|
Log-Analyse und Auswertung: Windows 7 verzögert seinen Start erheblichWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
30.08.2015, 14:35 | #1 |
| Windows 7 verzögert seinen Start erheblich Hallo Community, nach einiger Zeit lasse auch ich mich wieder blicken :P Ich habe seit ca. einem Monat ein Problem und konnte es bisher selber nicht lösen. Habe nur Anhaltspunkte. Erst Mal zu meinem System: Win 7 64 Bit 16 GB RAM I7 3770K SSD Samsung 128GB Normalerweise startet mein PC in binnen von Sekunden, jetzt aber dauert der Start ca. 2 Min. Nachdem Windows aber gestartet ist, ist wieder alles Super schnell.. Hatte in meinem PC SATA Platten noch drinnen, die jetzt ca. 12 Jahre im Gebrauch waren. Dachte, das hängt eventuell damit zusammen, da ich nicht alles auf die SSD installieren kann, wegen dem begrenzten Speicher. Jetzt habe ich eine neue Platte drinnen, aber keine Besserung. Im Ereignislog steht das die PID 1808 den Start um 205514ms verzögert hat. Nach langem Suchen, habe ich rausgebekommen, welcher Prozess hinter dem PID steht. Das ist die Svchost.exe ( Basisfiltermodul, Diagnoserichtliniendienst, Windows- Firewall ). Im Ereignislog, steht das übrigens unter der Katerogie Kritisch, aber bei Systemeinschränkung steht false. Unter der Katerogie Ktitisch ist auch die PID Nummer 1812 hinterlegt, konnte aber bisher nicht herausfinden, welcher Prozess dahinter steckt. Die Analyse von Sfc /scannow und Msconfig.exe haben auch keinen Erfolg gebracht..Habe sogar meine Tastatur raus gestöpselt, da einige der Meinung waren, Razer Tastaturen bringen öfters solche Probleme mit sich..Hatte ja bisher nie Probleme mit der Tastatur. Hier mein Hijacklog: HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 15:24:55, on 30.08.2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17910) FIREFOX: 40.0.3 (x86 de) Boot mode: Normal Running processes: C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe C:\Program Files (x86)\PhraseExpress\phraseexpress.exe C:\Users\xxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Security Task Manager\TaskMan.exe G:\Downloads\hijackthis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AdblockIE - {90EFF544-3981-4d46-85C9-C0361D0931D6} - mscoree.dll (file missing) O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [Duden Korrektor SysTray] C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Duden Korrektor SysTray] C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe (User 'Default user') O4 - Startup: Dropbox.lnk = xxx\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: PhraseExpress.lnk = C:\Program Files (x86)\PhraseExpress\phraseexpress.exe O8 - Extra context menu item: Add to Playlist - res://C:\Program Files (x86)\PacketVideo\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll/314 O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{6E52A770-4EE5-46C5-B4DC-A63EDB952A82}: NameServer = 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{BA931D55-3B76-4979-81B1-7FAC028934D2}: NameServer = 8.8.8.8 8.8.4.4 O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) -- End of file - 12171 bytes Wie, oder wo, kann ich selber solch eine Auswertung erlernen bzw. analysieren von Hijacklogs? Danke euch jetzt schon Mal. LG |
30.08.2015, 15:57 | #2 |
/// the machine /// TB-Ausbilder | Windows 7 verzögert seinen Start erheblich hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
30.08.2015, 16:38 | #3 |
| Windows 7 verzögert seinen Start erheblich Addiotion.txt
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-08-2015 durchgeführt von XXXX (2015-08-30 17:13:44) Gestartet von G:\Downloads Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2043602396-935714135-939607167-500 - Administrator - Disabled) Gast (S-1-5-21-2043602396-935714135-939607167-501 - Limited - Enabled) => C:\Users\Gast XXXX (S-1-5-21-2043602396-935714135-939607167-1000 - Administrator - Enabled) => C:\Users\XXXX ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: FireWall (Enabled) {CE40CCC0-8ADB-6D67-25A0-C5B6438E4B57} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.22 - GIGABYTE) ABBYY FineReader 11 (HKLM-x32\...\{F1100000-0011-0000-0001-074957833700}) (Version: 11.0.460 - ABBYY) Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - ) Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{123A22CB-6D84-4135-A71F-886C9119E996}) (Version: 99.9 - Eyeo GmbH) AdblockIE (HKLM-x32\...\{5508128A-2C7B-46B5-81F9-58E8E8115F0B}) (Version: 1.2 - af0.net) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.) Adobe Creative Suite 5.5 Production Premium (HKLM-x32\...\{F3E41C2A-3A29-476D-9685-3F8055AF696A}) (Version: 5.5 - Adobe Systems Incorporated) Adobe Dreamweaver CS5.5 (HKLM-x32\...\{0215A652-E081-4B09-9333-DC85AAB67FFA}) (Version: 11.5 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.) Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.) Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.) Alt.Binz 0.39.4 (HKLM-x32\...\Alt.Binz) (Version: 0.39.4 - Rdl) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.) AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.1.731 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Bat To Exe Converter Version 2.3.2 (HKLM\...\{60C29EC2-33E8-45EE-87E4-31FA3E35C539}_is1) (Version: 2.3.2 - Fatih Kodak) Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team) CCleaner (HKLM\...\CCleaner) (Version: 3.19 - Piriform) Cisco Packet Tracer 5.3.3 (HKLM-x32\...\Cisco Packet Tracer 5.3.3_is1) (Version: - Cisco Systems, Inc.) CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft) CodeWall Protection Suite 2009 v3.5.0 (HKLM-x32\...\CodeWall Protection Suite 2009_is1) (Version: - ) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation) Driver Booster 2.3 (HKLM-x32\...\Driver Booster_is1) (Version: 2.3 - IObit) Dropbox (HKU\S-1-5-21-2043602396-935714135-939607167-1000\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.) Duden-Rechtschreibprüfung PLUS (HKLM-x32\...\{45C5C113-AD43-414B-867D-7C0AF54276CB}) (Version: 8.01 - Bibliographisches Institut GmbH) EaseUS Partition Master 10.1 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS) EaseUS Partition Recovery 8.5 (HKLM-x32\...\EaseUS Partition Recovery_is1) (Version: - EaseUS) Easy Tune 6 B12.0210.2 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Easy Tune 6 B12.0210.2 (x32 Version: 1.00.0000 - GIGABYTE) Hidden FileViewPro (HKLM\...\FileViewPro_is1) (Version: 4.0 - Solvusoft Corporation) FileZilla Client 3.10.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.2 - Tim Kosse) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG) FOCA Free (HKLM-x32\...\{B66CFB02-1CF0-41E8-AA79-8C7FA8BEC0FF}) (Version: 3.0.0 - Informatica64) Fragen-Lern-CD 4.6 (HKLM-x32\...\de.wendel.flcd-de) (Version: 4.6.5 - Wendel-Verlag GmbH) Fragen-Lern-CD 4.6 (x32 Version: 4.6.5 - Wendel-Verlag GmbH) Hidden Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere) MAGIX Music Maker MX Premium Download-Version (HKLM-x32\...\MAGIX_MSI_mm18dlx) (Version: 18.0.0.42 - MAGIX AG) MAGIX Music Maker MX Premium Download-Version (Synthesizer und Effekte) (HKLM-x32\...\{83D6C933-0C42-4448-8A21-625AEE5B9FCB}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Music Maker MX Premium Download-Version (Visuals) (HKLM-x32\...\{58ACDDC2-F83B-4BCF-92F2-E98180E7BEC8}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Music Maker MX Premium Download-Version (x32 Version: 18.0.0.42 - MAGIX AG) Hidden Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1010 - Marvell) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Application Compatibility Toolkit 5.6 (HKLM-x32\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 - DEU (HKLM-x32\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (HKLM-x32\...\{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}) (Version: 2.0.50331.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Silverlight 3 SDK - Deutsch (HKLM-x32\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation) Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{8583E7E3-2237-4981-B957-E28E5E9AB678}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{92C5C058-E941-47C3-B7E8-38A79C605969}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (HKLM-x32\...\{9C3B8582-A72A-4835-8903-877A834407BB}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{197B3774-B7E6-4D50-AD0D-7F99B1E264D2}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft Sync Framework Runtime v1.0 SP1 (x64) de (HKLM\...\{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Framework SDK v1.0 SP1 de (HKLM-x32\...\{08DA8E46-ED67-451A-9246-50E0FF6959C9}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Framework Services v1.0 SP1 (x64) de (HKLM\...\{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de (HKLM\...\{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}) (Version: 2.0.3010.0 - Microsoft Corporation) Microsoft Team Foundation Server 2010-Objektmodell - DEU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - DEU) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (HKLM\...\{95A2AD24-BD44-3E39-A31F-CE928276577E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual F# 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{681F4E9F-34E0-36BD-BF2C-100554E403A5}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.1 (HKLM\...\{903029FE-FA82-427B-916C-AD08185DA3C2}) (Version: 1.10.123.0 - Microsoft) Mortal Kombat X (HKLM-x32\...\TW9ydGFsS29tYmF0WA==_is1) (Version: 1 - ) Mouse Recorder Pro 2.0.7.5 (HKLM-x32\...\{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1) (Version: - Nemex Studios) MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla) Mp3tag v2.52 (HKLM-x32\...\Mp3tag) (Version: v2.52 - Florian Heidenreich) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team) NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation) NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation) NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) O&O Defrag Free Edition (HKLM\...\{FD686BCC-33E0-4990-BB88-3DAA8C29511E}) (Version: 14.1.425 - O&O Software GmbH) Octoshape add-in for Adobe Flash Player (HKU\S-1-5-21-2043602396-935714135-939607167-1000\...\Octoshape add-in for Adobe Flash Player) (Version: - ) ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) OpenVPN 2.3.6-I001 (HKLM-x32\...\OpenVPN) (Version: 2.3.6-I001 - ) OpenVPN 2.3.6-I603 (HKLM\...\OpenVPN) (Version: 2.3.6-I603 - ) Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Password Recovery Bundle 2013 (HKLM-x32\...\Password Recovery Bundle 2013_is1) (Version: - Top Password Software, Inc.) PAYDAY 2 (HKLM-x32\...\PAYDAY 2_is1) (Version: - 505 Games) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PDF24 Creator 5.6.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PhraseExpress v11.0.114 (HKLM-x32\...\PhraseExpress_is1) (Version: 11.0.114 - Bartels Media GmbH) PingPlotter Freeware (HKLM-x32\...\{8C99C3CB-763F-4D87-8ACA-81B6899207B1}) (Version: 1.30.0.11 - Nessoft, LLC) Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.3.3 r1522 - ) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.) Recorder (HKLM-x32\...\ST6UNST #1) (Version: - ) Recuva (HKLM\...\Recuva) (Version: 1.42 - Piriform) Resident Evil Revelations 2 (HKLM-x32\...\Resident Evil Revelations 2_is1) (Version: - ) Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam) RouterControl 2.0 (HKLM-x32\...\RouterControl) (Version: - ) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1500.0 - SAMSUNG Electronics Co., Ltd.) Sandboxie 3.72 (64-bit) (HKLM\...\Sandboxie) (Version: 3.72 - SANDBOXIE L.T.D) Security Task Manager 2.0d (HKLM-x32\...\Security Task Manager) (Version: 2.0d - Neuber Software) Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SetEditSL40 (remove only) (HKLM-x32\...\SetEditSL40) (Version: - ) SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) SUPER © v2014.build.63+Recorder (2014/11/27) Version v2014.buil (HKLM-x32\...\{8E2A19E2-96BF-8659-4DA7-5C06C90719A4}_is1) (Version: v2014.build.63+Recorder - eRightSoft) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - ) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer) True Image 2013 (HKLM-x32\...\{59F3D2AC-5F1F-4A93-8F23-6FD4F029D9A9}Visible) (Version: 16.0.5551 - Acronis) True Image 2013 (x32 Version: 16.0.5551 - Acronis) Hidden Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.2 - Tunngle.net GmbH) Ulead GIF Animator 5 ESD (HKLM-x32\...\{8AF3E926-ED59-11D4-A44B-0000E86D2305}) (Version: - ) Ulead PhotoImpact X3 (HKLM-x32\...\InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}) (Version: 1.00.0000 - Corel) Ulead PhotoImpact X3 (x32 Version: 1.00.0000 - Corel) Hidden Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation) Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{0C5B0539-7EDE-4297-947E-48890971B557}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - ) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes) VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - ) Viscosity 1.0.0 (1081) (HKLM\...\{6B859FAA-B180-4779-A754-086A308C49CC-ViscosityV~FFB2FD88_is1) (Version: 1.0.0 - SparkLabs) VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN) VMware Guest Console (HKLM-x32\...\{F254F97C-BE95-45B0-906A-411D88D768D4}) (Version: 1.1.0 - VMware) VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 9.0.1 - VMware, Inc) VMware Workstation (Version: 9.0.1 - VMware, Inc.) Hidden Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation) Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc) Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2043602396-935714135-939607167-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) Wireshark 1.8.2 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.8.2 - The Wireshark developer community, hxxp://www.wireshark.org) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{0324178B-9928-1973-C007-56D9308A6BD5}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{97D17A04-4438-4C8E-BAC7-BC21B8B9E999}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) ==================== Wiederherstellungspunkte ========================= ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2015-01-12 02:19 - 00001027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {069F90C1-23D0-4BA3-911F-FB4BB4C905C5} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-04-07] (IObit) Task: {18BED193-4399-43D5-9AE7-E65ADE21BA56} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-22] (Google Inc.) Task: {35DC9B34-5C60-4BF3-B380-5EB204AEB3EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {37500177-0F80-45C8-927F-0C30C2AA0D00} - System32\Tasks\{7623D90C-C47A-4716-9204-EB617220E6BD} => C:\Users\XXXX\Desktop\RenaultImmCode.exe Task: {3E918253-F729-4EA9-A229-D5905631434B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {4FA889D8-29D5-480B-B6AE-6405F189711D} - System32\Tasks\Driver Booster SkipUAC (XXXX) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-04-07] (IObit) Task: {530EC9F8-B59D-4366-95CC-2F4511FC4FBC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000Core => C:\Users\XXXX\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.) Task: {6D842ED9-C852-4FE1-B48B-B5FA871E40AD} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-03-30] (IObit) Task: {6F692AF4-4838-4469-8D52-F94D801C2935} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-22] (Google Inc.) Task: {7692C8B6-965C-478A-9E74-F40635EEA3D0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000UA => C:\Users\XXXX\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.) Task: {9B1D94A7-9560-4992-85A1-0EE5C320A76E} - System32\Tasks\{06CCF1D8-0155-47F7-8E0B-2355C2D283AF} => C:\Users\XXXX\Desktop\RenaultImmCode.exe Task: {9B73D505-C388-4AF0-9A9A-1F2B5C0FEB13} - System32\Tasks\AdobeAAMUpdater-1.0-xxx-XXXX => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated) Task: {C945B595-803D-4EF2-A35E-44644B0F38E0} - System32\Tasks\{17094CEB-E0D7-4D24-A63D-B24689EF15BF} => pcalua.exe -a G:\Desktop\ydsrg\Ulead.PhotoImpact.X3\Ulead\setup.exe -d G:\Desktop\ydsrg\Ulead.PhotoImpact.X3\Ulead Task: {D2F3E914-A6BE-4EC9-9015-76BA3A75EF6F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {D4A6242C-2FE0-4F0D-A0F0-B2BD73EBDC6B} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.) Task: {F7511065-BB34-49D4-A2E6-2AFE4E4D0979} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000Core.job => C:\Users\XXXX\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000UA.job => C:\Users\XXXX\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2012-12-17 22:52 - 2015-08-07 06:34 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-05-06 12:06 - 2003-04-18 19:06 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe 2015-02-05 01:24 - 2015-02-05 01:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2015-02-14 14:26 - 2015-08-03 17:55 - 00483864 _____ () C:\Program Files (x86)\PhraseExpress\pexlang.dll 2015-08-30 13:29 - 2015-08-30 13:29 - 00071168 _____ () c:\Users\XXXX\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4f9gwv.dll 2015-03-04 23:45 - 2015-08-05 22:49 - 00012800 _____ () C:\Users\XXXX\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-03-04 23:45 - 2015-08-05 22:49 - 00779776 _____ () C:\Users\XXXX\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-07-31 18:39 - 2015-08-05 22:49 - 00056320 _____ () C:\Users\XXXX\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-03-04 23:45 - 2015-08-05 22:49 - 00012288 _____ () C:\Users\XXXX\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll 2015-04-13 21:02 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2014-10-15 17:06 - 2014-10-15 17:06 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\38485cf51c91ff758c145158360bbb97\IsdiInterop.ni.dll 2012-05-04 15:58 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-05-04 15:57 - 2011-12-16 10:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-06-13 22:50 - 2013-05-20 08:58 - 00620718 _____ () C:\Program Files (x86)\Security Task Manager\sqlite3.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\XXXX\Desktop\20121127_211255.mp4.mp4:com.dropbox.attributes AlternateDataStreams: C:\Users\XXXX\Desktop\XXXX.bak:com.dropbox.attributes AlternateDataStreams: C:\Users\XXXX\Desktop\Teil2.jpg:com.dropbox.attributes ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2043602396-935714135-939607167-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: AcrSch2Svc => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: afcdpsrv => 2 MSCONFIG\Services: AllShare Play Service => 2 MSCONFIG\Services: BDESVC => 3 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: CGVPNCliService => 2 MSCONFIG\Services: defragsvc => 3 MSCONFIG\Services: ehRecvr => 3 MSCONFIG\Services: ehSched => 3 MSCONFIG\Services: EventSystem => 3 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: FirebirdServerMAGIXInstance => 3 MSCONFIG\Services: IDriverT => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: lxdiCATSCustConnectService => 2 MSCONFIG\Services: lxdi_device => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NAUpdate => 2 MSCONFIG\Services: OODefragAgent => 3 MSCONFIG\Services: OpenVPNService => 3 MSCONFIG\Services: pcapsvc => 2 MSCONFIG\Services: PSEXESVC => 3 MSCONFIG\Services: rpcapd => 3 MSCONFIG\Services: Samsung Link Service => 2 MSCONFIG\Services: SbieSvc => 3 MSCONFIG\Services: Serviio => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: SQLWriter => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: Stereo Service => 2 MSCONFIG\Services: SwitchBoard => 3 MSCONFIG\Services: syncagentsrv => 2 MSCONFIG\Services: TabletInputService => 3 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\Services: TunngleService => 3 MSCONFIG\Services: VIAKaraokeService => 2 MSCONFIG\Services: VMAuthdService => 2 MSCONFIG\Services: VMUSBArbService => 2 MSCONFIG\Services: VMwareHostd => 2 MSCONFIG\Services: WMPNetworkSvc => 2 MSCONFIG\Services: WSearch => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DeskNotifier.lnk => C:\Windows\pss\DeskNotifier.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Twonky Tray Control.lnk => C:\Windows\pss\Twonky Tray Control.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnk.Startup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung SSD Magician.lnk => C:\Windows\pss\Samsung SSD Magician.lnk.Startup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Serviio.lnk => C:\Windows\pss\Serviio.lnk.Startup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk.Startup MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: AllShare Play => C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: Bonus.SSR.FR11 => "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun MSCONFIG\startupreg: CloneCDTray => "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW MSCONFIG\startupreg: Dropbox Update => "C:\Users\XXXX\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c MSCONFIG\startupreg: Duden Korrektor SysTray => C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r MSCONFIG\startupreg: HP Officejet Pro 8600 (NET) => "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN241BS0JD05KC:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1 MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KiesHelper => I:\Program Files (x86)\Kies\KiesHelper.exe /s MSCONFIG\startupreg: KiesPDLR => I:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe MSCONFIG\startupreg: KiesTrayAgent => I:\Program Files (x86)\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: lxdiamon => "C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe" MSCONFIG\startupreg: lxdimon.exe => "C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe" MSCONFIG\startupreg: Lycosa => "C:\Program Files (x86)\Razer\Lycosa\razerhid.exe" MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background MSCONFIG\startupreg: NBAgent => "I:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart MSCONFIG\startupreg: ncid.Net => "I:\Program Files (x86)\ncid.Net\ncid.Net.exe" wait MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: OODefragTray => C:\Program Files\OO Software\Defrag\oodtray.exe MSCONFIG\startupreg: PDFPrint => i:\Program Files (x86)\PDF24\pdf24.exe MSCONFIG\startupreg: ProxyCap => C:\PROGRA~1\PROXYL~1\ProxyCap\pcapui.exe MSCONFIG\startupreg: QuickTime Task => "I:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" MSCONFIG\startupreg: Samsung Link => "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe" MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" MSCONFIG\startupreg: Ulead AutoDetector v2 => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" MSCONFIG\startupreg: Vidalia => "C:\Program Files (x86)\Vidalia Bridge Bundle\Vidalia\vidalia.exe" MSCONFIG\startupreg: VirtualCloneDrive => "I:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s MSCONFIG\startupreg: vmware-tray.exe => "I:\Program Files (x86)\VMware\vmware-tray.exe" MSCONFIG\startupreg: VX3000 => C:\Windows\vVX3000.exe MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe MSCONFIG\startupreg: Windows Mobile-based device management => %WINDIR%\WindowsMobile\wmdcBase.exe MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{AEDAC9C9-1FE5-43DA-BF49-2CFAB5D41D94}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{0E6861A0-5CB8-40C1-947B-F6D63708E1E5}] => (Allow) LPort=2869 FirewallRules: [{08EE668D-A796-4691-93B3-7E9B676D04F3}] => (Allow) LPort=1900 FirewallRules: [{08D6886A-5E34-405F-8A3F-1F072408C658}] => (Allow) C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{520F9C17-AFFA-45F1-BCEB-5C9198EABC41}] => (Allow) C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{4B03CF2B-7117-4E2B-90A8-33970783DE43}C:\users\XXXX\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\XXXX\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{77CE7E9A-C8B8-4E16-9A20-082FBD4189B8}C:\users\XXXX\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\XXXX\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{C888EA44-92A1-4CE4-8BF0-2876DF41A017}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{2D845376-B8CF-4E8C-AA75-480E30F39729}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{87D2C998-2F24-4DCD-9975-2122D227E506}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{8C7D72C7-8495-46B0-AFDB-3BAFCB32D77F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{7309C3C5-E569-4D4E-8F68-8CE7A9C98AE9}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{7CB1E3BB-826B-4F94-9C1A-166AD44D7B2F}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{80769F4B-865F-4E7E-9F56-854ACFBC6D79}] => (Allow) I:\Program Files (x86)\VMware\vmware-authd.exe FirewallRules: [{D712C87A-B244-4C22-ADB0-AA99220876A3}] => (Allow) I:\Program Files (x86)\VMware\vmware-authd.exe FirewallRules: [{338A7708-AF3E-4942-88B8-5BED82E8CB55}] => (Allow) I:\Program Files (x86)\VMware\vmware-hostd.exe FirewallRules: [{05BD51E9-C6D6-4A2F-8859-C0F5360DFA57}] => (Allow) I:\Program Files (x86)\VMware\vmware-hostd.exe FirewallRules: [{8AC93B9A-9F55-4BA5-B208-74E50D0403C6}] => (Allow) LPort=8743 FirewallRules: [{BA979404-4F8F-4FC0-894C-5906F6C6252E}] => (Allow) LPort=8643 FirewallRules: [{5CE09C16-6A5A-4879-8284-89D2CC2127B1}] => (Allow) LPort=7676 FirewallRules: [{ECB68A50-B6C9-429E-8DC0-046C066C6EA9}] => (Allow) LPort=7679 FirewallRules: [{F649F412-40A2-40BD-BB0C-E7CC4F33A65C}] => (Allow) LPort=24234 FirewallRules: [{5AD1D472-7112-45EC-9DAD-9ACCE93AC08D}] => (Allow) LPort=7900 FirewallRules: [{80F19489-EE47-4A54-93C8-7ADB1D1F85E8}] => (Allow) LPort=1900 FirewallRules: [{4EA6F7B8-AE19-4540-8664-109D78C6BE79}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{BEFA2E63-E0D9-4854-BDDE-CF69C326548A}] => (Allow) LPort=8743 FirewallRules: [{2EBF1CD5-2B8A-4E1D-8833-3206A5CCF6C2}] => (Allow) LPort=8643 FirewallRules: [{8DC72734-6132-4EB9-B1C1-C0BC931B897B}] => (Allow) LPort=7676 FirewallRules: [{A737E3CB-3875-40C2-BED0-414E9982F325}] => (Allow) LPort=7679 FirewallRules: [{890F3363-901E-442A-A1E5-5FB17749218D}] => (Allow) LPort=24234 FirewallRules: [{F954FC3A-FC2D-44E2-B696-F09280A3FFB6}] => (Allow) LPort=7900 FirewallRules: [{96B2AA0A-A53D-4E41-939B-650690088251}] => (Allow) LPort=1900 FirewallRules: [{63FA351D-BCC7-419E-B075-946E6B9B4C95}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{B127E7A8-8E20-4CBB-97E2-28CFEAA0A7ED}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{0EB5BF35-C9BB-488F-B6DF-A6B874F5338E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{537E8EBF-4FA3-4A71-87C3-5462F2B5EC48}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{6289B3B4-BE89-4FF6-AD9D-2A0703BF33D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe FirewallRules: [{F60A2DE1-B286-4329-9DCA-21668A907C20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe FirewallRules: [{D537E452-F426-4A2F-BABE-600C7EC8480E}] => (Allow) LPort=3333 FirewallRules: [{63B7FB88-14A6-4CBC-9DBB-D510EC3848FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe FirewallRules: [{4A5FB236-395D-4203-8879-A381457CEC18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe FirewallRules: [{3830F125-B012-489D-B8F5-D8891B13C985}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{8603A60C-F713-4C96-9F49-1EA5307C2D2A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{6396037E-838B-457E-8458-2DE2F4FD61F5}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{9F1E4F1C-A5F6-4BDD-952E-1071A51491F2}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{C79E8855-B891-4A1C-AA73-7E28B054332F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe FirewallRules: [{7ED5AE1A-B10F-400B-B3C6-9CC9CC1B9D90}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe FirewallRules: [{4FBF630A-F416-4B83-89D8-DD1C4C8F20D2}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe FirewallRules: [{0C8568E3-B34F-4E0A-974C-23ECEAD90A6E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe FirewallRules: [{F70B9775-5092-4A0B-8CAE-54B5CDDCCD0A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe FirewallRules: [{0173288E-ED6B-413A-9F1D-F07BF70BE28F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{59E1393D-5E3A-4E77-A09E-BD4A1A5B750E}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{CA14FEEB-E258-4719-8236-94BCDA76BDF3}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{F045ED46-B32C-4177-AE14-B81ACAF2027B}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{D1AB8FAF-92FE-4B67-90EE-4B481352A6BA}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{AAF296FA-8C84-4262-ACD3-9703D4E3EBD5}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{1387DF72-95D7-4E5E-A7D1-FCF7B377594A}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{0F56AE10-D2B5-4C6D-8947-16B179371BEA}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{88793C40-CAE3-4A10-AE1A-FE95E5BD4F4F}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{A78E0005-99AB-4FB1-B411-75FE2A9D39A5}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{6214D3E0-E8A8-4676-A04A-FAF8757BFD2F}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{53E87557-31C2-42F8-97E6-D4D35E7D6E9B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{EA9CCF97-801F-4EC3-999A-95EBD6B1BCB8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{8DA6CB88-F740-41B9-B636-E1ECAACBADC3}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{41E735F5-7C23-4A5E-A70D-90C86985A33F}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{317050C6-EE52-4F9A-A2A2-3902C65C70D1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{00716481-1A34-4798-ACF9-52A809C163A6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{B522CC94-1D05-4CBB-A7B9-D7F57FFF1505}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{D89680B7-C151-4200-82A1-3A1D5C547534}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{EF1D4947-84D5-485F-9D45-D6A91C61A28E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{D76A4767-C4BB-4355-A54E-9070A60D4B11}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{C9B868A0-939A-42ED-AE7C-A81EAD596B05}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{DB61667E-7381-499C-9BE8-A6F9E74305DE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{27D18EB8-5E18-42A1-B09E-A49CE747DE38}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B8FB9700-AD4D-4036-B357-3D26AD7307F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D55B51B8-C605-42E1-8FA2-221471BA3B0B}] => (Allow) C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe FirewallRules: [{AA266365-987A-460E-8C38-5ED10674B5F1}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe FirewallRules: [{CBD96846-E6BE-49AE-A3CA-68E13499259F}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe FirewallRules: [TCP Query User{84F801E9-933D-4EED-98E9-7D59C9A12213}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{4DADCD5C-077F-44EA-9C2F-A10B4AABDEB9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{758144FC-A84F-4E80-BF73-8DE301BDE756}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{6D49665C-E1D6-4A8E-96F7-BF37667AF6B1}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{5C5A22F4-5F5F-4E30-AB74-E1C5351BB3CE}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{7B4DF862-4345-479F-8431-41EBFDF01235}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{7DE60579-47EC-4734-8C46-CB01F989AEC4}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{D37984B1-2AD8-42B4-A9BE-0C3FF2193D1E}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{B1296283-4FA3-4E29-9FC0-C9524105C7CF}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{0D72E523-DE57-403F-8211-10F0746FAE84}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{FD4142AE-682B-4534-A04F-B8B3E7F21C63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{191705A0-C9B1-45C2-BA2F-E2C6BCFD39A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{6D8619F1-BEF3-416E-971B-959ED0EBB750}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{1128D4A8-CFDA-491C-94AC-4A244E6584BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{47FC8FBC-B5AA-4E31-859E-5466CD9180BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{665C8E9E-8A76-4DC4-A68E-74A3FDC3BA14}] => (Allow) C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe FirewallRules: [{14A52900-F6E3-4D06-AC3A-109E631A8E08}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{9668403E-9360-440D-BF6F-A8C4E544FCFB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{C7D06BEE-2837-4C6F-A20F-8787F4F9FC27}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{8EDFC29F-C88A-4B54-A8BF-71B595F92B20}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{34D74527-D7F5-4EB6-A374-D134DD7E1855}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Tortilla Adapter Description: Tortilla Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: CrowdStrike Service: Tortilla Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: VIA USB 3 Root Hub Description: VIA USB 3 Root Hub Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: VIA Service: VUSB3HUB Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. . Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {2597e8a4-1da1-41d6-a6f7-32d6f44a08c8} Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. ] Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {2597e8a4-1da1-41d6-a6f7-32d6f44a08c8} Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. . Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4} Generatorname: ASR Writer Generatorinstanz-ID: {f85d9044-5acc-4619-825b-a2d6e36ebc0e} Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. ] Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4} Generatorname: ASR Writer Generatorinstanz-ID: {f85d9044-5acc-4619-825b-a2d6e36ebc0e} Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 12346) (User: ) Description: Volumeschattenkopie-Fehler: Beim Initialisieren des Registrierungs-Generators ist ein Fehler "0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. " aufgetreten. Dies kann dazu führen, dass keine Schattenkopien mehr erstellt werden können. Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. . Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f} Generatorname: COM+ REGDB Writer Generatorinstanz-ID: {87415d29-e8ee-4bca-80e1-1e65f38793a8} Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. ] Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f} Generatorname: COM+ REGDB Writer Generatorinstanz-ID: {87415d29-e8ee-4bca-80e1-1e65f38793a8} Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 12342) (User: ) Description: Volumeschattenkopie-Fehler: Beim Initialisieren des Registrierungs-Generators ist ein Fehler "0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. " aufgetreten. Dies kann dazu führen, dass keine Schattenkopien mehr erstellt werden können. Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Subscribing the Registry server writer failed. hr = 8004230208lx" ist ein unerwarteter Fehler aufgetreten. hr = 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. . Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. . Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {afbab4a2-367d-4d15-a586-71dbb18f8485} Generatorname: Registry Writer Generatorinstanz-ID: {a7cc3166-97c8-4bc0-b5c1-e9e442ec2330} Systemfehler: ============= Error: (08/30/2015 01:30:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" ist vom Dienst "COM+-Ereignissystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (08/30/2015 01:30:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC) Error: (08/30/2015 01:28:42 PM) (Source: ipnathlp) (EventID: 1233) (User: ) Description: Error: (08/30/2015 01:28:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Benachrichtigungsdienst für Systemereignisse" ist vom Dienst "COM+-Ereignissystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (08/30/2015 12:25:57 AM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (08/30/2015 12:05:32 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" ist vom Dienst "COM+-Ereignissystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (08/30/2015 12:05:32 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1068BITS{4991D34B-80A1-4291-83B6-3328366B9097} Error: (08/30/2015 12:05:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" ist vom Dienst "COM+-Ereignissystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (08/30/2015 12:03:30 AM) (Source: ipnathlp) (EventID: 1233) (User: ) Description: Error: (08/30/2015 12:03:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Benachrichtigungsdienst für Systemereignisse" ist vom Dienst "COM+-Ereignissystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Microsoft Office: ========================= Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {2597e8a4-1da1-41d6-a6f7-32d6f44a08c8} Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 13) (User: ) Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {2597e8a4-1da1-41d6-a6f7-32d6f44a08c8} Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4} Generatorname: ASR Writer Generatorinstanz-ID: {f85d9044-5acc-4619-825b-a2d6e36ebc0e} Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 13) (User: ) Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4} Generatorname: ASR Writer Generatorinstanz-ID: {f85d9044-5acc-4619-825b-a2d6e36ebc0e} Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 12346) (User: ) Description: 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f} Generatorname: COM+ REGDB Writer Generatorinstanz-ID: {87415d29-e8ee-4bca-80e1-1e65f38793a8} Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 13) (User: ) Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f} Generatorname: COM+ REGDB Writer Generatorinstanz-ID: {87415d29-e8ee-4bca-80e1-1e65f38793a8} Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 12342) (User: ) Description: 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Subscribing the Registry server writer failed. hr = 8004230208lx0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. Error: (08/30/2015 05:13:45 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {afbab4a2-367d-4d15-a586-71dbb18f8485} Generatorname: Registry Writer Generatorinstanz-ID: {a7cc3166-97c8-4bc0-b5c1-e9e442ec2330} CodeIntegrity: =================================== Date: 2014-10-15 15:36:20.344 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:20.343 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:07.945 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:07.944 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:06.378 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:06.377 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:06.309 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:06.308 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:01.390 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:01.389 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz Prozentuale Nutzung des RAM: 24% Installierter physikalischer RAM: 16346.1 MBVerfügbarer physikalischer RAM: 12358.52 MB Summe virtueller Speicher: 27331.43 MB Verfügbarer virtueller Speicher: 22845.58 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:119.14 GB) (Free:0.36 GB) NTFS Drive e: (Lokaler Datenträger) (Fixed) (Total:532.31 GB) (Free:311.5 GB) NTFS Drive g: (Datenablage verschlüsselt) (Fixed) (Total:787.7 GB) (Free:457.66 GB) NTFS Drive i: (Lokaler Datenträger) (Fixed) (Total:543 GB) (Free:334.53 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 287BD303) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 1863 GB) (Disk ID: 08AF215D) Partition 1: (Not Active) - (Size=543 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=532.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=787.7 GB) - (Type=OF Extended) ==================== Ende von Addition.txt ============================ |
30.08.2015, 16:39 | #4 |
| Windows 7 verzögert seinen Start erheblich FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-08-2015 durchgeführt von XXXX (Administrator) auf XXXXXXXX (30-08-2015 17:13:17) Gestartet von G:\Downloads Geladene Profile: XXXX (Verfügbare Profile: XXXX & Gast & DefaultAppPool) Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe () C:\Windows\SysWOW64\srvany.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\alg.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Dropbox, Inc.) C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\splwow64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Neuber Software) C:\Program Files (x86)\Security Task Manager\TaskMan.exe (Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKU\S-1-5-21-2043602396-935714135-939607167-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-18\...\Run: [Duden Korrektor SysTray] => C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe [332432 2011-07-14] (Expert System S.p.A.) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-08-23] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-08-23] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-08-23] (Acronis) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk [2015-02-14] ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH) Startup: C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-05-05] ShortcutTarget: Dropbox.lnk -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{6E52A770-4EE5-46C5-B4DC-A63EDB952A82}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{A7C49B14-6673-4ADC-A993-8E7C8533DC84}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{BA931D55-3B76-4979-81B1-7FAC028934D2}: [NameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{CCC0AE25-2C9A-4910-A809-139875360682}: [DhcpNameServer] 7.254.254.254 Tcpip\..\Interfaces\{DC1707F8-7594-46B9-AD69-0A7D1857CA76}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-2043602396-935714135-939607167-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKU\S-1-5-21-2043602396-935714135-939607167-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ SearchScopes: HKLM -> {DF996584-63EC-4EAB-ADFE-FA9F5827E441} URL = hxxp://www.sm.de/?q={searchTerms} SearchScopes: HKU\S-1-5-21-2043602396-935714135-939607167-1000 -> DefaultScope {59826FA5-C97C-46CF-A838-A3F839956BF4} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2043602396-935714135-939607167-1000 -> {59826FA5-C97C-46CF-A838-A3F839956BF4} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2043602396-935714135-939607167-1000 -> {DF996584-63EC-4EAB-ADFE-FA9F5827E441} URL = hxxp://www.sm.de/?q={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Adblock Plus) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-30] (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-30] (Oracle Corporation) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus) Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Keine Datei Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Keine Datei Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default FF SearchEngineOrder.1: SuchMaschine FF Homepage: hxxp://www.google.de/ FF NetworkProxy: "autoconfig_url", "https://www.premiumize.me/682379127/proxy.pac" FF NetworkProxy: "backup.ftp", "localhost" FF NetworkProxy: "backup.ftp_port", 8181 FF NetworkProxy: "backup.gopher", "217.17.241.245" FF NetworkProxy: "backup.gopher_port", 80 FF NetworkProxy: "backup.socks", "localhost" FF NetworkProxy: "backup.socks_port", 8181 FF NetworkProxy: "backup.ssl", "localhost" FF NetworkProxy: "backup.ssl_port", 8181 FF NetworkProxy: "ftp", "localhost" FF NetworkProxy: "ftp_port", 8118 FF NetworkProxy: "gopher", "221.12.147.80" FF NetworkProxy: "gopher_port", 808 FF NetworkProxy: "share_proxy_settings", true FF NetworkProxy: "socks", "localhost" FF NetworkProxy: "socks_port", 8118 FF NetworkProxy: "ssl", "localhost" FF NetworkProxy: "ssl_port", 8118 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-30] () FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-04-02] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.1 -> I:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> I:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems) FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-30] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-04-02] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> I:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> I:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> I:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems) FF Plugin HKU\S-1-5-21-2043602396-935714135-939607167-1000: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll Keine Datei FF user.js: detected! => C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\user.js [2014-10-15] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-05-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-05-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-05-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-05-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-05-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.) FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\duckduckgo.xml [2014-06-11] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\englische-ergebnisse.xml [2012-09-29] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\gmx-suche.xml [2012-09-29] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\lastminute.xml [2012-09-29] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\search_engine.xml [2014-05-20] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\startpage-ssl.xml [2014-06-22] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\webde-suche.xml [2012-09-29] FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\de_DE@dicts.j3e.de [2015-02-28] FF Extension: British English Dictionary (Updated) - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\en-gb@flyingtophat.co.uk [2015-06-26] FF Extension: United States English Spellchecker - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\en-US@dictionaries.addons.mozilla.org [2014-07-01] FF Extension: Virtus Search Opt-in - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\extension@virtusdesigns.com [2013-03-30] FF Extension: Real-Debrid Plugin - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\real@debrid [2015-02-15] FF Extension: Türkçe Yazım Denetimi - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\tr-fix@dictionaries.addons.mozilla.org [2015-06-26] FF Extension: mediaplayerconnectivity - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6} [2015-05-29] FF Extension: WOT - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-10] FF Extension: Block site - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2015-05-29] FF Extension: Alldebrid - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\alldebrid@alldebrid.com.xpi [2013-03-30] FF Extension: CanvasBlocker - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\CanvasBlocker@kkapsner.de.xpi [2015-06-21] FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\elemhidehelper@adblockplus.org.xpi [2015-06-27] FF Extension: Firebug - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\firebug@software.joehewitt.com.xpi [2014-05-30] FF Extension: Ghostery - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\firefox@ghostery.com.xpi [2015-01-21] FF Extension: ProxTube - Unblock YouTube - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11] FF Extension: YouTube Center - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2013-09-24] FF Extension: User-Agent Switcher - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\jid1-kyxEAcWua7BEKq@jetpack.xpi [2015-06-07] FF Extension: Premiumize.me - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi [2015-06-07] FF Extension: Türkçe (TR) Language Pack - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\langpack-tr@firefox.mozilla.org.xpi [2015-05-20] FF Extension: Personas Plus - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\personas@christopher.beard.xpi [2013-03-30] FF Extension: Save as PDF - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2013-03-30] FF Extension: Test Pilot - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-03-30] FF Extension: Stylish - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-03-30] FF Extension: NoScript - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-30] FF Extension: Tamper Data - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2013-03-30] FF Extension: Biet-O-Matic Firefox Erweiterung - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{B0D70E72-2FC1-4b9f-A3D4-5921C854D906}.xpi [2013-03-30] FF Extension: Web Developer - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2013-03-30] FF Extension: Adblock Plus - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-30] FF Extension: Disable Anti-Adblock - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi [2014-05-30] FF Extension: Tab Mix Plus - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-03-30] FF Extension: Greasemonkey - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-08-28] FF Extension: User Agent Switcher - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2014-02-04] FF Extension: Adblock Edge - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-02-27] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-08-28] Chrome: ======= CHR Profile: C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-22] CHR Extension: (Google Docs) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-22] CHR Extension: (Google Drive) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-22] CHR Extension: (YouTube) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-22] CHR Extension: (Google Search) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-22] CHR Extension: (Google Sheets) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-22] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12] CHR Extension: (Chrome Web Store Payments) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-22] CHR Extension: (Gmail) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-22] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Datei ist nicht signiert] S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Datei ist nicht signiert] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation) S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Datei ist nicht signiert] S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation) S4 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3049800 2011-01-12] (O&O Software GmbH) S4 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [33080 2014-12-01] (The OpenVPN Project) S4 PSEXESVC; C:\Windows\PSEXESVC.EXE [181064 2014-05-28] (Sysinternals) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] () S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.) S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [98576 2012-06-17] (SANDBOXIE L.T.D) S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation) S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert] S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH) S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [792016 2015-02-09] (Tunngle.net GmbH) S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2015-04-27] (VIA Technologies, Inc.) S4 VMAuthdService; I:\Program Files (x86)\VMware\vmware-authd.exe [79872 2012-11-01] (VMware, Inc.) [Datei ist nicht signiert] S4 VMwareHostd; I:\Program Files (x86)\VMware\vmware-hostd.exe [13234176 2012-11-01] () [Datei ist nicht signiert] R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] () S3 BIG187TR; C:\Windows [0 2015-08-30] () <==== ACHTUNG (Null Byte Datei/Ordner) S3 BIG187TR; C:\Windows\SysWow64 [0 2015-08-30] () <==== ACHTUNG (Null Byte Datei/Ordner) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [Datei ist nicht signiert] S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14920 2013-03-07] () [Datei ist nicht signiert] S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [Datei ist nicht signiert] S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [Datei ist nicht signiert] R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-04-27] (REALiX(tm)) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2015-04-27] (Qualcomm Atheros Co., Ltd.) R3 Lycosa; C:\Windows\System32\drivers\Lycosa.sys [28928 2015-04-27] (Razer USA Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-30] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-04-27] (Intel Corporation) S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation) S3 prwntdrv; C:\Windows\system32\prwntdrv.sys [18528 2014-10-23] () S3 prwntdrv; C:\Windows\SysWOW64\prwntdrv.sys [15456 2014-10-23] () R3 rzp1endpt; C:\Windows\System32\DRIVERS\rzp1endpt.sys [40104 2014-12-30] (Razer Inc) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.) R3 rzvmouse; C:\Windows\System32\DRIVERS\rzvmouse.sys [31912 2014-12-30] (Razer Inc) S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [166576 2012-06-17] (SANDBOXIE L.T.D) R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [1093256 2013-01-06] (Acronis) S3 Tortilla; C:\Windows\System32\DRIVERS\tortilla.sys [14992 2014-01-19] () S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation) R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [166024 2013-01-06] (Acronis) R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.) S3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [204800 2011-11-15] (VIA Technologies, Inc.) R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [296960 2015-04-27] (VIA Technologies, Inc.) S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-30 17:13 - 2015-08-30 17:13 - 00000000 ____D C:\FRST 2015-08-30 14:48 - 2015-08-30 15:24 - 00012173 _____ C:\Users\XXXX\Desktop\hijackthis.log 2015-08-30 13:28 - 2015-08-30 13:28 - 00000168 _____ C:\Windows\setupact.log 2015-08-30 13:28 - 2015-08-30 13:28 - 00000000 _____ C:\Windows\setuperr.log 2015-08-30 02:50 - 2015-08-30 02:50 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-08-30 02:50 - 2015-08-30 02:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-30 02:29 - 2015-08-30 02:29 - 00000000 _____ C:\Windows\system32\REN391B.tmp 2015-08-30 02:26 - 2015-08-30 02:26 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Sun 2015-08-30 02:26 - 2015-08-30 02:26 - 00000000 ____D C:\Users\XXXX\.oracle_jre_usage 2015-08-28 19:45 - 2015-08-30 01:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-26 00:07 - 2015-08-26 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-08-24 14:34 - 2015-08-24 14:37 - 00003183 ____H C:\Windows\EPMBatch.ept 2015-08-24 13:28 - 2015-08-24 13:28 - 00001330 _____ C:\Users\Public\Desktop\EaseUS Partition Master 10.1.lnk 2015-08-24 13:28 - 2015-08-24 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.1 2015-08-24 13:28 - 2014-04-04 00:42 - 03382440 _____ C:\Windows\system32\BootMan.exe 2015-08-24 13:28 - 2014-04-04 00:25 - 02499752 _____ C:\Windows\SysWOW64\BootMan.exe 2015-08-24 13:28 - 2013-03-07 09:49 - 00100936 _____ C:\Windows\system32\setupempdrvx64.exe 2015-08-24 13:28 - 2013-03-07 09:49 - 00087112 _____ C:\Windows\SysWOW64\setupempdrv03.exe 2015-08-24 13:28 - 2013-03-07 09:49 - 00019840 _____ C:\Windows\SysWOW64\EuEpmGdi.dll 2015-08-24 13:28 - 2013-03-07 09:49 - 00017480 _____ C:\Windows\system32\epmntdrv.sys 2015-08-24 13:28 - 2013-03-07 09:49 - 00016256 _____ C:\Windows\system32\EuEpmGdi.dll 2015-08-24 13:28 - 2013-03-07 09:49 - 00014920 _____ C:\Windows\SysWOW64\epmntdrv.sys 2015-08-24 13:28 - 2013-03-07 09:49 - 00009800 _____ C:\Windows\system32\EuGdiDrv.sys 2015-08-24 13:28 - 2013-03-07 09:49 - 00009160 _____ C:\Windows\SysWOW64\EuGdiDrv.sys 2015-08-18 00:34 - 2015-08-21 03:23 - 00978676 _____ C:\Users\XXXX\Desktop\XXXX.rar 2015-08-17 10:14 - 2015-08-29 18:54 - 00003270 _____ C:\Windows\System32\Tasks\SamsungMagician 2015-08-17 10:13 - 2015-08-17 10:14 - 00000000 ____D C:\Program Files (x86)\Samsung SSD Magician 2015-08-17 10:13 - 2015-08-17 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SSD Magician 2015-08-16 17:19 - 2015-08-16 17:19 - 00000000 ____D C:\Users\XXXX\Desktop\Mr. Criminal - Evolution Of A G (2015) 2015-08-15 16:59 - 2015-08-15 17:00 - 01121792 _____ C:\Users\XXXX\Desktop\XXXX.exe 2015-08-14 19:43 - 2015-08-15 17:00 - 00001538 _____ C:\Users\XXXX\Desktop\XXXX.exe.log 2015-08-14 19:43 - 2015-08-13 20:51 - 00260608 _____ C:\Users\XXXX\Desktop\XXXX.bak 2015-08-14 19:41 - 2015-08-14 19:41 - 00000016 _____ C:\ProgramData\mntemp 2015-08-13 23:38 - 2015-08-13 23:39 - 00003330 _____ C:\Users\XXXX\Desktop\XXXX.cwx 2015-08-13 23:33 - 2015-08-13 23:36 - 00002635 _____ C:\Users\XXXX\Desktop\XXXXtest.cwx 2015-08-13 23:29 - 2015-08-13 23:29 - 00001123 _____ C:\Users\Public\Desktop\CodeWall Protection Suite 2009.lnk 2015-08-13 23:29 - 2015-08-13 23:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default) 2015-08-13 23:29 - 2015-08-13 23:29 - 00000000 ____D C:\Program Files (x86)\CodeWall Protection Suite 2009 2015-08-13 23:29 - 2009-09-22 18:28 - 00077312 _____ C:\Windows\SysWOW64\tptools_ml.dll 2015-08-13 23:29 - 2008-11-05 16:48 - 00055808 _____ C:\Windows\SysWOW64\alib_32.dll 2015-08-13 19:50 - 2015-08-13 19:50 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Bat To Exe Converter 2015-08-13 19:50 - 2015-08-13 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bat To Exe Converter 2015-08-13 19:50 - 2015-08-13 19:50 - 00000000 ____D C:\Program Files\Bat To Exe Converter 2015-08-13 19:18 - 2015-08-07 06:22 - 00573048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-08-13 19:16 - 2015-08-07 13:06 - 42840184 _____ C:\Windows\system32\nvcompiler.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-08-13 19:16 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 01104440 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 01063216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 01059960 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 00985208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 00942688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 00931448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 00177088 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-08-12 21:10 - 2015-08-12 21:10 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-08-12 20:09 - 2015-08-12 20:09 - 09284296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-08-09 13:07 - 2015-08-09 13:07 - 00000680 __RSH C:\Users\XXXX\ntuser.pol 2015-08-08 23:21 - 2015-08-29 19:01 - 00000000 ____D C:\Users\XXXX\AppData\Local\CrashDumps 2015-08-08 22:55 - 2015-08-09 13:08 - 00000000 ____D C:\Program Files (x86)\BBQScreen Client 2015-08-08 21:30 - 2015-08-09 13:08 - 00000000 ____D C:\Users\XXXX\AppData\Local\Deployment 2015-08-08 21:14 - 2015-08-08 21:14 - 00000000 ____D C:\Users\XXXX\.android 2015-08-07 18:28 - 2015-08-07 18:28 - 00000000 ___HD C:\Users\XXXX\Desktop\.updtmp ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-30 16:36 - 2012-08-03 22:43 - 00000000 ____D C:\ProgramData\SecTaskMan 2015-08-30 16:14 - 2015-06-19 16:03 - 00001240 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000UA.job 2015-08-30 15:22 - 2009-07-14 06:45 - 00033968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-30 15:22 - 2009-07-14 06:45 - 00033968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-30 13:59 - 2014-01-18 11:19 - 02023196 _____ C:\Windows\WindowsUpdate.log 2015-08-30 13:34 - 2009-07-14 19:58 - 00842696 _____ C:\Windows\system32\perfh007.dat 2015-08-30 13:34 - 2009-07-14 19:58 - 00202130 _____ C:\Windows\system32\perfc007.dat 2015-08-30 13:34 - 2009-07-14 07:13 - 02002580 _____ C:\Windows\system32\PerfStringBackup.INI 2015-08-30 13:30 - 2012-05-05 20:25 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Dropbox 2015-08-30 13:29 - 2014-06-19 03:14 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-08-30 13:28 - 2015-04-25 15:38 - 00000436 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-08-30 13:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-30 13:28 - 2009-07-14 06:45 - 00003072 _____ C:\Windows\system32\umstartup.etl 2015-08-30 05:16 - 2009-07-14 06:45 - 00009216 _____ C:\Windows\system32\umstartup000.etl 2015-08-30 05:15 - 2015-02-14 14:29 - 00000000 ____D C:\Users\XXXX\Documents\PhraseExpress 2015-08-30 05:15 - 2012-05-17 01:06 - 00000000 ____D C:\Program Files (x86)\Steam 2015-08-30 02:57 - 2012-05-05 19:01 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2015-08-30 02:50 - 2014-08-26 18:33 - 00000000 ____D C:\Users\XXXX\AppData\Local\Adobe 2015-08-30 02:36 - 2013-10-16 18:50 - 00000000 ____D C:\ProgramData\Oracle 2015-08-30 02:28 - 2012-05-05 20:35 - 00000000 ____D C:\Program Files (x86)\Java 2015-08-30 02:27 - 2013-10-16 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-30 02:26 - 2014-10-16 23:25 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-08-30 02:26 - 2012-05-04 15:49 - 00000000 ____D C:\Users\XXXX 2015-08-30 02:07 - 2012-07-21 02:19 - 00000000 ____D C:\Users\XXXX\Documents\Outlook-Dateien 2015-08-30 01:26 - 2012-05-05 18:59 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\vlc 2015-08-30 01:21 - 2015-06-14 03:13 - 00000877 _____ C:\Users\Public\Desktop\Mortal Kombat X.lnk 2015-08-30 01:07 - 2015-07-21 23:10 - 00000096 _____ C:\Users\XXXX\Documents\External.ini 2015-08-30 01:05 - 2015-07-15 19:50 - 01461760 _____ C:\Users\XXXX\Documents\External.exe 2015-08-30 01:05 - 2015-07-15 19:50 - 00000126 _____ C:\Users\XXXX\Documents\license.dv 2015-08-30 00:14 - 2015-06-19 16:03 - 00001188 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000Core.job 2015-08-30 00:03 - 2015-01-22 21:57 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-30 00:03 - 2015-01-22 21:57 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-29 19:01 - 2015-07-17 20:58 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\FileZilla 2015-08-29 18:55 - 2015-01-12 03:21 - 00002968 _____ C:\Windows\System32\Tasks\{7623D90C-C47A-4716-9204-EB617220E6BD} 2015-08-29 18:55 - 2015-01-12 03:21 - 00002968 _____ C:\Windows\System32\Tasks\{06CCF1D8-0155-47F7-8E0B-2355C2D283AF} 2015-08-29 18:55 - 2014-12-27 05:37 - 00003206 _____ C:\Windows\System32\Tasks\{17094CEB-E0D7-4D24-A63D-B24689EF15BF} 2015-08-29 18:55 - 2014-12-25 15:35 - 00003888 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-08-29 18:54 - 2015-04-27 16:19 - 00003244 _____ C:\Windows\System32\Tasks\Driver Booster Scan 2015-08-29 18:54 - 2015-04-27 16:19 - 00003188 _____ C:\Windows\System32\Tasks\Driver Booster Update 2015-08-29 18:54 - 2015-04-27 16:19 - 00002886 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (XXXX) 2015-08-29 18:54 - 2015-01-22 21:57 - 00004118 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-08-29 18:54 - 2015-01-22 21:57 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-08-29 15:09 - 2012-06-06 20:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-08-29 14:58 - 2012-12-17 22:52 - 00000000 ____D C:\ProgramData\NVIDIA 2015-08-28 23:39 - 2013-08-10 13:19 - 00000000 ____D C:\Users\XXXX\Desktop\Tor Browser 2015-08-28 23:08 - 2015-05-02 04:24 - 00002145 _____ C:\Users\XXXX\Desktop\Neues Textdokument.txt 2015-08-27 22:55 - 2014-12-29 20:04 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2015-08-27 21:15 - 2015-06-16 21:17 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-08-27 21:15 - 2015-06-16 21:17 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-08-26 00:08 - 2012-12-30 18:38 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Skype 2015-08-26 00:07 - 2012-12-30 18:38 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-08-26 00:07 - 2012-12-30 18:37 - 00000000 ____D C:\ProgramData\Skype 2015-08-24 13:28 - 2015-04-05 15:29 - 00000000 ____D C:\Program Files (x86)\EaseUS 2015-08-24 04:08 - 2013-06-21 22:14 - 00000000 ____D C:\Users\XXXX\AppData\Local\JDownloader v2.0 2015-08-22 00:22 - 2015-01-22 21:57 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-08-17 10:13 - 2012-05-10 18:23 - 00000000 ____D C:\ProgramData\Samsung 2015-08-15 02:40 - 2012-11-18 01:19 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\VMware 2015-08-15 02:40 - 2012-11-18 01:19 - 00000000 ____D C:\Users\XXXX\AppData\Local\VMware 2015-08-13 19:18 - 2012-12-17 22:52 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-08-13 19:18 - 2012-05-22 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-08-13 19:18 - 2012-05-10 18:31 - 00000000 ____D C:\Temp 2015-08-08 23:29 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries 2015-08-08 21:30 - 2012-05-04 22:41 - 00000000 ____D C:\Users\XXXX\AppData\Local\Apps\2.0 2015-08-07 18:14 - 2015-02-14 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhraseExpress 2015-08-07 18:14 - 2015-02-14 14:26 - 00000000 ____D C:\Program Files (x86)\PhraseExpress 2015-08-07 13:06 - 2015-06-22 16:28 - 14673920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-08-07 13:06 - 2015-03-18 21:20 - 03106384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-08-07 13:06 - 2014-11-22 16:55 - 12513288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-08-07 13:06 - 2013-02-26 00:32 - 17124832 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-08-07 13:06 - 2013-02-26 00:32 - 03518248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-08-07 13:06 - 2012-05-18 02:21 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-08-07 13:06 - 2012-05-18 02:21 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-08-07 13:06 - 2012-05-04 16:16 - 00033050 _____ C:\Windows\system32\nvinfo.pb 2015-08-07 06:34 - 2012-12-17 22:52 - 06883448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-08-07 06:34 - 2012-12-17 22:52 - 03492144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-08-07 06:34 - 2012-12-17 22:52 - 02558768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-08-07 06:34 - 2012-12-17 22:52 - 00937592 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-08-07 06:34 - 2012-12-17 22:52 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-08-07 06:34 - 2012-12-17 22:52 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-08-03 12:12 - 2012-12-17 22:52 - 05133709 _____ C:\Windows\system32\nvcoproc.bin 2015-08-01 02:28 - 2015-04-30 16:20 - 00001935 _____ C:\Users\XXXX\Documents\dv-config_v4.cfg ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2012-12-27 00:34 - 2012-12-27 00:39 - 0001122 _____ () C:\Users\XXXX\AppData\Roaming\CompatAdmin.log 2015-02-22 12:00 - 2015-03-01 23:45 - 0000600 _____ () C:\Users\XXXX\AppData\Roaming\winscp.rnd 2015-01-28 20:37 - 2015-01-28 20:42 - 0000600 _____ () C:\Users\XXXX\AppData\Local\PUTTY.RND 2012-05-05 20:56 - 2014-10-20 03:50 - 0007614 _____ () C:\Users\XXXX\AppData\Local\Resmon.ResmonCfg 2015-07-12 14:21 - 2015-07-12 14:22 - 0000000 _____ () C:\Users\XXXX\AppData\Local\{4893C58A-F028-40B4-B20D-E6D2F731D7C7} 2013-10-06 05:01 - 2013-10-06 05:01 - 0000011 _____ () C:\ProgramData\.tv6 2015-04-19 14:37 - 2015-04-19 14:37 - 0000041 ___SH () C:\ProgramData\.zreglib 2013-12-07 21:53 - 2013-12-07 21:53 - 0000057 _____ () C:\ProgramData\Ament.ini 2013-07-18 04:16 - 2013-07-18 04:24 - 0000171 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2015-08-14 19:41 - 2015-08-14 19:41 - 0000016 _____ () C:\ProgramData\mntemp 2013-03-16 13:04 - 2013-03-16 13:04 - 0644257 _____ () C:\ProgramData\SPL138F.tmp 2013-03-16 13:01 - 2013-03-16 13:01 - 0644257 _____ () C:\ProgramData\SPL54E2.tmp Einige Dateien in TEMP: ==================== C:\Users\XXXX\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4f9gwv.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert testsigning: ==> 'testsigning' ist aktiviert. Prüfung auf eventuelle nicht-signierte Treiber durchführen <===== ACHTUNG LastRegBack: 2015-08-24 01:26 ==================== Ende von FRST.txt ============================ |
31.08.2015, 07:10 | #5 | |
/// the machine /// TB-Ausbilder | Windows 7 verzögert seinen Start erheblichZitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
31.08.2015, 17:37 | #6 |
| Windows 7 verzögert seinen Start erheblich Wurde deinstalliert LG |
01.09.2015, 16:51 | #7 |
/// the machine /// TB-Ausbilder | Windows 7 verzögert seinen Start erheblich FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logfiles
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
01.09.2015, 17:55 | #8 |
| Windows 7 verzögert seinen Start erheblich Additions.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-08-2015 durchgeführt von XXXX (2015-09-01 18:43:31) Gestartet von G:\Downloads Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2043602396-935714135-939607167-500 - Administrator - Disabled) Gast (S-1-5-21-2043602396-935714135-939607167-501 - Limited - Enabled) => C:\Users\Gast XXXX (S-1-5-21-2043602396-935714135-939607167-1000 - Administrator - Enabled) => C:\Users\XXXX ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: FireWall (Enabled) {CE40CCC0-8ADB-6D67-25A0-C5B6438E4B57} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.22 - GIGABYTE) ABBYY FineReader 11 (HKLM-x32\...\{F1100000-0011-0000-0001-074957833700}) (Version: 11.0.460 - ABBYY) Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - ) Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{123A22CB-6D84-4135-A71F-886C9119E996}) (Version: 99.9 - Eyeo GmbH) AdblockIE (HKLM-x32\...\{5508128A-2C7B-46B5-81F9-58E8E8115F0B}) (Version: 1.2 - af0.net) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.) Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.) Alt.Binz 0.39.4 (HKLM-x32\...\Alt.Binz) (Version: 0.39.4 - Rdl) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.) AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.1.731 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Bat To Exe Converter Version 2.3.2 (HKLM\...\{60C29EC2-33E8-45EE-87E4-31FA3E35C539}_is1) (Version: 2.3.2 - Fatih Kodak) Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team) CCleaner (HKLM\...\CCleaner) (Version: 3.19 - Piriform) Cisco Packet Tracer 5.3.3 (HKLM-x32\...\Cisco Packet Tracer 5.3.3_is1) (Version: - Cisco Systems, Inc.) CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft) CodeWall Protection Suite 2009 v3.5.0 (HKLM-x32\...\CodeWall Protection Suite 2009_is1) (Version: - ) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation) Driver Booster 2.3 (HKLM-x32\...\Driver Booster_is1) (Version: 2.3 - IObit) Dropbox (HKU\S-1-5-21-2043602396-935714135-939607167-1000\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.) Duden-Rechtschreibprüfung PLUS (HKLM-x32\...\{45C5C113-AD43-414B-867D-7C0AF54276CB}) (Version: 8.01 - Bibliographisches Institut GmbH) EaseUS Partition Master 10.1 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS) EaseUS Partition Recovery 8.5 (HKLM-x32\...\EaseUS Partition Recovery_is1) (Version: - EaseUS) Easy Tune 6 B12.0210.2 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Easy Tune 6 B12.0210.2 (x32 Version: 1.00.0000 - GIGABYTE) Hidden FileViewPro (HKLM\...\FileViewPro_is1) (Version: 4.0 - Solvusoft Corporation) FileZilla Client 3.10.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.2 - Tim Kosse) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG) FOCA Free (HKLM-x32\...\{B66CFB02-1CF0-41E8-AA79-8C7FA8BEC0FF}) (Version: 3.0.0 - Informatica64) Fragen-Lern-CD 4.6 (HKLM-x32\...\de.wendel.flcd-de) (Version: 4.6.5 - Wendel-Verlag GmbH) Fragen-Lern-CD 4.6 (x32 Version: 4.6.5 - Wendel-Verlag GmbH) Hidden Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere) MAGIX Music Maker MX Premium Download-Version (HKLM-x32\...\MAGIX_MSI_mm18dlx) (Version: 18.0.0.42 - MAGIX AG) MAGIX Music Maker MX Premium Download-Version (Synthesizer und Effekte) (HKLM-x32\...\{83D6C933-0C42-4448-8A21-625AEE5B9FCB}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Music Maker MX Premium Download-Version (Visuals) (HKLM-x32\...\{58ACDDC2-F83B-4BCF-92F2-E98180E7BEC8}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Music Maker MX Premium Download-Version (x32 Version: 18.0.0.42 - MAGIX AG) Hidden Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1010 - Marvell) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Application Compatibility Toolkit 5.6 (HKLM-x32\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 - DEU (HKLM-x32\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (HKLM-x32\...\{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}) (Version: 2.0.50331.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Silverlight 3 SDK - Deutsch (HKLM-x32\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation) Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{8583E7E3-2237-4981-B957-E28E5E9AB678}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{92C5C058-E941-47C3-B7E8-38A79C605969}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (HKLM-x32\...\{9C3B8582-A72A-4835-8903-877A834407BB}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{197B3774-B7E6-4D50-AD0D-7F99B1E264D2}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft Sync Framework Runtime v1.0 SP1 (x64) de (HKLM\...\{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Framework SDK v1.0 SP1 de (HKLM-x32\...\{08DA8E46-ED67-451A-9246-50E0FF6959C9}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Framework Services v1.0 SP1 (x64) de (HKLM\...\{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de (HKLM\...\{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}) (Version: 2.0.3010.0 - Microsoft Corporation) Microsoft Team Foundation Server 2010-Objektmodell - DEU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - DEU) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (HKLM\...\{95A2AD24-BD44-3E39-A31F-CE928276577E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual F# 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{681F4E9F-34E0-36BD-BF2C-100554E403A5}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.1 (HKLM\...\{903029FE-FA82-427B-916C-AD08185DA3C2}) (Version: 1.10.123.0 - Microsoft) Mortal Kombat X (HKLM-x32\...\TW9ydGFsS29tYmF0WA==_is1) (Version: 1 - ) Mouse Recorder Pro 2.0.7.5 (HKLM-x32\...\{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1) (Version: - Nemex Studios) MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla) Mp3tag v2.52 (HKLM-x32\...\Mp3tag) (Version: v2.52 - Florian Heidenreich) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.2 - Notepad++ Team) NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation) NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation) NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) O&O Defrag Free Edition (HKLM\...\{FD686BCC-33E0-4990-BB88-3DAA8C29511E}) (Version: 14.1.425 - O&O Software GmbH) Octoshape add-in for Adobe Flash Player (HKU\S-1-5-21-2043602396-935714135-939607167-1000\...\Octoshape add-in for Adobe Flash Player) (Version: - ) ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) OpenVPN 2.3.6-I001 (HKLM-x32\...\OpenVPN) (Version: 2.3.6-I001 - ) OpenVPN 2.3.6-I603 (HKLM\...\OpenVPN) (Version: 2.3.6-I603 - ) Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Password Recovery Bundle 2013 (HKLM-x32\...\Password Recovery Bundle 2013_is1) (Version: - Top Password Software, Inc.) PAYDAY 2 (HKLM-x32\...\PAYDAY 2_is1) (Version: - 505 Games) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) PDF24 Creator 5.6.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PhraseExpress v11.0.114 (HKLM-x32\...\PhraseExpress_is1) (Version: 11.0.114 - Bartels Media GmbH) PingPlotter Freeware (HKLM-x32\...\{8C99C3CB-763F-4D87-8ACA-81B6899207B1}) (Version: 1.30.0.11 - Nessoft, LLC) Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.3.3 r1522 - ) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.) Recorder (HKLM-x32\...\ST6UNST #1) (Version: - ) Recuva (HKLM\...\Recuva) (Version: 1.42 - Piriform) Resident Evil Revelations 2 (HKLM-x32\...\Resident Evil Revelations 2_is1) (Version: - ) Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam) RouterControl 2.0 (HKLM-x32\...\RouterControl) (Version: - ) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1500.0 - SAMSUNG Electronics Co., Ltd.) Sandboxie 3.72 (64-bit) (HKLM\...\Sandboxie) (Version: 3.72 - SANDBOXIE L.T.D) Security Task Manager 2.0d (HKLM-x32\...\Security Task Manager) (Version: 2.0d - Neuber Software) Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SetEditSL40 (remove only) (HKLM-x32\...\SetEditSL40) (Version: - ) SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) SUPER © v2014.build.63+Recorder (2014/11/27) Version v2014.buil (HKLM-x32\...\{8E2A19E2-96BF-8659-4DA7-5C06C90719A4}_is1) (Version: v2014.build.63+Recorder - eRightSoft) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - ) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer) True Image 2013 (HKLM-x32\...\{59F3D2AC-5F1F-4A93-8F23-6FD4F029D9A9}Visible) (Version: 16.0.5551 - Acronis) True Image 2013 (x32 Version: 16.0.5551 - Acronis) Hidden Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.2 - Tunngle.net GmbH) Ulead GIF Animator 5 ESD (HKLM-x32\...\{8AF3E926-ED59-11D4-A44B-0000E86D2305}) (Version: - ) Ulead PhotoImpact X3 (HKLM-x32\...\InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}) (Version: 1.00.0000 - Corel) Ulead PhotoImpact X3 (x32 Version: 1.00.0000 - Corel) Hidden Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation) Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{0C5B0539-7EDE-4297-947E-48890971B557}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - ) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes) VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - ) Viscosity 1.0.0 (1081) (HKLM\...\{6B859FAA-B180-4779-A754-086A308C49CC-ViscosityV~FFB2FD88_is1) (Version: 1.0.0 - SparkLabs) VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN) VMware Guest Console (HKLM-x32\...\{F254F97C-BE95-45B0-906A-411D88D768D4}) (Version: 1.1.0 - VMware) VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 9.0.1 - VMware, Inc) VMware Workstation (Version: 9.0.1 - VMware, Inc.) Hidden Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation) Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc) Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2043602396-935714135-939607167-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) Wireshark 1.8.2 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.8.2 - The Wireshark developer community, hxxp://www.wireshark.org) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{0324178B-9928-1973-C007-56D9308A6BD5}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{97D17A04-4438-4C8E-BAC7-BC21B8B9E999}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) ==================== Wiederherstellungspunkte ========================= ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2015-08-31 22:05 - 00001614 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {069F90C1-23D0-4BA3-911F-FB4BB4C905C5} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-04-07] (IObit) Task: {18BED193-4399-43D5-9AE7-E65ADE21BA56} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {37500177-0F80-45C8-927F-0C30C2AA0D00} - System32\Tasks\{7623D90C-C47A-4716-9204-EB617220E6BD} => C:\Users\XXXX\Desktop\RenaultImmCode.exe Task: {3E918253-F729-4EA9-A229-D5905631434B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {4FA889D8-29D5-480B-B6AE-6405F189711D} - System32\Tasks\Driver Booster SkipUAC (XXXX) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-04-07] (IObit) Task: {530EC9F8-B59D-4366-95CC-2F4511FC4FBC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000Core => C:\Users\XXXX\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.) Task: {6D842ED9-C852-4FE1-B48B-B5FA871E40AD} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-03-30] (IObit) Task: {6F692AF4-4838-4469-8D52-F94D801C2935} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {7692C8B6-965C-478A-9E74-F40635EEA3D0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000UA => C:\Users\XXXX\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.) Task: {9B73D505-C388-4AF0-9A9A-1F2B5C0FEB13} - System32\Tasks\AdobeAAMUpdater-1.0-XXXX-XXXX => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-02-03] (Adobe Systems Incorporated) Task: {A7DAFEDE-B54F-40A5-A978-DD25A30AC0AD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {D2F3E914-A6BE-4EC9-9015-76BA3A75EF6F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {D4A6242C-2FE0-4F0D-A0F0-B2BD73EBDC6B} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.) Task: {F7511065-BB34-49D4-A2E6-2AFE4E4D0979} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000Core.job => C:\Users\XXXX\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000UA.job => C:\Users\XXXX\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2012-12-17 22:52 - 2015-08-25 16:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-05-06 12:06 - 2003-04-18 19:06 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe 2015-02-05 01:24 - 2015-02-05 01:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2015-03-02 16:43 - 2015-03-02 16:43 - 00099288 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2015-04-13 21:02 - 2015-08-27 02:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-02-14 14:26 - 2015-08-03 17:55 - 00483864 _____ () C:\Program Files (x86)\PhraseExpress\pexlang.dll 2015-09-01 17:59 - 2015-09-01 17:59 - 00071168 _____ () c:\Users\XXXX\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpg50xik.dll 2015-03-04 23:45 - 2015-08-05 22:49 - 00012800 _____ () C:\Users\XXXX\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-03-04 23:45 - 2015-08-05 22:49 - 00779776 _____ () C:\Users\XXXX\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-07-31 18:39 - 2015-08-05 22:49 - 00056320 _____ () C:\Users\XXXX\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-03-04 23:45 - 2015-08-05 22:49 - 00012288 _____ () C:\Users\XXXX\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll 2015-08-31 23:05 - 2015-03-17 01:34 - 00010240 _____ () I:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu 2014-10-15 17:06 - 2014-10-15 17:06 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\38485cf51c91ff758c145158360bbb97\IsdiInterop.ni.dll 2012-05-04 15:58 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-05-04 15:57 - 2011-12-16 10:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2011-07-01 11:37 - 2011-07-01 11:37 - 00471696 _____ () C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\adxloader.dll 2011-07-01 11:38 - 2011-07-01 11:38 - 00786432 _____ () C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\Interop.Access.dll 2011-07-01 11:38 - 2011-07-01 11:38 - 00950272 _____ () C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\Interop.Excel.dll 2011-07-01 11:38 - 2011-07-01 11:38 - 00065536 _____ () C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\Interop.FrontPage.dll 2011-07-01 11:37 - 2011-07-01 11:37 - 00286720 _____ () C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\Interop.Outlook.dll 2011-07-01 11:37 - 2011-07-01 11:37 - 00204800 _____ () C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\Interop.PowerPoint.dll 2011-07-01 11:37 - 2011-07-01 11:37 - 00495616 _____ () C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\Interop.Word.dll 2015-03-17 01:34 - 2015-03-17 01:34 - 00141312 _____ () I:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU 2015-03-17 01:34 - 2015-03-17 01:34 - 04023456 _____ () I:\Program Files (x86)\Adobe\Acrobat DC\PDFMaker\Common\AdobePDFMakerX.dll 2015-03-17 01:34 - 2015-03-17 01:34 - 01494016 _____ () I:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU 2011-07-13 15:06 - 2011-07-13 15:06 - 00116736 _____ () C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\MBControls.dll 2015-03-17 01:34 - 2015-03-17 01:34 - 02097312 _____ () I:\Program Files (x86)\Adobe\Acrobat DC\PDFMaker\Common\SendAsLinkX.dll 2015-03-17 01:34 - 2015-03-17 01:34 - 00230400 _____ () I:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\de_DE\Adobe Send\SendAsLinkX.DEU 2015-06-08 21:06 - 2015-06-08 21:06 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll 2015-05-15 16:24 - 2015-05-15 16:24 - 02873856 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\XXXX\Desktop\20121127_211255.mp4.mp4:com.dropbox.attributes AlternateDataStreams: C:\Users\XXXX\Desktop\XXXX.bak:com.dropbox.attributes AlternateDataStreams: C:\Users\XXXX\Desktop\Teil2.jpg:com.dropbox.attributes ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2043602396-935714135-939607167-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: AcrSch2Svc => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: afcdpsrv => 2 MSCONFIG\Services: AllShare Play Service => 2 MSCONFIG\Services: BDESVC => 3 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: CGVPNCliService => 2 MSCONFIG\Services: defragsvc => 3 MSCONFIG\Services: ehRecvr => 3 MSCONFIG\Services: ehSched => 3 MSCONFIG\Services: EventSystem => 3 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: FirebirdServerMAGIXInstance => 3 MSCONFIG\Services: IDriverT => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: lxdiCATSCustConnectService => 2 MSCONFIG\Services: lxdi_device => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NAUpdate => 2 MSCONFIG\Services: OODefragAgent => 3 MSCONFIG\Services: OpenVPNService => 3 MSCONFIG\Services: pcapsvc => 2 MSCONFIG\Services: PSEXESVC => 3 MSCONFIG\Services: rpcapd => 3 MSCONFIG\Services: Samsung Link Service => 2 MSCONFIG\Services: SbieSvc => 3 MSCONFIG\Services: Serviio => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: SQLWriter => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: Stereo Service => 2 MSCONFIG\Services: SwitchBoard => 3 MSCONFIG\Services: syncagentsrv => 2 MSCONFIG\Services: TabletInputService => 3 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\Services: TunngleService => 3 MSCONFIG\Services: VIAKaraokeService => 2 MSCONFIG\Services: VMAuthdService => 2 MSCONFIG\Services: VMUSBArbService => 2 MSCONFIG\Services: VMwareHostd => 2 MSCONFIG\Services: WMPNetworkSvc => 2 MSCONFIG\Services: WSearch => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DeskNotifier.lnk => C:\Windows\pss\DeskNotifier.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Twonky Tray Control.lnk => C:\Windows\pss\Twonky Tray Control.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnk.Startup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung SSD Magician.lnk => C:\Windows\pss\Samsung SSD Magician.lnk.Startup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Serviio.lnk => C:\Windows\pss\Serviio.lnk.Startup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk.Startup MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: AllShare Play => C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: Bonus.SSR.FR11 => "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun MSCONFIG\startupreg: CloneCDTray => "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW MSCONFIG\startupreg: Dropbox Update => "C:\Users\XXXX\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c MSCONFIG\startupreg: Duden Korrektor SysTray => C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r MSCONFIG\startupreg: HP Officejet Pro 8600 (NET) => "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN241BS0JD05KC:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1 MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KiesHelper => I:\Program Files (x86)\Kies\KiesHelper.exe /s MSCONFIG\startupreg: KiesPDLR => I:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe MSCONFIG\startupreg: KiesTrayAgent => I:\Program Files (x86)\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: lxdiamon => "C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe" MSCONFIG\startupreg: lxdimon.exe => "C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe" MSCONFIG\startupreg: Lycosa => "C:\Program Files (x86)\Razer\Lycosa\razerhid.exe" MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background MSCONFIG\startupreg: NBAgent => "I:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart MSCONFIG\startupreg: ncid.Net => "I:\Program Files (x86)\ncid.Net\ncid.Net.exe" wait MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: OODefragTray => C:\Program Files\OO Software\Defrag\oodtray.exe MSCONFIG\startupreg: PDFPrint => i:\Program Files (x86)\PDF24\pdf24.exe MSCONFIG\startupreg: ProxyCap => C:\PROGRA~1\PROXYL~1\ProxyCap\pcapui.exe MSCONFIG\startupreg: QuickTime Task => "I:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" MSCONFIG\startupreg: Samsung Link => "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe" MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" MSCONFIG\startupreg: Ulead AutoDetector v2 => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" MSCONFIG\startupreg: Vidalia => "C:\Program Files (x86)\Vidalia Bridge Bundle\Vidalia\vidalia.exe" MSCONFIG\startupreg: VirtualCloneDrive => "I:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s MSCONFIG\startupreg: vmware-tray.exe => "I:\Program Files (x86)\VMware\vmware-tray.exe" MSCONFIG\startupreg: VX3000 => C:\Windows\vVX3000.exe MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe MSCONFIG\startupreg: Windows Mobile-based device management => %WINDIR%\WindowsMobile\wmdcBase.exe MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{AEDAC9C9-1FE5-43DA-BF49-2CFAB5D41D94}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{0E6861A0-5CB8-40C1-947B-F6D63708E1E5}] => (Allow) LPort=2869 FirewallRules: [{08EE668D-A796-4691-93B3-7E9B676D04F3}] => (Allow) LPort=1900 FirewallRules: [{08D6886A-5E34-405F-8A3F-1F072408C658}] => (Allow) C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{520F9C17-AFFA-45F1-BCEB-5C9198EABC41}] => (Allow) C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{4B03CF2B-7117-4E2B-90A8-33970783DE43}C:\users\XXXX\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\XXXX\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{77CE7E9A-C8B8-4E16-9A20-082FBD4189B8}C:\users\XXXX\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\XXXX\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{C888EA44-92A1-4CE4-8BF0-2876DF41A017}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{2D845376-B8CF-4E8C-AA75-480E30F39729}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{87D2C998-2F24-4DCD-9975-2122D227E506}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{8C7D72C7-8495-46B0-AFDB-3BAFCB32D77F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{7309C3C5-E569-4D4E-8F68-8CE7A9C98AE9}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{7CB1E3BB-826B-4F94-9C1A-166AD44D7B2F}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{80769F4B-865F-4E7E-9F56-854ACFBC6D79}] => (Allow) I:\Program Files (x86)\VMware\vmware-authd.exe FirewallRules: [{D712C87A-B244-4C22-ADB0-AA99220876A3}] => (Allow) I:\Program Files (x86)\VMware\vmware-authd.exe FirewallRules: [{338A7708-AF3E-4942-88B8-5BED82E8CB55}] => (Allow) I:\Program Files (x86)\VMware\vmware-hostd.exe FirewallRules: [{05BD51E9-C6D6-4A2F-8859-C0F5360DFA57}] => (Allow) I:\Program Files (x86)\VMware\vmware-hostd.exe FirewallRules: [{8AC93B9A-9F55-4BA5-B208-74E50D0403C6}] => (Allow) LPort=8743 FirewallRules: [{BA979404-4F8F-4FC0-894C-5906F6C6252E}] => (Allow) LPort=8643 FirewallRules: [{5CE09C16-6A5A-4879-8284-89D2CC2127B1}] => (Allow) LPort=7676 FirewallRules: [{ECB68A50-B6C9-429E-8DC0-046C066C6EA9}] => (Allow) LPort=7679 FirewallRules: [{F649F412-40A2-40BD-BB0C-E7CC4F33A65C}] => (Allow) LPort=24234 FirewallRules: [{5AD1D472-7112-45EC-9DAD-9ACCE93AC08D}] => (Allow) LPort=7900 FirewallRules: [{80F19489-EE47-4A54-93C8-7ADB1D1F85E8}] => (Allow) LPort=1900 FirewallRules: [{4EA6F7B8-AE19-4540-8664-109D78C6BE79}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{BEFA2E63-E0D9-4854-BDDE-CF69C326548A}] => (Allow) LPort=8743 FirewallRules: [{2EBF1CD5-2B8A-4E1D-8833-3206A5CCF6C2}] => (Allow) LPort=8643 FirewallRules: [{8DC72734-6132-4EB9-B1C1-C0BC931B897B}] => (Allow) LPort=7676 FirewallRules: [{A737E3CB-3875-40C2-BED0-414E9982F325}] => (Allow) LPort=7679 FirewallRules: [{890F3363-901E-442A-A1E5-5FB17749218D}] => (Allow) LPort=24234 FirewallRules: [{F954FC3A-FC2D-44E2-B696-F09280A3FFB6}] => (Allow) LPort=7900 FirewallRules: [{96B2AA0A-A53D-4E41-939B-650690088251}] => (Allow) LPort=1900 FirewallRules: [{63FA351D-BCC7-419E-B075-946E6B9B4C95}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{B127E7A8-8E20-4CBB-97E2-28CFEAA0A7ED}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{0EB5BF35-C9BB-488F-B6DF-A6B874F5338E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{537E8EBF-4FA3-4A71-87C3-5462F2B5EC48}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{6289B3B4-BE89-4FF6-AD9D-2A0703BF33D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe FirewallRules: [{F60A2DE1-B286-4329-9DCA-21668A907C20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe FirewallRules: [{D537E452-F426-4A2F-BABE-600C7EC8480E}] => (Allow) LPort=3333 FirewallRules: [{63B7FB88-14A6-4CBC-9DBB-D510EC3848FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe FirewallRules: [{4A5FB236-395D-4203-8879-A381457CEC18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe FirewallRules: [{3830F125-B012-489D-B8F5-D8891B13C985}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{8603A60C-F713-4C96-9F49-1EA5307C2D2A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{6396037E-838B-457E-8458-2DE2F4FD61F5}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{9F1E4F1C-A5F6-4BDD-952E-1071A51491F2}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{C79E8855-B891-4A1C-AA73-7E28B054332F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe FirewallRules: [{7ED5AE1A-B10F-400B-B3C6-9CC9CC1B9D90}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe FirewallRules: [{4FBF630A-F416-4B83-89D8-DD1C4C8F20D2}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe FirewallRules: [{0C8568E3-B34F-4E0A-974C-23ECEAD90A6E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe FirewallRules: [{F70B9775-5092-4A0B-8CAE-54B5CDDCCD0A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe FirewallRules: [{0173288E-ED6B-413A-9F1D-F07BF70BE28F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{59E1393D-5E3A-4E77-A09E-BD4A1A5B750E}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{CA14FEEB-E258-4719-8236-94BCDA76BDF3}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{F045ED46-B32C-4177-AE14-B81ACAF2027B}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{D1AB8FAF-92FE-4B67-90EE-4B481352A6BA}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{AAF296FA-8C84-4262-ACD3-9703D4E3EBD5}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{1387DF72-95D7-4E5E-A7D1-FCF7B377594A}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{0F56AE10-D2B5-4C6D-8947-16B179371BEA}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{88793C40-CAE3-4A10-AE1A-FE95E5BD4F4F}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{A78E0005-99AB-4FB1-B411-75FE2A9D39A5}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{6214D3E0-E8A8-4676-A04A-FAF8757BFD2F}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{53E87557-31C2-42F8-97E6-D4D35E7D6E9B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{EA9CCF97-801F-4EC3-999A-95EBD6B1BCB8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{8DA6CB88-F740-41B9-B636-E1ECAACBADC3}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{41E735F5-7C23-4A5E-A70D-90C86985A33F}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{317050C6-EE52-4F9A-A2A2-3902C65C70D1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{00716481-1A34-4798-ACF9-52A809C163A6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{B522CC94-1D05-4CBB-A7B9-D7F57FFF1505}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{D89680B7-C151-4200-82A1-3A1D5C547534}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{EF1D4947-84D5-485F-9D45-D6A91C61A28E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{D76A4767-C4BB-4355-A54E-9070A60D4B11}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{C9B868A0-939A-42ED-AE7C-A81EAD596B05}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{DB61667E-7381-499C-9BE8-A6F9E74305DE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{27D18EB8-5E18-42A1-B09E-A49CE747DE38}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B8FB9700-AD4D-4036-B357-3D26AD7307F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D55B51B8-C605-42E1-8FA2-221471BA3B0B}] => (Allow) C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe FirewallRules: [{AA266365-987A-460E-8C38-5ED10674B5F1}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe FirewallRules: [{CBD96846-E6BE-49AE-A3CA-68E13499259F}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe FirewallRules: [TCP Query User{84F801E9-933D-4EED-98E9-7D59C9A12213}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{4DADCD5C-077F-44EA-9C2F-A10B4AABDEB9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{758144FC-A84F-4E80-BF73-8DE301BDE756}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{6D49665C-E1D6-4A8E-96F7-BF37667AF6B1}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{5C5A22F4-5F5F-4E30-AB74-E1C5351BB3CE}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{7B4DF862-4345-479F-8431-41EBFDF01235}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{7DE60579-47EC-4734-8C46-CB01F989AEC4}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{D37984B1-2AD8-42B4-A9BE-0C3FF2193D1E}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{B1296283-4FA3-4E29-9FC0-C9524105C7CF}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{0D72E523-DE57-403F-8211-10F0746FAE84}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{FD4142AE-682B-4534-A04F-B8B3E7F21C63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{191705A0-C9B1-45C2-BA2F-E2C6BCFD39A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{6D8619F1-BEF3-416E-971B-959ED0EBB750}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{1128D4A8-CFDA-491C-94AC-4A244E6584BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{47FC8FBC-B5AA-4E31-859E-5466CD9180BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{665C8E9E-8A76-4DC4-A68E-74A3FDC3BA14}] => (Allow) C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe FirewallRules: [{14A52900-F6E3-4D06-AC3A-109E631A8E08}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{9668403E-9360-440D-BF6F-A8C4E544FCFB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{C7D06BEE-2837-4C6F-A20F-8787F4F9FC27}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{8EDFC29F-C88A-4B54-A8BF-71B595F92B20}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{34D74527-D7F5-4EB6-A374-D134DD7E1855}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Tortilla Adapter Description: Tortilla Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: CrowdStrike Service: Tortilla Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: VIA USB 3 Root Hub Description: VIA USB 3 Root Hub Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: VIA Service: VUSB3HUB Problem: : This device is not worXXXX properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. . Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {73a6328b-99ac-4884-8f76-1c368d9581d0} Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. ] Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {73a6328b-99ac-4884-8f76-1c368d9581d0} Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. . Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4} Generatorname: ASR Writer Generatorinstanz-ID: {0f6578fb-dc4e-403e-ba2f-fc2571e2bb34} Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. ] Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4} Generatorname: ASR Writer Generatorinstanz-ID: {0f6578fb-dc4e-403e-ba2f-fc2571e2bb34} Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 12346) (User: ) Description: Volumeschattenkopie-Fehler: Beim Initialisieren des Registrierungs-Generators ist ein Fehler "0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. " aufgetreten. Dies kann dazu führen, dass keine Schattenkopien mehr erstellt werden können. Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. . Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f} Generatorname: COM+ REGDB Writer Generatorinstanz-ID: {e9a7c082-8670-4e4a-b9c7-8f228e60cc10} Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. ] Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f} Generatorname: COM+ REGDB Writer Generatorinstanz-ID: {e9a7c082-8670-4e4a-b9c7-8f228e60cc10} Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 12342) (User: ) Description: Volumeschattenkopie-Fehler: Beim Initialisieren des Registrierungs-Generators ist ein Fehler "0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. " aufgetreten. Dies kann dazu führen, dass keine Schattenkopien mehr erstellt werden können. Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Subscribing the Registry server writer failed. hr = 8004230208lx" ist ein unerwarteter Fehler aufgetreten. hr = 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. . Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. . Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {afbab4a2-367d-4d15-a586-71dbb18f8485} Generatorname: Registry Writer Generatorinstanz-ID: {63eda51a-b0e3-47dc-991f-cba5e6d978bb} Systemfehler: ============= Error: (09/01/2015 06:00:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" ist vom Dienst "COM+-Ereignissystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (09/01/2015 06:00:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC) Error: (09/01/2015 06:00:22 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (09/01/2015 05:58:49 PM) (Source: ipnathlp) (EventID: 1233) (User: ) Description: Error: (09/01/2015 05:58:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Benachrichtigungsdienst für Systemereignisse" ist vom Dienst "COM+-Ereignissystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (08/31/2015 11:48:46 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Der Dienst Diagnostics Tracking Service konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden. Error: (08/31/2015 11:42:12 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (08/31/2015 11:32:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" ist vom Dienst "COM+-Ereignissystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (08/31/2015 11:32:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" ist vom Dienst "COM+-Ereignissystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (08/31/2015 11:32:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" ist vom Dienst "COM+-Ereignissystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Microsoft Office: ========================= Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {73a6328b-99ac-4884-8f76-1c368d9581d0} Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 13) (User: ) Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {73a6328b-99ac-4884-8f76-1c368d9581d0} Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4} Generatorname: ASR Writer Generatorinstanz-ID: {0f6578fb-dc4e-403e-ba2f-fc2571e2bb34} Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 13) (User: ) Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4} Generatorname: ASR Writer Generatorinstanz-ID: {0f6578fb-dc4e-403e-ba2f-fc2571e2bb34} Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 12346) (User: ) Description: 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f} Generatorname: COM+ REGDB Writer Generatorinstanz-ID: {e9a7c082-8670-4e4a-b9c7-8f228e60cc10} Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 13) (User: ) Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f} Generatorname: COM+ REGDB Writer Generatorinstanz-ID: {e9a7c082-8670-4e4a-b9c7-8f228e60cc10} Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 12342) (User: ) Description: 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Subscribing the Registry server writer failed. hr = 8004230208lx0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. Error: (09/01/2015 06:43:32 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {afbab4a2-367d-4d15-a586-71dbb18f8485} Generatorname: Registry Writer Generatorinstanz-ID: {63eda51a-b0e3-47dc-991f-cba5e6d978bb} CodeIntegrity: =================================== Date: 2014-10-15 15:36:20.344 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:20.343 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:07.945 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:07.944 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:06.378 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:06.377 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:06.309 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:06.308 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:01.390 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:01.389 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz Prozentuale Nutzung des RAM: 19% Installierter physikalischer RAM: 16346.1 MB Verfügbarer physikalischer RAM: 13130.11 MB Summe virtueller Speicher: 24353.37 MB Verfügbarer virtueller Speicher: 20653.14 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:119.14 GB) (Free:11.14 GB) NTFS Drive e: (Lokaler Datenträger) (Fixed) (Total:532.31 GB) (Free:311.5 GB) NTFS Drive g: (Datenablage verschlüsselt) (Fixed) (Total:787.7 GB) (Free:451.49 GB) NTFS Drive i: (Lokaler Datenträger) (Fixed) (Total:543 GB) (Free:332.36 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 287BD303) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 1863 GB) (Disk ID: 08AF215D) Partition 1: (Not Active) - (Size=543 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=532.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=787.7 GB) - (Type=OF Extended) ==================== Ende von Addition.txt ============================ |
01.09.2015, 18:10 | #9 |
| Windows 7 verzögert seinen Start erheblich FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015 durchgeführt von XXXX (Administrator) auf XXXX (01-09-2015 18:41:50) Gestartet von G:\Downloads Geladene Profile: XXXX (Verfügbare Profile: XXXX & Gast & DefaultAppPool) Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe () C:\Windows\SysWOW64\srvany.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\alg.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Dropbox, Inc.) C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\splwow64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-18\...\Run: [Duden Korrektor SysTray] => C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe [332432 2011-07-14] (Expert System S.p.A.) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-08-23] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-08-23] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-08-23] (Acronis) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk [2015-02-14] ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH) Startup: C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-05-05] ShortcutTarget: Dropbox.lnk -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{6E52A770-4EE5-46C5-B4DC-A63EDB952A82}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{A7C49B14-6673-4ADC-A993-8E7C8533DC84}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{BA931D55-3B76-4979-81B1-7FAC028934D2}: [NameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{CCC0AE25-2C9A-4910-A809-139875360682}: [DhcpNameServer] 7.254.254.254 Tcpip\..\Interfaces\{DC1707F8-7594-46B9-AD69-0A7D1857CA76}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-2043602396-935714135-939607167-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKU\S-1-5-21-2043602396-935714135-939607167-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ SearchScopes: HKLM -> {DF996584-63EC-4EAB-ADFE-FA9F5827E441} URL = hxxp://www.sm.de/?q={searchTerms} SearchScopes: HKU\S-1-5-21-2043602396-935714135-939607167-1000 -> DefaultScope {59826FA5-C97C-46CF-A838-A3F839956BF4} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2043602396-935714135-939607167-1000 -> {59826FA5-C97C-46CF-A838-A3F839956BF4} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2043602396-935714135-939607167-1000 -> {DF996584-63EC-4EAB-ADFE-FA9F5827E441} URL = hxxp://www.sm.de/?q={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Adblock Plus) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-30] (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-30] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated) DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Keine Datei Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Keine Datei Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default FF SearchEngineOrder.1: SuchMaschine FF Homepage: hxxp://www.google.de/ FF NetworkProxy: "backup.ftp", "localhost" FF NetworkProxy: "backup.ftp_port", 8181 FF NetworkProxy: "backup.gopher", "217.17.241.245" FF NetworkProxy: "backup.gopher_port", 80 FF NetworkProxy: "backup.socks", "localhost" FF NetworkProxy: "backup.socks_port", 8181 FF NetworkProxy: "backup.ssl", "localhost" FF NetworkProxy: "backup.ssl_port", 8181 FF NetworkProxy: "ftp", "localhost" FF NetworkProxy: "ftp_port", 8118 FF NetworkProxy: "gopher", "221.12.147.80" FF NetworkProxy: "gopher_port", 808 FF NetworkProxy: "share_proxy_settings", true FF NetworkProxy: "socks", "localhost" FF NetworkProxy: "socks_port", 8118 FF NetworkProxy: "ssl", "localhost" FF NetworkProxy: "ssl_port", 8118 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-30] () FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-04-02] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.1 -> I:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> I:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-30] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-04-02] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> I:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> I:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> I:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [Keine Datei] FF Plugin HKU\S-1-5-21-2043602396-935714135-939607167-1000: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll Keine Datei FF user.js: detected! => C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\user.js [2014-10-15] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-05-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-05-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-05-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-05-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-05-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.) FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\duckduckgo.xml [2014-06-11] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\englische-ergebnisse.xml [2012-09-29] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\gmx-suche.xml [2012-09-29] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\lastminute.xml [2012-09-29] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\search_engine.xml [2014-05-20] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\startpage-ssl.xml [2014-06-22] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\webde-suche.xml [2012-09-29] FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\de_DE@dicts.j3e.de [2015-02-28] FF Extension: British English Dictionary (Updated) - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\en-gb@flyingtophat.co.uk [2015-06-26] FF Extension: United States English Spellchecker - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\en-US@dictionaries.addons.mozilla.org [2014-07-01] FF Extension: Virtus Search Opt-in - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\extension@virtusdesigns.com [2013-03-30] FF Extension: Real-Debrid Plugin - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\real@debrid [2015-02-15] FF Extension: Türkçe Yazım Denetimi - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\tr-fix@dictionaries.addons.mozilla.org [2015-06-26] FF Extension: mediaplayerconnectivity - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6} [2015-05-29] FF Extension: WOT - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-10] FF Extension: Block site - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2015-05-29] FF Extension: Alldebrid - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\alldebrid@alldebrid.com.xpi [2013-03-30] FF Extension: CanvasBlocker - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\CanvasBlocker@kkapsner.de.xpi [2015-06-21] FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\elemhidehelper@adblockplus.org.xpi [2015-06-27] FF Extension: Firebug - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\firebug@software.joehewitt.com.xpi [2014-05-30] FF Extension: Ghostery - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\firefox@ghostery.com.xpi [2015-01-21] FF Extension: ProxTube - Unblock YouTube - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11] FF Extension: YouTube Center - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2013-09-24] FF Extension: User-Agent Switcher - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\jid1-kyxEAcWua7BEKq@jetpack.xpi [2015-06-07] FF Extension: Premiumize.me - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi [2015-06-07] FF Extension: Türkçe (TR) Language Pack - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\langpack-tr@firefox.mozilla.org.xpi [2015-05-20] FF Extension: Personas Plus - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\personas@christopher.beard.xpi [2013-03-30] FF Extension: Save as PDF - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2013-03-30] FF Extension: Test Pilot - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-03-30] FF Extension: Stylish - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-03-30] FF Extension: NoScript - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-30] FF Extension: Tamper Data - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2013-03-30] FF Extension: Biet-O-Matic Firefox Erweiterung - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{B0D70E72-2FC1-4b9f-A3D4-5921C854D906}.xpi [2013-03-30] FF Extension: Web Developer - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2013-03-30] FF Extension: Adblock Plus - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-30] FF Extension: Disable Anti-Adblock - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi [2014-05-30] FF Extension: Tab Mix Plus - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-03-30] FF Extension: Greasemonkey - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-08-28] FF Extension: User Agent Switcher - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2014-02-04] FF Extension: Adblock Edge - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-02-27] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-08-28] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - I:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat DC - Create PDF - I:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2015-08-31] Chrome: ======= CHR Profile: C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-22] CHR Extension: (Google Docs) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-22] CHR Extension: (Google Drive) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-22] CHR Extension: (YouTube) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-22] CHR Extension: (Google Search) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-22] CHR Extension: (Google Sheets) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-22] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12] CHR Extension: (Chrome Web Store Payments) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-22] CHR Extension: (Gmail) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-22] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - https://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Datei ist nicht signiert] S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Datei ist nicht signiert] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation) S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Datei ist nicht signiert] S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation) S4 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3049800 2011-01-12] (O&O Software GmbH) S4 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [33080 2014-12-01] (The OpenVPN Project) S4 PSEXESVC; C:\Windows\PSEXESVC.EXE [181064 2014-05-28] (Sysinternals) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] () S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.) S3 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [98576 2012-06-17] (SANDBOXIE L.T.D) S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation) S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH) S4 TunngleService; C:\Program Files (x86)\Tunngl e\TnglCtrl.exe [792016 2015-02-09] (Tunngle.net GmbH) S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2015-04-27] (VIA Technologies, Inc.) [89376 2015-03-20] (SparkLabs)S4 VMAuthdService; I:\Program Files (x86)\VMware\vmware-authd.exe [79872 2012-11-01] (VMware, Inc.) [Datei ist nicht signiert] S4 VMwareHostd; I:\Program Files (x86)\VMware\vmware-hostd.exe [13234176 2012-11-01] () [Datei ist nicht signiert] R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] () S3 BIG187TR; C:\Windows [0 2015-08-31] () <==== ACHTUNG (Null Byte Datei/Ordner) S3 BIG187TR; C:\Windows\SysWow64 [0 2015-08-31] () <==== ACHTUNG (Null Byte Datei/Ordner) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [Datei ist nicht signiert] S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14920 2013-03-07] () [Datei ist nicht signiert] S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [Datei ist nicht signiert] S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [Datei ist nicht signiert] R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-04-27] (REALiX(tm)) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2015-04-27] (Qualcomm Atheros Co., Ltd.) R3 Lycosa; C:\Windows\System32\drivers\Lycosa.sys [28928 2015-04-27] (Razer USA Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-01] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-04-27] (Intel Corporation) S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) S3 prwntdrv; C:\Windows\system32\prwntdrv.sys [18528 2014-10-23] () S3 prwntdrv; C:\Windows\SysWOW64\prwntdrv.sys [15456 2014-10-23] () R3 rzp1endpt; C:\Windows\System32\DRIVERS\rzp1endpt.sys [40104 2014-12-30] (Razer Inc) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.) R3 rzvmouse; C:\Windows\System32\DRIVERS\rzvmouse.sys [31912 2014-12-30] (Razer Inc) S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [166576 2012-06-17] (SANDBOXIE L.T.D) R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [1093256 2013-01-06] (Acronis) S3 Tortilla; C:\Windows\System32\DRIVERS\tortilla.sys [14992 2014-01-19] () S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation) R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [166024 2013-01-06] (Acronis) R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.) S3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [204800 2011-11-15] (VIA Technologies, Inc.) R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [296960 2015-04-27] (VIA Technologies, Inc.) S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-31 23:38 - 2015-08-31 23:38 - 00001780 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk 2015-08-31 23:18 - 2015-09-01 17:56 - 00006162 _____ C:\Windows\PFRO.log 2015-08-31 22:10 - 2015-08-31 23:38 - 00001446 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk 2015-08-31 19:30 - 2015-08-25 16:08 - 00574072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-08-31 19:28 - 2015-08-25 20:46 - 42840368 _____ C:\Windows\system32\nvcompiler.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 37819184 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 22525560 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 18543736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 16637336 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 15512888 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 14936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 13661160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 12185152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 11089200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-08-31 19:28 - 2015-08-25 20:46 - 02940720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 02627704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 01898288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435582.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 01558648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435582.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 01106672 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 01075320 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 01064752 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 00986232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 00945456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 00944736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 00033025 _____ C:\Windows\system32\nvinfo.pb 2015-08-31 19:23 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-08-31 19:23 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-08-30 17:55 - 2015-08-30 17:55 - 00002189 _____ C:\list.txt 2015-08-30 17:55 - 2015-08-30 17:55 - 00000096 _____ C:\Users\XXXX\Desktop\list.bat 2015-08-30 17:13 - 2015-09-01 18:41 - 00000000 ____D C:\FRST 2015-08-30 14:48 - 2015-08-30 15:24 - 00012173 _____ C:\Users\XXXX\Desktop\hijackthis.log 2015-08-30 13:28 - 2015-09-01 17:58 - 00001299 _____ C:\Windows\setupact.log 2015-08-30 13:28 - 2015-08-30 13:28 - 00000000 _____ C:\Windows\setuperr.log 2015-08-30 02:50 - 2015-08-31 17:23 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-08-30 02:50 - 2015-08-31 17:23 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-30 02:29 - 2015-08-30 02:29 - 00000000 _____ C:\Windows\system32\REN391B.tmp 2015-08-30 02:26 - 2015-08-30 02:26 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Sun 2015-08-30 02:26 - 2015-08-30 02:26 - 00000000 ____D C:\Users\XXXX\.oracle_jre_usage 2015-08-28 19:45 - 2015-08-30 01:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-26 00:07 - 2015-08-26 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-08-24 14:34 - 2015-08-24 14:37 - 00003183 ____H C:\Windows\EPMBatch.ept 2015-08-24 13:28 - 2015-08-24 13:28 - 00001330 _____ C:\Users\Public\Desktop\EaseUS Partition Master 10.1.lnk 2015-08-24 13:28 - 2015-08-24 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.1 2015-08-24 13:28 - 2014-04-04 00:42 - 03382440 _____ C:\Windows\system32\BootMan.exe 2015-08-24 13:28 - 2014-04-04 00:25 - 02499752 _____ C:\Windows\SysWOW64\BootMan.exe 2015-08-24 13:28 - 2013-03-07 09:49 - 00100936 _____ C:\Windows\system32\setupempdrvx64.exe 2015-08-24 13:28 - 2013-03-07 09:49 - 00087112 _____ C:\Windows\SysWOW64\setupempdrv03.exe 2015-08-24 13:28 - 2013-03-07 09:49 - 00019840 _____ C:\Windows\SysWOW64\EuEpmGdi.dll 2015-08-24 13:28 - 2013-03-07 09:49 - 00017480 _____ C:\Windows\system32\epmntdrv.sys 2015-08-24 13:28 - 2013-03-07 09:49 - 00016256 _____ C:\Windows\system32\EuEpmGdi.dll 2015-08-24 13:28 - 2013-03-07 09:49 - 00014920 _____ C:\Windows\SysWOW64\epmntdrv.sys 2015-08-24 13:28 - 2013-03-07 09:49 - 00009800 _____ C:\Windows\system32\EuGdiDrv.sys 2015-08-24 13:28 - 2013-03-07 09:49 - 00009160 _____ C:\Windows\SysWOW64\EuGdiDrv.sys 2015-08-18 00:34 - 2015-08-21 03:23 - 00978676 _____ C:\Users\XXXX\Desktop\XXXX.rar 2015-08-17 10:14 - 2015-08-29 18:54 - 00003270 _____ C:\Windows\System32\Tasks\SamsungMagician 2015-08-17 10:13 - 2015-08-17 10:14 - 00000000 ____D C:\Program Files (x86)\Samsung SSD Magician 2015-08-17 10:13 - 2015-08-17 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SSD Magician 2015-08-16 17:19 - 2015-08-16 17:19 - 00000000 ____D C:\Users\XXXX\Desktop\Mr. Criminal - Evolution Of A G (2015) 2015-08-15 16:59 - 2015-08-15 17:00 - 01121792 _____ C:\Users\XXXX\Desktop\XXXX.exe 2015-08-14 19:43 - 2015-08-15 17:00 - 00001538 _____ C:\Users\XXXX\Desktop\XXXX.exe.log 2015-08-14 19:43 - 2015-08-13 20:51 - 00260608 _____ C:\Users\XXXX\Desktop\XXXX.bak 2015-08-14 19:41 - 2015-08-14 19:41 - 00000016 _____ C:\ProgramData\mntemp 2015-08-13 23:38 - 2015-08-13 23:39 - 00003330 _____ C:\Users\XXXX\Desktop\seko.cwx 2015-08-13 23:33 - 2015-08-13 23:36 - 00002635 _____ C:\Users\XXXX\Desktop\XXXXtest.cwx 2015-08-13 23:29 - 2015-08-13 23:29 - 00001123 _____ C:\Users\Public\Desktop\CodeWall Protection Suite 2009.lnk 2015-08-13 23:29 - 2015-08-13 23:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default) 2015-08-13 23:29 - 2015-08-13 23:29 - 00000000 ____D C:\Program Files (x86)\CodeWall Protection Suite 2009 2015-08-13 23:29 - 2009-09-22 18:28 - 00077312 _____ C:\Windows\SysWOW64\tptools_ml.dll 2015-08-13 23:29 - 2008-11-05 16:48 - 00055808 _____ C:\Windows\SysWOW64\alib_32.dll 2015-08-13 19:50 - 2015-08-13 19:50 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Bat To Exe Converter 2015-08-13 19:50 - 2015-08-13 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bat To Exe Converter 2015-08-13 19:50 - 2015-08-13 19:50 - 00000000 ____D C:\Program Files\Bat To Exe Converter 2015-08-13 19:16 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll 2015-08-12 21:10 - 2015-08-12 21:10 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-08-12 20:09 - 2015-08-12 20:09 - 09284296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-08-09 13:07 - 2015-08-09 13:07 - 00000680 __RSH C:\Users\XXXX\ntuser.pol 2015-08-08 23:21 - 2015-08-29 19:01 - 00000000 ____D C:\Users\XXXX\AppData\Local\CrashDumps 2015-08-08 22:55 - 2015-08-09 13:08 - 00000000 ____D C:\Program Files (x86)\BBQScreen Client 2015-08-08 21:30 - 2015-08-09 13:08 - 00000000 ____D C:\Users\XXXX\AppData\Local\Deployment 2015-08-08 21:14 - 2015-08-08 21:14 - 00000000 ____D C:\Users\XXXX\.android 2015-08-07 18:28 - 2015-08-07 18:28 - 00000000 ___HD C:\Users\XXXX\Desktop\.updtmp ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-01 18:38 - 2014-06-19 03:14 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-09-01 18:29 - 2014-01-18 11:19 - 01096518 _____ C:\Windows\WindowsUpdate.log 2015-09-01 18:23 - 2009-07-14 06:45 - 00033968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-09-01 18:23 - 2009-07-14 06:45 - 00033968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-09-01 18:14 - 2015-06-19 16:03 - 00001240 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000UA.job 2015-09-01 18:04 - 2009-07-14 19:58 - 00842696 _____ C:\Windows\system32\perfh007.dat 2015-09-01 18:04 - 2009-07-14 19:58 - 00202130 _____ C:\Windows\system32\perfc007.dat 2015-09-01 18:04 - 2009-07-14 07:13 - 02002580 _____ C:\Windows\system32\PerfStringBackup.INI 2015-09-01 18:01 - 2012-07-21 02:19 - 00000000 ____D C:\Users\XXXX\Documents\Outlook-Dateien 2015-09-01 18:00 - 2012-05-05 20:25 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Dropbox 2015-09-01 17:59 - 2015-01-22 21:57 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-01 17:59 - 2009-07-14 06:45 - 05478856 _____ C:\Windows\system32\FNTCACHE.DAT 2015-09-01 17:58 - 2015-04-25 15:38 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-09-01 17:58 - 2012-12-17 22:52 - 00000000 ____D C:\ProgramData\NVIDIA 2015-09-01 17:58 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-01 17:58 - 2009-07-14 06:45 - 00012288 _____ C:\Windows\system32\umstartup.etl 2015-08-31 23:48 - 2015-02-14 14:29 - 00000000 ____D C:\Users\XXXX\Documents\PhraseExpress 2015-08-31 23:48 - 2009-07-14 06:45 - 00021504 _____ C:\Windows\system32\umstartup000.etl 2015-08-31 23:47 - 2012-05-04 16:03 - 00189952 _____ C:\Users\XXXX\AppData\Local\GDIPFONTCACHEV1.DAT 2015-08-31 23:44 - 2015-01-22 21:57 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-31 23:39 - 2014-12-25 15:35 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-08-31 23:38 - 2013-05-25 18:12 - 00001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk 2015-08-31 23:37 - 2012-05-05 19:04 - 00000000 ____D C:\ProgramData\Adobe 2015-08-31 23:27 - 2012-05-05 19:04 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-08-31 23:20 - 2014-08-26 18:33 - 00000000 ____D C:\Users\XXXX\AppData\Local\Adobe 2015-08-31 23:08 - 2013-06-21 22:14 - 00000000 ____D C:\Users\XXXX\AppData\Local\JDownloader v2.0 2015-08-31 22:16 - 2013-02-10 22:23 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2015-08-31 20:54 - 2015-03-29 21:59 - 00000964 _____ C:\Users\Public\Desktop\OpenVPN GUI.lnk 2015-08-31 19:40 - 2015-07-21 23:10 - 00000096 _____ C:\Users\XXXX\Documents\External.ini 2015-08-31 19:39 - 2012-05-17 01:06 - 00000000 ____D C:\Program Files (x86)\Steam 2015-08-31 19:34 - 2012-05-13 21:54 - 00000000 ____D C:\Program Files\Common Files\Adobe 2015-08-31 19:30 - 2012-12-17 22:52 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-08-31 19:30 - 2012-05-22 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-08-31 19:30 - 2012-05-10 18:31 - 00000000 ____D C:\Temp 2015-08-31 18:19 - 2012-05-04 19:53 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Adobe 2015-08-30 23:48 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-08-30 18:39 - 2015-01-22 21:57 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-08-30 18:39 - 2015-01-22 21:57 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-08-30 17:18 - 2014-12-06 01:34 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Notepad++ 2015-08-30 17:17 - 2014-12-06 01:34 - 00000000 ____D C:\Program Files (x86)\Notepad++ 2015-08-30 16:36 - 2012-08-03 22:43 - 00000000 ____D C:\ProgramData\SecTaskMan 2015-08-30 02:57 - 2012-05-05 19:01 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2015-08-30 02:36 - 2013-10-16 18:50 - 00000000 ____D C:\ProgramData\Oracle 2015-08-30 02:28 - 2012-05-05 20:35 - 00000000 ____D C:\Program Files (x86)\Java 2015-08-30 02:27 - 2013-10-16 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-30 02:26 - 2014-10-16 23:25 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-08-30 02:26 - 2012-05-04 15:49 - 00000000 ____D C:\Users\XXXX 2015-08-30 01:26 - 2012-05-05 18:59 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\vlc 2015-08-30 01:21 - 2015-06-14 03:13 - 00000877 _____ C:\Users\Public\Desktop\Mortal Kombat X.lnk 2015-08-30 01:05 - 2015-07-15 19:50 - 01461760 _____ C:\Users\XXXX\Documents\External.exe 2015-08-30 01:05 - 2015-07-15 19:50 - 00000126 _____ C:\Users\XXXX\Documents\license.dv 2015-08-30 00:14 - 2015-06-19 16:03 - 00001188 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000Core.job 2015-08-29 19:01 - 2015-07-17 20:58 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\FileZilla 2015-08-29 18:55 - 2015-01-12 03:21 - 00002968 _____ C:\Windows\System32\Tasks\{7623D90C-C47A-4716-9204-EB617220E6BD} 2015-08-29 18:55 - 2015-01-12 03:21 - 00002968 _____ C:\Windows\System32\Tasks\{06CCF1D8-0155-47F7-8E0B-2355C2D283AF} 2015-08-29 18:55 - 2014-12-27 05:37 - 00003206 _____ C:\Windows\System32\Tasks\{17094CEB-E0D7-4D24-A63D-B24689EF15BF} 2015-08-29 18:54 - 2015-04-27 16:19 - 00003244 _____ C:\Windows\System32\Tasks\Driver Booster Scan 2015-08-29 18:54 - 2015-04-27 16:19 - 00003188 _____ C:\Windows\System32\Tasks\Driver Booster Update 2015-08-29 18:54 - 2015-04-27 16:19 - 00002886 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (XXXX) 2015-08-29 15:09 - 2012-06-06 20:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-08-28 23:39 - 2013-08-10 13:19 - 00000000 ____D C:\Users\XXXX\Desktop\Tor Browser 2015-08-28 23:08 - 2015-05-02 04:24 - 00002145 _____ C:\Users\XXXX\Desktop\Neues Textdokument.txt 2015-08-27 22:55 - 2014-12-29 20:04 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2015-08-27 21:15 - 2015-06-16 21:17 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-08-27 21:15 - 2015-06-16 21:17 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-08-27 02:37 - 2014-11-22 16:56 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-08-27 02:37 - 2014-11-22 16:56 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-08-27 02:36 - 2014-11-22 16:56 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-08-27 02:36 - 2014-11-22 16:56 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-08-26 00:08 - 2012-12-30 18:38 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Skype 2015-08-26 00:07 - 2012-12-30 18:38 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-08-26 00:07 - 2012-12-30 18:37 - 00000000 ____D C:\ProgramData\Skype 2015-08-25 20:46 - 2015-06-22 16:28 - 14635792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-08-25 20:46 - 2015-03-18 21:20 - 03112904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-08-25 20:46 - 2014-11-22 16:55 - 12515016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-08-25 20:46 - 2013-02-26 00:32 - 17082392 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-08-25 20:46 - 2013-02-26 00:32 - 03527696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-08-25 20:46 - 2012-05-18 02:21 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-08-25 20:46 - 2012-05-18 02:21 - 00105264 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-08-25 16:24 - 2012-12-17 22:52 - 06884984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-08-25 16:24 - 2012-12-17 22:52 - 03496752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-08-25 16:24 - 2012-12-17 22:52 - 02558584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-08-25 16:24 - 2012-12-17 22:52 - 00937776 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-08-25 16:24 - 2012-12-17 22:52 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-08-25 16:24 - 2012-12-17 22:52 - 00062584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-08-25 14:35 - 2012-12-17 22:52 - 05165808 _____ C:\Windows\system32\nvcoproc.bin 2015-08-24 13:28 - 2015-04-05 15:29 - 00000000 ____D C:\Program Files (x86)\EaseUS 2015-08-22 00:22 - 2015-01-22 21:57 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-08-17 10:13 - 2012-05-10 18:23 - 00000000 ____D C:\ProgramData\Samsung 2015-08-15 02:40 - 2012-11-18 01:19 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\VMware 2015-08-15 02:40 - 2012-11-18 01:19 - 00000000 ____D C:\Users\XXXX\AppData\Local\VMware 2015-08-11 06:52 - 2014-11-22 16:55 - 00072504 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2015-08-08 23:29 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries 2015-08-08 21:30 - 2012-05-04 22:41 - 00000000 ____D C:\Users\XXXX\AppData\Local\Apps\2.0 2015-08-07 18:14 - 2015-02-14 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhraseExpress 2015-08-07 18:14 - 2015-02-14 14:26 - 00000000 ____D C:\Program Files (x86)\PhraseExpress ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2012-12-27 00:34 - 2012-12-27 00:39 - 0001122 _____ () C:\Users\XXXX\AppData\Roaming\CompatAdmin.log 2015-02-22 12:00 - 2015-03-01 23:45 - 0000600 _____ () C:\Users\XXXX\AppData\Roaming\winscp.rnd 2015-01-28 20:37 - 2015-01-28 20:42 - 0000600 _____ () C:\Users\XXXX\AppData\Local\PUTTY.RND 2012-05-05 20:56 - 2014-10-20 03:50 - 0007614 _____ () C:\Users\XXXX\AppData\Local\Resmon.ResmonCfg 2015-07-12 14:21 - 2015-07-12 14:22 - 0000000 _____ () C:\Users\XXXX\AppData\Local\{4893C58A-F028-40B4-B20D-E6D2F731D7C7} 2013-10-06 05:01 - 2013-10-06 05:01 - 0000011 _____ () C:\ProgramData\.tv6 2015-04-19 14:37 - 2015-04-19 14:37 - 0000041 ___SH () C:\ProgramData\.zreglib 2013-12-07 21:53 - 2013-12-07 21:53 - 0000057 _____ () C:\ProgramData\Ament.ini 2013-07-18 04:16 - 2013-07-18 04:24 - 0000171 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2015-08-14 19:41 - 2015-08-14 19:41 - 0000016 _____ () C:\ProgramData\mntemp 2013-03-16 13:04 - 2013-03-16 13:04 - 0644257 _____ () C:\ProgramData\SPL138F.tmp 2013-03-16 13:01 - 2013-03-16 13:01 - 0644257 _____ () C:\ProgramData\SPL54E2.tmp Einige Dateien in TEMP: ==================== C:\Users\XXXX\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpg50xik.dll C:\Users\XXXX\AppData\Local\Temp\nvSCPAPI.dll C:\Users\XXXX\AppData\Local\Temp\nvStInst.exe C:\Users\XXXX\AppData\Local\Temp\proxy_vole7127393184241273459.dll C:\Users\XXXX\AppData\Local\Temp\xmlUpdater.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert testsigning: ==> 'testsigning' ist aktiviert. Prüfung auf eventuelle nicht-signierte Treiber durchführen <===== ACHTUNG LastRegBack: 2015-08-24 01:26 ==================== Ende von FRST.txt ============================ |
02.09.2015, 17:25 | #10 |
/// the machine /// TB-Ausbilder | Windows 7 verzögert seinen Start erheblich hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
02.09.2015, 18:58 | #11 |
| Windows 7 verzögert seinen Start erheblich Danke dir, Das Tool hat gemeckert, dass ich Avira Desktop an hab. Habe es aber vor paar Monaten deinstalliert. Code:
ATTFilter ComboFix 15-09-01.01 - XXXX 02.09.2015 19:00:00.1.8 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.16346.13311 [GMT 2:00] ausgeführt von:: g:\downloads\ComboFix.exe AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} FW: FireWall *Enabled* {CE40CCC0-8ADB-6D67-25A0-C5B6438E4B57} SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Neuer Wiederherstellungspunkt wurde erstellt . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\SPL138F.tmp c:\programdata\SPL54E2.tmp c:\users\XXXX\AppData\Roaming\GrabIt c:\users\XXXX\AppData\Roaming\GrabIt\Batch.gba c:\users\XXXX\AppData\Roaming\GrabIt\Temp\013321bc c:\windows\SysWow64\DEBUG.log c:\windows\SysWow64\System32\MASetupCleaner.exe c:\windows\SysWow64\System32\muzapp.exe . . ((((((((((((((((((((((( Dateien erstellt von 2015-08-02 bis 2015-09-02 )))))))))))))))))))))))))))))) . . 2015-09-02 17:10 . 2015-09-02 17:10 -------- d-----w- c:\users\Gast\AppData\Local\temp 2015-09-02 17:10 . 2015-09-02 17:10 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp 2015-09-02 17:10 . 2015-09-02 17:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2015-09-02 17:04 . 2015-09-02 17:04 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{71BFDA8C-5CD2-4CAB-BBDE-F4707F7AF57F}\offreg.6324.dll 2015-08-31 17:30 . 2015-08-25 14:08 574072 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2015-08-31 17:23 . 2015-08-11 04:52 69416 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll 2015-08-31 17:23 . 2015-08-11 04:52 50472 ----a-w- c:\windows\system32\drivers\nvvad64v.sys 2015-08-30 15:13 . 2015-09-01 16:43 -------- d-----w- C:\FRST 2015-08-30 00:50 . 2015-08-31 15:23 778440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2015-08-30 00:50 . 2015-08-31 15:23 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2015-08-30 00:29 . 2015-08-30 00:29 0 ----a-w- c:\windows\system32\REN391B.tmp 2015-08-30 00:26 . 2015-08-30 00:26 -------- d-----w- c:\program files (x86)\Common Files\Java 2015-08-30 00:26 . 2015-08-30 00:26 -------- d-----w- c:\users\XXXX\.oracle_jre_usage 2015-08-25 22:07 . 2015-08-25 22:07 -------- d-----w- c:\program files (x86)\Common Files\Skype 2015-08-24 11:28 . 2014-04-03 22:42 3382440 ----a-w- c:\windows\system32\BootMan.exe 2015-08-24 11:28 . 2014-04-03 22:25 2499752 ----a-w- c:\windows\SysWow64\BootMan.exe 2015-08-24 11:28 . 2013-03-07 07:49 9160 ----a-w- c:\windows\SysWow64\EuGdiDrv.sys 2015-08-24 11:28 . 2013-03-07 07:49 87112 ----a-w- c:\windows\SysWow64\setupempdrv03.exe 2015-08-24 11:28 . 2013-03-07 07:49 14920 ----a-w- c:\windows\SysWow64\epmntdrv.sys 2015-08-24 11:28 . 2013-03-07 07:49 9800 ----a-w- c:\windows\system32\EuGdiDrv.sys 2015-08-24 11:28 . 2013-03-07 07:49 17480 ----a-w- c:\windows\system32\epmntdrv.sys 2015-08-24 11:28 . 2013-03-07 07:49 100936 ----a-w- c:\windows\system32\setupempdrvx64.exe 2015-08-24 11:28 . 2013-03-07 07:49 16256 ----a-w- c:\windows\system32\EuEpmGdi.dll 2015-08-24 11:28 . 2013-03-07 07:49 19840 ----a-w- c:\windows\SysWow64\EuEpmGdi.dll 2015-08-17 08:13 . 2015-08-17 08:14 -------- d-----w- c:\program files (x86)\Samsung SSD Magician 2015-08-13 21:29 . 2009-09-22 16:28 77312 ----a-w- c:\windows\SysWow64\tptools_ml.dll 2015-08-13 21:29 . 2008-11-05 14:48 55808 ----a-w- c:\windows\SysWow64\alib_32.dll 2015-08-13 21:29 . 2015-08-13 21:29 -------- d-----w- c:\program files (x86)\CodeWall Protection Suite 2009 2015-08-13 17:50 . 2015-08-13 17:50 -------- d-----w- c:\users\XXXX\AppData\Roaming\Bat To Exe Converter 2015-08-13 17:50 . 2015-08-13 17:50 -------- d-----w- c:\program files\Bat To Exe Converter 2015-08-13 17:16 . 2015-08-07 11:06 1898104 ----a-w- c:\windows\system32\nvdispco6435560.dll 2015-08-13 17:16 . 2015-08-07 11:06 1558832 ----a-w- c:\windows\system32\nvdispgenco6435560.dll 2015-08-12 18:09 . 2015-08-12 18:09 9284296 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2015-08-08 21:21 . 2015-08-29 17:01 -------- d-----w- c:\users\XXXX\AppData\Local\CrashDumps 2015-08-08 20:55 . 2015-08-09 11:08 -------- d-----w- c:\program files (x86)\BBQScreen Client 2015-08-08 19:30 . 2015-08-09 11:08 -------- d-----w- c:\users\XXXX\AppData\Local\Deployment 2015-08-08 19:14 . 2015-08-08 19:14 -------- d-----w- c:\users\XXXX\.android . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-09-02 16:38 . 2014-06-19 01:14 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2015-08-30 00:26 . 2014-10-16 21:25 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2015-08-27 00:37 . 2014-11-22 14:56 1423120 ----a-w- c:\windows\SysWow64\nvspcap.dll 2015-08-27 00:37 . 2014-11-22 14:56 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll 2015-08-27 00:36 . 2014-11-22 14:56 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll 2015-08-27 00:36 . 2014-11-22 14:56 1710568 ----a-w- c:\windows\system32\nvspcap64.dll 2015-08-25 18:46 . 2015-06-22 14:28 14635792 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2015-08-25 18:46 . 2015-03-18 19:20 3112904 ----a-w- c:\windows\SysWow64\nvapi.dll 2015-08-25 18:46 . 2014-11-22 14:55 12515016 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2015-08-25 18:46 . 2013-02-25 22:32 3527696 ----a-w- c:\windows\system32\nvapi64.dll 2015-08-25 18:46 . 2013-02-25 22:32 17082392 ----a-w- c:\windows\system32\nvwgf2umx.dll 2015-08-25 18:46 . 2012-05-18 00:21 112760 ----a-w- c:\windows\system32\OpenCL.dll 2015-08-25 18:46 . 2012-05-18 00:21 105264 ----a-w- c:\windows\SysWow64\OpenCL.dll 2015-08-25 14:24 . 2012-12-17 20:52 937776 ----a-w- c:\windows\system32\nvvsvc.exe 2015-08-25 14:24 . 2012-12-17 20:52 62584 ----a-w- c:\windows\system32\nvshext.dll 2015-08-25 14:24 . 2012-12-17 20:52 385144 ----a-w- c:\windows\system32\nvmctray.dll 2015-08-25 14:24 . 2012-12-17 20:52 3496752 ----a-w- c:\windows\system32\nvsvc64.dll 2015-08-25 14:24 . 2012-12-17 20:52 2558584 ----a-w- c:\windows\system32\nvsvcr.dll 2015-08-25 14:24 . 2012-12-17 20:52 6884984 ----a-w- c:\windows\system32\nvcpl.dll 2015-08-25 12:35 . 2012-12-17 20:52 5165808 ----a-w- c:\windows\system32\nvcoproc.bin 2015-08-11 04:52 . 2014-11-22 14:55 72504 ----a-w- c:\windows\system32\nvaudcap64v.dll 2015-07-15 03:19 . 2015-07-21 18:50 41984 ----a-w- c:\windows\system32\lpk.dll 2015-07-15 03:19 . 2015-07-21 18:50 100864 ----a-w- c:\windows\system32\fontsub.dll 2015-07-15 03:19 . 2015-07-21 18:50 14336 ----a-w- c:\windows\system32\dciman32.dll 2015-07-15 03:19 . 2015-07-21 18:50 46080 ----a-w- c:\windows\system32\atmlib.dll 2015-07-15 02:55 . 2015-07-21 18:50 70656 ----a-w- c:\windows\SysWow64\fontsub.dll 2015-07-15 02:55 . 2015-07-21 18:50 10240 ----a-w- c:\windows\SysWow64\dciman32.dll 2015-07-15 02:55 . 2015-07-21 18:50 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2015-07-15 02:54 . 2015-07-21 18:50 25600 ----a-w- c:\windows\SysWow64\lpk.dll 2015-07-15 01:59 . 2015-07-21 18:50 372224 ----a-w- c:\windows\system32\atmfd.dll 2015-07-15 01:52 . 2015-07-21 18:50 299008 ----a-w- c:\windows\SysWow64\atmfd.dll 2015-07-15 01:12 . 2015-07-24 15:50 12222168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{71BFDA8C-5CD2-4CAB-BBDE-F4707F7AF57F}\mpengine.dll 2015-07-09 17:59 . 2015-07-15 16:01 17856 ----a-w- c:\windows\system32\CompatTelRunner.exe 2015-07-09 17:58 . 2015-07-15 16:02 37888 ----a-w- c:\windows\system32\wups2.dll 2015-07-09 17:58 . 2015-07-15 16:02 36864 ----a-w- c:\windows\system32\wups.dll 2015-07-09 17:58 . 2015-07-15 16:02 192000 ----a-w- c:\windows\system32\wuwebv.dll 2015-07-09 17:58 . 2015-07-15 16:02 98304 ----a-w- c:\windows\system32\wudriver.dll 2015-07-09 17:58 . 2015-07-15 16:02 696320 ----a-w- c:\windows\system32\wuapi.dll 2015-07-09 17:58 . 2015-07-15 16:02 3154944 ----a-w- c:\windows\system32\wucltux.dll 2015-07-09 17:58 . 2015-07-15 16:02 2603008 ----a-w- c:\windows\system32\wuaueng.dll 2015-07-09 17:58 . 2015-07-15 16:01 726528 ----a-w- c:\windows\system32\generaltel.dll 2015-07-09 17:58 . 2015-07-15 16:02 91136 ----a-w- c:\windows\system32\WinSetupUI.dll 2015-07-09 17:58 . 2015-07-15 16:01 765440 ----a-w- c:\windows\system32\invagent.dll 2015-07-09 17:58 . 2015-07-15 16:01 433664 ----a-w- c:\windows\system32\devinv.dll 2015-07-09 17:58 . 2015-07-15 16:02 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll 2015-07-09 17:58 . 2015-07-15 16:01 1085440 ----a-w- c:\windows\system32\appraiser.dll 2015-07-09 17:58 . 2015-07-15 16:01 67584 ----a-w- c:\windows\system32\acmigration.dll 2015-07-09 17:58 . 2015-07-15 16:01 227328 ----a-w- c:\windows\system32\aepdu.dll 2015-07-09 17:58 . 2015-07-15 16:02 37376 ----a-w- c:\windows\system32\wuapp.exe 2015-07-09 17:58 . 2015-07-15 16:02 139776 ----a-w- c:\windows\system32\wuauclt.exe 2015-07-09 17:50 . 2015-07-15 16:01 1145856 ----a-w- c:\windows\system32\aeinv.dll 2015-07-09 17:43 . 2015-07-15 16:02 93184 ----a-w- c:\windows\SysWow64\wudriver.dll 2015-07-09 17:43 . 2015-07-15 16:02 30208 ----a-w- c:\windows\SysWow64\wups.dll 2015-07-09 17:43 . 2015-07-15 16:02 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll 2015-07-09 17:43 . 2015-07-15 16:02 566784 ----a-w- c:\windows\SysWow64\wuapi.dll 2015-07-09 17:42 . 2015-07-15 16:02 34816 ----a-w- c:\windows\SysWow64\wuapp.exe 2015-07-04 18:07 . 2015-07-15 16:02 2087424 ----a-w- c:\windows\system32\ole32.dll 2015-07-04 17:48 . 2015-07-15 16:02 1414656 ----a-w- c:\windows\SysWow64\ole32.dll 2015-07-03 06:43 . 2012-05-04 16:58 130333168 ----a-w- c:\windows\system32\MRT.exe 2015-07-02 21:08 . 2015-07-15 16:02 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb 2015-07-02 20:49 . 2015-07-15 16:02 25193984 ----a-w- c:\windows\system32\mshtml.dll 2015-07-02 20:40 . 2015-07-15 16:02 2724864 ----a-w- c:\windows\system32\mshtml.tlb 2015-07-02 20:23 . 2015-07-15 16:02 2885632 ----a-w- c:\windows\system32\iertutil.dll 2015-07-02 20:12 . 2015-07-15 16:02 615936 ----a-w- c:\windows\system32\ieui.dll 2015-07-02 19:20 . 2015-07-15 16:02 14453248 ----a-w- c:\windows\system32\ieframe.dll 2015-07-02 18:59 . 2015-07-15 16:02 1545728 ----a-w- c:\windows\system32\urlmon.dll 2015-07-01 20:56 . 2015-07-15 16:02 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2015-07-01 20:56 . 2015-07-15 16:02 155584 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2015-07-01 20:49 . 2015-07-15 16:02 210944 ----a-w- c:\windows\system32\wdigest.dll 2015-07-01 20:49 . 2015-07-15 16:02 86528 ----a-w- c:\windows\system32\TSpkg.dll 2015-07-01 20:49 . 2015-07-15 16:02 136192 ----a-w- c:\windows\system32\sspicli.dll 2015-07-01 20:49 . 2015-07-15 16:02 29184 ----a-w- c:\windows\system32\sspisrv.dll 2015-07-01 20:49 . 2015-07-15 16:02 342016 ----a-w- c:\windows\system32\schannel.dll 2015-07-01 20:49 . 2015-07-15 16:02 28160 ----a-w- c:\windows\system32\secur32.dll 2015-07-01 20:49 . 2015-07-15 16:02 1216512 ----a-w- c:\windows\system32\rpcrt4.dll 2015-07-01 20:49 . 2015-07-15 16:02 309760 ----a-w- c:\windows\system32\ncrypt.dll 2015-07-01 20:49 . 2015-07-15 16:02 315392 ----a-w- c:\windows\system32\msv1_0.dll 2015-07-01 20:49 . 2015-07-15 16:02 729088 ----a-w- c:\windows\system32\kerberos.dll 2015-07-01 20:49 . 2015-07-15 16:02 1461760 ----a-w- c:\windows\system32\lsasrv.dll 2015-07-01 20:48 . 2015-07-15 16:02 44032 ----a-w- c:\windows\system32\cryptbase.dll 2015-07-01 20:48 . 2015-07-15 16:02 22016 ----a-w- c:\windows\system32\credssp.dll 2015-07-01 20:47 . 2015-07-15 16:02 31232 ----a-w- c:\windows\system32\lsass.exe 2015-07-01 20:47 . 2015-07-15 16:02 64000 ----a-w- c:\windows\system32\auditpol.exe 2015-07-01 20:43 . 2015-07-15 16:02 60416 ----a-w- c:\windows\system32\msobjs.dll 2015-07-01 20:43 . 2015-07-15 16:02 146432 ----a-w- c:\windows\system32\msaudite.dll 2015-07-01 20:39 . 2015-07-15 16:02 686080 ----a-w- c:\windows\system32\adtschema.dll 2015-07-01 20:30 . 2015-07-15 16:02 172032 ----a-w- c:\windows\SysWow64\wdigest.dll 2015-07-01 20:30 . 2015-07-15 16:02 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll 2015-07-01 20:30 . 2015-07-15 16:02 248832 ----a-w- c:\windows\SysWow64\schannel.dll 2015-07-01 20:30 . 2015-07-15 16:02 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2015-07-01 20:30 . 2015-07-15 16:02 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll 2015-07-01 20:30 . 2015-07-15 16:02 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll 2015-07-01 20:30 . 2015-07-15 16:02 552960 ----a-w- c:\windows\SysWow64\kerberos.dll 2015-07-01 20:30 . 2015-07-15 16:02 36864 ----a-w- c:\windows\SysWow64\cryptbase.dll 2015-07-01 20:30 . 2015-07-15 16:02 17408 ----a-w- c:\windows\SysWow64\credssp.dll 2015-07-01 20:29 . 2015-07-15 16:02 50176 ----a-w- c:\windows\SysWow64\auditpol.exe 2015-07-01 20:29 . 2015-07-15 16:02 665088 ----a-w- c:\windows\SysWow64\rpcrt4.dll 2015-07-01 20:29 . 2015-07-15 16:02 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2015-07-01 20:27 . 2015-07-15 16:02 60416 ----a-w- c:\windows\SysWow64\msobjs.dll 2015-07-01 20:26 . 2015-07-15 16:02 146432 ----a-w- c:\windows\SysWow64\msaudite.dll 2014-03-07 09:03 3109520 --sha-r- c:\windows\SysWOW64\avcodec-lav-55.dll 2014-03-07 09:03 98960 --sha-r- c:\windows\SysWOW64\avfilter-lav-4.dll 2014-03-07 09:03 550032 --sha-r- c:\windows\SysWOW64\avformat-lav-55.dll 2009-09-27 08:39 415744 --sh--w- c:\windows\SysWOW64\avisynth.dll 2014-03-07 09:03 59536 --sha-r- c:\windows\SysWOW64\avresample-lav-1.dll 2005-07-14 10:31 32256 --sh--w- c:\windows\SysWOW64\AVSredirect.dll 2014-03-07 09:03 181392 --sha-r- c:\windows\SysWOW64\avutil-lav-52.dll 2004-02-22 09:11 764416 --sh--w- c:\windows\SysWOW64\devil.dll 2014-03-07 09:03 122512 --sha-r- c:\windows\SysWOW64\HLaudio.dll 2014-03-07 09:03 203408 --sha-r- c:\windows\SysWOW64\HLsplit.dll 2014-03-07 09:03 313520 --sha-r- c:\windows\SysWOW64\HLvideo.dll 2004-01-24 22:00 70656 --sh--w- c:\windows\SysWOW64\i420vfw.dll 2014-03-07 09:03 166544 --sha-r- c:\windows\SysWOW64\IntelQuickSyncDecoder.dll 2014-03-07 09:03 109712 --sha-r- c:\windows\SysWOW64\libbluray.dll 2011-02-11 08:26 112128 --sha-r- c:\windows\SysWOW64\OptimFROG.dll 2014-03-07 09:03 118416 --sha-r- c:\windows\SysWOW64\swscale-lav-2.dll 2010-01-06 22:00 107520 --sha-r- c:\windows\SysWOW64\TAKDSDecoder.dll 2012-10-05 17:54 188416 --sha-r- c:\windows\SysWOW64\winDCE32.dll 2004-01-24 22:00 70656 --sh--w- c:\windows\SysWOW64\yv12vfw.dll . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 189464 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 189464 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 189464 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 189464 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 189464 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 189464 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 189464 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 189464 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)] @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}" [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}] 2015-06-16 14:31 1730264 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)] @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}] 2015-06-16 14:31 1730264 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)] @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}] 2015-06-16 14:31 1730264 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 189464 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 189464 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 189464 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 189464 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 189464 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 189464 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 189464 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 189464 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Duden Korrektor SysTray"="c:\program files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe" [2011-07-14 332432] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] . c:\users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 39175960] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ PhraseExpress.lnk - c:\program files (x86)\PhraseExpress\phraseexpress.exe [2015-2-14 24602136] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\prwntdrv] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x] R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x] R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x] R3 BIG187TR;BIG187TR;c:\windows;c:\Windows [x] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x] R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x] R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x] R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x] R3 prwntdrv;prwntdrv;c:\windows\system32\prwntdrv.sys;c:\windows\SYSNATIVE\prwntdrv.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 Tortilla;Tortilla Driver;c:\windows\system32\DRIVERS\tortilla.sys;c:\windows\SYSNATIVE\DRIVERS\tortilla.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] R3 usbrndis6;USB-RNDIS6-Adapter;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] R3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys;c:\windows\SYSNATIVE\DRIVERS\ViaHub3.sys [x] R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R4 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x] R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x] R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x] R4 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe;c:\program files\OO Software\Defrag\oodag.exe [x] R4 PSEXESVC;PsExec;c:\windows\PSEXESVC.EXE;c:\windows\PSEXESVC.EXE [x] R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x] R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x] R4 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x] R4 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x] R4 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x] R4 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x] R4 VMwareHostd;VMware Workstation Server;i:\program files (x86)\VMware\vmware-hostd.exe;i:\program files (x86)\VMware\vmware-hostd.exe [x] S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x] S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x] S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv91xx.sys [x] S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\windows\SYSNATIVE\DRIVERS\NBVol.sys [x] S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x] S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x] S0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\DRIVERS\vidsflt.sys;c:\windows\SYSNATIVE\DRIVERS\vidsflt.sys [x] S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x] S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x] S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x] S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x] S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x] S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x] S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x] S2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x] S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x] S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi10-shared.sys;SysWOW64\drivers\vstor2-mntapi10-shared.sys [x] S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x] S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x] S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x] S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x] S3 Lycosa;Lycosa Keyboard;c:\windows\system32\drivers\Lycosa.sys;c:\windows\SYSNATIVE\drivers\Lycosa.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x] S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 rzp1endpt;Razer platform 1 end point;c:\windows\system32\DRIVERS\rzp1endpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzp1endpt.sys [x] S3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x] S3 rzvmouse;Razer Virtual Mouse;c:\windows\system32\DRIVERS\rzvmouse.sys;c:\windows\SYSNATIVE\DRIVERS\rzvmouse.sys [x] S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x] S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys;c:\windows\SYSNATIVE\DRIVERS\xhcdrv.sys [x] . . --- Andere Dienste/Treiber im Speicher --- . *NewlyCreated* - MBAMSWISSARMY . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] iissvcs REG_MULTI_SZ w3svc was apphost REG_MULTI_SZ apphostsvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\6de2ed6f-0b56-4d57-b0f0-551ec8cbb27f] 2011-07-01 09:38 153232 ---ha-w- c:\programdata\Duden\DKReg.exe . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-08-21 22:20 993608 ----a-w- c:\program files (x86)\Google\Chrome\Application\44.0.2403.157\Installer\chrmstp.exe . Inhalt des "geplante Tasks" Ordners . 2015-08-29 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000Core.job - c:\users\XXXX\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19 14:03] . 2015-09-02 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000UA.job - c:\users\XXXX\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19 14:03] . 2015-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-22 16:39] . 2015-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-22 16:39] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 226328 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 226328 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 226328 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 226328 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 226328 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 226328 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 226328 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2015-08-14 08:16 226328 ----a-w- c:\users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)] @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}" [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}] 2015-06-16 14:34 2335448 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)] @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}] 2015-06-16 14:34 2335448 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)] @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}] 2015-06-16 14:34 2335448 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError] @="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}] @="" [HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}] 2012-08-23 02:51 2741024 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress] @="{00F848DC-B1D4-4892-9C25-CAADC86A215D}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\{00F848DC-B1D4-4892-9C25-CAADC86A215D}] @="" [HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}] 2012-08-23 02:51 2741024 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk] @="{71573297-552E-46fc-BE3D-3DFAF88D47B7}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\{71573297-552E-46fc-BE3D-3DFAF88D47B7}] @="" [HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}] 2012-08-23 02:51 2741024 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-08-27 2634872] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-08-27 1710568] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2015-02-03 557768] . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.de/ mLocal Page = c:\windows\system32\blank.htm IE: Add to Playlist - c:\program files (x86)\PacketVideo\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll/314 IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office15\ONBttnIE.dll/105 IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office15\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{6E52A770-4EE5-46C5-B4DC-A63EDB952A82}: NameServer = 8.8.8.8 TCP: Interfaces\{BA931D55-3B76-4979-81B1-7FAC028934D2}: NameServer = 8.8.8.8 8.8.4.4 TCP: Interfaces\{DC1707F8-7594-46B9-AD69-0A7D1857CA76}: DhcpNameServer = 192.168.2.1 Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL FF - ProfilePath - c:\users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/ FF - prefs.js: network.proxy.ftp - localhost FF - prefs.js: network.proxy.ftp_port - 8118 FF - prefs.js: network.proxy.gopher - 221.12.147.80 FF - prefs.js: network.proxy.gopher_port - 808 FF - prefs.js: network.proxy.socks - localhost FF - prefs.js: network.proxy.socks_port - 8118 FF - prefs.js: network.proxy.ssl - localhost FF - prefs.js: network.proxy.ssl_port - 8118 FF - prefs.js: network.proxy.type - 0 FF - user.js: plugin.state.npcontentblocker - 2 FF - user.js: plugin.state.nponlinebanking - 2 FF - user.js: plugin.state.npvkplugin - 2 . - - - - Entfernte verwaiste Registrierungseinträge - - - - . Toolbar-Locked - (no file) Wow6432Node-HKLM-Run-<NO NAME> - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start ShellIconOverlayIdentifiers- - (no file) ShellIconOverlayIdentifiers- - (no file) ShellIconOverlayIdentifiers- - (no file) HKLM-Run-VIAxHCUtl - c:\via_xhci\usb3Monitor.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\XXXX] "ImagePath"="%SystemRoot%" . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96, 76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07, 72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0, b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47, 2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:6f,d2,3c,d8,ca,a0,cd,01 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,00,28,73,11,b1,74,b6,49,86,39,29,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,00,28,73,11,b1,74,b6,49,86,39,29,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.18" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}] @Denied: (A 2) (Everyone) @="IFlashBroker" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}] @Denied: (A 2) (Everyone) @="IFlashBroker2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib] @="{6EF568F4-D437-4466-AA63-A3645136D93E}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Zeit der Fertigstellung: 2015-09-02 19:35:52 ComboFix-quarantined-files.txt 2015-09-02 17:35 . Vor Suchlauf: 16 Verzeichnis(se), 21.109.202.944 Bytes frei Nach Suchlauf: 21 Verzeichnis(se), 21.030.453.248 Bytes frei . - - End Of File - - C2343721CDE3BA8319ADD7DCEFF7C16A Geändert von Kangal (02.09.2015 um 19:03 Uhr) |
03.09.2015, 17:57 | #12 |
/// the machine /// TB-Ausbilder | Windows 7 verzögert seinen Start erheblich Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
03.09.2015, 20:40 | #13 |
| Windows 7 verzögert seinen Start erheblich Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 03.09.2015 Suchlaufzeit: 19:01 Protokolldatei: Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.09.03.06 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 487708 Abgelaufene Zeit: 1 Std., 1 Min., 49 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Warnen PUM: Warnen Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.005 - Bericht erstellt am 03/09/2015 um 21:24:54 # Aktualisiert am 31/08/2015 von Xplode # Datenbank : 2015-08-31.2 [Server] # Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64) # Benutzername : # Gestartet von : G:\Downloads\adwcleaner_5.005.exe # Option : Löschen # Unterstützung : Forum - ToolsLib ***** [ Dienste ] ***** ***** [ Ordner ] ***** [-] Ordner Gelöscht : C:\Program Files\FileViewPro [-] Ordner Gelöscht : C:\ProgramData\SecTaskMan [#] Ordner Gelöscht : C:\ProgramData\mntemp [-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro [-] Ordner Gelöscht : C:\Users\\AppData\Local\SecTaskMan [-] Ordner Gelöscht : C:\Users\\AppData\Local\FileViewPro ***** [ Dateien ] ***** [-] Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\foxydeal.sqlite [-] Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\user.js [-] Datei Gelöscht : C:\Users\\Favorites\Links\Startfenster.lnk [-] Datei Gelöscht : C:\Users\\Favorites\Links\Startfenster.lnk ***** [ Verknüpfungen ] ***** ***** [ Geplante Tasks ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SDP [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileViewPro_is1 [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DF996584-63EC-4EAB-ADFE-FA9F5827E441} [!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DF996584-63EC-4EAB-ADFE-FA9F5827E441} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DF996584-63EC-4EAB-ADFE-FA9F5827E441} ***** [ Internetbrowser ] ***** ************************* :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Internet Explorer Richtlinien gelöscht :: Chrome Richtlinien gelöscht ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2888 Bytes] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.6.0 (08.31.2015:1) OS: Windows 7 Ultimate x64 Ran by XXXX on 03.09.2015 at 21:34:34,37 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster Scan Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster SkipUAC (XXXX) Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster Update ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer ~~~ Files ~~~ Folders Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{002F9272-FF33-4DAA-851F-F1149A73DFB3} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{00964720-DF01-4AB4-A830-231B88210A46} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{00B0BBB1-03A7-425D-A9A0-BA6DC5773E49} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{00F10CFB-473C-410E-B7D9-0B704D8A708D} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{0104791F-5BCC-44BC-8055-85E62521832C} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{02AB3A63-A383-4140-92FA-6CE3529B4B66} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{03AF9053-2856-4B02-8A72-AFD57610B795} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{055B6D24-3B46-4777-9321-FC4DAC886259} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{05E4FAA4-5C31-4765-89D9-A5137821430C} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{068BD742-CFA0-43BF-943D-C3181ECAC43F} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{0833376F-76D9-4229-95D2-5FF1D8AF4F57} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{08C4991A-163C-49E9-AB3A-922A0A68D55E} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{09A3100C-24EE-4674-8490-C9090D5E49AD} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{0A457E36-351D-49EA-82E6-79326D492115} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{0A813317-12CB-48CD-A10C-0C6F1578249D} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{0AAB52AD-CCE2-4A3D-9A10-36E36D680A69} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{0B71A0E6-E809-485F-AE4B-60378FBC22BB} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{0BE8E53F-D79B-4CED-BAF6-3BA02F6FE56B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{0BEA2FBD-37C4-4274-94E0-3FB0FBE6E1A0} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{0C902C3A-D5C5-41B7-902B-113FA5C34D64} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{0D0704E8-ED3C-4374-BD5E-8471960F2F9C} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{0EF99746-51D6-419D-BD16-C35EA95A3A28} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{0F18CED0-81FF-4965-8C97-B9D583AC4BE4} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{0F20898A-312C-43B5-B311-4D6E5D13E03C} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{10A933C1-B555-441C-BD82-5DA278300D79} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{10EEEE9F-4E03-4F94-9D37-BDBFC81A70C9} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{11FDA1E2-FD86-40A6-A565-105BD6C25BC3} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{125D3C83-6881-4F03-8F35-ED1F005442C5} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{129AFD0B-139E-4980-A647-E94F79BCC25C} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{12F49D21-56FD-42D6-9CD7-04F239CC10A9} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{13C9167C-B121-437B-8507-D589A551B077} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{14511D7D-1AA6-4551-9CAF-B05608CE4F68} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{14BFFD18-502C-48A5-A020-5132713E7915} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{14DE012C-4B0C-46F2-8D8E-32B92F265432} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{155113DD-DF15-4E05-B7BE-E9F0A3B73680} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{17261E19-8494-406C-B258-8E7587D44D7F} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{1754F0C6-B5CE-49EB-B0F1-41CCB6A107C3} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{177D87BA-3611-49BC-95CC-7EC55EA0E688} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{17A5274C-AEE0-44C5-8A90-D2467325439C} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{17D2E1F8-1DE4-4D54-A6EE-816D3C3DC2C3} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{1893880F-2CED-47B8-873E-43A4DB95B9CF} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{19747360-F8AE-49E9-A9F3-142B34D22915} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{19CBBD63-62B1-4617-9193-5FFF81ED5631} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{1A99ACDC-2CB7-4E6F-AE08-9E21AA61C754} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{1AAE9287-B1F6-4263-B642-D684190584E6} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{1C665B24-E1C9-488C-B9C5-0C9E5F3113A6} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{1CB63121-1774-457E-8BFA-54B302DBBB34} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{1E49DA37-0976-4E94-97E8-25E22ABC89B4} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{1EF19ECF-4E8D-437C-AB4E-008D500A646E} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{2006389F-33B7-4A2B-9929-A3DFCED57464} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{207B6109-F831-4768-ACBC-D846B9E159D0} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{20DD2C68-AE77-479B-8326-F771E20FF292} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{21B4C84E-9F74-460D-AC56-F7DD45F1E827} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{21C85E59-54C6-4FE3-ACDF-E4584908F1D7} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{221CF6BA-0C4F-4942-AF4F-B579DD555744} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{222AC4FB-720C-4DA0-B69A-555BD7E660A0} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{223D939F-966D-409E-B2B4-1A84EF4B9971} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{2269DA7A-72E5-4A65-830D-AD0E792865D2} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{22FD7BEF-F0C7-4AB9-B785-186966C05709} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{237F0141-2BC7-41EF-BBD6-E7C884EA72CF} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{23B82377-C478-4FAD-A61D-3DBDDF63D470} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{2496A7E5-2957-407A-9AD5-AE760439B3E9} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{24C0FEFD-0230-4926-AAA3-DF9C01CAD06A} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{24D412F4-5894-4A51-9D2E-96C4C0AF496C} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{24FF8899-2CCA-4AD5-BD85-1C7EA6B9F367} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{25B74439-3A57-4AFE-92A9-0A2369929809} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{2618908C-14F0-4E84-9006-F4EF795A4B1A} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{2778C28D-6A62-4E15-B19B-371171BDBDC0} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{29375CEB-99BB-40C1-8BAC-7FDF09F525FF} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{29A94665-8B2A-4637-9A11-754F097E9F90} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{29EDA6E9-41E1-49BC-8243-99D4751AFA7B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{2AA7F3E6-F488-4A85-82F9-CB12733ED5FD} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{2B2D42AE-1082-4814-B443-CF827117841D} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{2B2E6198-7F9C-4DFA-A8B2-80E9029555E5} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{2CC4AE09-7DF9-4A10-A366-0DB8E6693965} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{2CE854C3-1319-44E6-951D-D9A526AEECE2} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{2D5772FF-6606-4657-B67C-A7FD47CD1044} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{2E4DFF9F-592A-4B55-81A1-DB064509219C} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{2F67F8EE-B758-4044-8639-1E2144E4AA30} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{2FCBFF70-6B73-4D60-A1A5-1B98E44E1A3F} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{314CFBC9-7DFB-49A2-99D2-4CB3F65943FC} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{323C32C3-D4D3-4523-8EB0-0DCBA5847502} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{32EA1A1A-3145-4F63-AEBB-89425FB62EEA} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{3339F085-0B22-4537-9BF1-3BCB2F30E7A0} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{339C644C-151C-404C-BDC3-C9BCE47ABE99} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{33ACD901-5EA8-4C0C-8A63-E40A1212C8AD} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{33D2B53D-5251-4548-A00A-76E56F326C18} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{34B660C8-14E9-4F25-890B-7C98F7C0AE97} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{35EB0A33-6794-4BC3-A31E-1B87894D6262} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{36066FE0-BBAB-49D9-9C33-6B3BEC126FC6} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{36073926-AD90-469B-AF1A-7654A38F372B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{36487F7B-5683-45FC-9349-66D094F2E2E9} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{36FE9CB7-747D-45E3-8532-DA657E794F24} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{377F074A-4EAC-412B-8A5E-9C97C81003F8} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{38042B84-8E6B-4E27-AA04-065348F5251B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{380E548B-C4E9-4247-AE78-4839024EEF5E} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{3A511F52-AC0A-466C-848F-5EFD830EDD06} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{3B1C70E7-83C3-4EE3-BEED-31194884CD14} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{3B7B068B-B4F7-4D09-AC30-8C459477E0FA} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{3BCFEC78-E617-49ED-933E-40DFC75861CD} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{3CABFCF2-955F-42BC-A60E-11604BF86CAF} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{3D91EDD5-430E-47F2-905A-3C02610D692D} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{3D9F3267-A3D5-4F6D-BEF6-58467F08B8C1} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{3E874130-3931-4F80-80BC-EA623DFBAB73} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{3F0737CB-8820-4001-A5B2-7D91620B968E} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{402047AF-E7DF-48E1-A1DE-72DDB1653B2F} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{4144D818-FFFA-4A9D-B998-700E5E31B023} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{41DFD59E-AD95-4AF3-B851-4EA71812B5DB} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{426B3441-6229-4112-AE13-BD22B77D2381} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{42E6C6AE-CEEF-4E7A-8BA4-B49BCB036762} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{43D544F9-316E-4C57-B355-A973D264265D} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{44F6E03B-D2CE-417A-B83B-7DE249D6C5BC} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{45C3BDD9-AFE5-4493-9498-F0C43A098D49} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{469BD839-D5E9-4DA4-ADFC-BF9F95BA3D53} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{46F6ADF3-7E44-435A-9EA9-9D22DE42F03A} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{4710153E-F463-48BF-B319-F62FB4CEE0FD} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{4779CF4D-203F-4E23-957A-6698BED6A4BC} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{47C4D48F-01FB-4656-9985-6096130F695F} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{4AAD0F44-81B7-469E-A567-657567852B94} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{4BD7EB02-B87C-4FAF-9C2B-6125209D753A} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{4C605AA2-FEC6-4422-BD2C-38FEE78DBE30} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{4C8CBC20-BC8F-4F43-B70A-D40D2B2A113B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{4CA2A3D8-B5DB-44E2-B209-9E3D71288BA4} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{4E20BE78-6A96-4C77-ABD0-1218A15BC12D} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{4E8AE3F3-DEA7-4DE2-9CA3-827079E0D65F} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{4EB4EDAC-D59B-40BA-B5AB-D9693ED5A2B0} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{4F01082C-EE94-4C3A-8130-B2C9109E0C47} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{4F299692-F404-42F9-8F69-534CF15CF901} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{4F572981-3B44-4069-8FD6-4E8E34017261} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{4FBCE312-A9E2-4EDB-AA9A-DAC7EF49FD44} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{4FBD89B7-92E8-4651-93E4-7C7C09425F07} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{50ABCC2D-D3BF-4532-8F1C-72EE1A328F31} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{50CDB318-04CF-4BA8-BE80-86B408700F95} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{5168A4EA-74A4-47DC-A3A6-B9EA5F97B5D7} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{51D46474-D854-4E65-9C8A-6C1A670F6B9D} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{5302E568-63FF-4EFC-B438-726A98C5EB98} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{530DE2D3-68F1-46C2-84BC-54F49DB678B3} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{543DE000-0BB7-435C-9CC0-419F9F129E6D} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{545DD51A-863E-487B-9B24-9253BE3252C0} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{54C3358D-A9CD-42D2-8788-8071DA521DD2} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{54EDACC1-66ED-4402-B570-B077C1C57896} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{54F6E6CE-94F5-4674-AD22-3CD671B0A341} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{55750F41-7509-4C5E-8E0C-B4212D2E671C} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{55EED7D4-DA3C-4FA8-8313-B14E7FB40170} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{5637399F-2AD5-4358-9A0A-656FF91E7B7F} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{564EE37D-53A5-4E11-A073-16F04CFED218} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{567B52D8-8B9F-475F-B081-984C81C53F31} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{573AFEDE-6672-4B03-A9BD-FBBA704A2D8A} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{57B8E43E-D9E3-4543-8C5C-206DEB867D4B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{5830E57F-ADE8-44D1-A65C-32798AFF2522} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{598A290F-FFEE-4640-AAF3-C54362D033C6} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{5B44CF40-4028-42FE-BC61-9F25029C1913} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{5C20CAB5-DF22-48F2-9C30-DFF5607D4B27} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{5CAFF538-9E84-4F8C-9A13-DE338D1309B9} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{5CC024B4-13FD-4D2B-88E7-DA0FD00584CC} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{5D34EE20-8994-46DD-AA81-136556713675} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{5E1BD184-0FF7-4FB6-A214-9E0D410AAF1E} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{5E7E4942-AE38-4E09-85A2-4A559E31F574} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{5FAE75E6-BE18-46B9-8AB3-901456B9491E} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{5FFA0593-6799-4B3E-BE01-685D6A101525} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{613C8F11-B527-4DDF-8C79-B76C9B1E6C04} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{6222E40E-2221-43A0-994C-97C0CF03E774} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{624C91FB-0222-4BC7-81ED-64DE0232C48F} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{6258013F-34BA-4633-A50A-F1F2646DC4EE} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{629D44E7-9CAA-489B-899F-49F14AC03B43} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{635E8EDA-9838-4354-8168-4DB42FF38393} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{63BEE3EC-7695-4D8E-A440-E03C5238EE2B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{64B3F647-2CC8-4F53-8AA9-A2DA279B70C6} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{654FA964-1A75-41F3-8241-291998555962} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{6577725B-15AE-4145-91E4-926CBA71A6D4} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{658422F4-61B8-4705-8A1A-A60650502B15} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{664F7EFD-322E-4C57-ADAB-6F15109E90FC} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{675D4D25-9544-4277-A5B6-4B6F6418BEBE} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{677A52D6-7BBB-4E51-8174-FF4EE4F647A6} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{68B4762F-80FF-49A5-B83E-FAC67B8227B8} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{6916DB57-70B2-4EA4-9217-8128444393D1} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{69475237-5250-4ADE-BD40-8A0E3AC5BEB3} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{69F3874B-247B-49C0-AC4E-255AE89EAB5B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{6AAD5F94-9CA6-42D6-BA44-ADFC12E41458} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{6B8470AA-D4B2-4FFD-BF30-C83B69503866} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{6BE0091F-82B4-4BB8-B46E-9CC4E5D810A3} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{6CA659CC-E9FB-4FB1-AFB4-F1BE22FA7D1A} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{6CB9C161-5B78-461A-9500-38C33CAB6E1B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{6CE3B4DF-CF64-4D36-85E5-AEF117E11C02} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{6D850248-3EEB-43BC-BF42-F063B5581B91} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{6ED175DB-D08A-4948-8E31-4A2F69FBFD67} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{6F48151A-6C2F-4CEE-8F31-F9BDEBF29DE0} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{700FB753-4063-462E-A812-47B5182432E5} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{70E38FF5-070E-4C75-8FE3-527D243988F5} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{71C4D5B1-D381-4953-BECC-890C1414FE1B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{71D5F6E0-68D9-4368-BFFF-977BAAAD4366} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{73169392-2757-4AF0-B9DF-6B1EF9ACCD13} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{744EBD3F-EECE-469A-AF4B-DB3C997A5110} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{74565185-8559-4A32-93E7-989E55D7208B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{7506BE9B-CD68-4CD3-B492-3F5D4CD97625} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{753B1270-F789-4CA7-99FE-8CCFBD22975C} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{761ED1AC-EF36-4933-9E9E-9BD197519B19} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{76466C8F-9ACA-4968-A85A-395F5C1A879F} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{7682C3EA-7753-4981-9073-9B021F21BD0E} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{770151F8-4153-418D-AC2F-6A7B4914C694} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{77176961-04B2-41D7-8CAF-33F55E3BC71B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{775416E9-0090-4B49-B461-59E67A749D41} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{779EF993-2F97-4ADB-9AC0-C56B59A4FF24} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{77A4323F-5DE6-4296-BEDB-E6FF4D8A287F} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{77C4F6C2-2CC6-4AD9-9E94-8C2F796D07C9} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{78CF93C1-2FB5-4EEA-AC80-AE168FA80C6E} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{7A2C81E3-90DC-484A-B707-1E4D2C9AD13D} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{7A9E575E-C33D-4289-9CDC-FEC414D2B37A} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{7C47B842-8E1D-4330-A723-C6C51CE32DC1} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{7C739482-ADDE-4A67-8010-A334FC9F6200} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{7C92AB62-7741-44B6-B6BE-55C1379EF219} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{7D1E83DB-543F-4751-B1F5-5B106228B190} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{7D400BF0-7A3A-47C2-B7BB-A9879E39F354} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{7D611B21-56EC-4135-AD69-0E6E1811AC6A} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{7D823986-FAAA-4BD7-8424-70FD1DFE8C57} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{7DE7688A-FA8B-4463-B5EE-5469C7F67CFF} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{7E21941D-214C-4826-8725-E8D80F267C10} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{7E78C908-5312-49A9-A5C1-5323E35853E3} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{7F7BAFB4-10A0-4959-B2A8-6341E8FE16D4} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{80AA67FB-432A-407D-AAF8-C4747E8CD644} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{80FA6BEF-F9B1-4602-B911-120336A9A4E9} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{813A68BC-AB09-45E3-89DA-885031D50A43} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{8398DE69-F673-4A14-A882-676C7A03EB3B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{845D8601-1B89-4AE8-B5E9-96B898045817} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{84B8C1CF-F7C5-4463-B124-8A2109DF7DAE} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{84BB75EA-0828-4604-BBB6-FF8474D07940} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{88EEB322-210C-4F5C-B600-46729AB1BE8A} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{89BA74CF-8555-4669-AB54-1DEB17BAF443} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{8A08A496-2B7D-4AE6-8568-E2AAB02919EE} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{8A1CDF81-BB2A-4D39-9773-E6BF6A87D521} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{8A67D16A-DFD7-4F23-9572-2CBE765375EB} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{8AA6A2E1-3FD1-44CA-B3C8-73DD31A74EA3} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{8C28D10A-58A2-49B1-B6B0-2FB6A81B57C8} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{8C4144F5-6EA4-4065-92C3-72D56BF65B32} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{8C423BA1-B98B-4041-B88C-1781A13CA6AE} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{8C8D8DB0-8747-4103-A41B-7810E3AD85DA} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{8DA82B66-45C1-477C-A33F-6E69CCC4AD8F} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{8E02294B-2329-468D-B45F-506BE90B597A} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{8E89CA80-4CEC-4AA7-989D-B9F257F314C1} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{8EFC0584-D5AC-4199-98EE-343C88AB8123} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{8F057159-A1AE-49D7-8C89-4414F1F4B0B2} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{8FC87A8D-FEC4-4059-A738-096F58DC0180} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{9080C811-7D28-4972-9F7D-52E395494937} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{90AC041C-6A3E-4F52-8DC5-DEAF1DC84CBE} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{9164F582-ACFE-4337-8A3E-7ADDF61A9036} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{9327E3AF-A27E-4580-A60E-87382E1764C0} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{9375BA4D-07DC-4C01-8941-7193B3CEDBAC} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{93C74A0D-CE02-4CB4-9FBA-6916AC373911} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{941C8F42-6E72-43F7-B49C-94B4028AB3E9} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{94E08675-7442-4A41-9374-1B7617B4B40E} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{95703348-33C5-482A-8885-4D1DEED62AD9} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{97E1C9AB-3168-4F1A-BDF0-365A83D448AC} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{987B710D-C56E-4130-B153-BE68D454E5DC} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{98B68F55-E8E9-4F7B-82E2-D00FD5EF7258} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{99B41FF1-228D-4E11-B280-17EAD293068D} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{9A47A7CC-25D9-4AC6-A733-11AE86D63CA9} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{9AB3EE9B-51F8-48DC-8E7F-E931ABAE36D8} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{9AB98DAC-A439-486F-8C12-DD962B8690A4} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{9E9B6477-BC75-49DF-810C-EE7983AA04D0} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{9FDF0D35-68AD-4E84-862E-0BAA40B5B0EC} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{A204328E-798F-42D3-8340-528DA0406CB1} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{A23186CA-F921-4CF5-B4B4-D0180625C2E8} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{A437F47F-DDBB-46E8-9549-F48090DA58DA} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{A47E9048-5375-438B-B9B2-1B59D3C74F81} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{A64E790B-653F-4999-AEB5-E04D186270D7} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{A670EA0F-BA3E-45DE-9E8A-DEC71A14D23D} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{A815A6BE-21E9-488C-8FB8-0A15AC72158E} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{A81AB938-7BCF-4D5B-8B37-8721D7978BCD} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{A850F323-F124-4986-9E4A-787EC1C50AA1} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{A8C4EF3B-B1C5-41CA-B6E6-FB36A1B94E3F} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{A8E90E60-5916-4A73-BB53-79E1234B22C6} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{A9A33548-5644-4C4D-A408-E165DC7A02EA} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{A9EB3FA3-0E4E-4A35-B3A8-6C8F58A055CD} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{AA68BE41-62B8-4922-925F-140C6E4FA6F7} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{AA8092A7-0BB2-48E1-842D-313AE7B3DFE3} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{AA929AEB-4516-4923-9B0F-EA3BF5977D49} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{AA9CB764-56E9-4838-A65A-5EFBA8663D9C} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{AC4881FA-62FB-471B-B499-2BB2F2A120B4} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{AC696C2F-F898-438D-8ACD-BC243430493E} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{ACB740CD-0A1A-4C3A-A004-BB7CE5F1AEEE} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{AD3084C9-51A9-4A67-A84E-FEB62BB3B6B0} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{AD3ABB37-CC14-415B-AA7E-EB963910E218} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{AE1DA1E0-A3D5-4956-BE0A-5AF4E728BDCA} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{AE4F94C8-450F-4FD0-9A6D-C3A087F092C7} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{AEFC8F58-6D30-4E26-A072-4530C1E62A8A} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{AFBBF216-D8A5-4D8C-AA63-DF408C1FFD76} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B0C381BD-9954-4EFF-BA41-74E05F8F2C67} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B0CD448D-5048-4953-AE00-615611D4BD4E} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B0FD723E-603D-4FCE-92FF-F1F934F236B0} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B1999FDC-D842-45E6-B3B6-67857379CB3E} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B1B351F6-AC61-4BC7-BD3F-EC2E842CB499} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B1EB2E28-CAC7-40B6-8916-F9CA70FFDEF8} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B30A6B2B-8079-4224-8595-F6DCCB540CA4} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B3EE6A23-76CD-4497-90DF-11E71F76091C} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B46BC45D-4B5E-4F0B-B360-5BA0E041BB1A} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B4777726-59A2-4D5D-9BE1-8B241B0CAA76} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B648B411-FDC1-4180-9357-C851BBCFD90F} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B650ADCF-0573-4F1B-A93B-AA8DD39FB7D7} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B6AB15B8-775E-4897-ACC8-A1D1B4ED02FE} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B7BCB580-93DD-4AFC-B39B-3B1181CC60B7} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B8082ECE-1AD1-494E-96F2-4A3FA842D546} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B82A683C-3EC7-4BE5-BDFD-60A40C4B75CC} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B8863CB7-2EB9-4EB3-8C7A-54C7177F4781} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{B8EAB062-1AAF-45B6-9889-FC20AA3BE195} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{BA724B95-1608-4C39-91EB-147328DFC626} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{BB349F0B-0D09-4C60-B1B8-5E12260549B9} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{BC17C4C5-6671-4F20-A9E0-934A513D5A01} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{BC19D992-9D48-4489-9841-AE08438C605E} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{BC666ABB-1317-4BD5-A5FA-C09EB33EDC72} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{BD20254B-B4EE-49E8-BD65-1344529C9D7A} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{BDAC3C63-B4F5-49BE-A71C-D0989924A19C} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{BDBF40F1-AE8A-4F26-A62E-862D45E674AE} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{BDCCFCC4-B950-4A1D-AAF2-D13423767A87} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{BE40FC7F-556A-474E-98B2-721269A7A5EE} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{BED3401A-01E9-4425-A016-993BC325E065} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{BF6F8778-AB1E-4F76-8DC6-61E99958DF95} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{BF75B292-3662-4211-90B1-F4690DDB36A0} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C00FE32A-DB4A-49C2-936D-8E75B0198303} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C0F78C50-D41C-49DD-835D-919B6EE7ACD6} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C138AA19-A8BB-4A72-939A-105523563631} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C21AC6BC-AB48-4F04-8C6A-E02DB7B956FF} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C2291F36-94F9-4E83-BB49-82B4A2B8A875} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C2815005-2701-43FA-B8A6-7873342E0C42} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C2DC5589-5C14-423D-8E0D-FFB1501AC6A8} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C4B02F96-B78C-46F3-9FEB-BE19F1C406A0} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C4C5F4F6-67AB-4134-9CAA-726232700584} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C544A546-9F5E-48CC-BF98-54BF5844798B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C5C0A637-A325-4466-9ED4-950C24C49844} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C5C576BB-5DED-4C72-9BCD-2A85A278FC69} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C8185672-C759-4A49-95D5-757B73DFC4DC} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C82B9487-5FE1-4A0E-BBA1-A8C4209B6626} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C87CABF9-FE36-4528-A695-1D99157D1228} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C8C9513F-3ADA-4039-BCC9-49C571426FC7} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C8F456CE-A706-4B8E-ADD9-6D4366CFCAFA} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C9461E64-443F-4A8B-8BDB-B365B20CA2CA} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{C9BF5E2A-7076-4C05-B9D2-5AFC39A4196A} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{CC12FFC4-9ADE-4F40-BEAF-2249A9133403} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{CC81E68F-7669-4DC7-86EC-E118893D07AB} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{CCD72E23-6C81-4CB2-8775-3F0BE4A684B9} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{CD078A06-4185-4A50-8966-0992A27A3CD4} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{CE3FA868-03CD-4454-A33F-0D13682E13F4} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{CE72537B-85B6-43DA-BC00-96F3AFD87EDC} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{CF26DD3B-FAA1-42F6-B457-1C2DB267A94B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{CFDA50A2-AAB8-420F-9A6B-27473952064D} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{D00FB654-6454-4C6B-BE77-E29C767D5E67} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{D1CD9084-6198-4D38-ABF0-5460157F94E4} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{D2A3E46C-E332-47AB-AFA2-D63CC45A3257} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{D2C24513-2FD2-40D3-A2BF-8B026C9F2ABD} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{D2EE375C-711C-4B08-83DA-94CA395A5F5D} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{D3836132-7E96-4F7F-8E59-D8351E58EC29} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{D466B6D0-438A-4A3E-AC31-98E73A5E6CAA} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{D88AC66B-8DE1-41F8-98F0-021FF146ACF9} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{D958C5CC-1002-4318-8C17-343F14AEB834} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{D98E3F07-2474-4D84-80D5-655B7C35DA3C} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{DA1C59A9-6ABA-4D67-AD37-1BAD11E73098} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{DA25E149-69BA-4C43-B355-25451171DC1F} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{DCE35211-59EB-4410-A79F-2EC5547C9EAC} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{DD9020CB-4B20-4318-82BA-327929E0A80D} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{DDBA6F2E-4C7F-46B2-80A3-34D82096A1CF} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{E09AFDE2-75E6-4F19-8CAD-2F2E3FD2513D} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{E1599AC7-8686-4BFB-88E3-7D624919FFE9} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{E1B1E4CB-2A21-4CEA-B3F4-5DCF7CA6AF0E} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{E1EE0E42-804A-4E82-890D-319ACBF69F86} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{E4A1336B-5F73-4794-9FDE-7EC942875A09} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{E4CDFCA6-F9CD-4A80-AFF9-1844C826AEE7} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{E60FF7ED-D3BD-4300-BC45-7998B3802411} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{E706FE01-9453-4E83-9215-552862BE5E3B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{E8E142F8-6F35-4347-AE9E-621DCF7C530D} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{E9A50835-2ED1-47C5-86EB-73B39705EE60} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{E9FB07B2-9E8F-4DF5-924C-ED075C983061} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{E9FD6A61-D865-493B-BA53-99CEDCBE86C7} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{EAA8D291-3AA9-46CF-A27A-84496EEB6A33} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{EC39D1B4-24CF-4D76-B3F0-AAA621655168} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{ED2040CA-220C-4175-97A8-454CF74B5BB7} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{ED8D7B10-570F-4A63-B696-53CCEAB6E6FD} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{EE95C210-2A05-4B73-B07D-79382955D8D4} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{EEB538C7-CCF3-4F3E-B182-48E56077DC8E} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{EEC65221-91B9-4E4C-91C4-E0F1FAE1C5CF} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{F0202832-6CBA-47B1-8DFD-D92D9AAF21E5} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{F06750CA-71DF-49A8-AB5A-148882444C27} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{F118854F-B4B9-4C04-BDB5-5FEA22967FBD} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{F262FC96-E2E2-47EC-A35B-0D8160064E3C} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{F26E61DD-43F9-44B7-8F85-81AA639A06CD} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{F35B4740-BF26-412A-8218-EDFBF35F1900} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{F40CB340-1776-4BA3-99FF-543F3BA39B38} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{F44D9C4C-2A5F-4199-95D2-CDAB3B2C1BBE} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{F5B34A35-8E04-4BFF-AECA-8617096579BD} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{F5D5B81D-E0BD-457F-8073-26D0FFEF32AE} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{F6178732-46FA-443C-805B-E524914764EA} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{F70B6A83-9A90-48A4-8FEE-B64F64E66B98} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{F80AA24E-F546-4A72-AD8D-07CA0435C049} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{F83CE569-18B5-4CC1-9632-1AFB7E91E67B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{F990C72C-3249-4482-A064-31696399253B} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{FA3FAFA9-89D3-4FE7-B7EE-0535BC1C1162} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{FA7CEEBF-EFF0-45CC-A492-8153841979EA} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{FB83A2C4-C8C4-426A-9FFE-7853BB2833FC} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{FC405AFF-AA2A-4812-A5B0-91A2B43A6F47} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{FCBDCF54-53CD-4B14-A80B-88392D356DC2} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{FCCAA948-5D3A-4B09-A65C-D180403D3703} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{FCE49A11-900C-41FB-A30D-99905C57987F} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{FD3A8D51-8A13-494E-953E-7350AEE69F2D} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{FD51D70C-0F18-426F-A5B1-CA67AD4628AE} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{FDB2939D-1919-4F87-AB92-9AB6C1A05296} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{FDC04127-DCC4-4BB2-B7B5-4E7DAE87F6CF} Successfully deleted: [Empty Folder] C:\Users\XXXX\Appdata\Local\{FDF43E46-6A75-44C1-B137-7A21F8679F07} Successfully deleted: [Folder] C:\Program Files (x86)\iobit\driver booster Successfully deleted: [Folder] C:\ProgramData\iobit\driver booster Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(default) Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\driver booster 2 Successfully deleted: [Folder] C:\ProgramData\productdata Successfully deleted: [Folder] C:\Users\XXXX\AppData\Roaming\iobit\driver booster ~~~ FireFox Emptied folder: C:\Users\XXXX\AppData\Roaming\mozilla\firefox\profiles\m1m1ms4l.default\minidumps [121 files] ~~~ Chrome [C:\Users\XXXX\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\XXXX\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\XXXX\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\XXXX\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: [] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 03.09.2015 at 21:37:01,43 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
03.09.2015, 20:57 | #14 |
| Windows 7 verzögert seinen Start erheblichCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-08-2015 durchgeführt von XXXX (2015-09-03 21:43:24) Gestartet von G:\Downloads Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2043602396-935714135-939607167-500 - Administrator - Disabled) Gast (S-1-5-21-2043602396-935714135-939607167-501 - Limited - Enabled) => C:\Users\Gast XXXX (S-1-5-21-2043602396-935714135-939607167-1000 - Administrator - Enabled) => C:\Users\XXXX ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.22 - GIGABYTE) ABBYY FineReader 11 (HKLM-x32\...\{F1100000-0011-0000-0001-074957833700}) (Version: 11.0.460 - ABBYY) Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - ) Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{123A22CB-6D84-4135-A71F-886C9119E996}) (Version: 99.9 - Eyeo GmbH) AdblockIE (HKLM-x32\...\{5508128A-2C7B-46B5-81F9-58E8E8115F0B}) (Version: 1.2 - af0.net) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated) Adobe Dreamweaver CS5.5 (HKLM-x32\...\{0215A652-E081-4B09-9333-DC85AAB67FFA}) (Version: 11.5 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.) Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.) Alt.Binz 0.39.4 (HKLM-x32\...\Alt.Binz) (Version: 0.39.4 - Rdl) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.) AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.1.731 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Bat To Exe Converter Version 2.3.2 (HKLM\...\{60C29EC2-33E8-45EE-87E4-31FA3E35C539}_is1) (Version: 2.3.2 - Fatih Kodak) Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team) CCleaner (HKLM\...\CCleaner) (Version: 3.19 - Piriform) Cisco Packet Tracer 5.3.3 (HKLM-x32\...\Cisco Packet Tracer 5.3.3_is1) (Version: - Cisco Systems, Inc.) CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft) CodeWall Protection Suite 2009 v3.5.0 (HKLM-x32\...\CodeWall Protection Suite 2009_is1) (Version: - ) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation) Driver Booster 2.3 (HKLM-x32\...\Driver Booster_is1) (Version: 2.3 - IObit) Dropbox (HKU\S-1-5-21-2043602396-935714135-939607167-1000\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.) Duden-Rechtschreibprüfung PLUS (HKLM-x32\...\{45C5C113-AD43-414B-867D-7C0AF54276CB}) (Version: 8.01 - Bibliographisches Institut GmbH) EaseUS Partition Master 10.1 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS) EaseUS Partition Recovery 8.5 (HKLM-x32\...\EaseUS Partition Recovery_is1) (Version: - EaseUS) Easy Tune 6 B12.0210.2 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Easy Tune 6 B12.0210.2 (x32 Version: 1.00.0000 - GIGABYTE) Hidden FileZilla Client 3.10.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.2 - Tim Kosse) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG) FOCA Free (HKLM-x32\...\{B66CFB02-1CF0-41E8-AA79-8C7FA8BEC0FF}) (Version: 3.0.0 - Informatica64) Fragen-Lern-CD 4.6 (HKLM-x32\...\de.wendel.flcd-de) (Version: 4.6.5 - Wendel-Verlag GmbH) Fragen-Lern-CD 4.6 (x32 Version: 4.6.5 - Wendel-Verlag GmbH) Hidden Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere) MAGIX Music Maker MX Premium Download-Version (HKLM-x32\...\MAGIX_MSI_mm18dlx) (Version: 18.0.0.42 - MAGIX AG) MAGIX Music Maker MX Premium Download-Version (Synthesizer und Effekte) (HKLM-x32\...\{83D6C933-0C42-4448-8A21-625AEE5B9FCB}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Music Maker MX Premium Download-Version (Visuals) (HKLM-x32\...\{58ACDDC2-F83B-4BCF-92F2-E98180E7BEC8}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Music Maker MX Premium Download-Version (x32 Version: 18.0.0.42 - MAGIX AG) Hidden Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1010 - Marvell) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Application Compatibility Toolkit 5.6 (HKLM-x32\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 - DEU (HKLM-x32\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (HKLM-x32\...\{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}) (Version: 2.0.50331.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Silverlight 3 SDK - Deutsch (HKLM-x32\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation) Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{8583E7E3-2237-4981-B957-E28E5E9AB678}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{92C5C058-E941-47C3-B7E8-38A79C605969}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (HKLM-x32\...\{9C3B8582-A72A-4835-8903-877A834407BB}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{197B3774-B7E6-4D50-AD0D-7F99B1E264D2}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft Sync Framework Runtime v1.0 SP1 (x64) de (HKLM\...\{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Framework SDK v1.0 SP1 de (HKLM-x32\...\{08DA8E46-ED67-451A-9246-50E0FF6959C9}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Framework Services v1.0 SP1 (x64) de (HKLM\...\{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de (HKLM\...\{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}) (Version: 2.0.3010.0 - Microsoft Corporation) Microsoft Team Foundation Server 2010-Objektmodell - DEU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - DEU) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (HKLM\...\{95A2AD24-BD44-3E39-A31F-CE928276577E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual F# 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{681F4E9F-34E0-36BD-BF2C-100554E403A5}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.1 (HKLM\...\{903029FE-FA82-427B-916C-AD08185DA3C2}) (Version: 1.10.123.0 - Microsoft) Mortal Kombat X (HKLM-x32\...\TW9ydGFsS29tYmF0WA==_is1) (Version: 1 - ) Mouse Recorder Pro 2.0.7.5 (HKLM-x32\...\{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1) (Version: - Nemex Studios) MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla) Mp3tag v2.52 (HKLM-x32\...\Mp3tag) (Version: v2.52 - Florian Heidenreich) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.2 - Notepad++ Team) NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation) NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation) NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) O&O Defrag Free Edition (HKLM\...\{FD686BCC-33E0-4990-BB88-3DAA8C29511E}) (Version: 14.1.425 - O&O Software GmbH) Octoshape add-in for Adobe Flash Player (HKU\S-1-5-21-2043602396-935714135-939607167-1000\...\Octoshape add-in for Adobe Flash Player) (Version: - ) ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) OpenVPN 2.3.6-I001 (HKLM-x32\...\OpenVPN) (Version: 2.3.6-I001 - ) OpenVPN 2.3.6-I603 (HKLM\...\OpenVPN) (Version: 2.3.6-I603 - ) Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Password Recovery Bundle 2013 (HKLM-x32\...\Password Recovery Bundle 2013_is1) (Version: - Top Password Software, Inc.) PAYDAY 2 (HKLM-x32\...\PAYDAY 2_is1) (Version: - 505 Games) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) PDF24 Creator 5.6.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PhraseExpress v11.0.114 (HKLM-x32\...\PhraseExpress_is1) (Version: 11.0.114 - Bartels Media GmbH) PingPlotter Freeware (HKLM-x32\...\{8C99C3CB-763F-4D87-8ACA-81B6899207B1}) (Version: 1.30.0.11 - Nessoft, LLC) Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden Rainmeter (HKLM-x32\...\Rainmeter) (Version: 2.3.3 r1522 - ) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.) Recorder (HKLM-x32\...\ST6UNST #1) (Version: - ) Recuva (HKLM\...\Recuva) (Version: 1.42 - Piriform) Resident Evil Revelations 2 (HKLM-x32\...\Resident Evil Revelations 2_is1) (Version: - ) Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam) RouterControl 2.0 (HKLM-x32\...\RouterControl) (Version: - ) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1500.0 - SAMSUNG Electronics Co., Ltd.) Sandboxie 3.72 (64-bit) (HKLM\...\Sandboxie) (Version: 3.72 - SANDBOXIE L.T.D) Security Task Manager 2.0d (HKLM-x32\...\Security Task Manager) (Version: 2.0d - Neuber Software) Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SetEditSL40 (remove only) (HKLM-x32\...\SetEditSL40) (Version: - ) SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) SUPER © v2014.build.63+Recorder (2014/11/27) Version v2014.buil (HKLM-x32\...\{8E2A19E2-96BF-8659-4DA7-5C06C90719A4}_is1) (Version: v2014.build.63+Recorder - eRightSoft) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - ) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer) True Image 2013 (HKLM-x32\...\{59F3D2AC-5F1F-4A93-8F23-6FD4F029D9A9}Visible) (Version: 16.0.5551 - Acronis) True Image 2013 (x32 Version: 16.0.5551 - Acronis) Hidden Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.2 - Tunngle.net GmbH) Ulead GIF Animator 5 ESD (HKLM-x32\...\{8AF3E926-ED59-11D4-A44B-0000E86D2305}) (Version: - ) Ulead PhotoImpact X3 (HKLM-x32\...\InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}) (Version: 1.00.0000 - Corel) Ulead PhotoImpact X3 (x32 Version: 1.00.0000 - Corel) Hidden Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation) Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{0C5B0539-7EDE-4297-947E-48890971B557}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054946) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{9BBF212C-5BD8-4C8A-B65F-91342D904ED8}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - ) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes) VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - ) VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN) VMware Guest Console (HKLM-x32\...\{F254F97C-BE95-45B0-906A-411D88D768D4}) (Version: 1.1.0 - VMware) VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 9.0.1 - VMware, Inc) VMware Workstation (Version: 9.0.1 - VMware, Inc.) Hidden Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation) Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc) Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2043602396-935714135-939607167-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) Wireshark 1.8.2 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.8.2 - The Wireshark developer community, hxxp://www.wireshark.org) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{0324178B-9928-1973-C007-56D9308A6BD5}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{97D17A04-4438-4C8E-BAC7-BC21B8B9E999}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2043602396-935714135-939607167-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) ==================== Wiederherstellungspunkte ========================= ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2015-09-02 19:10 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {18BED193-4399-43D5-9AE7-E65ADE21BA56} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {37500177-0F80-45C8-927F-0C30C2AA0D00} - System32\Tasks\{7623D90C-C47A-4716-9204-EB617220E6BD} => C:\Users\XXXX\Desktop\RenaultImmCode.exe Task: {3E918253-F729-4EA9-A229-D5905631434B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {530EC9F8-B59D-4366-95CC-2F4511FC4FBC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000Core => C:\Users\XXXX\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.) Task: {6F692AF4-4838-4469-8D52-F94D801C2935} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {7692C8B6-965C-478A-9E74-F40635EEA3D0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000UA => C:\Users\XXXX\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.) Task: {9B1D94A7-9560-4992-85A1-0EE5C320A76E} - System32\Tasks\{06CCF1D8-0155-47F7-8E0B-2355C2D283AF} => C:\Users\XXXX\Desktop\RenaultImmCode.exe Task: {9B73D505-C388-4AF0-9A9A-1F2B5C0FEB13} - System32\Tasks\AdobeAAMUpdater-1.0-XXXX-XXXX => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-02-03] (Adobe Systems Incorporated) Task: {A7DAFEDE-B54F-40A5-A978-DD25A30AC0AD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {C945B595-803D-4EF2-A35E-44644B0F38E0} - System32\Tasks\{17094CEB-E0D7-4D24-A63D-B24689EF15BF} => pcalua.exe -a G:\Desktop\ydsrg\Ulead.PhotoImpact.X3\Ulead\setup.exe -d G:\Desktop\ydsrg\Ulead.PhotoImpact.X3\Ulead Task: {D2F3E914-A6BE-4EC9-9015-76BA3A75EF6F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {D4A6242C-2FE0-4F0D-A0F0-B2BD73EBDC6B} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.) Task: {F7511065-BB34-49D4-A2E6-2AFE4E4D0979} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000Core.job => C:\Users\XXXX\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000UA.job => C:\Users\XXXX\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-03-02 16:43 - 2015-03-02 16:43 - 00099288 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2015-02-05 01:24 - 2015-02-05 01:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2012-05-06 12:06 - 2003-04-18 19:06 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe 2015-06-08 21:06 - 2015-06-08 21:06 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll 2015-05-15 16:24 - 2015-05-15 16:24 - 02873856 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\XXXX\Desktop\20121127_211255.mp4.mp4:com.dropbox.attributes AlternateDataStreams: C:\Users\XXXX\Desktop\.bak:com.dropbox.attributes AlternateDataStreams: C:\Users\XXXX\Desktop\Teil2.jpg:com.dropbox.attributes ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2043602396-935714135-939607167-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: AcrSch2Svc => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: afcdpsrv => 2 MSCONFIG\Services: AllShare Play Service => 2 MSCONFIG\Services: BDESVC => 3 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: CGVPNCliService => 2 MSCONFIG\Services: defragsvc => 3 MSCONFIG\Services: ehRecvr => 3 MSCONFIG\Services: ehSched => 3 MSCONFIG\Services: EventSystem => 3 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: FirebirdServerMAGIXInstance => 3 MSCONFIG\Services: IDriverT => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: lxdiCATSCustConnectService => 2 MSCONFIG\Services: lxdi_device => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NAUpdate => 2 MSCONFIG\Services: OODefragAgent => 3 MSCONFIG\Services: OpenVPNService => 3 MSCONFIG\Services: pcapsvc => 2 MSCONFIG\Services: PSEXESVC => 3 MSCONFIG\Services: rpcapd => 3 MSCONFIG\Services: Samsung Link Service => 2 MSCONFIG\Services: SbieSvc => 3 MSCONFIG\Services: Serviio => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: SQLWriter => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: Stereo Service => 2 MSCONFIG\Services: SwitchBoard => 3 MSCONFIG\Services: syncagentsrv => 2 MSCONFIG\Services: TabletInputService => 3 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\Services: TunngleService => 3 MSCONFIG\Services: VIAKaraokeService => 2 MSCONFIG\Services: VMAuthdService => 2 MSCONFIG\Services: VMUSBArbService => 2 MSCONFIG\Services: VMwareHostd => 2 MSCONFIG\Services: WMPNetworkSvc => 2 MSCONFIG\Services: WSearch => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DeskNotifier.lnk => C:\Windows\pss\DeskNotifier.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Twonky Tray Control.lnk => C:\Windows\pss\Twonky Tray Control.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnk.Startup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung SSD Magician.lnk => C:\Windows\pss\Samsung SSD Magician.lnk.Startup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Serviio.lnk => C:\Windows\pss\Serviio.lnk.Startup MSCONFIG\startupfolder: C:^Users^XXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk.Startup MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AllShare Play => C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: Bonus.SSR.FR11 => "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun MSCONFIG\startupreg: CloneCDTray => "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW MSCONFIG\startupreg: Dropbox Update => "C:\Users\XXXX\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c MSCONFIG\startupreg: Duden Korrektor SysTray => C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r MSCONFIG\startupreg: HP Officejet Pro 8600 (NET) => "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN241BS0JD05KC:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1 MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KiesHelper => I:\Program Files (x86)\Kies\KiesHelper.exe /s MSCONFIG\startupreg: KiesPDLR => I:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe MSCONFIG\startupreg: KiesTrayAgent => I:\Program Files (x86)\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: lxdiamon => "C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe" MSCONFIG\startupreg: lxdimon.exe => "C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe" MSCONFIG\startupreg: Lycosa => "C:\Program Files (x86)\Razer\Lycosa\razerhid.exe" MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background MSCONFIG\startupreg: NBAgent => "I:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart MSCONFIG\startupreg: ncid.Net => "I:\Program Files (x86)\ncid.Net\ncid.Net.exe" wait MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: OODefragTray => C:\Program Files\OO Software\Defrag\oodtray.exe MSCONFIG\startupreg: PDFPrint => i:\Program Files (x86)\PDF24\pdf24.exe MSCONFIG\startupreg: ProxyCap => C:\PROGRA~1\PROXYL~1\ProxyCap\pcapui.exe MSCONFIG\startupreg: QuickTime Task => "I:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" MSCONFIG\startupreg: Samsung Link => "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe" MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" MSCONFIG\startupreg: Ulead AutoDetector v2 => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" MSCONFIG\startupreg: Vidalia => "C:\Program Files (x86)\Vidalia Bridge Bundle\Vidalia\vidalia.exe" MSCONFIG\startupreg: VirtualCloneDrive => "I:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s MSCONFIG\startupreg: vmware-tray.exe => "I:\Program Files (x86)\VMware\vmware-tray.exe" MSCONFIG\startupreg: VX3000 => C:\Windows\vVX3000.exe MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe MSCONFIG\startupreg: Windows Mobile-based device management => %WINDIR%\WindowsMobile\wmdcBase.exe MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{AEDAC9C9-1FE5-43DA-BF49-2CFAB5D41D94}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{0E6861A0-5CB8-40C1-947B-F6D63708E1E5}] => (Allow) LPort=2869 FirewallRules: [{08EE668D-A796-4691-93B3-7E9B676D04F3}] => (Allow) LPort=1900 FirewallRules: [{08D6886A-5E34-405F-8A3F-1F072408C658}] => (Allow) C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{520F9C17-AFFA-45F1-BCEB-5C9198EABC41}] => (Allow) C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{4B03CF2B-7117-4E2B-90A8-33970783DE43}C:\users\XXXX\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\XXXX\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{77CE7E9A-C8B8-4E16-9A20-082FBD4189B8}C:\users\XXXX\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\XXXX\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{C888EA44-92A1-4CE4-8BF0-2876DF41A017}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{2D845376-B8CF-4E8C-AA75-480E30F39729}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{87D2C998-2F24-4DCD-9975-2122D227E506}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{8C7D72C7-8495-46B0-AFDB-3BAFCB32D77F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{7309C3C5-E569-4D4E-8F68-8CE7A9C98AE9}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{7CB1E3BB-826B-4F94-9C1A-166AD44D7B2F}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{80769F4B-865F-4E7E-9F56-854ACFBC6D79}] => (Allow) I:\Program Files (x86)\VMware\vmware-authd.exe FirewallRules: [{D712C87A-B244-4C22-ADB0-AA99220876A3}] => (Allow) I:\Program Files (x86)\VMware\vmware-authd.exe FirewallRules: [{338A7708-AF3E-4942-88B8-5BED82E8CB55}] => (Allow) I:\Program Files (x86)\VMware\vmware-hostd.exe FirewallRules: [{05BD51E9-C6D6-4A2F-8859-C0F5360DFA57}] => (Allow) I:\Program Files (x86)\VMware\vmware-hostd.exe FirewallRules: [{8AC93B9A-9F55-4BA5-B208-74E50D0403C6}] => (Allow) LPort=8743 FirewallRules: [{BA979404-4F8F-4FC0-894C-5906F6C6252E}] => (Allow) LPort=8643 FirewallRules: [{5CE09C16-6A5A-4879-8284-89D2CC2127B1}] => (Allow) LPort=7676 FirewallRules: [{ECB68A50-B6C9-429E-8DC0-046C066C6EA9}] => (Allow) LPort=7679 FirewallRules: [{F649F412-40A2-40BD-BB0C-E7CC4F33A65C}] => (Allow) LPort=24234 FirewallRules: [{5AD1D472-7112-45EC-9DAD-9ACCE93AC08D}] => (Allow) LPort=7900 FirewallRules: [{80F19489-EE47-4A54-93C8-7ADB1D1F85E8}] => (Allow) LPort=1900 FirewallRules: [{4EA6F7B8-AE19-4540-8664-109D78C6BE79}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{BEFA2E63-E0D9-4854-BDDE-CF69C326548A}] => (Allow) LPort=8743 FirewallRules: [{2EBF1CD5-2B8A-4E1D-8833-3206A5CCF6C2}] => (Allow) LPort=8643 FirewallRules: [{8DC72734-6132-4EB9-B1C1-C0BC931B897B}] => (Allow) LPort=7676 FirewallRules: [{A737E3CB-3875-40C2-BED0-414E9982F325}] => (Allow) LPort=7679 FirewallRules: [{890F3363-901E-442A-A1E5-5FB17749218D}] => (Allow) LPort=24234 FirewallRules: [{F954FC3A-FC2D-44E2-B696-F09280A3FFB6}] => (Allow) LPort=7900 FirewallRules: [{96B2AA0A-A53D-4E41-939B-650690088251}] => (Allow) LPort=1900 FirewallRules: [{63FA351D-BCC7-419E-B075-946E6B9B4C95}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{B127E7A8-8E20-4CBB-97E2-28CFEAA0A7ED}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{0EB5BF35-C9BB-488F-B6DF-A6B874F5338E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{537E8EBF-4FA3-4A71-87C3-5462F2B5EC48}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{6289B3B4-BE89-4FF6-AD9D-2A0703BF33D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe FirewallRules: [{F60A2DE1-B286-4329-9DCA-21668A907C20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe FirewallRules: [{D537E452-F426-4A2F-BABE-600C7EC8480E}] => (Allow) LPort=3333 FirewallRules: [{63B7FB88-14A6-4CBC-9DBB-D510EC3848FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe FirewallRules: [{4A5FB236-395D-4203-8879-A381457CEC18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe FirewallRules: [{3830F125-B012-489D-B8F5-D8891B13C985}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{8603A60C-F713-4C96-9F49-1EA5307C2D2A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{6396037E-838B-457E-8458-2DE2F4FD61F5}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{9F1E4F1C-A5F6-4BDD-952E-1071A51491F2}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{C79E8855-B891-4A1C-AA73-7E28B054332F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe FirewallRules: [{7ED5AE1A-B10F-400B-B3C6-9CC9CC1B9D90}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe FirewallRules: [{4FBF630A-F416-4B83-89D8-DD1C4C8F20D2}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe FirewallRules: [{0C8568E3-B34F-4E0A-974C-23ECEAD90A6E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe FirewallRules: [{F70B9775-5092-4A0B-8CAE-54B5CDDCCD0A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe FirewallRules: [{0173288E-ED6B-413A-9F1D-F07BF70BE28F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{59E1393D-5E3A-4E77-A09E-BD4A1A5B750E}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{CA14FEEB-E258-4719-8236-94BCDA76BDF3}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{F045ED46-B32C-4177-AE14-B81ACAF2027B}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{D1AB8FAF-92FE-4B67-90EE-4B481352A6BA}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{AAF296FA-8C84-4262-ACD3-9703D4E3EBD5}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{1387DF72-95D7-4E5E-A7D1-FCF7B377594A}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{0F56AE10-D2B5-4C6D-8947-16B179371BEA}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{88793C40-CAE3-4A10-AE1A-FE95E5BD4F4F}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{A78E0005-99AB-4FB1-B411-75FE2A9D39A5}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{6214D3E0-E8A8-4676-A04A-FAF8757BFD2F}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{53E87557-31C2-42F8-97E6-D4D35E7D6E9B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{EA9CCF97-801F-4EC3-999A-95EBD6B1BCB8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{8DA6CB88-F740-41B9-B636-E1ECAACBADC3}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{41E735F5-7C23-4A5E-A70D-90C86985A33F}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{317050C6-EE52-4F9A-A2A2-3902C65C70D1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{00716481-1A34-4798-ACF9-52A809C163A6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{B522CC94-1D05-4CBB-A7B9-D7F57FFF1505}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{D89680B7-C151-4200-82A1-3A1D5C547534}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{EF1D4947-84D5-485F-9D45-D6A91C61A28E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{D76A4767-C4BB-4355-A54E-9070A60D4B11}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{C9B868A0-939A-42ED-AE7C-A81EAD596B05}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{DB61667E-7381-499C-9BE8-A6F9E74305DE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{27D18EB8-5E18-42A1-B09E-A49CE747DE38}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B8FB9700-AD4D-4036-B357-3D26AD7307F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D55B51B8-C605-42E1-8FA2-221471BA3B0B}] => (Allow) C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe FirewallRules: [{AA266365-987A-460E-8C38-5ED10674B5F1}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe FirewallRules: [{CBD96846-E6BE-49AE-A3CA-68E13499259F}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe FirewallRules: [TCP Query User{84F801E9-933D-4EED-98E9-7D59C9A12213}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{4DADCD5C-077F-44EA-9C2F-A10B4AABDEB9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{758144FC-A84F-4E80-BF73-8DE301BDE756}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{6D49665C-E1D6-4A8E-96F7-BF37667AF6B1}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{5C5A22F4-5F5F-4E30-AB74-E1C5351BB3CE}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{7B4DF862-4345-479F-8431-41EBFDF01235}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{7DE60579-47EC-4734-8C46-CB01F989AEC4}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{D37984B1-2AD8-42B4-A9BE-0C3FF2193D1E}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{B1296283-4FA3-4E29-9FC0-C9524105C7CF}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{0D72E523-DE57-403F-8211-10F0746FAE84}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{FD4142AE-682B-4534-A04F-B8B3E7F21C63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{191705A0-C9B1-45C2-BA2F-E2C6BCFD39A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{6D8619F1-BEF3-416E-971B-959ED0EBB750}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{1128D4A8-CFDA-491C-94AC-4A244E6584BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{47FC8FBC-B5AA-4E31-859E-5466CD9180BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{665C8E9E-8A76-4DC4-A68E-74A3FDC3BA14}] => (Allow) C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe FirewallRules: [{14A52900-F6E3-4D06-AC3A-109E631A8E08}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{9668403E-9360-440D-BF6F-A8C4E544FCFB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{C7D06BEE-2837-4C6F-A20F-8787F4F9FC27}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{8EDFC29F-C88A-4B54-A8BF-71B595F92B20}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{34D74527-D7F5-4EB6-A374-D134DD7E1855}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Tortilla Adapter Description: Tortilla Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: CrowdStrike Service: Tortilla Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: VIA USB 3 Root Hub Description: VIA USB 3 Root Hub Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: VIA Service: VUSB3HUB Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. . Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {361f8c22-d7e4-46d9-903f-4be7ba4ed248} Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. ] Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {361f8c22-d7e4-46d9-903f-4be7ba4ed248} Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. . Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4} Generatorname: ASR Writer Generatorinstanz-ID: {38335668-0eb8-4897-adad-1d276ba553be} Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. ] Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4} Generatorname: ASR Writer Generatorinstanz-ID: {38335668-0eb8-4897-adad-1d276ba553be} Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 12346) (User: ) Description: Volumeschattenkopie-Fehler: Beim Initialisieren des Registrierungs-Generators ist ein Fehler "0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. " aufgetreten. Dies kann dazu führen, dass keine Schattenkopien mehr erstellt werden können. Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. . Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f} Generatorname: COM+ REGDB Writer Generatorinstanz-ID: {ebe92ca1-20b4-443e-8bea-4b825aca96c4} Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. ] Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f} Generatorname: COM+ REGDB Writer Generatorinstanz-ID: {ebe92ca1-20b4-443e-8bea-4b825aca96c4} Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 12342) (User: ) Description: Volumeschattenkopie-Fehler: Beim Initialisieren des Registrierungs-Generators ist ein Fehler "0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. " aufgetreten. Dies kann dazu führen, dass keine Schattenkopien mehr erstellt werden können. Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Subscribing the Registry server writer failed. hr = 8004230208lx" ist ein unerwarteter Fehler aufgetreten. hr = 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. . Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. . Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {afbab4a2-367d-4d15-a586-71dbb18f8485} Generatorname: Registry Writer Generatorinstanz-ID: {e2048393-8732-4456-be2d-5d2e238719e6} Systemfehler: ============= Error: (09/03/2015 09:37:00 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Modules Installer" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (09/03/2015 09:35:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error: (09/03/2015 09:35:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error: (09/03/2015 09:34:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/03/2015 09:34:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/03/2015 09:34:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (09/03/2015 09:34:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts. Error: (09/03/2015 09:34:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/03/2015 09:34:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Microsoft Office: ========================= Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {361f8c22-d7e4-46d9-903f-4be7ba4ed248} Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 13) (User: ) Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {361f8c22-d7e4-46d9-903f-4be7ba4ed248} Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4} Generatorname: ASR Writer Generatorinstanz-ID: {38335668-0eb8-4897-adad-1d276ba553be} Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 13) (User: ) Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4} Generatorname: ASR Writer Generatorinstanz-ID: {38335668-0eb8-4897-adad-1d276ba553be} Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 12346) (User: ) Description: 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f} Generatorname: COM+ REGDB Writer Generatorinstanz-ID: {ebe92ca1-20b4-443e-8bea-4b825aca96c4} Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 13) (User: ) Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f} Generatorname: COM+ REGDB Writer Generatorinstanz-ID: {ebe92ca1-20b4-443e-8bea-4b825aca96c4} Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 12342) (User: ) Description: 0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Subscribing the Registry server writer failed. hr = 8004230208lx0x80042302, Unerwarteter Fehler bei einer Komponente des Volumeschattenkopie-Diensts. Weitere Informationen finden Sie im Anwendungsereignisprotokoll. Error: (09/03/2015 09:43:24 PM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Vorgang: Generator wird abonniert Kontext: Generatorklassen-ID: {afbab4a2-367d-4d15-a586-71dbb18f8485} Generatorname: Registry Writer Generatorinstanz-ID: {e2048393-8732-4456-be2d-5d2e238719e6} CodeIntegrity: =================================== Date: 2015-09-02 19:05:51.105 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-09-02 19:05:51.089 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-10-15 15:36:20.344 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:20.343 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:07.945 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:07.944 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:06.378 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:06.377 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:06.309 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-15 15:36:06.308 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz Prozentuale Nutzung des RAM: 19% Installierter physikalischer RAM: 16346.1 MB Verfügbarer physikalischer RAM: 13104.88 MB Summe virtueller Speicher: 32690.4 MB Verfügbarer virtueller Speicher: 29558.81 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:119.14 GB) (Free:19.88 GB) NTFS Drive e: (Lokaler Datenträger) (Fixed) (Total:532.31 GB) (Free:322.67 GB) NTFS Drive g: (Datenablage verschlüsselt) (Fixed) (Total:787.7 GB) (Free:452.07 GB) NTFS Drive i: (Lokaler Datenträger) (Fixed) (Total:543 GB) (Free:333.19 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 287BD303) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 1863 GB) (Disk ID: 08AF215D) Partition 1: (Not Active) - (Size=543 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=532.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=787.7 GB) - (Type=OF Extended) ==================== Ende von Addition.txt ============================ |
03.09.2015, 21:05 | #15 |
| Windows 7 verzögert seinen Start erheblichCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015 durchgeführt von XXXX (Administrator) auf XXXX (03-09-2015 21:41:14) Gestartet von G:\Downloads Geladene Profile: XXXX (Verfügbare Profile: XXXX & Gast & DefaultAppPool) Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Windows\System32\alg.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE () C:\Windows\SysWOW64\srvany.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-18\...\Run: [Duden Korrektor SysTray] => C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe [332432 2011-07-14] (Expert System S.p.A.) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-08-23] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-08-23] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-08-23] (Acronis) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XXXX\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk [2015-02-14] ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH) Startup: C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-05-05] ShortcutTarget: Dropbox.lnk -> C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{6E52A770-4EE5-46C5-B4DC-A63EDB952A82}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{A7C49B14-6673-4ADC-A993-8E7C8533DC84}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{BA931D55-3B76-4979-81B1-7FAC028934D2}: [NameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{CCC0AE25-2C9A-4910-A809-139875360682}: [DhcpNameServer] 7.254.254.254 Tcpip\..\Interfaces\{DC1707F8-7594-46B9-AD69-0A7D1857CA76}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-2043602396-935714135-939607167-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-2043602396-935714135-939607167-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ SearchScopes: HKU\S-1-5-21-2043602396-935714135-939607167-1000 -> DefaultScope {59826FA5-C97C-46CF-A838-A3F839956BF4} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2043602396-935714135-939607167-1000 -> {59826FA5-C97C-46CF-A838-A3F839956BF4} URL = hxxps://www.google.com/search?q={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Adblock Plus) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-30] (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: af0.Adblock.BHO -> {90EFF544-3981-4d46-85C9-C0361D0931D6} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-30] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus) DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Keine Datei Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Keine Datei Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default FF SearchEngineOrder.1: SuchMaschine FF Homepage: hxxp://www.google.de/ FF NetworkProxy: "autoconfig_url", "https://www.premiumize.me/682379127/proxy.pac" FF NetworkProxy: "backup.ftp", "localhost" FF NetworkProxy: "backup.ftp_port", 8181 FF NetworkProxy: "backup.gopher", "217.17.241.245" FF NetworkProxy: "backup.gopher_port", 80 FF NetworkProxy: "backup.socks", "localhost" FF NetworkProxy: "backup.socks_port", 8181 FF NetworkProxy: "backup.ssl", "localhost" FF NetworkProxy: "backup.ssl_port", 8181 FF NetworkProxy: "ftp", "localhost" FF NetworkProxy: "ftp_port", 8118 FF NetworkProxy: "gopher", "221.12.147.80" FF NetworkProxy: "gopher_port", 808 FF NetworkProxy: "share_proxy_settings", true FF NetworkProxy: "socks", "localhost" FF NetworkProxy: "socks_port", 8118 FF NetworkProxy: "ssl", "localhost" FF NetworkProxy: "ssl_port", 8118 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-30] () FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-04-02] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.1 -> I:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> I:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-30] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-04-02] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> I:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> I:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> I:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: Adobe Acrobat -> I:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-03-17] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [Keine Datei] FF Plugin HKU\S-1-5-21-2043602396-935714135-939607167-1000: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll Keine Datei FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-05-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-05-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-05-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-05-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-05-25] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.) FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\duckduckgo.xml [2014-06-11] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\englische-ergebnisse.xml [2012-09-29] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\gmx-suche.xml [2012-09-29] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\lastminute.xml [2012-09-29] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\search_engine.xml [2014-05-20] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\startpage-ssl.xml [2014-06-22] FF SearchPlugin: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\searchplugins\webde-suche.xml [2012-09-29] FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\de_DE@dicts.j3e.de [2015-02-28] FF Extension: British English Dictionary (Updated) - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\en-gb@flyingtophat.co.uk [2015-06-26] FF Extension: United States English Spellchecker - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\en-US@dictionaries.addons.mozilla.org [2014-07-01] FF Extension: Virtus Search Opt-in - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\extension@virtusdesigns.com [2013-03-30] FF Extension: Real-Debrid Plugin - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\real@debrid [2015-02-15] FF Extension: Türkçe Yazım Denetimi - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\tr-fix@dictionaries.addons.mozilla.org [2015-06-26] FF Extension: mediaplayerconnectivity - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6} [2015-05-29] FF Extension: WOT - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-10] FF Extension: Block site - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2015-05-29] FF Extension: Alldebrid - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\alldebrid@alldebrid.com.xpi [2013-03-30] FF Extension: CanvasBlocker - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\CanvasBlocker@kkapsner.de.xpi [2015-06-21] FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\elemhidehelper@adblockplus.org.xpi [2015-06-27] FF Extension: Firebug - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\firebug@software.joehewitt.com.xpi [2014-05-30] FF Extension: Ghostery - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\firefox@ghostery.com.xpi [2015-01-21] FF Extension: ProxTube - Unblock YouTube - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11] FF Extension: YouTube Center - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2013-09-24] FF Extension: User-Agent Switcher - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\jid1-kyxEAcWua7BEKq@jetpack.xpi [2015-06-07] FF Extension: Premiumize.me - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi [2015-06-07] FF Extension: Türkçe (TR) Language Pack - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\langpack-tr@firefox.mozilla.org.xpi [2015-05-20] FF Extension: Personas Plus - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\personas@christopher.beard.xpi [2013-03-30] FF Extension: Save as PDF - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2013-03-30] FF Extension: Test Pilot - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-03-30] FF Extension: Stylish - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-03-30] FF Extension: NoScript - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-30] FF Extension: Tamper Data - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2013-03-30] FF Extension: Biet-O-Matic Firefox Erweiterung - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{B0D70E72-2FC1-4b9f-A3D4-5921C854D906}.xpi [2013-03-30] FF Extension: Web Developer - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2013-03-30] FF Extension: Adblock Plus - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-30] FF Extension: Disable Anti-Adblock - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi [2014-05-30] FF Extension: Tab Mix Plus - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-03-30] FF Extension: Greasemonkey - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-08-28] FF Extension: User Agent Switcher - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2014-02-04] FF Extension: Adblock Edge - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\m1m1ms4l.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-02-27] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-08-28] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - I:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn Chrome: ======= CHR Profile: C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-22] CHR Extension: (Google Docs) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-22] CHR Extension: (Google Drive) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-22] CHR Extension: (YouTube) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-22] CHR Extension: (Google Search) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-22] CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-09-01] CHR Extension: (Google Sheets) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-22] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12] CHR Extension: (Chrome Web Store Payments) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-22] CHR Extension: (Gmail) - C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-22] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - https://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () S2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Datei ist nicht signiert] S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Datei ist nicht signiert] S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation) S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Datei ist nicht signiert] S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation) S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation) S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation) S4 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3049800 2011-01-12] (O&O Software GmbH) S4 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [33080 2014-12-01] (The OpenVPN Project) S4 PSEXESVC; C:\Windows\PSEXESVC.EXE [181064 2014-05-28] (Sysinternals) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] () S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.) S3 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [98576 2012-06-17] (SANDBOXIE L.T.D) S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation) S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH) S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [792016 2015-02-09] (Tunngle.net GmbH) S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2015-04-27] (VIA Technologies, Inc.) S4 VMAuthdService; I:\Program Files (x86)\VMware\vmware-authd.exe [79872 2012-11-01] (VMware, Inc.) [Datei ist nicht signiert] S4 VMwareHostd; I:\Program Files (x86)\VMware\vmware-hostd.exe [13234176 2012-11-01] () [Datei ist nicht signiert] R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] () S3 BIG187TR; C:\Windows [0 2015-09-02] () <==== ACHTUNG (Null Byte Datei/Ordner) S3 BIG187TR; C:\Windows\SysWow64 [0 2015-09-02] () <==== ACHTUNG (Null Byte Datei/Ordner) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [Datei ist nicht signiert] S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14920 2013-03-07] () [Datei ist nicht signiert] S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [Datei ist nicht signiert] S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [Datei ist nicht signiert] R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-04-27] (REALiX(tm)) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2015-04-27] (Qualcomm Atheros Co., Ltd.) R3 Lycosa; C:\Windows\System32\drivers\Lycosa.sys [28928 2015-04-27] (Razer USA Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-03] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-04-27] (Intel Corporation) S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) S3 prwntdrv; C:\Windows\system32\prwntdrv.sys [18528 2014-10-23] () S3 prwntdrv; C:\Windows\SysWOW64\prwntdrv.sys [15456 2014-10-23] () R3 rzp1endpt; C:\Windows\System32\DRIVERS\rzp1endpt.sys [40104 2014-12-30] (Razer Inc) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.) R3 rzvmouse; C:\Windows\System32\DRIVERS\rzvmouse.sys [31912 2014-12-30] (Razer Inc) S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [166576 2012-06-17] (SANDBOXIE L.T.D) R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [1093256 2013-01-06] (Acronis) S3 Tortilla; C:\Windows\System32\DRIVERS\tortilla.sys [14992 2014-01-19] () S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation) R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [166024 2013-01-06] (Acronis) R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.) S3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [204800 2011-11-15] (VIA Technologies, Inc.) R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [296960 2015-04-27] (VIA Technologies, Inc.) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-03 21:37 - 2015-09-03 21:37 - 00046607 _____ C:\Users\XXXX\Desktop\JRT.txt 2015-09-03 21:22 - 2015-09-03 21:24 - 00000000 ____D C:\AdwCleaner 2015-09-02 19:36 - 2015-09-02 19:36 - 00056105 _____ C:\ComboFix.txt 2015-09-02 18:58 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2015-09-02 18:58 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-09-02 18:58 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-09-02 18:58 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-09-02 18:58 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2015-09-02 18:58 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2015-09-02 18:58 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2015-09-02 18:53 - 2015-09-02 19:37 - 00000000 ____D C:\Qoobox 2015-09-02 18:53 - 2015-09-02 19:24 - 00000000 ____D C:\Windows\erdnt 2015-09-01 22:02 - 2015-09-01 22:02 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-08-31 23:18 - 2015-09-03 18:25 - 00007060 _____ C:\Windows\PFRO.log 2015-08-31 22:10 - 2015-08-31 23:38 - 00001446 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk 2015-08-31 19:30 - 2015-08-25 16:08 - 00574072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-08-31 19:28 - 2015-08-25 20:46 - 42840368 _____ C:\Windows\system32\nvcompiler.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 37819184 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 22525560 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 18543736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 16637336 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 15512888 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 14936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 13661160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 12185152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 11089200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-08-31 19:28 - 2015-08-25 20:46 - 02940720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 02627704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 01898288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435582.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 01558648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435582.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 01106672 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 01075320 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 01064752 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 00986232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 00945456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 00944736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-08-31 19:28 - 2015-08-25 20:46 - 00033025 _____ C:\Windows\system32\nvinfo.pb 2015-08-31 19:23 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-08-31 19:23 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-08-30 17:55 - 2015-08-30 17:55 - 00002189 _____ C:\list.txt 2015-08-30 17:55 - 2015-08-30 17:55 - 00000096 _____ C:\Users\XXXX\Desktop\list.bat 2015-08-30 17:13 - 2015-09-03 21:41 - 00000000 ____D C:\FRST 2015-08-30 14:48 - 2015-08-30 15:24 - 00012173 _____ C:\Users\XXXX\Desktop\hijackthis.log 2015-08-30 13:28 - 2015-09-03 21:29 - 00001971 _____ C:\Windows\setupact.log 2015-08-30 13:28 - 2015-08-30 13:28 - 00000000 _____ C:\Windows\setuperr.log 2015-08-30 02:50 - 2015-08-31 17:23 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-08-30 02:50 - 2015-08-31 17:23 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-08-30 02:29 - 2015-08-30 02:29 - 00000000 _____ C:\Windows\system32\REN391B.tmp 2015-08-30 02:26 - 2015-08-30 02:26 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Sun 2015-08-30 02:26 - 2015-08-30 02:26 - 00000000 ____D C:\Users\XXXX\.oracle_jre_usage 2015-08-28 19:45 - 2015-08-30 01:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-26 00:07 - 2015-08-26 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-08-24 14:34 - 2015-08-24 14:37 - 00003183 ____H C:\Windows\EPMBatch.ept 2015-08-24 13:28 - 2015-08-24 13:28 - 00001330 _____ C:\Users\Public\Desktop\EaseUS Partition Master 10.1.lnk 2015-08-24 13:28 - 2015-08-24 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.1 2015-08-24 13:28 - 2014-04-04 00:42 - 03382440 _____ C:\Windows\system32\BootMan.exe 2015-08-24 13:28 - 2014-04-04 00:25 - 02499752 _____ C:\Windows\SysWOW64\BootMan.exe 2015-08-24 13:28 - 2013-03-07 09:49 - 00100936 _____ C:\Windows\system32\setupempdrvx64.exe 2015-08-24 13:28 - 2013-03-07 09:49 - 00087112 _____ C:\Windows\SysWOW64\setupempdrv03.exe 2015-08-24 13:28 - 2013-03-07 09:49 - 00019840 _____ C:\Windows\SysWOW64\EuEpmGdi.dll 2015-08-24 13:28 - 2013-03-07 09:49 - 00017480 _____ C:\Windows\system32\epmntdrv.sys 2015-08-24 13:28 - 2013-03-07 09:49 - 00016256 _____ C:\Windows\system32\EuEpmGdi.dll 2015-08-24 13:28 - 2013-03-07 09:49 - 00014920 _____ C:\Windows\SysWOW64\epmntdrv.sys 2015-08-24 13:28 - 2013-03-07 09:49 - 00009800 _____ C:\Windows\system32\EuGdiDrv.sys 2015-08-24 13:28 - 2013-03-07 09:49 - 00009160 _____ C:\Windows\SysWOW64\EuGdiDrv.sys 2015-08-18 00:34 - 2015-08-21 03:23 - 00978676 _____ C:\Users\XXXX\Desktop\XXXX.rar 2015-08-17 10:14 - 2015-08-29 18:54 - 00003270 _____ C:\Windows\System32\Tasks\SamsungMagician 2015-08-17 10:13 - 2015-08-17 10:14 - 00000000 ____D C:\Program Files (x86)\Samsung SSD Magician 2015-08-17 10:13 - 2015-08-17 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SSD Magician 2015-08-16 17:19 - 2015-08-16 17:19 - 00000000 ____D C:\Users\XXXX\Desktop\Mr. Criminal - Evolution Of A G (2015) 2015-08-15 16:59 - 2015-08-15 17:00 - 01121792 _____ C:\Users\XXXX\Desktop\XXXX.exe 2015-08-14 19:43 - 2015-08-15 17:00 - 00001538 _____ C:\Users\XXXX\Desktop\XXXX.exe.log 2015-08-14 19:43 - 2015-08-13 20:51 - 00260608 _____ C:\Users\XXXX\Desktop\XXXX.bak 2015-08-13 23:38 - 2015-08-13 23:39 - 00003330 _____ C:\Users\XXXX\Desktop\xxx.cwx 2015-08-13 23:33 - 2015-08-13 23:36 - 00002635 _____ C:\Users\XXXX\Desktop\XXXXtest.cwx 2015-08-13 23:29 - 2015-08-13 23:29 - 00001123 _____ C:\Users\Public\Desktop\CodeWall Protection Suite 2009.lnk 2015-08-13 23:29 - 2015-08-13 23:29 - 00000000 ____D C:\Program Files (x86)\CodeWall Protection Suite 2009 2015-08-13 23:29 - 2009-09-22 18:28 - 00077312 _____ C:\Windows\SysWOW64\tptools_ml.dll 2015-08-13 23:29 - 2008-11-05 16:48 - 00055808 _____ C:\Windows\SysWOW64\alib_32.dll 2015-08-13 19:50 - 2015-08-13 19:50 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Bat To Exe Converter 2015-08-13 19:50 - 2015-08-13 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bat To Exe Converter 2015-08-13 19:50 - 2015-08-13 19:50 - 00000000 ____D C:\Program Files\Bat To Exe Converter 2015-08-13 19:16 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll 2015-08-13 19:16 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll 2015-08-12 20:09 - 2015-08-12 20:09 - 09284296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-08-08 23:21 - 2015-08-29 19:01 - 00000000 ____D C:\Users\XXXX\AppData\Local\CrashDumps 2015-08-08 22:55 - 2015-08-09 13:08 - 00000000 ____D C:\Program Files (x86)\BBQScreen Client 2015-08-08 21:30 - 2015-08-09 13:08 - 00000000 ____D C:\Users\XXXX\AppData\Local\Deployment 2015-08-08 21:14 - 2015-08-08 21:14 - 00000000 ____D C:\Users\XXXX\.android 2015-08-07 18:28 - 2015-08-07 18:28 - 00000000 ___HD C:\Users\XXXX\Desktop\.updtmp ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-03 21:42 - 2009-07-14 06:45 - 00033968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-09-03 21:42 - 2009-07-14 06:45 - 00033968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-09-03 21:40 - 2014-01-18 11:19 - 01223554 _____ C:\Windows\WindowsUpdate.log 2015-09-03 21:35 - 2015-04-27 16:19 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\IObit 2015-09-03 21:35 - 2015-04-27 16:19 - 00000000 ____D C:\ProgramData\IObit 2015-09-03 21:35 - 2015-04-27 16:19 - 00000000 ____D C:\Program Files (x86)\IObit 2015-09-03 21:35 - 2012-05-04 15:49 - 00000000 ____D C:\Users\XXXX 2015-09-03 21:34 - 2009-07-14 19:58 - 00842696 _____ C:\Windows\system32\perfh007.dat 2015-09-03 21:34 - 2009-07-14 19:58 - 00202130 _____ C:\Windows\system32\perfc007.dat 2015-09-03 21:34 - 2009-07-14 07:13 - 02002580 _____ C:\Windows\system32\PerfStringBackup.INI 2015-09-03 21:31 - 2012-05-05 20:25 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Dropbox 2015-09-03 21:29 - 2015-04-25 15:38 - 00000435 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-09-03 21:29 - 2015-01-22 21:57 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-03 21:28 - 2012-12-17 22:52 - 00000000 ____D C:\ProgramData\NVIDIA 2015-09-03 21:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-03 21:28 - 2009-07-14 06:45 - 00003072 _____ C:\Windows\system32\umstartup.etl 2015-09-03 21:25 - 2009-07-14 06:45 - 00009216 _____ C:\Windows\system32\umstartup000.etl 2015-09-03 21:14 - 2015-06-19 16:03 - 00001240 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000UA.job 2015-09-03 20:44 - 2015-01-22 21:57 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-03 19:46 - 2012-07-21 02:19 - 00000000 ____D C:\Users\XXXX\Documents\Outlook-Dateien 2015-09-03 18:38 - 2014-06-19 03:14 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-09-03 18:27 - 2014-08-26 18:33 - 00000000 ____D C:\Users\XXXX\AppData\Local\Adobe 2015-09-02 22:54 - 2015-02-14 14:29 - 00000000 ____D C:\Users\XXXX\Documents\PhraseExpress 2015-09-02 19:36 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default 2015-09-02 19:11 - 2009-07-14 04:34 - 00000395 _____ C:\Windows\system.ini 2015-09-01 17:59 - 2009-07-14 06:45 - 05478856 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-31 23:47 - 2012-05-04 16:03 - 00189952 _____ C:\Users\XXXX\AppData\Local\GDIPFONTCACHEV1.DAT 2015-08-31 23:39 - 2014-12-25 15:35 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-08-31 23:38 - 2013-05-25 18:12 - 00001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk 2015-08-31 23:37 - 2012-05-05 19:04 - 00000000 ____D C:\ProgramData\Adobe 2015-08-31 23:27 - 2012-05-05 19:04 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-08-31 23:08 - 2013-06-21 22:14 - 00000000 ____D C:\Users\XXXX\AppData\Local\JDownloader v2.0 2015-08-31 22:16 - 2013-02-10 22:23 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2015-08-31 20:54 - 2015-03-29 21:59 - 00000964 _____ C:\Users\Public\Desktop\OpenVPN GUI.lnk 2015-08-31 19:40 - 2015-07-21 23:10 - 00000096 _____ C:\Users\XXXX\Documents\External.ini 2015-08-31 19:39 - 2012-05-17 01:06 - 00000000 ____D C:\Program Files (x86)\Steam 2015-08-31 19:34 - 2012-05-13 21:54 - 00000000 ____D C:\Program Files\Common Files\Adobe 2015-08-31 19:34 - 2012-05-13 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Production Premium CS5.5 2015-08-31 19:30 - 2012-12-17 22:52 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-08-31 19:30 - 2012-05-22 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-08-31 19:30 - 2012-05-10 18:31 - 00000000 ____D C:\Temp 2015-08-31 18:19 - 2012-05-04 19:53 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Adobe 2015-08-30 23:48 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-08-30 18:39 - 2015-01-22 21:57 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-08-30 18:39 - 2015-01-22 21:57 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-08-30 17:18 - 2014-12-06 01:34 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Notepad++ 2015-08-30 17:17 - 2014-12-06 01:34 - 00000000 ____D C:\Program Files (x86)\Notepad++ 2015-08-30 02:57 - 2012-05-05 19:01 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2015-08-30 02:36 - 2013-10-16 18:50 - 00000000 ____D C:\ProgramData\Oracle 2015-08-30 02:28 - 2012-05-05 20:35 - 00000000 ____D C:\Program Files (x86)\Java 2015-08-30 02:27 - 2013-10-16 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-30 02:26 - 2014-10-16 23:25 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-08-30 01:26 - 2012-05-05 18:59 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\vlc 2015-08-30 01:21 - 2015-06-14 03:13 - 00000877 _____ C:\Users\Public\Desktop\Mortal Kombat X.lnk 2015-08-30 01:05 - 2015-07-15 19:50 - 01461760 _____ C:\Users\XXXX\Documents\External.exe 2015-08-30 01:05 - 2015-07-15 19:50 - 00000126 _____ C:\Users\XXXX\Documents\license.dv 2015-08-30 00:14 - 2015-06-19 16:03 - 00001188 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2043602396-935714135-939607167-1000Core.job 2015-08-29 19:01 - 2015-07-17 20:58 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\FileZilla 2015-08-29 18:55 - 2015-01-12 03:21 - 00002968 _____ C:\Windows\System32\Tasks\{7623D90C-C47A-4716-9204-EB617220E6BD} 2015-08-29 18:55 - 2015-01-12 03:21 - 00002968 _____ C:\Windows\System32\Tasks\{06CCF1D8-0155-47F7-8E0B-2355C2D283AF} 2015-08-29 18:55 - 2014-12-27 05:37 - 00003206 _____ C:\Windows\System32\Tasks\{17094CEB-E0D7-4D24-A63D-B24689EF15BF} 2015-08-29 15:09 - 2012-06-06 20:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-08-28 23:39 - 2013-08-10 13:19 - 00000000 ____D C:\Users\XXXX\Desktop\Tor Browser 2015-08-28 23:08 - 2015-05-02 04:24 - 00002145 _____ C:\Users\XXXX\Desktop\Neues Textdokument.txt 2015-08-27 22:55 - 2014-12-29 20:04 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2015-08-27 21:15 - 2015-06-16 21:17 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-08-27 21:15 - 2015-06-16 21:17 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk 2015-08-27 02:37 - 2014-11-22 16:56 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-08-27 02:37 - 2014-11-22 16:56 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-08-27 02:36 - 2014-11-22 16:56 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-08-27 02:36 - 2014-11-22 16:56 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-08-26 00:08 - 2012-12-30 18:38 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Skype 2015-08-26 00:07 - 2012-12-30 18:38 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-08-26 00:07 - 2012-12-30 18:37 - 00000000 ____D C:\ProgramData\Skype 2015-08-25 20:46 - 2015-06-22 16:28 - 14635792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-08-25 20:46 - 2015-03-18 21:20 - 03112904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-08-25 20:46 - 2014-11-22 16:55 - 12515016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-08-25 20:46 - 2013-02-26 00:32 - 17082392 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-08-25 20:46 - 2013-02-26 00:32 - 03527696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-08-25 20:46 - 2012-05-18 02:21 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-08-25 20:46 - 2012-05-18 02:21 - 00105264 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-08-25 16:24 - 2012-12-17 22:52 - 06884984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-08-25 16:24 - 2012-12-17 22:52 - 03496752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-08-25 16:24 - 2012-12-17 22:52 - 02558584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-08-25 16:24 - 2012-12-17 22:52 - 00937776 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-08-25 16:24 - 2012-12-17 22:52 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-08-25 16:24 - 2012-12-17 22:52 - 00062584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-08-25 14:35 - 2012-12-17 22:52 - 05165808 _____ C:\Windows\system32\nvcoproc.bin 2015-08-24 13:28 - 2015-04-05 15:29 - 00000000 ____D C:\Program Files (x86)\EaseUS 2015-08-22 00:22 - 2015-01-22 21:57 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-08-17 10:13 - 2012-05-10 18:23 - 00000000 ____D C:\ProgramData\Samsung 2015-08-15 02:40 - 2012-11-18 01:19 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\VMware 2015-08-15 02:40 - 2012-11-18 01:19 - 00000000 ____D C:\Users\XXXX\AppData\Local\VMware 2015-08-11 06:52 - 2014-11-22 16:55 - 00072504 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2015-08-08 23:29 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries 2015-08-08 21:30 - 2012-05-04 22:41 - 00000000 ____D C:\Users\XXXX\AppData\Local\Apps\2.0 2015-08-07 18:14 - 2015-02-14 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhraseExpress 2015-08-07 18:14 - 2015-02-14 14:26 - 00000000 ____D C:\Program Files (x86)\PhraseExpress ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2012-12-27 00:34 - 2012-12-27 00:39 - 0001122 _____ () C:\Users\XXXX\AppData\Roaming\CompatAdmin.log 2015-02-22 12:00 - 2015-03-01 23:45 - 0000600 _____ () C:\Users\XXXX\AppData\Roaming\winscp.rnd 2015-01-28 20:37 - 2015-01-28 20:42 - 0000600 _____ () C:\Users\XXXX\AppData\Local\PUTTY.RND 2012-05-05 20:56 - 2014-10-20 03:50 - 0007614 _____ () C:\Users\XXXX\AppData\Local\Resmon.ResmonCfg 2015-07-12 14:21 - 2015-07-12 14:22 - 0000000 _____ () C:\Users\XXXX\AppData\Local\{4893C58A-F028-40B4-B20D-E6D2F731D7C7} 2013-10-06 05:01 - 2013-10-06 05:01 - 0000011 _____ () C:\ProgramData\.tv6 2015-04-19 14:37 - 2015-04-19 14:37 - 0000041 ___SH () C:\ProgramData\.zreglib 2013-12-07 21:53 - 2013-12-07 21:53 - 0000057 _____ () C:\ProgramData\Ament.ini 2013-07-18 04:16 - 2013-07-18 04:24 - 0000171 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Einige Dateien in TEMP: ==================== C:\Users\XXXX\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_ajbjp.dll C:\Users\XXXX\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert testsigning: ==> 'testsigning' ist aktiviert. Prüfung auf eventuelle nicht-signierte Treiber durchführen <===== ACHTUNG LastRegBack: 2015-08-24 01:26 ==================== Ende von FRST.txt ============================ Geändert von Kangal (03.09.2015 um 21:15 Uhr) |
Themen zu Windows 7 verzögert seinen Start erheblich |
basisfiltermodul, bho, browser, explorer, firewall, geforce, hijackthis, hkus\s-1-5-18, hängt, internet, internet explorer, logfile, microsoft, mozilla, nvidia, object, problem, prozess, security, sekunden, senden, software, suche, super, svchost.exe, system, tastatur, windows |