| |
| |||||||
Log-Analyse und Auswertung: Nur grauer Bildschirm mit Maus, wenn Windows 7 startet...Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
14.10.2015, 23:25
| #1 |
| |  Nur grauer Bildschirm mit Maus, wenn Windows 7 startet... Seit heute Abend kommt nach dem starten von Windows nur noch eine graue Seite auf der ich die Maus bewegen kann, ansonsten tut sich nichts. HILFE BENÖTIGT. Im abgesicherten Modus kann ich den PC starten... ansonsten geht es nicht. Geändert von LukKB (14.10.2015 um 23:32 Uhr) |
|
15.10.2015, 05:58
| #2 |
| /// the machine /// TB-Ausbilder    | Nur grauer Bildschirm mit Maus, wenn Windows 7 startet... hi,
__________________im abgesicherten Modus: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
15.10.2015, 09:07
| #3 |
| | Nur grauer Bildschirm mit Maus, wenn Windows 7 startet... Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
__________________Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Safe Mode (with Networking) Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-16] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-10] (Realtek Semiconductor) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1021056 2012-03-08] (Atheros Communications) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800896 2012-03-08] (Atheros Commnucations) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2822952 2012-02-24] (ELAN Microelectronics Corp.) HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated) HKLM\...\Run: [InstantUpdate] => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-02-20] () HKLM\...\Run: [Secure Applicayion] => c:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe [257640 2012-03-06] () HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation) HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation) HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation) HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-24] (Dritek System Inc.) HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-10-15] (AVAST Software) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-07-23] (CANON INC.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-10-05] (Avira Operations GmbH & Co. KG) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2015-10-05] (Malwarebytes) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} HKU\S-1-5-21-1879676568-2209463989-243657455-1000\...\Run: [Facebook Update] => C:\Users\Viola Dammers\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-06-24] (Facebook Inc.) HKU\S-1-5-21-1879676568-2209463989-243657455-1000\...\Run: [Dropbox Update] => C:\Users\Viola Dammers\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.) HKU\S-1-5-21-1879676568-2209463989-243657455-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1402640 2015-09-02] (Lavasoft) HKU\S-1-5-21-1879676568-2209463989-243657455-1000\...\MountPoints2: {155f586a-56ba-11e2-bee4-a1e9da44641f} - D:\SETUP.EXE /AUTORUN HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-15] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk [2012-09-18] ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013-12-22] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2013-02-03] ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe () Startup: C:\Users\Viola Dammers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-02-19] ShortcutTarget: Dropbox.lnk -> C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Viola Dammers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6500 E710a-f.lnk [2015-09-19] ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6500 E710a-f.lnk -> (Keine Datei) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-02] (Lavasoft Limited) Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-02] (Lavasoft Limited) Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-02] (Lavasoft Limited) Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-02] (Lavasoft Limited) Winsock: Catalog9 16 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-09-02] (Lavasoft Limited) Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-02] (Lavasoft Limited) Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-02] (Lavasoft Limited) Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-02] (Lavasoft Limited) Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-02] (Lavasoft Limited) Winsock: Catalog9-x64 16 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-02] (Lavasoft Limited) Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{39CBDD18-C021-44E6-9B19-74F02E05B090}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{C0BC1A24-1B1E-40FF-9208-A2B5A1717678}: [DhcpNameServer] 192.52.104.29 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com?fr=hp-avast&type=avastbcl HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-1879676568-2209463989-243657455-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} HKU\S-1-5-21-1879676568-2209463989-243657455-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://de.yahoo.com?fr=hp-avast&type=avastbcl SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKU\S-1-5-21-1879676568-2209463989-243657455-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1879676568-2209463989-243657455-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2013-11-28] (CANON INC.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-08-05] (DVDVideoSoft Ltd.) BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24] (pdfforge GmbH) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28] (CANON INC.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-12-07] (Oracle Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-03-08] (Atheros Commnucations) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-12-07] (Oracle Corporation) BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-08-05] (DVDVideoSoft Ltd.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28] (CANON INC.) Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-04-24] (pdfforge GmbH) FireFox: ======== FF ProfilePath: C:\Users\Viola Dammers\AppData\Roaming\Mozilla\Firefox\Profiles\l2t6dl4z.default FF Homepage: www.google.de FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-12-07] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-12-07] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll [2015-10-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll [2015-10-15] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.) FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-04-24] (pdfforge GmbH) FF Plugin HKU\S-1-5-21-1879676568-2209463989-243657455-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Viola Dammers\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Extension: Bitdefender QuickScan - C:\Users\Viola Dammers\AppData\Roaming\Mozilla\Firefox\Profiles\l2t6dl4z.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-10-14] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Viola Dammers\AppData\Roaming\Mozilla\Firefox\Profiles\l2t6dl4z.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-09-02] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-07] FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension FF Extension: PDF Architect 3 Creator - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-09-13] Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\Viola Dammers\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\Viola Dammers\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-15] CHR Extension: (Google Docs) - C:\Users\Viola Dammers\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-15] CHR Extension: (Google Drive) - C:\Users\Viola Dammers\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-15] CHR Extension: (YouTube) - C:\Users\Viola Dammers\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-15] CHR Extension: (Google-Suche) - C:\Users\Viola Dammers\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-15] CHR Extension: (Google Docs Offline) - C:\Users\Viola Dammers\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-15] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Viola Dammers\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-15] CHR Extension: (Google Mail) - C:\Users\Viola Dammers\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-15] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-25] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-10-05] (Avira Operations GmbH & Co. KG) S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG) S2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-05] (Avira Operations GmbH & Co. KG) S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [107648 2012-03-08] (Atheros Commnucations) [Datei ist nicht signiert] S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-15] (AVAST Software) S2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-02-17] (Diskeeper Corporation) S2 FFSOpzSvc; C:\Program Files\Sleep Memory Optimizer\FFSService.exe [141192 2011-09-17] (Acer Incorporated) S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-29] () S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193536 2012-03-28] (Intel Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-29] (Intel Corporation) S2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-09-02] (Lavasoft Limited) S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.) S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation) S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244312 2015-04-24] (pdfforge GmbH) S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-24] (pdfforge GmbH) S2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-24] (pdfforge GmbH) S2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated) S2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [16656 2015-09-02] () S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2015-06-25] (TuneUp Software) S2 USecuAppSvc; c:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [236648 2012-03-06] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [72864 2012-02-19] (Atheros) [Datei ist nicht signiert] S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-15] (AVAST Software) S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-15] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-15] (AVAST Software) S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-15] (AVAST Software) S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-10-15] (AVAST Software) S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-10-15] (AVAST Software) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-15] (AVAST Software) S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-15] (AVAST Software) S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-10-05] (Avira Operations GmbH & Co. KG) S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-10-05] (Avira Operations GmbH & Co. KG) S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-10-05] (Avira Operations GmbH & Co. KG) S2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-10-05] (Avira Operations GmbH & Co. KG) S3 AX88772B; C:\Windows\System32\DRIVERS\ax88772b.sys [98816 2011-01-01] (ASIX Electronics Corp.) S3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] () S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-02-17] (Diskeeper Corporation) R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [92976 2012-02-17] (Diskeeper Corporation) R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-03-28] (Intel Corporation) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-14] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [31144 2015-06-04] (TuneUp Software) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-15 00:18 - 2015-10-15 00:18 - 00050304 _____ C:\Users\Viola Dammers\Downloads\Addition.txt 2015-10-15 00:17 - 2015-10-15 00:17 - 00002028 _____ C:\Users\Public\Desktop\Avira Antivirus.lnk 2015-10-15 00:17 - 2015-10-15 00:17 - 00000000 ____D C:\Users\Viola Dammers\AppData\Roaming\Avira 2015-10-15 00:17 - 2015-10-15 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-10-15 00:16 - 2015-10-15 00:16 - 00000000 ____D C:\ProgramData\Avira 2015-10-15 00:16 - 2015-10-15 00:16 - 00000000 ____D C:\Program Files (x86)\Avira 2015-10-15 00:16 - 2015-10-05 15:51 - 00163544 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-10-15 00:16 - 2015-10-05 15:51 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-10-15 00:16 - 2015-10-05 15:51 - 00074952 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2015-10-15 00:16 - 2015-10-05 15:51 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2015-10-15 00:14 - 2015-10-15 10:03 - 00000000 ____D C:\FRST 2015-10-15 00:14 - 2015-10-15 10:02 - 00000000 _____ C:\Users\Viola Dammers\Downloads\FRST.txt 2015-10-15 00:13 - 2015-10-15 00:14 - 02196992 _____ (Farbar) C:\Users\Viola Dammers\Downloads\FRST64.exe 2015-10-15 00:12 - 2015-10-15 00:15 - 215891200 _____ C:\Users\Viola Dammers\Downloads\avira_antivirus_210de-de.exe 2015-10-15 00:04 - 2015-10-15 00:00 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2015-10-15 00:02 - 2015-10-15 00:04 - 00000350 ____H C:\Windows\Tasks\avast! Emergency Update.job 2015-10-15 00:01 - 2015-10-15 00:01 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-10-15 00:01 - 2015-10-15 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-10-15 00:01 - 2015-10-15 00:01 - 00000000 ____D C:\Program Files (x86)\Google 2015-10-15 00:00 - 2015-10-15 00:00 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr 2015-10-14 23:57 - 2015-10-14 23:59 - 154429024 _____ (AVAST Software) C:\Users\Viola Dammers\Downloads\avast_104free_antivirus_setup.exe 2015-10-14 22:52 - 2015-10-14 22:52 - 00000000 ____D C:\Users\Viola Dammers\AppData\Roaming\QuickScan 2015-10-14 22:29 - 2015-10-14 23:14 - 00000000 ____D C:\Users\Viola Dammers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com 2015-10-14 22:29 - 2015-10-14 22:50 - 00002163 _____ C:\Users\Viola Dammers\Desktop\Tweaking.com - Windows Repair.lnk 2015-10-14 22:29 - 2015-10-14 22:29 - 00000574 _____ C:\Windows\Tasks\Tweaking.com - Windows Repair Tray Icon.job 2015-10-14 22:28 - 2015-10-14 22:28 - 20656848 _____ (Tweaking.com) C:\Users\Viola Dammers\Downloads\tweaking.com_windows_repair_aio_setup.exe 2015-10-14 22:28 - 2015-10-14 22:28 - 00000000 ____D C:\Program Files (x86)\Tweaking.com 2015-10-14 22:26 - 2015-10-14 22:26 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-10-14 22:25 - 2015-10-14 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-10-14 22:25 - 2015-10-14 23:15 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-10-14 22:25 - 2015-10-14 22:50 - 00001100 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-10-14 22:25 - 2015-10-14 22:25 - 22908888 _____ (Malwarebytes ) C:\Users\Viola Dammers\Downloads\mbam-setup-2.2.0.1024.exe 2015-10-14 22:25 - 2015-10-14 22:25 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-10-14 22:25 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-10-14 22:25 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-10-14 22:25 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2015-10-13 13:57 - 2015-10-13 13:57 - 02306431 _____ C:\Users\Viola Dammers\Downloads\[teacherinwonderland] lesetagebuch schilder(1).zip 2015-10-09 23:16 - 2015-10-09 23:19 - 00000000 ____D C:\Users\Viola Dammers\Desktop\kk 2015-10-09 23:11 - 2015-10-09 23:12 - 110110153 _____ C:\Users\Viola Dammers\Downloads\Fotos_mit_AirDroid_heruntergeladen(2).zip 2015-10-08 18:36 - 2015-10-08 18:36 - 01280237 _____ C:\Users\Viola Dammers\Downloads\arbeitsmaterial_halloween.zip 2015-10-03 19:24 - 2015-10-14 23:14 - 00000000 ____D C:\Users\Viola Dammers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-10-02 18:55 - 2015-10-02 18:55 - 00000000 ____D C:\Users\Default\AppData\Roaming\AVAST Software 2015-10-02 18:55 - 2015-10-02 18:55 - 00000000 ____D C:\Users\Default User\AppData\Roaming\AVAST Software 2015-09-28 08:10 - 2015-10-14 22:50 - 00001037 _____ C:\Users\Viola Dammers\Desktop\Dropbox.lnk 2015-09-23 14:34 - 2015-09-24 15:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-09-22 09:15 - 2015-09-22 13:07 - 18819272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-09-19 10:39 - 2015-10-14 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2015-09-19 10:39 - 2015-10-14 22:50 - 00002204 _____ C:\Users\Public\Desktop\HP Officejet 6500 E710a-f.lnk 2015-09-19 10:39 - 2015-10-14 22:50 - 00001178 _____ C:\Users\Public\Desktop\Shop für Zubehör - HP Officejet 6500 E710a-f.lnk 2015-09-19 10:39 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM5512.dll 2015-09-19 10:38 - 2015-09-19 10:38 - 00000000 ____D C:\ProgramData\HP 2015-09-19 10:38 - 2015-09-19 10:38 - 00000000 ____D C:\Program Files\HP 2015-09-19 10:38 - 2015-09-19 10:38 - 00000000 ____D C:\Program Files (x86)\HP 2015-09-19 10:37 - 2015-09-19 10:41 - 00000000 ____D C:\Users\Viola Dammers\AppData\Local\HP 2015-09-19 10:37 - 2015-09-19 10:37 - 00000057 _____ C:\ProgramData\Ament.ini 2015-09-19 10:36 - 2015-09-19 10:37 - 30506256 _____ C:\Users\Viola Dammers\Downloads\OJ6500_E710a-f_Basicx64_1315.exe 2015-09-18 22:19 - 2015-09-18 22:19 - 02306431 _____ C:\Users\Viola Dammers\Downloads\[teacherinwonderland] lesetagebuch schilder.zip 2015-09-18 20:17 - 2015-09-18 20:17 - 00814080 _____ C:\Users\Viola Dammers\Downloads\satzglied.ppt 2015-09-15 08:32 - 2015-09-24 17:03 - 00000000 ____D C:\Users\Viola Dammers\Desktop\1. Ub_Englisch ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-15 10:00 - 2012-09-18 15:57 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2015-10-15 10:00 - 2010-11-21 05:47 - 00680346 _____ C:\Windows\PFRO.log 2015-10-15 09:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-10-15 09:59 - 2009-07-14 06:51 - 00138937 _____ C:\Windows\setupact.log 2015-10-15 00:10 - 2015-06-14 17:34 - 00002079 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2015-10-15 00:01 - 2013-09-28 18:09 - 00000000 ____D C:\Users\Viola Dammers\AppData\Local\Google 2015-10-15 00:00 - 2014-04-27 21:34 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2015-10-15 00:00 - 2014-04-27 21:34 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2015-10-15 00:00 - 2013-09-25 12:07 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2015-10-15 00:00 - 2013-09-25 12:07 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2015-10-15 00:00 - 2012-12-07 11:14 - 01049880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2015-10-15 00:00 - 2012-12-07 11:14 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2015-10-15 00:00 - 2012-12-07 11:14 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2015-10-15 00:00 - 2012-12-07 11:14 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-10-14 23:30 - 2012-09-18 15:46 - 01258287 _____ C:\Windows\WindowsUpdate.log 2015-10-14 23:15 - 2015-09-13 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 3 2015-10-14 23:15 - 2015-09-13 13:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2015-10-14 23:15 - 2015-09-05 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2015-10-14 23:15 - 2015-09-02 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014 2015-10-14 23:15 - 2015-09-02 15:19 - 00000000 ____D C:\Users\Viola Dammers\AppData\Local\Lavasoft 2015-10-14 23:15 - 2015-09-02 15:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-10-14 23:15 - 2015-06-11 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Primtext 2015-10-14 23:15 - 2015-06-10 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picto-Selector 2015-10-14 23:15 - 2015-05-25 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-10-14 23:15 - 2015-04-15 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-10-14 23:15 - 2015-04-05 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-10-14 23:15 - 2014-08-25 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3500 series Benutzerregistrierung 2015-10-14 23:15 - 2014-06-22 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D 2015-10-14 23:15 - 2014-05-10 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager 2015-10-14 23:15 - 2013-12-22 12:53 - 00000000 ____D C:\ProgramData\McAfee Security Scan 2015-10-14 23:15 - 2013-07-28 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 110 2015-10-14 23:15 - 2013-07-28 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2015-10-14 23:15 - 2013-03-14 09:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-10-14 23:15 - 2013-02-03 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client 2015-10-14 23:15 - 2012-12-07 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in 2015-10-14 23:15 - 2012-12-07 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2015-10-14 23:15 - 2012-12-07 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-10-14 23:15 - 2012-12-07 11:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2015-10-14 23:15 - 2012-12-07 10:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kobo 2015-10-14 23:15 - 2012-12-07 10:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection 2015-10-14 23:15 - 2012-09-18 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec 2015-10-14 23:15 - 2012-09-18 16:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 2015-10-14 23:15 - 2012-09-18 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem 2015-10-14 23:15 - 2012-09-18 16:04 - 00000000 ____D C:\ProgramData\Atheros 2015-10-14 23:15 - 2012-09-18 16:01 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program 2015-10-14 23:15 - 2012-09-18 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby 2015-10-14 23:15 - 2012-09-18 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2015-10-14 23:15 - 2012-03-29 22:34 - 00000000 ___RD C:\Users\Public\Recorded TV 2015-10-14 23:15 - 2012-03-29 22:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 2015-10-14 23:15 - 2012-03-29 22:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote 2015-10-14 23:15 - 2012-03-29 22:06 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2015-10-14 23:15 - 2012-03-29 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\newsXpresso 2015-10-14 23:15 - 2012-03-29 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager 2015-10-14 23:15 - 2012-03-29 21:56 - 00000000 ____D C:\ProgramData\BackupManager 2015-10-14 23:15 - 2012-03-29 21:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup 2015-10-14 23:15 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-10-14 23:15 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-10-14 23:15 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-10-14 23:14 - 2015-09-13 13:45 - 00000000 ____D C:\Users\Viola Dammers\Desktop\1. UB_Deutsch 2015-10-14 23:14 - 2015-04-05 16:34 - 00000000 ____D C:\Users\Viola Dammers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-10-14 23:14 - 2015-04-04 20:06 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-10-14 23:14 - 2015-04-04 20:06 - 00000000 ___SD C:\Windows\system32\GWX 2015-10-14 23:14 - 2012-12-07 10:00 - 00000000 ___RD C:\Users\Viola Dammers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-10-14 23:14 - 2012-12-07 10:00 - 00000000 ___RD C:\Users\Viola Dammers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-10-14 23:14 - 2012-12-07 10:00 - 00000000 ____D C:\Users\Viola Dammers 2015-10-14 23:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\IME 2015-10-14 22:51 - 2015-09-12 20:24 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-10-14 22:51 - 2015-09-02 15:22 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk 2015-10-14 22:51 - 2015-09-02 15:20 - 00001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-10-14 22:51 - 2012-12-07 11:45 - 00001134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-10-14 22:51 - 2012-12-07 10:04 - 00002046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Anti-Theft.lnk 2015-10-14 22:51 - 2012-09-18 16:24 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk 2015-10-14 22:51 - 2012-03-29 22:05 - 00001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk 2015-10-14 22:51 - 2012-03-29 22:05 - 00001295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk 2015-10-14 22:51 - 2012-03-29 22:04 - 00001448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2015-10-14 22:51 - 2012-03-29 22:02 - 00002476 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk 2015-10-14 22:51 - 2012-03-29 21:59 - 00001862 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fooz Kids.lnk 2015-10-14 22:51 - 2012-03-29 21:36 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2015-10-14 22:51 - 2012-03-29 21:36 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2015-10-14 22:51 - 2009-07-14 06:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-10-14 22:51 - 2009-07-14 06:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk 2015-10-14 22:51 - 2009-07-14 06:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk 2015-10-14 22:51 - 2009-07-14 06:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk 2015-10-14 22:51 - 2009-07-14 06:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk 2015-10-14 22:50 - 2015-09-13 13:31 - 00000981 _____ C:\Users\Public\Desktop\PDF Architect 3.lnk 2015-10-14 22:50 - 2015-09-13 13:29 - 00000987 _____ C:\Users\Public\Desktop\PDFCreator.lnk 2015-10-14 22:50 - 2015-09-02 15:20 - 00001109 _____ C:\Users\Public\Desktop\Opera.lnk 2015-10-14 22:50 - 2015-09-02 15:18 - 00001530 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2015-10-14 22:50 - 2015-09-02 15:18 - 00001239 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2015-10-14 22:50 - 2015-06-11 16:27 - 00000969 _____ C:\Users\Viola Dammers\Desktop\Primtext.lnk 2015-10-14 22:50 - 2015-06-10 21:28 - 00001072 _____ C:\Users\Public\Desktop\Picto Selector.lnk 2015-10-14 22:50 - 2014-06-16 12:25 - 00002045 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2015-10-14 22:50 - 2014-05-10 12:22 - 00001969 _____ C:\Users\Viola Dammers\Desktop\Audible Manager.lnk 2015-10-14 22:50 - 2014-04-12 22:37 - 00001312 _____ C:\Users\Viola Dammers\Desktop\Sound Recorder.lnk 2015-10-14 22:50 - 2014-02-05 10:42 - 00002019 _____ C:\Users\Public\Desktop\Canon Quick Menu.lnk 2015-10-14 22:50 - 2013-09-29 19:00 - 00001955 _____ C:\Users\Viola Dammers\Desktop\Skype.lnk 2015-10-14 22:50 - 2013-07-28 18:47 - 00002093 _____ C:\Users\Public\Desktop\Canon MP Navigator EX 4.0 Scanner AC.lnk 2015-10-14 22:50 - 2013-02-03 13:56 - 00002605 _____ C:\Users\Viola Dammers\Desktop\VPN Client.lnk 2015-10-14 22:50 - 2013-01-06 23:50 - 00002777 _____ C:\Users\Viola Dammers\Desktop\Microsoft Office Outlook 2003.lnk 2015-10-14 22:50 - 2012-12-14 19:30 - 00002705 _____ C:\Users\Viola Dammers\Desktop\Microsoft Office PowerPoint 2007.lnk 2015-10-14 22:50 - 2012-12-14 19:30 - 00002685 _____ C:\Users\Viola Dammers\Desktop\Microsoft Office Excel 2007.lnk 2015-10-14 22:50 - 2012-12-14 19:30 - 00002679 _____ C:\Users\Viola Dammers\Desktop\Microsoft Office Word 2007.lnk 2015-10-14 22:50 - 2012-12-07 13:09 - 00002633 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Neues Microsoft Office-Dokument.lnk 2015-10-14 22:50 - 2012-12-07 13:09 - 00002633 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Microsoft Office-Dokument öffnen.lnk 2015-10-14 22:50 - 2012-12-07 11:47 - 00001064 _____ C:\Users\Public\Desktop\VLC media player.lnk 2015-10-14 22:50 - 2012-12-07 11:45 - 00001128 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-10-14 22:50 - 2012-12-07 10:03 - 00001425 _____ C:\Users\Viola Dammers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-10-14 22:50 - 2012-12-07 10:03 - 00000938 _____ C:\Users\Viola Dammers\Desktop\Downloads.lnk 2015-10-14 22:50 - 2009-07-14 07:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk 2015-10-14 22:50 - 2009-07-14 06:54 - 00001224 _____ C:\Users\Viola Dammers\Desktop\Paint.lnk 2015-10-14 22:50 - 2009-07-14 06:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk 2015-10-14 12:29 - 2012-12-07 11:55 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-10-13 18:46 - 2009-07-14 06:45 - 00034208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-10-13 18:46 - 2009-07-14 06:45 - 00034208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-10-13 18:41 - 2012-09-19 01:37 - 00703220 _____ C:\Windows\system32\perfh007.dat 2015-10-13 18:41 - 2012-09-19 01:37 - 00150846 _____ C:\Windows\system32\perfc007.dat 2015-10-13 18:41 - 2009-07-14 07:13 - 01629506 _____ C:\Windows\system32\PerfStringBackup.INI 2015-10-13 18:38 - 2015-06-17 19:52 - 00001256 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1879676568-2209463989-243657455-1000UA.job 2015-10-13 18:38 - 2012-03-29 21:52 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-10-13 17:49 - 2013-02-19 21:19 - 00000000 ___RD C:\Users\Viola Dammers\Dropbox 2015-10-13 17:49 - 2013-02-19 21:17 - 00000000 ____D C:\Users\Viola Dammers\AppData\Roaming\Dropbox 2015-10-13 13:59 - 2013-06-24 19:54 - 00000960 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1879676568-2209463989-243657455-1000UA.job 2015-10-13 13:33 - 2012-09-18 15:57 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2015-10-13 11:56 - 2015-04-03 11:57 - 00000000 ____D C:\Users\Viola Dammers\Documents\A_Referendariat 2015-10-13 11:53 - 2015-06-17 19:52 - 00001204 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1879676568-2209463989-243657455-1000Core.job 2015-10-13 11:53 - 2013-06-24 19:54 - 00000938 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1879676568-2209463989-243657455-1000Core.job 2015-10-11 17:31 - 2015-09-13 13:31 - 00000000 ____D C:\Users\Viola Dammers\AppData\Roaming\PDF Architect 3 2015-10-01 14:39 - 2015-09-02 15:20 - 00003860 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1441200048 2015-10-01 14:39 - 2015-09-02 15:20 - 00000000 ____D C:\Program Files (x86)\Opera 2015-09-24 21:00 - 2013-03-11 16:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-09-22 13:07 - 2012-03-29 21:52 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-09-22 13:07 - 2012-03-29 21:52 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-09-22 13:07 - 2012-03-29 21:52 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-09-21 17:35 - 2012-12-07 13:02 - 00000000 ____D C:\Users\Viola Dammers\AppData\Local\CrashDumps 2015-09-21 08:18 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-09-19 14:26 - 2012-03-24 03:58 - 00000000 ____D C:\Windows\Panther 2015-09-19 14:19 - 2015-09-10 08:41 - 00000000 ___HD C:\$Windows.~BT 2015-09-19 14:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-12-19 20:05 - 2014-01-28 12:10 - 0000121 _____ () C:\Users\Viola Dammers\AppData\Roaming\WB.CFG 2015-09-19 10:37 - 2015-09-19 10:37 - 0000057 _____ () C:\ProgramData\Ament.ini 2012-09-18 16:10 - 2012-09-18 16:12 - 0002454 _____ () C:\ProgramData\clear.fiSDK20.log 2012-09-18 16:11 - 2012-09-18 16:11 - 0000032 _____ () C:\ProgramData\PS.log Einige Dateien in TEMP: ==================== C:\Users\Viola Dammers\AppData\Local\Temp\avgnt.exe C:\Users\Viola Dammers\AppData\Local\Temp\DelayInst.exe C:\Users\Viola Dammers\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxhfoyw.dll C:\Users\Viola Dammers\AppData\Local\Temp\GURE325.exe C:\Users\Viola Dammers\AppData\Local\Temp\installservice.exe C:\Users\Viola Dammers\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe C:\Users\Viola Dammers\AppData\Local\Temp\MSETUP4.EXE C:\Users\Viola Dammers\AppData\Local\Temp\uninst1.exe C:\Users\Viola Dammers\AppData\Local\Temp\uninstall.exe C:\Users\Viola Dammers\AppData\Local\Temp\vpnclient_setup.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-10-11 16:54 ==================== Ende von FRST.txt ============================ ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation) Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2728.00 - CyberLink Corp.) Acer Crystal Eye Webcam (x32 Version: 1.5.2728.00 - CyberLink Corp.) Hidden Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Acer Incorporated) Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent) Acer Instant Update Service (HKLM\...\{86B80582-A4F2-4F12-B29F-49D3309C7024}) (Version: 1.00.3001 - Acer Incorporated) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3506 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 20.12.0307.1154 - Acer Incorporated) Acer Theft Shield (HKLM\...\{8ADB0CD2-4E5A-452F-BB3B-3A2984CAC749}) (Version: 1.00.3001 - Acer Incorporated) Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Acer Incorporated) Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3501 - Acer Incorporated) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated) Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.126 - Atheros) AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2000174334.48.56.31790322 - Audible, Inc.) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.4.2233 - AVAST Software) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG) AX88772B Windows 7 Drivers (HKLM-x32\...\InstallShield_{54A168C9-2250-4058-80EB-1F4A4192548A}) (Version: 1.0.1.1 - ASIX Electronics Corporation) AX88772B Windows 7 Drivers (x32 Version: 1.0.1.1 - ASIX Electronics Corporation) Hidden Backup Manager V3 (x32 Version: 3.0.0.100 - NTI Corporation) Hidden Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version: - ) Canon MG3500 series Benutzerregistrierung (HKLM-x32\...\Canon MG3500 series Benutzerregistrierung) (Version: - *Canon Inc.) Canon MG3500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3500_series) (Version: 1.00 - Canon Inc.) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.3.0 - Canon Inc.) CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq2414) (Version: - ) Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.) clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.00.3004 - Acer Incorporated) clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.00.3004 - Acer Incorporated) clear.fi SDK - MVP 2 (x32 Version: 2.0.1505 - CyberLink Corp.) Hidden clear.fi SDK- Movie 2 (x32 Version: 2.0.1502 - CyberLink Corp.) Hidden Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc) Dropbox (HKU\S-1-5-21-1879676568-2209463989-243657455-1000\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.) eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM) ETDWare PS/2-X64 10.6.9.8_WHQL (HKLM\...\Elantech) (Version: 10.6.9.8 - ELAN Microelectronic Corp.) Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.) ExpressCache (HKLM\...\{1E084588-8CC6-4D1B-B904-B1A09DA22A52}) (Version: 1.0.82 - Diskeeper Corporation) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.1.2 - FUHU, Inc.) Fooz Kids (x32 Version: 3.1.2 - FUHU, Inc.) Hidden Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Free YouTube to MP3 Converter version 3.12.61.805 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.61.805 - DVDVideoSoft Ltd.) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.) HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät (HKLM\...\{F28BD099-9FC0-4A03-A605-E069B8D17D47}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated) Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36279 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation) Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1024 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle) Java(TM) 7 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217005F0}) (Version: 7.0.50 - Oracle) Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Kobo (HKLM-x32\...\Kobo) (Version: 2.1.5 - Kobo Inc.) Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.15 - Acer Inc.) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 38.3.0 ESR (x86 de) (HKLM-x32\...\Mozilla Firefox 38.3.0 ESR (x86 de)) (Version: 38.3.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla) MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.) newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) Opera Stable 32.0.1948.69 (HKLM-x32\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software) PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH) PDF Architect 3 Create Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden PDF Architect 3 Edit Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden PDF Architect 3 View Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge) Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden Picto-Selector 1.7 (HKLM-x32\...\{8032E8DE-1764-4F00-B19E-EF2DBBDB649B}_is1) (Version: - M.C. van der Kooij) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Primtext Version 5.0 (HKLM\...\{6D8F6ADD-8582-4964-8815-0076D2E96D9E}_is1) (Version: 5.0 - Fa. Ellen Hoche) Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.1 - Qualcomm Atheros) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6597 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.39025 - Realtek Semiconductor Corp.) Re-markit (HKLM-x32\...\03726039-65C7-402D-572A-41593A7B45A9) (Version: - Re-markit-software) <==== ACHTUNG Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Sleep Memory Optimizer (HKLM-x32\...\{34BE2594-1D20-4A2E-97A0-B9E2837520AE}) (Version: 1.00.3004 - Acer Incorporated) Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Smart Timer (HKLM-x32\...\{89DB52FC-EA72-468F-A0C7-150AF8B7AB74}) (Version: 1.00.3004 - Acer Incorporated) Sweet Home 3D version 4.4 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks) Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.353 - TuneUp Software) Hidden TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.353 - TuneUp Software) TuneUp Utilities 2014 (x32 Version: 14.0.1000.353 - TuneUp Software) Hidden Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.6.1 - Tweaking.com) Überwachungstool für die Intel® Turbo-Boost-Technik 2.5 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.5.1.0 - Intel) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden UpdaterEX (HKU\S-1-5-21-1879676568-2209463989-243657455-1000\...\UpdaterEX) (Version: - UpdaterEX) Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN) Web Companion (HKLM-x32\...\{b0732ea3-794d-4a20-8958-4f7de0744e3b}) (Version: 2.1.1095.2272 - Lavasoft) Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated) WildTangent Games App (Acer Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) WinRAR 5.21 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1879676568-2209463989-243657455-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1879676568-2209463989-243657455-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1879676568-2209463989-243657455-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1879676568-2209463989-243657455-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1879676568-2209463989-243657455-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1879676568-2209463989-243657455-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1879676568-2209463989-243657455-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1879676568-2209463989-243657455-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1879676568-2209463989-243657455-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1879676568-2209463989-243657455-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1879676568-2209463989-243657455-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) ==================== Wiederherstellungspunkte ========================= 02-10-2015 19:04:31 Windows Update 08-10-2015 18:47:36 Windows Update 09-10-2015 15:25:45 Windows Update 13-10-2015 12:00:24 Windows Update ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2015-09-05 17:58 - 00000856 ____A C:\Windows\system32\Drivers\etc\hosts 0.0.0.1 mssplus.mcafee.com ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0C56E4A6-7F3C-4991-9CCB-D77B097ECFC0} - \BonanzaDealsUpdate -> Keine Datei <==== ACHTUNG Task: {1181EE08-872B-45A4-AE07-B79A46514B66} - \BonanzaDealsLiveUpdateTaskMachineUA -> Keine Datei <==== ACHTUNG Task: {18C955D6-848D-470F-88DB-F2A981C6C250} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-03-26] (Intel Corporation) Task: {1B7BD70C-9256-4C8C-911F-E843F0893528} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-03-26] (Intel Corporation) Task: {1C5D00E3-F09A-49B1-A52B-74454BDCE255} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {3065C54A-7806-4C0F-B466-7C1E7BF12968} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-15] (AVAST Software) Task: {47981BBA-C15E-4916-96A8-2B58795B7560} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1879676568-2209463989-243657455-1000UA => C:\Users\Viola Dammers\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-24] (Facebook Inc.) Task: {4C39CB22-3B15-4700-952A-1789636F91B9} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-07] (Acer Incorporated) Task: {6B558BF5-D3AB-4EC3-A512-B94687146F28} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated) Task: {79C8E43E-72A6-4FBA-BE73-6026A22D3C97} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1879676568-2209463989-243657455-1000Core => C:\Users\Viola Dammers\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.) Task: {93286500-47A4-4C9D-BEF4-3A20F731A8A7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1879676568-2209463989-243657455-1000UA => C:\Users\Viola Dammers\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.) Task: {C217985E-2BF6-49F2-BDB0-5E0F599F6B4D} - \EPUpdater -> Keine Datei <==== ACHTUNG Task: {C7546C7D-9E94-4687-8968-3EEB50A2219A} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2015-06-25] (TuneUp Software) Task: {CC0AC23F-65B7-42C2-B9A5-450521AFA538} - \BonanzaDealsLiveUpdateTaskMachineCore -> Keine Datei <==== ACHTUNG Task: {CE6AF7EA-8F60-4E0F-8F63-66867CE8F6B2} - System32\Tasks\Smart Timer Task Scheduler => Smart_Timer.exe Task: {D0A82E30-D99F-4EDE-83F2-41159D6DC362} - \Re-markit_wd -> Keine Datei <==== ACHTUNG Task: {D1233F07-0891-45AA-898F-A4CE248F03A8} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\Cyberlink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink) Task: {D82EFF70-6CD2-45DA-9DF5-2DC8C7167B06} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1879676568-2209463989-243657455-1000Core => C:\Users\Viola Dammers\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-24] (Facebook Inc.) Task: {E007B484-A5C5-4E2A-B849-A28971D1F418} - System32\Tasks\Opera scheduled Autoupdate 1441200048 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-25] (Opera Software) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1879676568-2209463989-243657455-1000Core.job => C:\Users\Viola Dammers\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1879676568-2209463989-243657455-1000UA.job => C:\Users\Viola Dammers\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1879676568-2209463989-243657455-1000Core.job => C:\Users\Viola Dammers\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1879676568-2209463989-243657455-1000UA.job => C:\Users\Viola Dammers\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\Tweaking.com - Windows Repair Tray Icon.job => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One) Tweaking.com - Windows Repair)Created By Tweaking.com ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2009-01-21 16:45 - 2009-01-21 16:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll 2015-10-15 00:00 - 2015-10-15 00:00 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-10-15 00:00 - 2015-10-15 00:00 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-10-15 00:00 - 2015-10-15 00:00 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-1879676568-2209463989-243657455-1000\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-1879676568-2209463989-243657455-1000\...\webcompanion.com -> hxxp://webcompanion.com ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1879676568-2209463989-243657455-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Viola Dammers\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{B32AA51A-A01C-471F-BDA6-5815246BD7D4}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{0F047EAD-9466-4CF5-9D49-B72ABB1FD07C}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{DD9E9464-88AE-4E59-BAEF-23FD6BF03A9F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{CEAC7FF9-93BC-4E2F-8595-3C81C5A98F6A}] => (Allow) LPort=2869 FirewallRules: [{15FFD807-7E25-4BA3-B39D-0C3FDDE68759}] => (Allow) LPort=1900 FirewallRules: [{5390763A-066B-418E-A456-2D473A83CCE7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{08435B63-4BEB-4B25-B235-512F422D3A70}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{2B057E2B-3F00-4FBA-B8EF-4D975BD55375}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{8F2C22B9-DD45-4EB4-AE05-0E352EF4B71E}] => (Allow) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe FirewallRules: [{40987201-6912-4D6F-9EF6-869CF54F707D}] => (Allow) C:\Program Files (x86)\Acer\Acer VCM\VC.exe FirewallRules: [{A2162DE4-ADB7-484C-B62C-85259F500BBA}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe FirewallRules: [{DC4C55DB-3E2A-4949-B6C5-044E29EC515E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe FirewallRules: [{CEEB4AEC-66EF-4F80-B7AD-8326E85B91CE}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe FirewallRules: [{C83FC0C3-959C-4898-B6BE-7442888F13BE}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe FirewallRules: [{0515DD65-35CC-4579-8BF9-AB73F6C08D10}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe FirewallRules: [{DB40D8CB-3FDD-46EF-B43D-3086A23395B7}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe FirewallRules: [{7B484D73-A49B-4292-A67D-FFB8E2078415}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe FirewallRules: [{102B082C-9BBB-419E-B149-D86430C49A91}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe FirewallRules: [{CD5DB2AD-FB44-450D-AC3A-745548880710}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK20\Movie\PlayMovie.exe FirewallRules: [{B3CDBED6-0ABF-44E5-B708-B1D30BFE96BC}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK20\MVP\VideoPlayer.exe FirewallRules: [{0984C8E3-6D5B-4B43-A8D5-83C5CB163AC8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK20\MVP\MusicPlayer.exe FirewallRules: [{A8E8EFFA-C2C1-4607-BBF3-8A1AFF6576F4}] => (Allow) c:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe FirewallRules: [{4015DEEB-7D4D-4BC1-8724-2B0F6D18183D}] => (Allow) C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{785359E2-627A-49D6-9DE8-C1CFBEA73A5C}] => (Allow) C:\Users\Viola Dammers\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{A9794E9F-9D6A-4973-891C-10382AF5E2A3}C:\users\viola dammers\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\viola dammers\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{DC71E62D-265D-402A-AA87-7077E0297F32}C:\users\viola dammers\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\viola dammers\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{95C75F4C-362A-4B64-BE43-F386E1C187FC}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [UDP Query User{49FE04FF-6BAC-448D-B846-B3A928969F43}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [TCP Query User{CFE4FDDE-B2EC-4C0F-83B6-537274A425CB}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [UDP Query User{9667EE6A-EDB4-4E43-8B4B-2EA571715EB5}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [{2856B959-C523-490B-B174-516720E5DB83}] => (Allow) C:\Users\Viola Dammers\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{2FC1FA00-A4C8-4185-BB66-3681C39D46B5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{FF79AA71-6E60-4A74-A620-68239D5C4677}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8532733A-382C-4707-B12C-AF4F717C001A}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710a-f\bin\FaxApplications.exe FirewallRules: [{55500FB6-7EFF-4601-A4CB-774BEF9C0943}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710a-f\bin\DigitalWizards.exe FirewallRules: [{DB37ED5D-EA2C-44EE-B399-7A41E4A3C39E}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710a-f\bin\SendAFax.exe FirewallRules: [{9D1D902F-27EE-4DF2-BD71-94E51FD9EA98}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\DeviceSetup.exe FirewallRules: [{1BED1932-4286-4EC0-9DB9-5EE80023D0A1}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicator.exe FirewallRules: [{FD61337D-1E51-4E7E-A5D9-8FDC9B4C20AE}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{0E928B13-3634-4949-9ECB-56D33552FA4C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: aswVmm Description: aswVmm Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: aswVmm Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Cisco Systems VPN Adapter for 64-bit Windows Description: Cisco Systems VPN Adapter for 64-bit Windows Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: CVirtA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: avast! Firewall NDIS Filter Miniport Description: avast! Firewall NDIS Filter Miniport Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: ALWIL Software Service: aswNdis Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. Name: Security Processor Loader Driver Description: Security Processor Loader Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: spldr Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: aswRvrt Description: aswRvrt Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: aswRvrt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (10/15/2015 12:03:58 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files\AVAST Software\Avast\setup\New\instup.exe Files\AVAST Software\Avast\setup\New\instup.exe" /control_panel /instop:repair /wait; Beschreibung = avast! antivirus system restore point; Fehler = 0x8007043c). Error: (10/14/2015 11:59:41 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files\AVAST Software\Avast\setup\Sfx\instup.exe Files\AVAST Software\Avast\setup\Sfx\instup.exe" /build_id /cookie /edition:1 /ga_clientid:41fa7da2-bfd6-4ac1-89a9-fc4ab89eff7e /prod:ais /sfx /sfxstorage:C:\Users\VIOLAD~1\AppData\Local\Temp\_av_iup.tm~a02640; Beschreibung = avast! antivirus system restore point; Fehler = 0x8007043c). Error: (10/14/2015 11:18:28 PM) (Source: System Restore) (EventID: 8210) (User: ) Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0x80070005. Error: (10/14/2015 11:02:31 PM) (Source: System Restore) (EventID: 8210) (User: ) Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0x80070005. Error: (10/14/2015 10:20:59 PM) (Source: System Restore) (EventID: 8210) (User: ) Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0x80070005. Error: (10/13/2015 11:45:43 AM) (Source: Google Update) (EventID: 20) (User: AcerAspireVD) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=FireFox, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=FireFox, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80 Error: (10/01/2015 04:29:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 11.0.8326.0, Zeitstempel: 0x4c1c2372 Name des fehlerhaften Moduls: mshtml.dll, Version: 11.0.9600.18015, Zeitstempel: 0x55ced693 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0103a967 ID des fehlerhaften Prozesses: 0x2518 Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0 Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1 Pfad des fehlerhaften Moduls: OUTLOOK.EXE2 Berichtskennung: OUTLOOK.EXE3 Error: (10/01/2015 04:27:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 11.0.8326.0, Zeitstempel: 0x4c1c2372 Name des fehlerhaften Moduls: mshtml.dll, Version: 11.0.9600.18015, Zeitstempel: 0x55ced693 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0103a967 ID des fehlerhaften Prozesses: 0x6e8 Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0 Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1 Pfad des fehlerhaften Moduls: OUTLOOK.EXE2 Berichtskennung: OUTLOOK.EXE3 Error: (09/29/2015 08:25:50 AM) (Source: Google Update) (EventID: 20) (User: AcerAspireVD) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http s Error: (09/28/2015 02:02:19 PM) (Source: Google Update) (EventID: 20) (User: AcerAspireVD) Description: Network Request Error. Error: 0x80072ee7. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying WinHTTP. Send request returned 0x80072ee7. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee7. Http s Systemfehler: ============= Error: (10/15/2015 12:18:12 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (10/15/2015 12:18:12 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (10/15/2015 12:18:12 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (10/15/2015 12:16:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (10/15/2015 12:16:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (10/15/2015 12:16:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (10/15/2015 12:16:08 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (10/15/2015 12:16:08 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (10/15/2015 12:16:08 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (10/15/2015 12:16:04 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz Prozentuale Nutzung des RAM: 25% Installierter physikalischer RAM: 3934.36 MB Verfügbarer physikalischer RAM: 2931.43 MB Summe virtueller Speicher: 7866.91 MB Verfügbarer virtueller Speicher: 6960.78 MB ==================== Laufwerke ================================ Drive c: (ACER) (Fixed) (Total:450.53 GB) (Free:292.81 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: FC76E721) Partition 1: (Not Active) - (Size=15.1 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 18.6 GB) (Disk ID: A5770E53) Partition 1: (Not Active) - (Size=3.7 GB) - (Type=84) Partition 2: (Not Active) - (Size=14.9 GB) - (Type=73) ==================== Ende von Addition.txt ============================ |
|
15.10.2015, 17:56
| #4 |
| /// the machine /// TB-Ausbilder | Nur grauer Bildschirm mit Maus, wenn Windows 7 startet... So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Bitte Windows Repair laufen lassen: Windows reparieren - so geht's - Anleitungen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Linear-Darstellung
