2016-07-13 11:56 - 2016-06-25 18:13 - 00864256 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2016-07-13 11:56 - 2016-06-25 18:05 - 00306176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.dll
2016-07-13 11:56 - 2016-06-21 20:32 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2016-07-13 11:56 - 2016-06-21 16:12 - 00129536 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2016-07-13 11:56 - 2016-06-11 21:45 - 07445856 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-07-13 11:56 - 2016-06-11 20:14 - 00572416 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-07-13 11:56 - 2016-06-11 20:11 - 02895360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-07-13 11:56 - 2016-06-11 19:56 - 25812992 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-07-13 11:56 - 2016-06-11 19:56 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-07-13 11:56 - 2016-06-11 19:42 - 06047744 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-07-13 11:56 - 2016-06-11 19:23 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-07-13 11:56 - 2016-06-11 19:22 - 00497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-07-13 11:56 - 2016-06-11 19:22 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2016-07-13 11:56 - 2016-06-11 19:21 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-07-13 11:56 - 2016-06-11 19:20 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-07-13 11:56 - 2016-06-11 19:13 - 02287104 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-07-13 11:56 - 2016-06-11 19:12 - 20348928 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-07-13 11:56 - 2016-06-11 19:12 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-07-13 11:56 - 2016-06-11 19:07 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-07-13 11:56 - 2016-06-11 19:03 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-07-13 11:56 - 2016-06-11 19:01 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-07-13 11:56 - 2016-06-11 19:00 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-07-13 11:56 - 2016-06-11 19:00 - 00724992 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-07-13 11:56 - 2016-06-11 18:57 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-07-13 11:56 - 2016-06-11 18:44 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2016-07-13 11:56 - 2016-06-11 18:43 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-07-13 11:56 - 2016-06-11 18:38 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2016-07-13 11:56 - 2016-06-11 18:33 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-07-13 11:56 - 2016-06-11 18:31 - 04608000 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-07-13 11:56 - 2016-06-11 18:31 - 00692736 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-07-13 11:56 - 2016-06-11 18:31 - 00330752 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-07-13 11:56 - 2016-06-11 18:30 - 15409664 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-07-13 11:56 - 2016-06-11 18:29 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-07-13 11:56 - 2016-06-11 18:26 - 02869248 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-07-13 11:56 - 2016-06-11 18:15 - 13806080 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-07-13 11:56 - 2016-06-11 18:12 - 01550848 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-07-13 11:56 - 2016-06-11 18:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-07-13 11:56 - 2016-06-11 17:59 - 02392576 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-07-13 11:56 - 2016-06-11 17:56 - 01315840 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-07-13 11:56 - 2016-06-11 17:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-07-13 11:56 - 2016-01-30 21:50 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2016-07-13 11:56 - 2016-01-30 21:00 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\puiapi.dll
2016-07-13 11:56 - 2016-01-30 20:48 - 00269312 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll
2016-07-13 11:56 - 2016-01-30 20:18 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2016-07-13 11:56 - 2016-01-30 19:48 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiapi.dll
2016-07-13 11:56 - 2016-01-30 19:41 - 00203776 _____ (Microsoft Corporation) C:\windows\SysWOW64\DafPrintProvider.dll
2016-07-13 11:54 - 2016-06-10 23:35 - 04167680 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-07-12 15:38 - 2016-07-12 15:39 - 00000000 ____D C:\Users\Anc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-06 17:36 - 2016-07-06 17:36 - 00009004 _____ C:\Users\Anc\Desktop\Kosten.xlsx
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-03 20:51 - 2015-07-06 21:55 - 00000000 ____D C:\Users\Anc\AppData\Roaming\Skype
2016-08-03 20:36 - 2015-07-05 13:25 - 00001226 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1521067798-215275598-965948813-1001UA.job
2016-08-03 20:18 - 2016-06-30 00:58 - 00001295 _____ C:\Users\Anc\Desktop\JRT.txt
2016-08-03 20:13 - 2015-05-06 12:22 - 00765582 _____ C:\windows\system32\perfh007.dat
2016-08-03 20:13 - 2015-05-06 12:22 - 00159366 _____ C:\windows\system32\perfc007.dat
2016-08-03 20:13 - 2014-11-21 06:44 - 01776918 _____ C:\windows\system32\PerfStringBackup.INI
2016-08-03 20:13 - 2013-08-22 15:36 - 00000000 ____D C:\windows\Inf
2016-08-03 20:10 - 2015-08-07 19:17 - 00000500 _____ C:\windows\system32\Drivers\etc\hosts.ics
2016-08-03 19:54 - 2015-11-28 23:36 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-03 18:36 - 2015-07-05 13:25 - 00001174 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1521067798-215275598-965948813-1001Core.job
2016-08-01 18:28 - 2015-07-06 21:55 - 00000000 ____D C:\ProgramData\Skype
2016-08-01 18:27 - 2016-01-04 09:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-31 21:54 - 2015-05-15 13:18 - 00003596 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1521067798-215275598-965948813-1001
2016-07-27 01:26 - 2015-06-24 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-07-27 01:24 - 2015-06-24 22:53 - 00154392 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-07-27 01:24 - 2015-06-24 22:53 - 00144664 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2016-07-27 00:24 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\NDF
2016-07-26 13:21 - 2015-05-06 13:02 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-24 16:18 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-07-24 15:50 - 2013-08-22 15:25 - 00262144 ___SH C:\windows\system32\config\BBI
2016-07-17 18:20 - 2015-11-28 23:35 - 00000747 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-17 18:20 - 2015-11-28 23:35 - 00000000 ____D C:\Users\Anc\Desktop\Malwarebytes Anti-Malware
2016-07-17 18:17 - 2015-11-28 23:55 - 00000000 ____D C:\AdwCleaner
2016-07-16 20:20 - 2013-08-22 17:36 - 00000000 ____D C:\windows\rescache
2016-07-15 23:05 - 2015-05-06 13:40 - 00000000 ____D C:\windows\Downloaded Installations
2016-07-15 23:05 - 2015-05-06 13:40 - 00000000 ____D C:\Program Files\Lenovo
2016-07-15 23:05 - 2015-05-06 13:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2016-07-15 23:05 - 2015-05-06 13:02 - 00000000 ____D C:\windows\System32\Tasks\Lenovo
2016-07-15 23:05 - 2015-05-06 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-07-15 23:03 - 2015-05-05 20:03 - 00000000 ____D C:\ProgramData\Lenovo
2016-07-14 12:05 - 2016-05-08 14:19 - 00004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-14 12:05 - 2016-05-08 14:18 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-13 13:58 - 2013-08-22 16:44 - 00391000 _____ C:\windows\system32\FNTCACHE.DAT
2016-07-13 13:42 - 2013-08-22 17:36 - 00000000 ___RD C:\windows\ToastData
2016-07-13 12:54 - 2015-05-18 01:03 - 00000000 ____D C:\windows\system32\MRT
2016-07-13 12:54 - 2013-08-22 17:20 - 00000000 ____D C:\windows\CbsTemp
2016-07-13 12:50 - 2015-05-18 01:03 - 144749672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-07-12 15:39 - 2015-05-24 23:00 - 00000000 ____D C:\Users\Anc\AppData\Roaming\Dropbox
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-07-10 19:42 - 2015-07-10 19:42 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-05-06 13:19 - 2015-05-06 13:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-06 13:44 - 2015-05-06 13:44 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log
2015-05-06 13:42 - 2015-05-06 13:43 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2015-05-06 13:43 - 2015-05-06 13:44 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2015-05-06 13:44 - 2015-05-06 13:44 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log
Einige Dateien in TEMP:
====================
C:\Users\Anc\AppData\Local\Temp\avgnt.exe
C:\Users\Anc\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcahhjy.dll
C:\Users\Anc\AppData\Local\Temp\libeay32.dll
C:\Users\Anc\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Anc\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Anc\AppData\Local\Temp\msvcr120.dll
C:\Users\Anc\AppData\Local\Temp\oct2DCE.tmp.exe
C:\Users\Anc\AppData\Local\Temp\oct6B23.tmp.exe
C:\Users\Anc\AppData\Local\Temp\oct6E23.tmp.exe
C:\Users\Anc\AppData\Local\Temp\oct7CE7.tmp.exe
C:\Users\Anc\AppData\Local\Temp\oct85E5.tmp.exe
C:\Users\Anc\AppData\Local\Temp\oct9707.tmp.exe
C:\Users\Anc\AppData\Local\Temp\oct9788.tmp.exe
C:\Users\Anc\AppData\Local\Temp\octC58A.tmp.exe
C:\Users\Anc\AppData\Local\Temp\octED07.tmp.exe
C:\Users\Anc\AppData\Local\Temp\octF964.tmp.exe
C:\Users\Anc\AppData\Local\Temp\ose00000.exe
C:\Users\Anc\AppData\Local\Temp\sqlite3.dll
Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-07-26 19:11
==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-08-2016
durchgeführt von Anc (2016-08-03 21:08:42)
Gestartet von C:\Users\Anc\Desktop
Windows 8.1 (Update) (X64) (2015-05-15 11:11:23)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1521067798-215275598-965948813-500 - Administrator - Disabled)
Anc (S-1-5-21-1521067798-215275598-965948813-1001 - Administrator - Enabled) => C:\Users\Anc
Gast (S-1-5-21-1521067798-215275598-965948813-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.198 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.1 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{977CC22B-7461-5A6F-7143-9801C4287BE6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.18.354 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{92a7fd6b-31e5-472f-862e-79214c5032ef}) (Version: 1.1.67.18988 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.67.18988 - Avira Operations GmbH & Co. KG) Hidden
Axiom Verge (HKLM-x32\...\Steam App 332200) (Version: - Thomas Happ Games LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.48.56 - Conexant)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4331.55 - CyberLink Corp.)
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.32.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (x32 Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (x32 Version: 1.6.38.01 - Lenovo Group Limited) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
DisplayLink Core Software (HKLM\...\{58F4C39B-D946-4A45-A314-DEFC2AFDF397}) (Version: 7.5.54609.0 - DisplayLink Corp.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
Dropbox (HKU\S-1-5-21-1521067798-215275598-965948813-1001\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1521067798-215275598-965948813-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.)
Dropbox 15 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
EPSON BX535WD Series Printer Uninstall (HKLM\...\EPSON BX535WD Series) (Version: - SEIKO EPSON Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{FFF841F3-9A15-4F61-BD16-C19F132E5A27}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HP Officejet 2620 series - Grundlegende Software für das Gerät (HKLM\...\{CED70530-FA0D-4A58-BBF0-1588B38247A0}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.36 - SunplusIT)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1016 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4029 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{a3294ccc-6d01-43c2-9249-3f50bd113bb8}) (Version: 1.3.2.1030 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1431.1) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a9888f41-68ae-43df-bd7d-d93405a44106}) (Version: 17.13.11 - Intel Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.12 - )
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.38.00 - Lenovo Group Limited)
Lenovo HID HW Radio Driver 1.0.0.58 (HKLM\...\{E5325F32-D15A-4131-B029-4A5B7609E532}_is1) (Version: 1.0.0.58 - Lenovo)
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.7 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.09.03 - )
Lenovo QuickControl (HKLM-x32\...\{ABA0A3F7-649E-4338-BDC9-18437D9699D6}) (Version: 2.40 - Lenovo Group Limited)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.3.30.280 - Lenovo Corporation)
Lenovo Settings - Location Awareness (HKLM-x32\...\{C79D4402-E622-4922-9C02-89F9080BF081}_is1) (Version: 1.5.0.3 - Lenovo Group Limited)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.4.0.21 - Lenovo Group Limited)
Lenovo Settings Mobile Hotspot (HKLM\...\{42603F7D-B08D-436B-B0D8-3E2DEF1AFD41}_is1) (Version: 2.3.0.90 - Lenovo)
Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.4.0.9 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.7 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0029 - Lenovo)
Lenovo USB Graphics (HKLM\...\{E6B1FE9A-CB1E-4096-A0AF-163419CB971C}) (Version: 7.5.54614.0 - Lenovo)
Lenovo USB3.0 to DVI VGA Monitor Adapter (HKLM-x32\...\{454D32AD-C149-49BE-9F2E-8C089C3D6620}) (Version: 1.07.17 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nitro Pro 10 (HKLM-x32\...\{34d271a4-0d4b-4b0a-8fb4-76c3ce02b8cd}) (Version: 10.5.8.44 - Nitro)
Nitro Pro 10 (Version: 10.5.8.44 - Nitro) Hidden
Nitro Pro 9 (HKLM\...\{199748CD-E046-4D0F-A9D1-0712EE050EFC}) (Version: 9.5.1.5 - Nitro)
Oddworld: Abe's Oddysee (HKLM-x32\...\Steam App 15700) (Version: - Oddworld Inhabitants)
OEM Application Profile (HKLM-x32\...\{1D464EFF-EC8B-F225-2F74-F74143200DDF}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.51.00 - )
OpenVPN 2.3.10-I602 (HKLM\...\OpenVPN) (Version: 2.3.10-I602 - )
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Pharao (HKLM-x32\...\Pharao) (Version: - )
PowerDVD Create (HKLM-x32\...\InstallShield_{DE485075-8CD3-4A1E-9ABC-6412EBA44872}) (Version: 10.0 - CyberLink Corp.)
PowerDVD Create 10 (x32 Version: 10.0.1.2704 - CyberLink Corp.) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21247 - Realtek Semiconductor Corp.)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super Hexagon (HKLM\...\Steam App 221640) (Version: - Terry Cavanagh)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
ThinkPad OneLink Dock (HKLM-x32\...\{8E1CACF5-2493-4950-9AD5-189903FE57E7}) (Version: 1.08.30 - Lenovo)
ThinkPad UltraNav Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.216.1616.115 - ALPS ELECTRIC CO., LTD.)
Thinkpad USB 3.0 Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 8.8.911.2013 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.80.03.00 - Lenovo)
WaveEditor (x32 Version: 1.0.1.4514 - CyberLink Corp.) Hidden
Windows Driver Package - Intel (e1dexpress) Net (09/29/2014 12.12.80.19) (HKLM\...\C8FFC6B175C76755EF69AD03210DBE771B47750F) (Version: 09/29/2014 12.12.80.19 - Intel)
Windows Driver Package - Intel Corporation (iaStorA) HDC (08/22/2014 13.5.0.1056) (HKLM\...\5EC6580D569A9D3B15C34964E5BB5BC263F05FE5) (Version: 08/22/2014 13.5.0.1056 - Intel Corporation)
Windows Driver Package - Lenovo 1.67.09.03 (11/07/2014 1.67.09.03) (HKLM\...\FA3F6F3D6E8958FDDEE1E09CC77DFA71B0D7835A) (Version: 11/07/2014 1.67.09.03 - Lenovo)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1521067798-215275598-965948813-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Anc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1521067798-215275598-965948813-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1521067798-215275598-965948813-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1521067798-215275598-965948813-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1521067798-215275598-965948813-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1521067798-215275598-965948813-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1521067798-215275598-965948813-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1521067798-215275598-965948813-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1521067798-215275598-965948813-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1521067798-215275598-965948813-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1521067798-215275598-965948813-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Anc\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {31D0FBB6-F632-4D2A-85FA-152C2DA3F88D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1521067798-215275598-965948813-1001Core => C:\Users\Anc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-05] (Dropbox, Inc.)
Task: {3381767D-C102-402C-AE8D-5BFEFDB41876} - System32\Tasks\CLMLSvc => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2013-03-07] (CyberLink)
Task: {3EBE7E96-DBD7-466C-8A58-6B2D5083FCBC} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-12-14] ()
Task: {4894A8BA-EEFC-4C00-8008-DCD36519D020} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {5FF92542-B06B-42FF-A6D9-E0FB2D0A7EA9} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {6278DC11-A88C-4571-B0BA-C0EEE79DBCC0} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {79C0AD0F-F4D2-4C8C-924C-099533C54E18} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2014-08-01] (CyberLink Corp.)
Task: {7BD856A0-E750-45EB-82D9-1CA0F0A3E559} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {887DCBDA-267E-4E51-8A6F-C99EBE48C2EA} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {9EFB5B54-3D4F-405F-B8D0-620EEB6AFC5F} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {A3BEF295-F1EA-4AB8-9CEE-0609CE7D1BA4} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {AB0D5B4F-5045-4979-B3B8-AA380B93BF14} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-05-25] ()
Task: {B38A002C-2C5C-4B4D-8B30-44B097D1FF99} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-07-13] (Microsoft Corporation)
Task: {BBBCAA92-3DAD-4608-B853-41856BBE0B87} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1521067798-215275598-965948813-1001UA => C:\Users\Anc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-05] (Dropbox, Inc.)
Task: {BE04C3F4-987C-4031-9F0B-D2BA212D7420} - System32\Tasks\{BA120178-CCBE-436C-BEE1-2058F63D040A} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {BF9C5D3A-D217-4E9C-9478-A2683E52A367} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {DFCAE8AA-51C4-4917-97D8-63C61F53C4AE} - System32\Tasks\StartPowerDVDService => C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
Task: {E1980B7E-9C94-466A-BCF2-CE00F3C73375} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {ECBC7CD3-E336-4F95-8F7D-7CCCCBF6A3CC} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-12-13] ()
Task: {F692D584-9458-4F80-AB32-AB190E29D83E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1521067798-215275598-965948813-1001Core.job => C:\Users\Anc\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1521067798-215275598-965948813-1001UA.job => C:\Users\Anc\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-01-24 01:42 - 2015-01-24 01:42 - 00087552 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-01-24 01:58 - 2015-01-24 01:58 - 01795976 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-01-24 01:58 - 2015-01-24 01:58 - 00357768 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2016-03-03 16:48 - 2016-03-03 16:48 - 00417944 _____ () C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe
2016-03-03 16:48 - 2016-03-03 16:48 - 02546840 _____ () C:\Program Files\Nitro\Pro 10\Nitro_KissMetrics.dll
2015-05-06 13:49 - 2016-04-14 07:50 - 00119808 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.dll
2015-05-06 13:49 - 2015-05-12 15:14 - 00469720 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
2014-10-10 18:37 - 2014-10-10 18:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-05-16 20:12 - 2016-05-16 20:12 - 00799232 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.Networking\8c8860ec7e71d7a92cf75149e51241c8\Windows.Networking.ni.dll
2016-05-16 20:12 - 2016-05-16 20:12 - 00228864 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\cc4c1f4674d4c5d7a43cf314bb5994d1\Windows.Foundation.ni.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:nlsPreferences [514]
AlternateDataStreams: C:\Users\Anc\Desktop\Fit ohne Geräte - Mark Lauren.pdf:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1521067798-215275598-965948813-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Anc\Pictures\Wallpaper\take all my money.JPG
HKU\S-1-5-21-1521067798-215275598-965948813-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Anc\Pictures\Wallpaper\take all my money.JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1521067798-215275598-965948813-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1521067798-215275598-965948813-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1521067798-215275598-965948813-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1521067798-215275598-965948813-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0384610E-5AC1-40ED-A631-8F19D528A3DB}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{116FEE1C-737B-40FB-B9E9-66A926825585}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{544712D5-2E48-4E55-8475-0B92367D529F}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{9320F3FF-74DE-416C-90C2-541200F6E7AF}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{E02AE2A8-4751-49B3-B207-6A0552B0A0A4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6C9EFBEE-77DF-477E-8932-1B689038EA7F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6733A74C-98F7-40C1-87EA-20F8A28ED03C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{094D2D1A-0380-4A84-92CF-9320A0F9169F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B7E01A9D-4A0E-479E-A024-2A0717778BBF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{16F11D30-8D04-44A7-8B31-44FF6EBDDDD5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1DC1E347-1CB9-4612-B58D-BEAEEC693CB3}] => (Allow) C:\Users\Anc\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5EBDFDBA-D06A-44FB-A133-56ED47566061}] => (Allow) C:\Users\Anc\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{1DE6550C-38D9-430A-A512-946A9854248B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{39E60064-2F7E-4F9F-AA57-A2B8BC4B1954}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{BD9F3918-E542-4E4D-AB09-AC3467ED42F1}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4AEB08AD-0DF5-4550-8E28-38107D5A804C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{A007078E-71BF-444A-B235-1A64EA262BED}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\FaxApplications.exe
FirewallRules: [{09D44C64-6223-4E97-9D51-E523C193F58B}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\DigitalWizards.exe
FirewallRules: [{26F43F6A-73B0-4296-9D98-30F2E68D4E14}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\bin\SendAFax.exe
FirewallRules: [{7D402D34-A956-4498-B6C4-FE75EF6A8289}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\USBSetup.exe
FirewallRules: [{6A4C7DDD-4097-4896-A5D3-D63324B1EFEF}] => (Allow) C:\Program Files\HP\HP Officejet 2620 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{333BCE78-EA42-4683-8781-C2A93D39AF18}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{11C174D2-BA90-4B0E-B303-63A12D93F70D}] => (Allow) C:\Users\Anc\Desktop\Age of Empires III\fremde Exe.exe
FirewallRules: [{0699A27A-C68B-42E1-B6D6-6FB8970D558A}] => (Allow) C:\Users\Anc\Desktop\Age of Empires III\fremde Exe.exe
FirewallRules: [{1CA537A5-762C-4752-9259-E820A060C792}] => (Allow) C:\Users\Anc\Desktop\Age of Empires III\fremde Exe.exe
FirewallRules: [{45A86640-B570-4FAE-AAF8-C950A3B23A7D}] => (Allow) C:\Users\Anc\Desktop\Age of Empires III\fremde Exe.exe
FirewallRules: [{685E5D52-44F3-48D2-BA85-8ADA96BB5D22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe
FirewallRules: [{54A65431-69D6-4C57-8DEE-07DEFF5FB106}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe
FirewallRules: [{312B00AA-5456-4BF9-B61C-EF1E1CBF8710}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{7EB8FAF2-62F9-4E35-BE8C-74F83BEE11E9}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{50C27C68-0595-46AC-AD64-F2AED948E0ED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7E12DCE1-03FC-4EDD-94AA-FABE8E38926C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{229DB05A-1874-41BB-AC6C-A4BA6C06CEB3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Axiom Verge\AxiomVerge.exe
FirewallRules: [{7692CC2E-E28D-420F-B061-12B57A48345D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Axiom Verge\AxiomVerge.exe
FirewallRules: [{4FD950EA-436F-426C-9608-FBB1ADBC0653}] => (Allow) C:\Program Files\OpenVPN\bin\openvpn.exe
FirewallRules: [{BD0E33CB-FDD9-4540-8BD4-074D8DC385F9}] => (Allow) C:\Program Files\OpenVPN\bin\openvpn.exe
FirewallRules: [{0EA1FF6E-6384-47E3-B32B-494AC385A811}] => (Allow) C:\Program Files\OpenVPN\bin\openvpn.exe
FirewallRules: [{ED832DF7-1448-4C5A-BB78-D1B50D2A3C59}] => (Allow) C:\Program Files\OpenVPN\bin\openvpn.exe
FirewallRules: [{E73887D3-2964-4824-879E-E65E42A069D4}] => (Allow) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
FirewallRules: [{4A9AD7EB-52DA-4DC0-9646-389ADF29376F}] => (Allow) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
FirewallRules: [{EEEC7207-7B69-4F11-A2AF-A97E39DE7C83}] => (Allow) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
FirewallRules: [{C6A1F479-FE21-4CEA-95A9-98220357CB2E}] => (Allow) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
FirewallRules: [{8765C01A-F599-4EF4-9A92-9E0B7CE2F3CD}] => (Allow) C:\Program Files\OpenVPN\bin\openvpnserv.exe
FirewallRules: [{6AF3DAA0-AA42-45D4-968A-8A56C0ECD671}] => (Allow) C:\Program Files\OpenVPN\bin\openvpnserv.exe
FirewallRules: [{DC26B818-54B6-49F4-9B73-935618C0F8E7}] => (Allow) C:\Program Files\OpenVPN\bin\openvpnserv.exe
FirewallRules: [{B0B22EDE-3B6B-4317-AB7A-AAC7F2FEC272}] => (Allow) C:\Program Files\OpenVPN\bin\openvpnserv.exe
FirewallRules: [{6DE2EBCD-BFA2-490E-AF5D-EDDA3F0CAD96}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{5FE0C848-C45B-49C1-9C86-AC911B60B8E2}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{4EAF8603-6B3A-4BF4-B763-9FD5ED2AED96}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{87BCE7B7-C104-4CF5-8079-1BE1BC3C4409}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{6BA9EB6A-3389-41B1-80BA-D408F30A7467}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{28737037-E775-4A0D-BA57-229FBCDC4157}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{6C6A5633-2C13-4999-A1DB-00C3B771E532}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{1A26AA30-AE26-436C-B0F4-7D96E5B67747}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{F944065C-CDD0-4030-8547-D06BBB4E4971}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{07F42889-551E-430C-AF5F-EDCA9B5D3482}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [TCP Query User{808235C6-1D4B-44CE-BAFF-FE1EB69C32AB}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{1557CF56-93A4-4741-9EB2-19E8B93C2291}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{59FE902C-463D-4AE1-B0C1-A3055E1A180D}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{03D489CC-0078-4B58-9A19-70024C6947AB}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{BE4FF451-9FB1-4B55-ADEE-BF61EB3D2FB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{A3BD4228-80C7-48D7-BBD4-9FF817BA9976}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{171A1693-43A9-403D-B2B5-3020399103C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Hexagon\superhexagon.exe
FirewallRules: [{B70095BB-E90C-46EF-AA14-912272A08DC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Hexagon\superhexagon.exe
FirewallRules: [{8E81FBBD-F147-4B16-B9C6-72A7FBA141A4}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{508C5122-1C09-40B3-A3A1-0B3CD73A70AE}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{D111AEBF-99B6-45C8-86E6-805B22025E40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{8BEB76B5-C270-4F61-A5EF-26F9CF89330B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
==================== Wiederherstellungspunkte =========================
19-07-2016 17:36:29 Geplanter Prüfpunkt
02-08-2016 22:16:24 Geplanter Prüfpunkt
03-08-2016 20:16:52 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/24/2016 03:55:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Pharaoh.exe, Version: 1.0.0.0, Zeitstempel: 0x37ac3430
Name des fehlerhaften Moduls: Pharaoh.exe, Version: 1.0.0.0, Zeitstempel: 0x37ac3430
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000aaec
ID des fehlerhaften Prozesses: 0x1b18
Startzeit der fehlerhaften Anwendung: 0xPharaoh.exe0
Pfad der fehlerhaften Anwendung: Pharaoh.exe1
Pfad des fehlerhaften Moduls: Pharaoh.exe2
Berichtskennung: Pharaoh.exe3
Vollständiger Name des fehlerhaften Pakets: Pharaoh.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Pharaoh.exe5
Error: (07/24/2016 03:54:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Pharaoh.exe, Version: 1.0.0.0, Zeitstempel: 0x37ac3430
Name des fehlerhaften Moduls: Pharaoh.exe, Version: 1.0.0.0, Zeitstempel: 0x37ac3430
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000aaec
ID des fehlerhaften Prozesses: 0xb2c
Startzeit der fehlerhaften Anwendung: 0xPharaoh.exe0
Pfad der fehlerhaften Anwendung: Pharaoh.exe1
Pfad des fehlerhaften Moduls: Pharaoh.exe2
Berichtskennung: Pharaoh.exe3
Vollständiger Name des fehlerhaften Pakets: Pharaoh.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Pharaoh.exe5
Error: (07/24/2016 03:52:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Pharaoh.exe, Version: 1.0.0.0, Zeitstempel: 0x37ac3430
Name des fehlerhaften Moduls: Pharaoh.exe, Version: 1.0.0.0, Zeitstempel: 0x37ac3430
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002d38c
ID des fehlerhaften Prozesses: 0x4b8
Startzeit der fehlerhaften Anwendung: 0xPharaoh.exe0
Pfad der fehlerhaften Anwendung: Pharaoh.exe1
Pfad des fehlerhaften Moduls: Pharaoh.exe2
Berichtskennung: Pharaoh.exe3
Vollständiger Name des fehlerhaften Pakets: Pharaoh.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Pharaoh.exe5
Error: (07/24/2016 03:52:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Pharaoh.exe, Version: 1.0.0.0, Zeitstempel: 0x37ac3430
Name des fehlerhaften Moduls: Pharaoh.exe, Version: 1.0.0.0, Zeitstempel: 0x37ac3430
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002d38c
ID des fehlerhaften Prozesses: 0x197c
Startzeit der fehlerhaften Anwendung: 0xPharaoh.exe0
Pfad der fehlerhaften Anwendung: Pharaoh.exe1
Pfad des fehlerhaften Moduls: Pharaoh.exe2
Berichtskennung: Pharaoh.exe3
Vollständiger Name des fehlerhaften Pakets: Pharaoh.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Pharaoh.exe5
Error: (07/17/2016 08:32:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: esetonlinescanner_enu.exe, Version: 2.0.8.0, Zeitstempel: 0x573dab40
Name des fehlerhaften Moduls: esetonlinescanner_enu.exe, Version: 2.0.8.0, Zeitstempel: 0x573dab40
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00036471
ID des fehlerhaften Prozesses: 0xbb4
Startzeit der fehlerhaften Anwendung: 0xesetonlinescanner_enu.exe0
Pfad der fehlerhaften Anwendung: esetonlinescanner_enu.exe1
Pfad des fehlerhaften Moduls: esetonlinescanner_enu.exe2
Berichtskennung: esetonlinescanner_enu.exe3
Vollständiger Name des fehlerhaften Pakets: esetonlinescanner_enu.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: esetonlinescanner_enu.exe5
Error: (07/14/2016 11:53:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Baba)
Description: Bei der Aktivierung der App „E046963F.LenovoCompanion_k1h2ywk1493x8!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/14/2016 11:53:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Baba)
Description: Bei der Aktivierung der App „E046963F.LenovoCompanion_k1h2ywk1493x8!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/13/2016 10:34:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Baba)
Description: Bei der Aktivierung der App „E046963F.LenovoCompanion_k1h2ywk1493x8!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/13/2016 10:34:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Baba)
Description: Bei der Aktivierung der App „E046963F.LenovoCompanion_k1h2ywk1493x8!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/11/2016 01:10:22 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Systemfehler:
=============
Error: (08/03/2016 08:10:04 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.178.21192.168.137.0255.255.255.0
Error: (08/03/2016 08:10:04 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (08/03/2016 05:31:14 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.178.21192.168.137.0255.255.255.0
Error: (08/03/2016 05:31:14 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (08/02/2016 09:45:37 PM) (Source: DCOM) (EventID: 10010) (User: Baba)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (08/02/2016 09:45:07 PM) (Source: DCOM) (EventID: 10010) (User: Baba)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (08/02/2016 05:25:02 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.178.21192.168.137.0255.255.255.0
Error: (08/02/2016 05:25:02 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (08/01/2016 09:16:59 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.178.21192.168.137.0255.255.255.0
Error: (08/01/2016 09:16:59 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
CodeIntegrity:
===================================
Date: 2016-07-15 23:04:29.937
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Lenovo\System Update\ApsIns64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8109.22 MB
Verfügbarer physikalischer RAM: 5445.39 MB
Summe virtueller Speicher: 9389.22 MB
Verfügbarer virtueller Speicher: 6389.43 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:447.55 GB) (Free:345.08 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F5F2FB3B)
Partition: GPT.
==================== Ende von Addition.txt ============================
Dankeschön schon mal! |
FRST 32-Bit | FRST 64-Bit
Lesestoff:
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Malware 
SecurityCheck und:
