Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017
durchgeführt von Philipp (Administrator) auf PHILIPPPC (08-03-2017 08:56:15)
Gestartet von C:\Users\Philipp\DOWNLOADS
Geladene Profile: Philipp (Verfügbare Profile: Philipp)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.8.1.14\n360.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.8.1.14\n360.exe
() C:\Program Files\ReviverSoft\Battery Optimizer\BatteryOptimizer.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
() C:\Program Files (x86)\Eye-Fi\EyeFiReceiver.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.8.1.14\conathst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-14] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-31] (Waves Audio Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-16] (Dell Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2857128 2015-01-09] (Synaptics Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [5321448 2016-04-05] (Crawler Group, LLC)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5560040 2016-04-05] (Crawler Group, LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [133760 2014-01-08] (Atheros Communications)
HKU\S-1-5-21-4124424131-393341320-4018314666-1001\...\Run: [CCleaner Monitoring] => C:\PROGRAM FILES\CCLEANER\CCLEANER64.EXE [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-4124424131-393341320-4018314666-1001\...\Run: [Icecream_Screen_Recorder_Prefetcher] => C:\Program Files (x86)\Icecream Screen Recorder\recorder.exe [1598464 2015-07-14] ()
HKU\S-1-5-21-4124424131-393341320-4018314666-1001\...\Run: [Eye-Fi] => C:\Program Files (x86)\Eye-Fi\EyeFiReceiver.exe [3565376 2015-12-01] ()
HKU\S-1-5-21-4124424131-393341320-4018314666-1001\...\MountPoints2: {c9e7c781-7c44-11e4-825b-38b1dbc495d6} - "F:\LaunchU3.exe" -a
AppInit_DLLs: C:\Windows\Jaksta\AC\x64\jaudcap.dll => C:\Windows\Jaksta\AC\x64\jaudcap.dll [311584 2014-06-10] (Jaksta Technologies Pty Ltd)
AppInit_DLLs-x32: C:\Windows\Jaksta\AC\x86\jaudcap.dll => C:\Windows\Jaksta\AC\x86\jaudcap.dll [264480 2014-06-10] (Jaksta Technologies Pty Ltd)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.8.1.14\buShell.dll [2016-11-12] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.8.1.14\buShell.dll [2016-11-12] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.8.1.14\buShell.dll [2016-11-12] (Symantec Corporation)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Inhaltsmanager-Assistent für PlayStation(R).lnk [2016-06-17]
ShortcutTarget: Inhaltsmanager-Assistent für PlayStation(R).lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-4124424131-393341320-4018314666-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{315AB471-30B7-4BED-A18B-55DD7F2B5848}: [DhcpNameServer] 172.51.1.171
Tcpip\..\Interfaces\{B612A19D-6D37-4E12-9C34-3E2F5AAA1D13}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-4124424131-393341320-4018314666-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-4124424131-393341320-4018314666-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4124424131-393341320-4018314666-1001 -> DefaultScope {AAAC8E9C-B24A-4371-BD09-27EF2FC93933} URL =
SearchScopes: HKU\S-1-5-21-4124424131-393341320-4018314666-1001 -> {AAAC8E9C-B24A-4371-BD09-27EF2FC93933} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard64.dll [2016-04-05] (Crawler Group, LLC)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-28] (Oracle Corporation)
BHO-x32: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard.dll [2016-04-05] (Crawler Group, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-28] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)
FireFox:
========
FF DefaultProfile: k964z81g.default
FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\k964z81g.default [2017-03-07]
FF Homepage: Mozilla\Firefox\Profiles\k964z81g.default -> hxxps://twitter.com/
FF Extension: (Firefox Hotfix) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\k964z81g.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF Extension: (YouTube Unblocker) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\k964z81g.default\Extensions\youtubeunblocker__web@unblocker.yt [2016-04-02]
FF Extension: (FTP Notifier) - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\k964z81g.default\Extensions\{c16a33be-532b-4138-8b67-a7e2d5753149}.xpi [2016-05-20] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2016-12-05]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-28] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.de/
CHR DefaultSearchURL: Default -> hxxps://www.google.de/search?q={searchTerms}?trackid=sp-006
CHR DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?client=chrome&q={searchTerms}
CHR Profile: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default [2017-03-08]
CHR Extension: (Google Präsentationen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Google Docs) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Norton Security Toolbar) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-02-10]
CHR Extension: (Google-Suche) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tampermonkey) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-12-12]
CHR Extension: (SciLor's Grooveshark(tm) Unlocker) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\feegenemlbjkbnfpgdmjddbeiecdbpob [2014-12-03]
CHR Extension: (Google Tabellen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (Google Docs Offline) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Google Notizen – Notizen & Listen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-03-08]
CHR Extension: (Norton Identity Safe) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-12-29]
CHR Extension: (StreamCloud Premium) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbaagabagjkamiinfpdgphjafegomohd [2014-12-03]
CHR Extension: (Free Rider HD Offline Editor) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kffmoglgaljfcfaadaknkiipcclifcbn [2016-04-08]
CHR Extension: (Nehmen Sie Screenshot der Webseite - FireShot) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2016-11-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-09]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.8.1.14\Exts\Chrome.crx [2016-11-20]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.8.1.14\Exts\Chrome.crx [2016-11-20]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [318592 2014-01-08] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-06-23] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-06-23] (Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.8.1.14\N360.exe [289080 2016-11-12] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2014-04-04] (SoftThinks SAS)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3269864 2016-04-05] (Crawler Group, LLC)
S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-09-09] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 acedrv10; C:\Windows\system32\drivers\acedrv10.sys [277904 2014-12-10] (Protect Software GmbH)
R2 acehlp10; C:\Windows\system32\drivers\acehlp10.sys [228000 2014-12-10] (Protect Software GmbH)
S3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R1 appliand; C:\Windows\system32\DRIVERS\appliand.sys [30304 2013-02-06] (Applian Technologies Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3881472 2013-12-13] (Qualcomm Atheros Communications, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20170306.003\BHDrvx64.sys [1874136 2016-11-07] (Symantec Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-01-07] (Qualcomm Atheros)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1608010.00E\ccSetx64.sys [174328 2016-06-02] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-01-26] (Symantec Corporation)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-02] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-02] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20170306.001\IDSvia64.sys [1038024 2017-02-08] (Symantec Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows (R) Win 7 DDK provider)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1608010.00E\SRTSP64.SYS [784624 2016-11-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1608010.00E\SRTSPX64.SYS [49400 2016-11-12] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1608010.00E\SYMEFASI64.SYS [1628888 2016-11-12] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1608010.00E\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100592 2016-10-13] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1608010.00E\Ironx64.SYS [289520 2016-11-12] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1608010.00E\SYMNETS.SYS [567512 2016-11-12] (Symantec Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42664 2015-01-09] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-02-04] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [264000 2015-02-04] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\SDSDefs\20160710.001\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\SDSDefs\20160710.001\EX64.SYS [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-08 08:56 - 2017-03-08 08:58 - 00025925 _____ C:\Users\Philipp\Downloads\FRST.txt
2017-03-08 08:56 - 2017-03-08 08:56 - 00000000 ____D C:\FRST
2017-03-08 08:55 - 2017-03-08 08:55 - 02423808 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64.exe
2017-03-08 08:51 - 2017-03-08 08:51 - 00000000 ___RD C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2017-03-07 21:28 - 2017-03-07 21:41 - 02139734 _____ C:\Users\Philipp\Desktop\Phlilipp Sammlung.txt.gmc
2017-03-07 20:50 - 2017-03-07 20:52 - 00024735 _____ C:\Users\Philipp\Desktop\Spyware Terminator Log 05.03.17.txt
2017-03-05 02:30 - 2017-03-05 02:30 - 00001358 _____ C:\Users\Philipp\Documents\05.03.17.txt
2017-03-04 18:31 - 2017-03-04 18:31 - 00047228 _____ C:\Users\Philipp\Documents\cc_20170304_183110.reg
2017-03-03 12:09 - 2017-03-03 12:09 - 00000035 _____ C:\Users\Philipp\Downloads\ur-root.m3u
2017-03-01 21:02 - 2017-03-01 21:02 - 00000178 __RSH C:\Windows\CTA2STET.BIN
2017-03-01 21:02 - 2017-03-01 21:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrazyTalk Animator 2
2017-03-01 21:01 - 2017-03-01 21:01 - 00000000 ____D C:\ProgramData\Reallusion
2017-03-01 20:58 - 2017-03-01 20:58 - 00000000 ____D C:\Users\Public\Documents\Reallusion
2017-03-01 20:57 - 2017-03-01 20:57 - 00000000 ____D C:\Program Files (x86)\Reallusion
2017-03-01 20:33 - 2017-03-01 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2017-03-01 20:32 - 2017-03-01 20:32 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Engelmann Distribution
2017-03-01 20:32 - 2017-03-01 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFormatConverter
2017-03-01 20:32 - 2017-03-01 20:32 - 00000000 ____D C:\ProgramData\Engelmann Distribution
2017-03-01 20:32 - 2017-03-01 20:32 - 00000000 ____D C:\Program Files (x86)\Engelmann Distribution
2017-02-24 17:11 - 2017-02-24 17:11 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2017-02-24 17:11 - 2017-02-24 17:11 - 00000000 ____D C:\Program Files\Dell Support Center
2017-02-16 10:13 - 2017-02-16 10:16 - 69413032 _____ C:\Users\Philipp\Downloads\Die Nanny Staffel 4 Folge 4.mp4
2017-02-13 23:42 - 2017-02-14 00:12 - 320972011 _____ C:\Users\Philipp\Downloads\Nagi gegen die Community (Mario Kart 7).mp4
2017-02-13 21:46 - 2017-02-13 21:57 - 142852184 _____ C:\Users\Philipp\Downloads\Nagi's fünfter Stream [Yume Penguin Monogatari].mp4
2017-02-09 19:05 - 2016-10-10 19:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cmimcext.sys
2017-02-09 19:05 - 2016-08-22 14:34 - 01628672 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-02-09 19:03 - 2015-07-22 15:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-02-09 10:31 - 2017-02-09 10:31 - 01129376 _____ (Google Inc.) C:\Users\Philipp\Downloads\ChromeSetup (1).exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-08 08:56 - 2014-12-03 15:00 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4124424131-393341320-4018314666-1001
2017-03-08 08:54 - 2016-08-23 10:10 - 00000000 ____D C:\Program Files (x86)\Opera
2017-03-08 08:54 - 2014-12-03 23:00 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\ClassicShell
2017-03-08 08:52 - 2015-10-11 22:00 - 00000000 ___RD C:\Users\Philipp\OneDrive
2017-03-08 08:52 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-08 08:51 - 2015-12-26 19:47 - 00000000 ____D C:\Users\Philipp\AppData\Local\Eye-Fi
2017-03-08 08:51 - 2015-12-11 22:13 - 00000302 _____ C:\Windows\Tasks\Start Battery Optimizer for PHILIPPPC@Philipp.job
2017-03-08 08:51 - 2014-12-03 22:54 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2017-03-07 21:42 - 2014-12-03 14:54 - 00000000 ____D C:\Users\Philipp
2017-03-07 21:41 - 2014-12-03 14:55 - 00000000 ____D C:\Users\Philipp\Documents\Bluetooth Folder
2017-03-07 21:38 - 2015-05-01 08:11 - 00000000 ____D C:\Users\Philipp\Documents\Game Collector
2017-03-07 21:26 - 2014-09-20 16:02 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2017-03-07 21:22 - 2016-12-02 18:04 - 00000000 ____D C:\ProgramData\Spyware Terminator
2017-03-07 21:17 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-04 23:14 - 2015-12-26 19:46 - 00000000 ____D C:\Program Files (x86)\Eye-Fi
2017-03-04 18:38 - 2015-05-28 16:27 - 00000000 ___RD C:\Users\Philipp\Desktop\Programme
2017-03-04 18:28 - 2014-12-05 00:21 - 00000000 ____D C:\Users\Philipp\AppData\Local\CrashDumps
2017-03-04 15:49 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-04 15:41 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-03-04 09:31 - 2015-12-04 20:42 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2017-03-04 08:49 - 2014-12-03 15:01 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{E9DA0FD1-44DF-4134-8768-322C53B8871F}
2017-03-03 07:27 - 2016-12-21 12:01 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-03-03 07:27 - 2016-10-20 10:30 - 00003870 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1471943461
2017-03-02 10:47 - 2017-01-29 23:17 - 00001745 _____ C:\Users\Philipp\Desktop\Neues Textdokument.txt
2017-03-01 20:56 - 2014-09-20 15:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-01 20:35 - 2016-12-02 18:04 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\Spyware Terminator
2017-03-01 20:31 - 2014-12-05 10:39 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-24 17:12 - 2016-07-22 09:23 - 00003224 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2017-02-24 17:11 - 2014-09-20 16:01 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-02-24 09:15 - 2014-12-04 01:06 - 00000000 ____D C:\Windows\system32\MRT
2017-02-24 09:10 - 2014-12-04 01:06 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-23 08:08 - 2014-12-10 21:49 - 00000000 ____D C:\Users\Philipp\AppData\Local\ElevatedDiagnostics
2017-02-22 22:06 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-02-20 07:26 - 2014-12-03 14:55 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Atheros
2017-02-17 23:49 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-02-17 07:06 - 2015-07-30 16:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-02-17 07:06 - 2015-07-30 16:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-02-16 23:11 - 2015-07-30 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-02-15 19:35 - 2014-12-09 00:46 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\vlc
2017-02-12 13:52 - 2014-03-18 10:47 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-12 13:52 - 2014-03-18 10:30 - 00765582 _____ C:\Windows\system32\perfh007.dat
2017-02-12 13:52 - 2014-03-18 10:30 - 00159366 _____ C:\Windows\system32\perfc007.dat
2017-02-10 08:48 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-02-09 10:39 - 2014-12-03 22:52 - 00002281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-09 10:39 - 2014-12-03 22:52 - 00002269 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-09 10:37 - 2017-01-04 14:50 - 00000000 ____D C:\Users\Philipp\Desktop\Privat
2017-02-09 09:31 - 2015-04-06 09:41 - 00000000 ___SD C:\Windows\system32\GWX
2017-02-09 09:30 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-09 09:26 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\registration
2017-02-09 09:25 - 2015-01-18 19:26 - 00000000 ____D C:\Users\Philipp\AppData\Local\Mozilla
2017-02-06 20:41 - 2015-03-12 10:01 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:41 - 2015-03-12 10:01 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-07-16 07:00 - 2015-07-16 07:00 - 6420480 _____ () C:\Program Files (x86)\GUT5B2E.tmp
2014-12-07 02:42 - 2015-05-21 18:05 - 0000096 _____ () C:\Users\Philipp\AppData\Roaming\Camdata.ini
2014-12-07 02:42 - 2015-05-21 18:05 - 0000408 _____ () C:\Users\Philipp\AppData\Roaming\CamLayout.ini
2014-12-07 02:42 - 2015-05-21 18:05 - 0000408 _____ () C:\Users\Philipp\AppData\Roaming\CamShapes.ini
2014-12-07 02:42 - 2015-05-21 18:05 - 0004535 _____ () C:\Users\Philipp\AppData\Roaming\CamStudio.cfg
2014-12-07 03:13 - 2014-12-07 03:13 - 0000098 _____ () C:\Users\Philipp\AppData\Roaming\CamStudio.Producer.command
2014-12-07 03:14 - 2014-12-07 03:14 - 0000000 _____ () C:\Users\Philipp\AppData\Roaming\CamStudio.Producer.Data.ini
2014-12-07 03:14 - 2014-12-07 03:14 - 0001206 _____ () C:\Users\Philipp\AppData\Roaming\CamStudio.Producer.ini
2014-12-07 02:40 - 2014-12-09 00:26 - 0000096 _____ () C:\Users\Philipp\AppData\Roaming\version2.xml
2015-08-17 22:52 - 2015-08-17 22:52 - 0007605 _____ () C:\Users\Philipp\AppData\Local\Resmon.ResmonCfg
2014-12-05 00:16 - 2015-05-01 16:57 - 1145382 ____N () C:\Users\Philipp\AppData\Local\Tempmusic.ogg
2015-10-12 18:24 - 2015-10-12 18:24 - 0000000 _____ () C:\Users\Philipp\AppData\Local\{DFA6EFD0-A8DB-468D-8C02-F35B7E8A09B5}
2014-09-20 15:31 - 2014-09-20 15:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-09-20 15:53 - 2014-09-20 15:54 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-09-20 15:49 - 2014-09-20 15:50 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-09-20 15:50 - 2014-09-20 15:52 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-09-20 15:52 - 2014-09-20 15:53 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-09-20 15:49 - 2014-09-20 15:49 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\BatteryOptimizer.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-02-25 06:52
==================== Ende von FRST.txt ============================
Hier die Addition.txt Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-03-2017
durchgeführt von Philipp (08-03-2017 08:58:52)
Gestartet von C:\Users\Philipp\DOWNLOADS
Windows 8.1 (Update) (X64) (2014-12-03 13:54:45)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4124424131-393341320-4018314666-500 - Administrator - Disabled)
Gast (S-1-5-21-4124424131-393341320-4018314666-501 - Limited - Disabled)
Philipp (S-1-5-21-4124424131-393341320-4018314666-1001 - Administrator - Enabled) => C:\Users\Philipp
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Norton 360 Online (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Online (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 Online (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
8-Bit Armies Demo (HKLM\...\Steam App 469620) (Version: - Petroglyph)
ALLCapture 3.0 (HKLM-x32\...\{32E50C3F-46FB-4827-9BC3-0429860F5288}_is1) (Version: - balesio AG)
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon) <==== ACHTUNG
Apowersoft Bildschirmrekorder Pro Version 2.1.4 (HKLM-x32\...\{dc9006db-6b05-4f0f-833b-79ef3f284c24}_is1) (Version: 2.1.4 - APOWERSOFT LIMITED)
Applian Network Monitor (3.0.8.1) (HKLM-x32\...\Applian Network Monitor) (Version: 3.0.8.1 - Applian Technologies)
Ashampoo Burning Studio 2016 v.16.0.0 (HKLM-x32\...\{91B33C97-B4A4-B41A-6B97-C62C82CEB6A9}_is1) (Version: 16.0.0 - Ashampoo GmbH & Co. KG)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Audiosurf (HKLM\...\Steam App 12900) (Version: - Dylan Fitterer)
Baldur's Gate Enhanced Edition (HKLM-x32\...\{4C2A66C0-8227-460E-8718-B8199A191C6D}) (Version: 1.3.2053 - Deep Silver)
Battery Optimizer (HKLM\...\BatteryOptimizer) (Version: 3.0.5.20 - ReviverSoft LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Christmas Shopper Simulator (HKLM-x32\...\{139C8AA5-BA56-4388-B5EC-31E0BF09A7C6}) (Version: 1.0.0 - Game Retail Ltd.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
concept/design onlineTV 10 (HKLM-x32\...\{DCAB9AAC-1D1C-4B94-99B7-AA7D2617BD64}_is1) (Version: 10.8.4.0 - concept/design GmbH)
CrazyTalk Animator v2.14 Standard (HKLM-x32\...\{7127D4CC-78E6-41E3-8BCB-A50ED34846E2}) (Version: 2.14.2103.1 - Reallusion Inc.)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Das große Franzis Know-how-Paket DIGITALE FOTOGRAFIE (HKLM-x32\...\Das große Franzis Know-how-Paket DIGITALE FOTOGRAFIE_is1) (Version: - )
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Dell Inc.)
Dell Data Vault (Version: 4.3.9.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.72 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{27130E51-9555-408B-8134-7BFF54EDE27B}) (Version: 1.3.0.72 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.1.34.40 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{9E4750A7-90F6-4181-8A8A-B1ADF4216E93}) (Version: 1.0.1059.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Die Siedler III Gold Edition (HKLM-x32\...\S3) (Version: - )
Die Siedler IV (HKLM-x32\...\S4Uninst) (Version: - )
Eyefi Mobi Desktop Transfer (HKLM-x32\...\{AD8B6B55-C8D8-4E6F-BAC1-C466A3D94DFB}) (Version: 5.8.0.0 - Eye-Fi, Inc)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Five Nights at Freddy's (HKLM-x32\...\Steam App 319510) (Version: - Scott Cawthon)
Five Nights at Freddy's 2 (HKLM-x32\...\Steam App 332800) (Version: - Scott Cawthon)
Five Nights at Freddy's 3 (HKLM-x32\...\Steam App 354140) (Version: - Scott Cawthon)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Game Collector (HKLM-x32\...\{9E6E8929-ECC5-4941-9898-C7C66ACE49F1}_is1) (Version: - Collectorz.com)
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HandBrake 0.9.9 (HKLM-x32\...\HandBrake) (Version: 0.9.9 - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Icecream Screen Recorder Version 2.11 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 2.11 - Icecream Apps)
Incomedia WebSite X5 v11 - Compact (HKLM-x32\...\{C6AE8967-DF23-42DF-B362-8263A5496338}_is1) (Version: 11.0.6.27 - Incomedia s.r.l.)
Inhaltsmanager-Assistent für PlayStation(R) (HKLM-x32\...\{E5C1C342-5E78-4D91-85BE-40C716B09391}) (Version: 3.55.7671.0901 - Sony Computer Entertainment Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Knuddels Desktop App (HKU\S-1-5-21-4124424131-393341320-4018314666-1001\...\Knuddels Desktop App ) (Version: "2014.12.13.0" - "Knuddels Desktop App")
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Löwenzahn 5 (HKLM-x32\...\{DE470016-1C64-11D5-982A-0050DA602C65}) (Version: 1.00.0000 - Terzio Verlag)
Magic 2014 (HKLM-x32\...\Steam App 213850) (Version: - Stainless Games)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Fotobuch 3.2 (HKLM-x32\...\MAGIX Fotobuch) (Version: 3.2 - MAGIX AG)
MAGIX Goya burnR (MSI) (HKLM-x32\...\MX.{4745C004-7D5D-42BB-816A-79BF29C3A65C}) (Version: 4.3.2.0 - MAGIX Software GmbH)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2013 (HKLM-x32\...\MX.{E7F7CA64-C0FC-4499-BC4D-C764E24CA67B}) (Version: 19.0.7.67 - MAGIX Software GmbH)
MAGIX Music Maker 2013 (Version: 19.0.7.67 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2013 Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Online Druck Service 2.3.2.0 (D) (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 2.3.2.0 - MAGIX AG)
MAGIX PC Visit (HKLM-x32\...\MAGIX PC Visit D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{1B46FA48-1BEA-4398-BF8A-0F606A9EA782}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2013 (HKLM-x32\...\MX.{8C73E551-5AFA-42EE-B76E-64821590BCD3}) (Version: 12.0.3.4 - MAGIX Software GmbH)
MAGIX Video deluxe 2013 (Version: 12.0.3.4 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2013 Update (Version: 12.0.4.2 - MAGIX AG) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version: - )
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MyFormatConverter (HKLM-x32\...\{4aacb3a2-f7f1-4dbc-ae72-9d21552ac858}) (Version: 10.0.6109.25552 - Engelmann Distribution UG)
MyFormatConverter (x32 Version: 10.0.6109.25379 - Engelmann Distribution UG) Hidden
MyFreeCodec (HKU\S-1-5-21-4124424131-393341320-4018314666-1001\...\MyFreeCodec) (Version: - )
Norton 360 Online (HKLM-x32\...\N360) (Version: 22.8.1.14 - Symantec Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
Photo Stamp Remover 7.3 (HKLM-x32\...\Photo Stamp Remover_is1) (Version: 7.3 - SoftOrbits)
Pokémon Trading Card Game Online (HKLM-x32\...\{C42FFAB2-89E0-4BEE-B20B-917695F25450}) (Version: 2.31.0 - The Pokémon Company International)
Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
ProtectDisc Helper Driver 10 (HKLM-x32\...\ProtectDisc Driver 10) (Version: 10.0.0.3 - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.18 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Replay Media Catcher 5 (5.0.1.54) (HKLM-x32\...\Replay Media Catcher 5) (Version: 5.0.1.54 - Applian Technologies)
Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.106 - Skype Technologies S.A.)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.1.107 - Crawler Group)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab (HKLM-x32\...\{FEE1F166-EAE4-4C4B-8988-D82521F9F63F}) (Version: 6.1.5.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{466ABB2D-0F77-44BE-BF6D-872DC70494C9}) (Version: 6.1.6.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebM Project Directshow Filters (HKU\S-1-5-21-4124424131-393341320-4018314666-1001\...\webmdshow) (Version: - )
WinAVI Video Capture 2.0 (HKLM-x32\...\WinAVI Video Capture_is1) (Version: - ZJ Computing, Inc.)
WinHTTrack Website Copier 3.48-21 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.21 - HTTrack)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0F4F1C44-A7DA-4B8E-B41C-44D049733488} - System32\Tasks\Start Battery Optimizer for PHILIPPPC@Philipp => C:\Program Files\ReviverSoft\Battery Optimizer\BatteryOptimizer.exe [2014-07-04] ()
Task: {16783E1E-7234-44B8-A01B-4CEBF184CDD3} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {16C66F83-7428-4415-BBC5-B289B2AC4188} - System32\Tasks\PCDEventLauncherTask => C:\PROGRAM FILES\DELL\SUPPORTASSIST\sessionchecker.exe [2017-02-17] (PC-Doctor, Inc.)
Task: {29CCFAB4-047D-4F88-BE11-DB0B932DBA7A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {38DFC838-D4F9-43BF-8CF6-95E3D2491120} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe
Task: {3E51EEC4-0FF7-4632-81B3-50E1D07C623C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {42B0C102-70F8-4FE7-9AB3-F62F7FEE6925} - System32\Tasks\Health-Check-deep => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: {47F5A709-67D2-480A-97D3-5A55CD6C9ED1} - System32\Tasks\{7CCE6CD6-8D7E-4E7B-95D3-3CE6C7FEF72D} => pcalua.exe -a D:\start.exe -d D:\
Task: {4A9F49B8-1B34-4909-9779-CB6B05787B3F} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bfb81f207db8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {50E91A43-98D3-4E87-ABE6-4BD36F21CCC5} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {5A587B2B-952B-4EFE-B191-18C1FAD5DDAC} - System32\Tasks\{CCDDD822-F45B-4C4C-93A8-A9866F98FE72} => pcalua.exe -a D:\cbs.exe -d D:\
Task: {5C817607-937A-45E3-AAA9-8735B9B0ED8A} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.8.1.14\SymErr.exe [2016-11-12] (Symantec Corporation)
Task: {6D5EEAC2-BF47-4BEC-8649-355C8F4469F8} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-09-09] (Dell Inc.)
Task: {7CB8C918-CE3A-4AB9-A032-E0D2D1C6AB03} - System32\Tasks\Health-Check => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: {86E77536-B06B-4A70-AF9B-E35DF1265242} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {9826F9DC-5629-4FD9-A821-DDA33FCBD485} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-02-17] (PC-Doctor, Inc.)
Task: {A34B55A1-7DEE-4A47-A3BC-21FFBCF151B6} - System32\Tasks\Health-Check-auto => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: {A944A53A-7ED4-4128-B227-44A47019F4B0} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink)
Task: {ACF3440A-C5CA-484B-9BEC-018E7ED1C6C8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {AFF94B4C-CFA4-4C29-80A4-90C455A21D4F} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.8.1.14\SymErr.exe [2016-11-12] (Symantec Corporation)
Task: {B4514BE9-D5E9-40AF-958C-2630D47C7494} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360 Online\Upgrade.exe [2016-11-12] (Symantec Corporation)
Task: {BC926188-09F0-49DE-96A6-A9CD39EFCBF3} - System32\Tasks\Opera scheduled Autoupdate 1471943461 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-27] (Opera Software)
Task: {D9D50B87-3BC6-47DD-9CD5-90678AD79F2F} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {E1012E6D-0428-4227-A49B-12B861CFD9CD} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.8.1.14\WSCStub.exe [2016-11-12] (Symantec Corporation)
Task: {F435B8BD-847C-4787-89C2-9DA77D8F0E5A} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Start Battery Optimizer for PHILIPPPC@Philipp.job => C:\Program Files\ReviverSoft\Battery Optimizer\BatteryOptimizer.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Philipp\Knuddels\Knuddels.lnk -> C:\Users\Philipp\Knuddels\FirefoxPortable\KnuddelsApp.exe (PortableApps.com) -> hxxp://www.knuddels.de/?utm_medium=knu-windowsapp&utm_campaign=chromeproj-2015-q1&utm_source=knuddels&utm_content=foldericon-app-start
ShortcutWithArgument: C:\Users\Philipp\Desktop Neuererer\Neuer Ordner (3)\Free Rider HD Offline Editor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kffmoglgaljfcfaadaknkiipcclifcbn
ShortcutWithArgument: C:\Users\Philipp\Desktop\Programme\Knuddels.lnk -> C:\Users\Philipp\Knuddels\FirefoxPortable\KnuddelsApp.exe (PortableApps.com) -> hxxp://www.knuddels.de/?utm_medium=knu-windowsapp&utm_campaign=chromeproj-2015-q1&utm_source=knuddels&utm_content=desktopicon-app-start
ShortcutWithArgument: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Free Rider HD Offline Editor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kffmoglgaljfcfaadaknkiipcclifcbn
ShortcutWithArgument: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Google Notizen – Notizen & Listen.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knuddels.lnk -> C:\Users\Philipp\Knuddels\FirefoxPortable\KnuddelsApp.exe (PortableApps.com) -> hxxp://www.knuddels.de/?utm_medium=knu-windowsapp&utm_campaign=chromeproj-2015-q1&utm_source=knuddels&utm_content=menuicon-app-start
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-07-04 11:31 - 2014-07-04 11:31 - 15026272 _____ () C:\PROGRAM FILES\REVIVERSOFT\BATTERY OPTIMIZER\BATTERYOPTIMIZER.EXE
2014-09-20 16:04 - 2014-03-12 11:22 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2014-09-20 16:04 - 2014-03-12 11:22 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2014-01-08 00:00 - 2014-01-08 00:00 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-01-07 23:58 - 2014-01-07 23:58 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2014-01-08 00:03 - 2014-01-08 00:03 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2015-12-01 12:16 - 2015-12-01 12:16 - 03565376 _____ () C:\PROGRAM FILES (X86)\EYE-FI\EYEFIRECEIVER.EXE
2014-11-22 01:03 - 2014-11-22 01:03 - 00053248 _____ () C:\PROGRAM FILES\CCLEANER\lang\lang-1031.dll
2017-02-09 10:39 - 2017-02-01 10:47 - 02459992 _____ () C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\56.0.2924.87\libglesv2.dll
2017-02-09 10:39 - 2017-02-01 10:47 - 00099672 _____ () C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\56.0.2924.87\libegl.dll
2014-09-20 15:54 - 2013-12-10 16:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-12-01 12:16 - 2015-12-01 12:16 - 03565376 _____ () C:\Program Files (x86)\Eye-Fi\EyeFiReceiver.exe
2015-12-01 12:16 - 2015-12-01 12:16 - 00034600 _____ () C:\Program Files (x86)\Eye-Fi\bsptpWrapper.dll
2014-09-20 15:50 - 2013-03-05 04:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 10:41 - 2013-03-05 10:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4124424131-393341320-4018314666-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Philipp\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FF327D08-0E83-4265-AD6E-125A9CDA5C17}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{E586A55B-0D47-4ECF-8284-469D07A78D38}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{0882D561-B1F0-4742-8286-F766E425BA81}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8F4E5A2B-DFD1-4FDE-9581-5E85A1E272A5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1D01608E-EA5A-4D36-874C-C95CC90974A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B26E51CE-304D-418E-8694-FDE9F4367D59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{3D0D62B5-B7B7-4ADD-B5D7-1A84B7E5036D}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{7D47912D-8A8B-4ED2-B32E-9A7BAFAB4E75}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [{F4E4CC85-1220-4B7E-BDFC-21B976574A04}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B805509F-BA24-4CDF-9725-0CB95D3F1773}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F2172A19-02FC-42E6-84D6-F0B005E2C039}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\jrmcp.exe
FirewallRules: [{227C4FFE-4F85-455E-ACFC-2BA663E75234}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\jrmcp.exe
FirewallRules: [{21A04732-80FB-4D51-B15A-FE75BDD8A86B}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\jbp.exe
FirewallRules: [{E9E42981-FEF3-4593-BC65-A0E581C44DB9}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\jbp.exe
FirewallRules: [{2295AEA8-E508-4110-AEE6-D61C4F6AA482}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\jwmpp.exe
FirewallRules: [{AA26577C-72F8-4448-AEE3-1770C36B8026}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\jwmpp.exe
FirewallRules: [{D73765C3-7A8A-4579-8B37-7106AD227489}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\ffmpeg.exe
FirewallRules: [{6E5D1FB8-7EDF-47B3-B84F-2522F68A16B7}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\ffmpeg.exe
FirewallRules: [{C9196812-9C58-4FBE-A623-325FCC4B4453}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\aria2c.exe
FirewallRules: [{55E1C2B3-854C-4FB6-BFDB-F47DC3912AC7}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\aria2c.exe
FirewallRules: [{B9BF33AF-5B5A-4A6E-87C7-D25D31D7E4A8}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\qtCopy.exe
FirewallRules: [{94DE0582-F16A-4BA7-A5FB-EFEC0C08F2F9}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 5\qtCopy.exe
FirewallRules: [{34C213A9-B842-4DC3-80ED-5AFB534A63BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe
FirewallRules: [{48C6B1FF-5DD0-4CAF-9503-FAA463E1FEAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe
FirewallRules: [{E36B8FFF-B5F9-456B-B881-EFA471ED471F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Five Nights at Freddy's 2\FiveNightsatFreddys2.exe
FirewallRules: [{4823C9A0-1A74-4E31-AA48-1AEA7C2EF0B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Five Nights at Freddy's 2\FiveNightsatFreddys2.exe
FirewallRules: [{39ABFD5C-87B2-46F0-9234-5E507CAEEE5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Five Nights at Freddy's 3\FiveNightsatFreddys3.exe
FirewallRules: [{FA264C2E-94AD-4F1A-83E7-89720672A1E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Five Nights at Freddy's 3\FiveNightsatFreddys3.exe
FirewallRules: [TCP Query User{DD4638C5-CD57-45A3-9B65-A932A74FB403}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{042FA75A-B691-4388-867B-5675F786D91B}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{794B73CC-7C5E-4B1A-885B-54A58D8298B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{DE40A38D-330C-4369-824D-8F359DAB2D27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic 2014\DotP_D14.exe
FirewallRules: [{C1E908CE-D04F-4C00-B56A-D492C1E4B8ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{CF5C8710-CCAA-4F2F-A1B3-15A510F476C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{AC19456C-EC82-45AF-A19E-C7009D3D7ACB}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{385FB0F9-46D2-4242-967D-66C9B5BAF500}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{482147BC-E4AB-4C9B-903A-C479A643CFEE}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{B599C906-F234-4C97-983B-96F43FB302A2}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{2694E340-6B3C-4540-8CAA-62DDA38CB822}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{2CF370B1-E737-49CF-9DDD-7E204E9E382D}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{73464660-ED82-4A3C-812C-85B7CC4C3B96}] => (Allow) C:\Program Files (x86)\concept design\onlineTV 10\onlineTV.exe
FirewallRules: [{50353846-A6B7-4B5C-BE7E-867AA1FE55E2}] => (Allow) C:\Program Files (x86)\concept design\onlineTV 10\onlineTV.exe
FirewallRules: [{C33ED091-0714-436F-BF4E-AA93D9970D4E}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{9BC87778-C28D-44AB-9FC8-A5D1F700D808}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{ECC60705-7EF7-46FF-ACFA-B0338FADD6FF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{0CB85765-43DD-4A44-BC21-A66D02C6F032}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{91192B11-4205-42C4-9628-9F5F4571B3F6}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [TCP Query User{5AC64CA1-28F9-4023-B146-7CF2530F9375}C:\program files (x86)\applian technologies\replay media catcher 5\jrmcp.exe] => (Allow) C:\program files (x86)\applian technologies\replay media catcher 5\jrmcp.exe
FirewallRules: [UDP Query User{A125690A-C566-43FE-8E7A-D3C1FAFD1E48}C:\program files (x86)\applian technologies\replay media catcher 5\jrmcp.exe] => (Allow) C:\program files (x86)\applian technologies\replay media catcher 5\jrmcp.exe
FirewallRules: [TCP Query User{491E7E88-C755-4007-AAC5-5D038A0BF1DE}C:\program files\winhttrack\winhttrack.exe] => (Allow) C:\program files\winhttrack\winhttrack.exe
FirewallRules: [UDP Query User{89BDF25A-3CB1-41E2-B1A3-B88DB75AD7C5}C:\program files\winhttrack\winhttrack.exe] => (Allow) C:\program files\winhttrack\winhttrack.exe
FirewallRules: [TCP Query User{BE73FBF9-D4D4-4AAF-8DB5-DFE3BFBA77E6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{96AED6BF-66D9-457F-802D-C209FAECC34D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{8BA0F446-97FE-4125-B18A-DF7CAE163406}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3E7D18F3-DF0E-4F08-96C4-684C25390402}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4743ECB4-D9BA-40E2-A1D1-A2799C4303D8}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{ED93BCB9-2BD7-4081-82CE-6AEADCE76FFD}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{E3FA82E7-8033-45D5-9CC9-99785E8802A1}C:\program files (x86)\eye-fi\eyefireceiver.exe] => (Block) C:\program files (x86)\eye-fi\eyefireceiver.exe
FirewallRules: [UDP Query User{5C8C2927-1E03-4722-AE2B-62D04BBD4250}C:\program files (x86)\eye-fi\eyefireceiver.exe] => (Block) C:\program files (x86)\eye-fi\eyefireceiver.exe
FirewallRules: [{F73BDA00-2DC0-4A7D-AB28-BB69337FE7E4}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{C8622139-9EC3-40E4-B951-38C4DF113E57}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{BB1B0D24-C8B8-4DAA-9F26-91726DC9B4BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8-Bit Armies Demo\ClientLauncherG.exe
FirewallRules: [{895619F2-B3E8-4BC7-827D-E8B9E6981702}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8-Bit Armies Demo\ClientLauncherG.exe
FirewallRules: [{DACF4BB7-7CD8-49B6-8CAE-D02B7EE82E8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{5880AE63-381E-43FE-8FC2-15D8C76AB959}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{608708CE-E03B-449B-8CB0-41242302FE49}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{FD7E984F-AEAE-4A32-A53B-282362DF26F3}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{B5EF3771-05CD-47D6-97A6-AFBC674035E0}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{7FC8449A-AEB8-463E-8D1B-101B7D7C1971}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{F20CF0EC-3897-43A9-B10A-F4A8263C31EB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7C53AAB0-E332-40A2-ABC9-98CA93727E31}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F53AB713-3D3B-42F5-8AD1-A9685DD86E2D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{896E307D-B277-471E-B532-500F6729DD57}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
FirewallRules: [{3F834B17-C05D-48DF-B2E2-1F45BAEE85A2}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
FirewallRules: [TCP Query User{172531BE-4192-463F-B3BE-E16678FB76D9}C:\program files (x86)\eye-fi\eyefireceiver.exe] => (Block) C:\program files (x86)\eye-fi\eyefireceiver.exe
FirewallRules: [UDP Query User{710EEE2C-B217-4B6B-93C6-52375B18DEF7}C:\program files (x86)\eye-fi\eyefireceiver.exe] => (Block) C:\program files (x86)\eye-fi\eyefireceiver.exe
==================== Wiederherstellungspunkte =========================
16-02-2017 11:16:01 Windows Update
22-02-2017 22:05:41 Windows Update
01-03-2017 20:30:50 MyFormatConverter
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Integrated Webcam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/04/2017 06:42:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm CHROME.EXE, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 7c0
Startzeit: 01d2950e26e6cfaf
Endzeit: 12648
Anwendungspfad: C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
Berichts-ID: ef7a5ed4-0101-11e7-8332-38b1dbc495d6
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/04/2017 06:37:59 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (03/04/2017 06:37:59 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (03/04/2017 06:37:59 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (03/04/2017 06:37:58 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (03/04/2017 06:37:57 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Der Plug-In-Manager <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
(HRESULT : 0x8e5e0226) (0x8e5e0226)
Error: (03/04/2017 06:37:56 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. 0xc0041801 (0xc0041801)
Error: (03/04/2017 06:37:56 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (204)} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.
Details:
0x8e5e0226 (0x8e5e0226)
Error: (03/03/2017 03:31:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm EXPLORER.EXE, Version 6.3.9600.17667 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: fb8
Startzeit: 01d294238754feab
Endzeit: 0
Anwendungspfad: C:\WINDOWS\EXPLORER.EXE
Berichts-ID: c8133fe7-001d-11e7-8329-38b1dbc495d6
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/03/2017 02:41:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm EXPLORER.EXE, Version 6.3.9600.17667 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1438
Startzeit: 01d293e0c5a073a4
Endzeit: 0
Anwendungspfad: C:\WINDOWS\EXPLORER.EXE
Berichts-ID: bb72992e-0016-11e7-8329-38b1dbc495d6
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (03/07/2017 09:21:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Dell SupportAssist Agent" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (03/07/2017 09:21:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Dell SupportAssist Agent erreicht.
Error: (03/07/2017 09:16:53 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 07.03.2017 um 20:56:35 unerwartet heruntergefahren.
Error: (03/05/2017 04:08:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 05.03.2017 um 03:00:55 unerwartet heruntergefahren.
Error: (03/04/2017 06:38:07 PM) (Source: DCOM) (EventID: 10005) (User: PHILIPPPC)
Description: Fehler "1053" in DCOM, als der Dienst "WSearch" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (03/04/2017 06:38:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (03/04/2017 06:38:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Error: (03/04/2017 06:38:07 PM) (Source: DCOM) (EventID: 10005) (User: PHILIPPPC)
Description: Fehler "1053" in DCOM, als der Dienst "WSearch" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (03/04/2017 06:38:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (03/04/2017 06:38:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
CodeIntegrity:
===================================
Date: 2015-11-26 10:55:25.785
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-26 10:55:25.564
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-26 10:55:25.303
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-26 09:50:36.136
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-26 09:50:35.896
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-26 09:50:35.595
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-26 09:50:35.075
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-26 08:58:51.063
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-25 17:29:31.453
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-25 17:29:31.098
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 4000.18 MB
Verfügbarer physikalischer RAM: 1818.09 MB
Summe virtueller Speicher: 5792.18 MB
Verfügbarer virtueller Speicher: 3165.06 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:456.07 GB) (Free:71.7 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: DC223196)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
Lesestoff:
FRST 32-Bit | FRST 64-Bit
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
dann auf 
und dann auf 
.