| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win 8.1 Passwort ist immer wieder ungültig, PC fährt manchmal einfach runterWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
20.12.2015, 22:22
| #1 |
 |  Win 8.1 Passwort ist immer wieder ungültig, PC fährt manchmal einfach runter Hallo, ich habe hier einen Win 8.1 PC der immer wieder mal einfach runterfährt, ohne Vorwarnung. Ein weitere Effekt ist, dass er plötzlich das WIN 8 Kennwort nicht mehr akzeptiert. Das Einzige was dann bisher geholfen hat war Netzteil abstecken, den Akku rauszunehmen und die Power Taste für ca 15 Sekunden gedrückt zu halten. Dann Akku rein und Anmelden geht wieder. Ist doch irgendwie seltsam... Da Ihr mir schon mehrfach geholfen habt, versuche ich es wieder ;o). FRST Ergebnisse anbei, habe auch noch ein MBAM.TXT mit 190 unerwünschten Programmen... Danke schon mal für jede Hilfe  Karl-Heinz FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015 durchgeführt von Claudi (Administrator) auf ClaudiS-HP (20-12-2015 19:09:49) Gestartet von C:\Users\Claudi\Desktop\khb Geladene Profile: Claudi (Verfügbare Profile: Claudi) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVM GmbH) C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Windows\System32\DnsBlockUpdateSvc.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Users\Claudi\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe () C:\Users\Claudi\AppData\Local\Amazon Music\Amazon Music Helper.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe (Buffalo Inc.) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (SoftBrain Technologies Ltd.) C:\Users\Claudi\AppData\Local\SmartWeb\SmartWebHelper.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7642328 2014-10-07] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2473800 2014-09-09] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-06-17] (Synaptics Incorporated) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft) HKLM\...\Run: [3D BubbleSound] => "C:\Program Files\BubbleSound\3D BubbleSound.exe" HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-04] (AVAST Software) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2109952 2014-10-07] (Dominik Reichl) HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [SmartWeb] => C:\Users\Claudi\AppData\Local\SmartWeb\SmartWebHelper.exe [270368 2015-02-17] (SoftBrain Technologies Ltd.) HKLM-x32\...\Run: [gmsd_de_005010043] => [X] HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\db456757-8f21-4dab-845c-a9ed4c42fced.exe [183232 2015-12-20] (AVAST Software) HKU\S-1-5-21-3361543711-125785448-4142314985-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-3361543711-125785448-4142314985-1001\...\Run: [Amazon Music] => C:\Users\Claudi\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-09-15] () HKU\S-1-5-21-3361543711-125785448-4142314985-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50755200 2015-12-08] (Skype Technologies S.A.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-04] (AVAST Software) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2014-10-31] ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk [2015-08-04] ShortcutTarget: BUFFALO NAS Navigator2.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (Buffalo Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk [2015-08-04] ShortcutTarget: NAS Scheduler.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.) Startup: C:\Users\Claudi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk [2015-07-27] ShortcutTarget: SmartWeb.lnk -> C:\Users\Claudi\AppData\Local\SmartWeb\SmartWebHelper.exe (SoftBrain Technologies Ltd.) GroupPolicy: Beschränkung - Chrome <======= ACHTUNG CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ACHTUNG (Beschränkung - ProxySettings) Tcpip\Parameters: [DhcpNameServer] 192.168.11.254 192.168.0.1 Tcpip\..\Interfaces\{9D3A08C7-B385-4B62-A999-566051641C5E}: [DhcpNameServer] 192.168.11.254 Tcpip\..\Interfaces\{C8727673-5237-4FFF-A9A5-C08379F70019}: [DhcpNameServer] 192.168.11.254 192.168.0.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=1437852445&z=f6aeab63f0e9cef73e2e890g7z4c1mab3w3o8z1g5z&from=cor&uid=HGSTXHTS541010A9E680_JD1008DMG3ZTVWG3ZTVWX HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1437852352&z=dd0dcfb9070be0578bc22c4gezcc4m3b8w6o3c8o9g&from=cor&uid=HGSTXHTS541010A9E680_JD1008DMG3ZTVWG3ZTVWX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1437852445&z=f6aeab63f0e9cef73e2e890g7z4c1mab3w3o8z1g5z&from=cor&uid=HGSTXHTS541010A9E680_JD1008DMG3ZTVWG3ZTVWX HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1437852352&z=dd0dcfb9070be0578bc22c4gezcc4m3b8w6o3c8o9g&from=cor&uid=HGSTXHTS541010A9E680_JD1008DMG3ZTVWG3ZTVWX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13.msn.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com HKU\S-1-5-21-3361543711-125785448-4142314985-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006 HKU\S-1-5-21-3361543711-125785448-4142314985-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKU\S-1-5-21-3361543711-125785448-4142314985-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006 SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKLM-x32 -> {D7D1189B-32FC-4BB1-8E12-D6FCF05F0437} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-3361543711-125785448-4142314985-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-3361543711-125785448-4142314985-1001 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3330130&octid=EB_ORIGINAL_CTID&ISID=M8BAAAD7C-8818-4689-A938-D73D3AAEB233&SearchSource=58&CUI=&UM=8&UP=SPF5D2393B-E80E-47A9-ABAC-5B1D1907F2F1&D=072715&q={searchTerms}&SSPV=SP30367TA_sp_ie SearchScopes: HKU\S-1-5-21-3361543711-125785448-4142314985-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=HGSTXHTS541010A9E680_JD1008DMG3ZTVWG3ZTVWX&ts=1437852459&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3361543711-125785448-4142314985-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=HGSTXHTS541010A9E680_JD1008DMG3ZTVWG3ZTVWX&ts=1437852459&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3361543711-125785448-4142314985-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1437852445&z=f6aeab63f0e9cef73e2e890g7z4c1mab3w3o8z1g5z&from=cor&uid=HGSTXHTS541010A9E680_JD1008DMG3ZTVWG3ZTVWX&q={searchTerms} SearchScopes: HKU\S-1-5-21-3361543711-125785448-4142314985-1001 -> {D7D1189B-32FC-4BB1-8E12-D6FCF05F0437} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=HGSTXHTS541010A9E680_JD1008DMG3ZTVWG3ZTVWX&ts=1437852459&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3361543711-125785448-4142314985-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=HGSTXHTS541010A9E680_JD1008DMG3ZTVWG3ZTVWX&ts=1437852459&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-3361543711-125785448-4142314985-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-20] (Oracle Corporation) BHO-x32: Kein Name -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> Keine Datei BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: StumbleUpon -> {DB616CFF-D989-48A8-9C85-E2A8D56AB2CA} -> C:\Users\Claudi\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll [2011-11-22] (StumbleUpon Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-20] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) FireFox: ======== FF ProfilePath: C:\Users\Claudi\AppData\Roaming\Mozilla\Firefox\Profiles\khsuv2fr.default FF DefaultSearchEngine: Google (avast) FF DefaultSearchUrl: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q= FF SearchEngineOrder.1: Google (avast) FF SelectedSearchEngine: Google FF SelectedSearchEngine: google FF Homepage: hxxp://www.google.de?hl=de&gl=de FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q= FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-20] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] () FF user.js: detected! => C:\Users\Claudi\AppData\Roaming\Mozilla\Firefox\Profiles\khsuv2fr.default\user.js [2015-12-13] FF SearchPlugin: C:\Users\Claudi\AppData\Roaming\Mozilla\Firefox\Profiles\khsuv2fr.default\searchplugins\google-avast.xml [2015-08-23] FF SearchPlugin: C:\Users\Claudi\AppData\Roaming\Mozilla\Firefox\Profiles\khsuv2fr.default\searchplugins\istartsurf.xml [2015-08-04] FF SearchPlugin: C:\Users\Claudi\AppData\Roaming\Mozilla\Firefox\Profiles\khsuv2fr.default\searchplugins\trovi.xml [2015-07-28] FF Extension: Download Protect - C:\Windows\Installer\{DDCD1A78-E9E9-4E15-A58F-50C30051E68E}\{F32F88C5-906A-42F9-B7BC-E7CAE5300851}.xpi [2015-12-13] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10] FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Claudi\AppData\Roaming\Mozilla\Firefox\Profiles\khsuv2fr.default\extensions\defsearchp@gmail.com => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-10] FF HKLM-x32\...\Firefox\Extensions: [{F32F88C5-906A-42F9-B7BC-E7CAE5300851}] - C:\Windows\Installer\{DDCD1A78-E9E9-4E15-A58F-50C30051E68E}\{F32F88C5-906A-42F9-B7BC-E7CAE5300851}.xpi Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-12-04] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-04] CHR HKLM-x32\...\Chrome\Extension: [pgifblbjgdjhcelbanblbhkhmbnnmhfg] - C:\Users\Claudi\AppData\LocalLow\StumbleUpon\CHROME\StumbleUpon.crx [2011-11-22] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-04] (AVAST Software) R2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert] S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-13] (Broadcom Corporation.) S4 comyninu; C:\Program Files (x86)\34444335-1437857197-4E35-5833-3863BBAED735\hnscA6FD.tmp [161792 2015-08-04] () [Datei ist nicht signiert] R2 DnsBlockUpdateSvc; C:\Windows\system32\DnsBlockUpdateSvc.exe [149024 2015-11-04] () R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-08-25] (WildTangent) R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-10-07] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NasPmService; C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [245760 2013-11-21] (BUFFALO INC.) [Datei ist nicht signiert] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-09] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19438920 2014-09-09] (NVIDIA Corporation) R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [94720 2014-09-27] (Softex Inc.) [Datei ist nicht signiert] R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-09-04] (Realtek Semiconductor) R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [435064 2014-10-15] () R2 StumbleUponUpdater; C:\Users\Claudi\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [18432 2011-11-22] () [Datei ist nicht signiert] R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-06-17] (Synaptics Incorporated) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) S4 wezoryro; C:\Program Files (x86)\34444335-1437857197-4E35-5833-3863BBAED735\knsz97BC.tmpfs [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-04] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-20] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-04] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-04] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-04] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-20] (AVAST Software) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-04] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-04] (AVAST Software) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-13] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7532760 2014-10-31] (Broadcom Corporation) S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation) S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-20] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-09] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation) S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [506072 2014-06-20] (Realsil Semiconductor Corporation) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-06-17] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-06-17] (Synaptics Incorporated) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R2 WinDivert64; C:\Windows\system32\drivers\WinDivert64.sys [35376 2013-12-02] (Basil Projects) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.) S1 wsafd_1_10_0_19; system32\drivers\wsafd_1_10_0_19.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-20 19:09 - 2015-12-20 19:09 - 00000000 ____D C:\FRST 2015-12-20 19:06 - 2015-12-20 19:09 - 00000000 ____D C:\Users\Claudi\Desktop\khb 2015-12-20 18:36 - 2015-12-20 18:37 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-12-20 18:36 - 2015-12-20 18:36 - 00001121 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-12-20 18:36 - 2015-12-20 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-12-20 18:36 - 2015-12-20 18:36 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-12-20 18:36 - 2015-12-20 18:36 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-12-20 18:36 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-12-20 18:36 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-12-20 18:36 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2015-12-20 18:34 - 2015-12-20 18:35 - 22908888 _____ (Malwarebytes ) C:\Users\Claudi\Downloads\mbam-setup-2.2.0.1024.exe 2015-12-20 18:32 - 2015-12-20 18:32 - 00000000 ____D C:\Users\Claudi\AppData\Roaming\Sun 2015-12-20 18:32 - 2015-12-20 18:32 - 00000000 ____D C:\Users\Claudi\.oracle_jre_usage 2015-12-20 18:30 - 2015-12-20 18:30 - 00000000 ____D C:\Users\Claudi\AppData\LocalLow\Oracle 2015-12-20 18:26 - 2015-12-20 18:26 - 00003166 _____ C:\Windows\System32\Tasks\HPCeeScheduleForClaudi 2015-12-20 18:26 - 2015-12-20 18:26 - 00000352 _____ C:\Windows\Tasks\HPCeeScheduleForClaudi.job 2015-12-20 18:25 - 2015-12-20 18:25 - 02870984 _____ (ESET) C:\Users\Claudi\Downloads\esetsmartinstaller_deu.exe 2015-12-20 18:25 - 2015-12-20 18:25 - 00000000 ____D C:\Program Files (x86)\ESET 2015-12-14 19:10 - 2015-12-14 19:10 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-12-14 19:10 - 2015-12-14 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-12-13 19:59 - 2015-12-13 19:59 - 00000000 ____D C:\Program Files\{3052AF24-5114-4AE0-A58E-97453C636909} 2015-12-13 19:59 - 2015-12-13 19:59 - 00000000 ____D C:\Program Files (x86)\{D63DE6AD-32E7-41C5-B5AB-B0FBECD57358} 2015-12-10 12:46 - 2015-12-10 12:46 - 00000000 ____D C:\ProgramData\Nikon 2015-12-09 19:23 - 2015-12-10 21:30 - 00000000 ____D C:\Windows\system32\MpEngineStore 2015-12-09 19:22 - 2015-12-09 19:22 - 00000000 ____D C:\730793f83abf9adb9e788ebe 2015-12-09 18:39 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-12-09 18:39 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-12-09 18:39 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2015-12-09 18:38 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-12-09 18:38 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-12-09 18:38 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-12-09 18:38 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-12-09 18:38 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-12-09 18:38 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-12-09 18:38 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-12-09 18:38 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-12-09 18:38 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-12-09 18:38 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-12-09 18:38 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-12-09 18:38 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-12-09 18:38 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-12-09 18:38 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-12-09 18:38 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-12-09 18:38 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-12-09 18:38 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-12-09 18:38 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-12-09 18:38 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-12-09 18:38 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-12-09 18:38 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-12-09 18:38 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-12-09 18:38 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-12-09 18:38 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-12-09 18:38 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-12-09 18:38 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-12-09 18:38 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-12-09 18:38 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-12-09 18:38 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-12-09 18:38 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-12-09 18:38 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-12-09 18:38 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-12-09 18:38 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-12-09 18:38 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-12-09 18:38 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-12-09 18:38 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-12-09 18:38 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-12-09 18:37 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll 2015-12-09 18:37 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZST.DLL 2015-12-09 18:37 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL 2015-12-09 18:37 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL 2015-12-09 18:37 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll 2015-12-09 18:37 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZST.DLL 2015-12-09 18:37 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL 2015-12-09 18:37 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL 2015-12-09 18:37 - 2015-10-22 17:21 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2015-12-09 18:37 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll 2015-12-09 18:37 - 2015-10-22 16:58 - 00868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2015-12-09 18:37 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll 2015-12-09 18:37 - 2015-10-22 15:08 - 00513456 _____ C:\Windows\SysWOW64\locale.nls 2015-12-09 18:37 - 2015-10-22 15:08 - 00513456 _____ C:\Windows\system32\locale.nls 2015-12-09 18:36 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-12-09 18:36 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-12-09 18:36 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-12-09 18:36 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-12-09 18:36 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-12-09 18:36 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-12-09 18:36 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-12-09 18:36 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-12-09 18:36 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-12-09 18:36 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2015-12-09 18:36 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2015-12-09 18:36 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2015-12-09 18:36 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2015-12-09 18:36 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-12-09 18:36 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-12-09 18:36 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-12-09 18:36 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-12-09 18:36 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2015-12-09 18:36 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-12-09 18:36 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2015-12-09 18:36 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2015-12-09 18:36 - 2015-10-10 18:20 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2015-12-09 18:36 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-12-09 18:36 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-12-09 18:33 - 2015-11-20 23:47 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-12-09 18:33 - 2015-11-20 19:18 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-12-09 18:33 - 2015-11-20 17:58 - 03706880 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-12-09 18:33 - 2015-11-20 17:47 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-12-09 18:33 - 2015-11-20 17:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-12-09 18:33 - 2015-11-20 17:44 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-12-09 18:33 - 2015-11-20 17:44 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-12-09 18:33 - 2015-11-20 17:43 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-12-09 18:33 - 2015-11-20 17:42 - 02243584 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-12-09 18:33 - 2015-11-20 17:30 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-12-09 18:33 - 2015-11-20 17:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-12-09 18:33 - 2015-11-20 17:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-12-09 18:33 - 2015-11-20 17:27 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-12-09 18:33 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-12-09 18:33 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-12-09 18:33 - 2015-10-11 07:34 - 00468824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2015-12-09 18:33 - 2015-10-11 07:34 - 00462168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2015-12-09 18:33 - 2015-10-11 07:34 - 00443224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2015-12-09 18:33 - 2015-10-11 07:34 - 00092504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2015-12-09 18:33 - 2015-10-11 07:34 - 00027992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2015-12-09 18:33 - 2015-10-10 19:41 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2015-12-09 18:33 - 2015-10-10 19:41 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2015-12-09 18:33 - 2015-10-10 19:40 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys 2015-12-09 18:33 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll 2015-12-09 18:33 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll 2015-12-09 18:32 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe 2015-12-09 18:32 - 2015-10-05 19:25 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2015-12-04 18:55 - 2015-12-04 18:55 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-12-04 18:53 - 2015-12-04 19:03 - 00000000 ____D C:\Users\Claudi\AppData\Roaming\Nikon 2015-12-04 18:53 - 2015-12-04 18:53 - 00000000 ____D C:\Users\Claudi\AppData\Local\Nikon 2015-12-04 18:47 - 2015-12-04 18:47 - 00002106 _____ C:\Users\Public\Desktop\Picture Control Utility 2.lnk 2015-12-04 18:47 - 2015-12-04 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture Control Utility 2 2015-12-04 18:47 - 2015-12-04 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2 2015-12-04 18:46 - 2015-12-04 18:46 - 00000268 ___RH C:\Users\Claudi\AppData\Roaming\Plants 2015-12-04 18:46 - 2015-12-04 18:46 - 00000268 ___RH C:\ProgramData\Podcasting 2015-12-04 18:46 - 2015-12-04 18:46 - 00000020 ____H C:\ProgramData\PKP_DLes.DAT 2015-12-04 18:46 - 2015-12-04 18:46 - 00000012 ___RH C:\ProgramData\Resources 2015-12-04 18:46 - 2015-12-04 18:46 - 00000000 ____D C:\Windows\Downloaded Installations 2015-12-04 18:45 - 2015-12-16 18:30 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT 2015-12-04 18:45 - 2015-12-04 19:03 - 00000020 ____H C:\ProgramData\PKP_DLev.DAT 2015-12-04 18:45 - 2015-12-04 18:47 - 00000000 ____D C:\Users\Claudi\AppData\Local\Downloaded Installations 2015-12-04 18:45 - 2015-12-04 18:47 - 00000000 ____D C:\Program Files\Nikon 2015-12-04 18:45 - 2015-12-04 18:47 - 00000000 ____D C:\Program Files\Common Files\Nikon 2015-12-04 18:45 - 2015-12-04 18:47 - 00000000 ____D C:\Program Files (x86)\Nikon 2015-12-04 18:45 - 2015-12-04 18:46 - 00000000 ____D C:\ProgramData\Ultima_T15 2015-12-04 18:45 - 2015-12-04 18:46 - 00000000 ____D C:\ProgramData\EnterNHelp 2015-12-04 18:45 - 2015-12-04 18:45 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ATL71.DLL 2015-12-04 18:45 - 2015-12-04 18:45 - 00002076 _____ C:\Users\Public\Desktop\ViewNX 2.lnk 2015-12-04 18:45 - 2015-12-04 18:45 - 00000268 ___RH C:\Users\Claudi\AppData\Roaming\Plug-In Settings 2015-12-04 18:45 - 2015-12-04 18:45 - 00000268 ___RH C:\Users\Claudi\AppData\Roaming\Planets 2015-12-04 18:45 - 2015-12-04 18:45 - 00000268 ___RH C:\ProgramData\Pop Flute 2015-12-04 18:45 - 2015-12-04 18:45 - 00000268 ___RH C:\ProgramData\Plugins 2015-12-04 18:45 - 2015-12-04 18:45 - 00000012 ___RH C:\ProgramData\Robot 2015-12-04 18:45 - 2015-12-04 18:45 - 00000012 ___RH C:\ProgramData\Receipts 2015-12-04 18:45 - 2015-12-04 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2 2015-12-04 18:44 - 2015-12-04 18:47 - 00000000 ____D C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583 2015-12-04 18:43 - 2015-12-04 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon 2015-12-04 18:31 - 2015-12-04 18:41 - 112637472 _____ C:\Users\Claudi\Downloads\S-VNX2__-021003WF-EURDE-64BIT_.exe 2015-12-04 18:19 - 2015-12-04 18:19 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2015-12-04 18:19 - 2015-12-04 18:19 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr 2015-12-04 18:07 - 2015-12-04 18:07 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software 2015-12-04 18:07 - 2015-12-04 18:07 - 00000000 ____D C:\Program Files\Common Files\AV ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-20 19:09 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2015-12-20 18:44 - 2015-02-22 14:53 - 00000000 ____D C:\Users\Claudi\AppData\Roaming\ClassicShell 2015-12-20 18:38 - 2015-02-21 14:50 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3361543711-125785448-4142314985-1001 2015-12-20 18:33 - 2015-04-05 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-12-20 18:33 - 2015-04-05 17:14 - 00000000 ____D C:\ProgramData\Oracle 2015-12-20 18:33 - 2015-04-05 17:14 - 00000000 ____D C:\Program Files (x86)\Java 2015-12-20 18:32 - 2015-04-05 17:15 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-12-20 18:32 - 2015-02-21 14:44 - 00000000 ____D C:\Users\Claudi 2015-12-20 18:25 - 2015-02-21 14:47 - 00000000 ____D C:\Users\Claudi\Documents\Youcam 2015-12-20 18:24 - 2015-02-21 16:31 - 00451040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2015-12-20 18:24 - 2015-02-21 16:31 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys 2015-12-20 18:23 - 2014-10-31 09:37 - 00801992 _____ C:\Windows\system32\perfh007.dat 2015-12-20 18:23 - 2014-10-31 09:37 - 00174994 _____ C:\Windows\system32\perfc007.dat 2015-12-20 18:23 - 2014-03-18 10:53 - 01924576 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-20 18:23 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2015-12-20 18:19 - 2015-03-18 21:13 - 00000000 ____D C:\Users\Claudi\OneDrive 2015-12-20 18:19 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp 2015-12-20 18:01 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-20 18:01 - 2013-08-22 15:44 - 00498472 _____ C:\Windows\system32\FNTCACHE.DAT 2015-12-20 18:00 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-12-20 17:56 - 2015-02-21 18:44 - 00000000 ____D C:\Users\Claudi\Documents\Outlook-Dateien 2015-12-20 16:14 - 2015-03-09 08:08 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-12-20 14:52 - 2015-02-21 15:19 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1D2A4AD3-EC4A-4CB2-BE52-001D24320CCA} 2015-12-20 14:50 - 2015-09-30 18:34 - 00000000 ____D C:\Users\Claudi\AppData\Roaming\Skype 2015-12-16 18:25 - 2015-02-21 14:47 - 00000000 ____D C:\Users\Claudi\AppData\Local\CyberLink 2015-12-14 19:46 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2015-12-14 19:10 - 2015-09-30 18:34 - 00000000 ____D C:\Users\Claudi\AppData\Local\Skype 2015-12-14 19:10 - 2015-09-30 18:33 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk 2015-12-14 19:10 - 2015-09-30 18:33 - 00000000 ____D C:\ProgramData\Skype 2015-12-13 19:59 - 2015-07-25 21:14 - 00000306 __RSH C:\ProgramData\ntuser.pol 2015-12-13 19:12 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2015-12-10 12:32 - 2015-02-21 18:30 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-12-10 12:19 - 2015-02-21 17:16 - 00003098 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3361543711-125785448-4142314985-1001 2015-12-09 19:22 - 2015-02-21 19:00 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-12-09 19:22 - 2015-02-21 19:00 - 00000000 ____D C:\Windows\system32\MRT 2015-12-09 07:14 - 2015-03-09 08:08 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-12-05 16:22 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2015-12-04 18:47 - 2014-10-31 02:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-12-04 18:19 - 2015-02-21 16:31 - 01055560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2015-12-04 18:19 - 2015-02-21 16:31 - 00450504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1450632268375 2015-12-04 18:19 - 2015-02-21 16:31 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2015-12-04 18:19 - 2015-02-21 16:31 - 00155304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2015-12-04 18:19 - 2015-02-21 16:31 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys.1450632268375 2015-12-04 18:19 - 2015-02-21 16:31 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2015-12-04 18:19 - 2015-02-21 16:31 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2015-12-04 18:19 - 2015-02-21 16:31 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2015-12-04 18:19 - 2015-02-21 16:31 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-12-01 18:19 - 2013-08-22 16:38 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-12-01 18:19 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-23 20:00 - 2015-02-22 19:42 - 00000000 ____D C:\Users\Claudi\Documents\AeTZ1417 2015-11-22 21:30 - 2015-04-28 12:06 - 00000000 ____D C:\Users\Claudi\Documents\kevin 2015-11-22 13:59 - 2015-02-22 22:02 - 00184320 ___SH C:\Users\Claudi\Desktop\Thumbs.db ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-08-12 18:37 - 2015-08-12 18:37 - 0000079 _____ () C:\Program Files (x86)\prefs.js 2015-12-04 18:45 - 2015-12-04 18:45 - 0000268 ___RH () C:\Users\Claudi\AppData\Roaming\Planets 2015-12-04 18:46 - 2015-12-04 18:46 - 0000268 ___RH () C:\Users\Claudi\AppData\Roaming\Plants 2015-12-04 18:45 - 2015-12-04 18:45 - 0000268 ___RH () C:\Users\Claudi\AppData\Roaming\Plug-In Settings 2015-12-04 18:46 - 2015-12-04 18:46 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT 2015-12-04 18:45 - 2015-12-16 18:30 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT 2015-12-04 18:45 - 2015-12-04 19:03 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT 2015-12-04 18:45 - 2015-12-04 18:45 - 0000268 ___RH () C:\ProgramData\Plugins 2015-12-04 18:46 - 2015-12-04 18:46 - 0000268 ___RH () C:\ProgramData\Podcasting 2015-12-04 18:45 - 2015-12-04 18:45 - 0000268 ___RH () C:\ProgramData\Pop Flute 2015-12-04 18:45 - 2015-12-04 18:45 - 0000012 ___RH () C:\ProgramData\Receipts 2015-12-04 18:46 - 2015-12-04 18:46 - 0000012 ___RH () C:\ProgramData\Resources 2015-12-04 18:45 - 2015-12-04 18:45 - 0000012 ___RH () C:\ProgramData\Robot Einige Dateien in TEMP: ==================== C:\Users\Claudi\AppData\Local\Temp\1q9fq0zd.dll C:\Users\Claudi\AppData\Local\Temp\2195.exe C:\Users\Claudi\AppData\Local\Temp\avast_secureline_setup.exe C:\Users\Claudi\AppData\Local\Temp\bitool.dll C:\Users\Claudi\AppData\Local\Temp\COMAP.EXE C:\Users\Claudi\AppData\Local\Temp\DseShExt-x64.dll C:\Users\Claudi\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Claudi\AppData\Local\Temp\Extract.exe C:\Users\Claudi\AppData\Local\Temp\Foxit PhantomPDF Updater.exe C:\Users\Claudi\AppData\Local\Temp\jre-8u51-windows-au.exe C:\Users\Claudi\AppData\Local\Temp\jre-8u66-windows-au.exe C:\Users\Claudi\AppData\Local\Temp\OfficeSetup.exe C:\Users\Claudi\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\Claudi\AppData\Local\Temp\SDShelEx-x64.dll C:\Users\Claudi\AppData\Local\Temp\SP68373.exe C:\Users\Claudi\AppData\Local\Temp\SP69404.exe C:\Users\Claudi\AppData\Local\Temp\SP69559.exe C:\Users\Claudi\AppData\Local\Temp\SP69718.exe C:\Users\Claudi\AppData\Local\Temp\SP70271.exe C:\Users\Claudi\AppData\Local\Temp\SP70439.exe C:\Users\Claudi\AppData\Local\Temp\SP71716.exe C:\Users\Claudi\AppData\Local\Temp\Uninstall.exe C:\Users\Claudi\AppData\Local\Temp\_is2C5.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-12-10 12:28 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-12-2015
durchgeführt von Claudi (2015-12-20 19:10:52)
Gestartet von C:\Users\Claudi\Desktop\khb
Windows 8.1 (X64) (2015-02-21 13:44:10)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3361543711-125785448-4142314985-500 - Administrator - Disabled)
Gast (S-1-5-21-3361543711-125785448-4142314985-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3361543711-125785448-4142314985-1003 - Limited - Enabled)
Claudi (S-1-5-21-3361543711-125785448-4142314985-1001 - Administrator - Enabled) => C:\Users\Claudi
khb (S-1-5-21-3361543711-125785448-4142314985-1004 - Administrator - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Amazon Music (HKU\S-1-5-21-3361543711-125785448-4142314985-1001\...\Amazon Amazon Music) (Version: 3.9.5.820 - Amazon Services LLC)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
avast! SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.139.2 - AVAST Software)
Bejeweled 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.0.9840 - Broadcom Corporation)
BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version: 2.82 - Buffalo Inc.)
Build-a-lot (x32 Version: 3.0.2.59 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.3.5715 - Ihr Firmenname) Hidden
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4608 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3324 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2.3324 - Ihr Firmenname) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4628 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.20150309 - Landesfinanzdirektion Thüringen)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Evernote v. 5.5.3 (HKLM-x32\...\{B1A0F908-1448-11E4-8684-00163E98E7D0}) (Version: 5.5.3.4236 - Evernote Corp.)
Farm Frenzy (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
FRITZ!Powerline (HKLM-x32\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6AAEDF97-4B93-4169-8FCA-FCB0378CED52}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.27 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{1E7F409E-E35A-4DF8-BF5C-FE34B74B640E}) (Version: 7.6.31.30 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.27 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.27 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.21 - Intel(R) Corporation) Hidden
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
KeePass Password Safe 2.28 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.28 - Dominik Reichl)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3361543711-125785448-4142314985-1001\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon)
Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.24 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.0.2 - Nikon)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.55 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7358 - Realtek Semiconductor Corp.)
Scansoft PDF Professional (x32 Version: - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ACHTUNG
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.16 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
UpgradeText (HKLM-x32\...\{1146AC44-2F03-4431-B4FD-889BC837521F}{144046c7}) (Version: - Software Publisher)
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.10.3 - Nikon)
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App für HP (x32 Version: 4.0.11.14 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
23-11-2015 17:47:01 Geplanter Prüfpunkt
04-12-2015 18:44:18 Installiert "ViewNX 2"
09-12-2015 19:18:53 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05D562B8-84AD-420E-A83F-E8A3A0085BDE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-12-03] (HP Inc.)
Task: {208AB745-1D7C-454D-AA3F-E6221617CBC8} - System32\Tasks\{AC8F6FD5-4546-4D8F-9545-445326414489} => Firefox.exe hxxp://ui.skype.com/ui/0/7.11.0.102/de/abandoninstall?source=lightinstaller&page=tsInstall
Task: {2FF8837C-4B56-4B00-91A5-79C60E2804FF} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {318D1321-CC25-4847-8D89-0E3F3E51FD98} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-15] (AVAST Software)
Task: {42801711-C539-4D41-A30F-2CB64AFD175F} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-09-27] (Hewlett-Packard)
Task: {5768876A-154B-4EA2-9191-E4F54D2F948A} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3361543711-125785448-4142314985-1001 => C:\Users\Claudi\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-10] (Microsoft Corporation)
Task: {63153D22-0346-49BB-955A-E1E5BF156E60} - System32\Tasks\HPCeeScheduleForClaudi => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {64DDB6EE-3DF5-4FDA-AB45-79681E4058C7} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-10-28] (CyberLink Corp.)
Task: {9026E826-5543-4268-ADBB-D991E1D5D8A6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-04] (AVAST Software)
Task: {932CAD7E-AEDD-406C-ACD8-84FF944E98A6} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {93B24F84-6CE3-4A72-98FE-85C115CFBABF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {98F2F77F-1F3A-49E7-B33D-8C376C8E4254} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {AB747E4E-5D5B-44F8-BB2F-5AD75EEA22D6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-12-03] (HP Inc.)
Task: {AC0C291E-6537-43E6-96D3-C7D82B4557FE} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-09-15] ()
Task: {B18DD415-833E-41A1-9BF8-D3C45E60375B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-12-09] (Microsoft Corporation)
Task: {C91FB7ED-110C-4326-B92B-E672E1334B9A} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2014-10-15] (AVAST Software)
Task: {D55B8052-CE2B-43CF-BAD2-2E0D10059C2D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-01] (Hewlett-Packard Company)
Task: {DB1BC467-BF91-4FD9-9DB3-381C963C8013} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-09-27] (Hewlett-Packard)
Task: {E912F5BB-0B11-4B53-8008-4940339761B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {EF99235D-0665-41E3-B83B-10987E181DF9} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-09-27] (Hewlett-Packard)
Task: {F9DD2CC8-CADC-4BA8-B1BD-2FCFB4F09F9C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-01] (Hewlett-Packard Company)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForClaudi.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Claudi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://mmotraffic.com/catalog/goplay/1000932/MTE3NjYvLy8xMDAwOTMy/
ShortcutWithArgument: C:\Users\Claudi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://mmotraffic.com/catalog/goplay/1000932/MTE3NjYvLy8xMDAwOTMy/
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-09-27 13:40 - 2014-09-27 13:40 - 02150400 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-09-27 13:39 - 2014-09-27 13:39 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-09-27 13:39 - 2014-09-27 13:39 - 00035840 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-09-27 13:39 - 2014-09-27 13:39 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-09-27 13:48 - 2014-09-27 13:48 - 00420432 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-09-27 13:48 - 2014-09-27 13:48 - 00746064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2015-07-25 21:13 - 2015-11-04 19:03 - 00149024 _____ () C:\Windows\system32\DnsBlockUpdateSvc.exe
2014-10-31 04:30 - 2014-04-14 18:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-10-31 04:10 - 2014-10-15 15:02 - 00435064 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2011-11-22 09:59 - 2011-11-22 09:59 - 00018432 _____ () C:\Users\Claudi\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
2014-10-31 03:49 - 2014-09-27 04:19 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-27 13:42 - 2014-09-27 13:42 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-06-13 16:14 - 2015-09-15 06:07 - 05887808 _____ () C:\Users\Claudi\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-12-20 18:25 - 2015-05-14 11:54 - 00422600 _____ () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2015-12-04 18:19 - 2015-12-04 18:19 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-04 18:19 - 2015-12-04 18:19 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-15 17:41 - 2015-12-15 17:41 - 02803712 _____ () C:\Program Files\AVAST Software\Avast\defs\15121500\algo.dll
2015-12-04 18:19 - 2015-12-04 18:19 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-20 18:03 - 2015-12-20 18:03 - 02805760 _____ () C:\Program Files\AVAST Software\Avast\defs\15122000\algo.dll
2014-09-03 11:03 - 2014-09-03 11:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-31 04:10 - 2014-10-15 15:02 - 38561576 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
2015-12-04 18:19 - 2015-12-04 18:19 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows\system32\DnsBlockUpdateSvc.exe:IID
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3361543711-125785448-4142314985-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.11.254 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{575A09D0-EE3B-4EFE-A3E4-F4EBA319C64D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EB21DE04-C4C7-4267-9F18-74921C1A1F98}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B73EC55B-AFAB-45A5-946C-C5CC43019E27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F9257F93-A7D2-4EFB-A88D-1144D58D05B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{17E1D799-A89C-4EB6-97B3-19C565E07E71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7B6E04F0-2866-413B-B740-004361BCA36B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C5E2CF70-8621-4107-9CF5-49B7FE15A0D9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9868981E-48F1-4C46-AE1B-414F2188227B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{994BA670-945D-444C-9E49-8605DE58A059}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9AC8CB4F-F594-4F70-8E8B-0FF0872005BE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4934645F-DB36-4B72-AB75-67D3B4F5FAA2}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{C85CCDF3-312D-42CD-8CF1-8BE41BBAE14D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{2848477A-7592-4D94-BF5B-DAFC34A80075}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{84B99008-2874-4C2A-A35D-543E8129AE7C}] => (Allow) C:\Users\Claudi\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{09B7F46E-F153-4CAB-8790-4AC49B7252DC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BA45C7C1-E542-4D3A-8D68-77DAFD9B4527}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39451594-6898-4021-8FA6-8DCAD4EBF700}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{CF98E35F-ECC2-44AC-94D5-D4E99FA23E27}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{B9A289C4-39FC-46AD-9D0E-F6342B40F0F6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{DE223FA4-98F7-4947-9600-EB19172F77AC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{F87C1DB0-1E52-4C24-89FC-440F10616F81}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{5A53BAE0-4EB8-4589-8568-6DED8B5A21B8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{1BC62E38-2C45-46F6-B203-7205B8760F08}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [TCP Query User{B8FC367A-D4CD-47AD-95E2-0B09DF19300E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{13265336-A5A0-4006-99E4-83BC1AE31286}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{CEBBBE56-3F97-4B69-A4E1-34FD6F2FB19C}] => (Allow) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
FirewallRules: [{A0929CDD-9C53-4A0C-9C84-34B54AF92DC0}] => (Allow) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
FirewallRules: [{677BCEA3-F764-4DF0-919A-BE65EF2C3B04}] => (Allow) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
FirewallRules: [TCP Query User{1F638EDE-2F47-48D8-8F0A-9EFC515018D5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{B2B97514-CD1A-44C1-9DE9-4B48F03D5030}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{87D28865-81D6-4A2C-835F-EA3A9FE5DD3D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{455543D7-04EB-4244-B596-8C484899BA01}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{08E27F0C-7770-4A12-9896-212D66BF67D4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B404F397-F4AF-481A-AD80-2C6FC37C6C4C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E5A5841C-5CEB-41E3-9BCD-35BAAF5E5273}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/20/2015 06:47:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (12/20/2015 06:47:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (12/20/2015 06:47:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (12/20/2015 06:25:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (12/20/2015 06:25:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (12/20/2015 06:25:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (12/20/2015 06:25:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (12/20/2015 06:03:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6750
Error: (12/20/2015 06:03:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6750
Error: (12/20/2015 06:03:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Systemfehler:
=============
Error: (12/20/2015 06:26:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (12/20/2015 06:26:30 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Claudi\AppData\Local\Temp\ehdrv.sys
Error: (12/20/2015 06:26:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (12/20/2015 06:26:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Claudi\AppData\Local\Temp\ehdrv.sys
Error: (12/20/2015 06:26:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (12/20/2015 06:26:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Claudi\AppData\Local\Temp\ehdrv.sys
Error: (12/20/2015 05:59:22 PM) (Source: DCOM) (EventID: 10016) (User: ClaudiS-HP)
Description: AnwendungsspezifischLokalAktivierung{D3DCB472-7261-43CE-924B-0704BD730D5F}{D3DCB472-7261-43CE-924B-0704BD730D5F}Claudis-HPClaudiS-1-5-21-3361543711-125785448-4142314985-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/20/2015 05:59:22 PM) (Source: DCOM) (EventID: 10016) (User: ClaudiS-HP)
Description: AnwendungsspezifischLokalAktivierung{145B4335-FE2A-4927-A040-7C35AD3180EF}{145B4335-FE2A-4927-A040-7C35AD3180EF}Claudis-HPClaudiS-1-5-21-3361543711-125785448-4142314985-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/20/2015 05:59:22 PM) (Source: DCOM) (EventID: 10016) (User: ClaudiS-HP)
Description: AnwendungsspezifischLokalAktivierung{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}Claudis-HPClaudiS-1-5-21-3361543711-125785448-4142314985-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/20/2015 05:58:49 PM) (Source: DCOM) (EventID: 10016) (User: ClaudiS-HP)
Description: AnwendungsspezifischLokalAktivierung{D3DCB472-7261-43CE-924B-0704BD730D5F}{D3DCB472-7261-43CE-924B-0704BD730D5F}Claudis-HPClaudiS-1-5-21-3361543711-125785448-4142314985-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
CodeIntegrity:
===================================
Date: 2015-07-27 22:28:10.316
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-07-27 22:09:08.821
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-07-27 22:06:14.222
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-07-27 22:06:13.887
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-07-27 22:06:06.836
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-07-27 22:05:26.511
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-03-25 17:45:16.733
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-25 17:45:16.392
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 8114.27 MB
Verfügbarer physikalischer RAM: 5427 MB
Summe virtueller Speicher: 9394.27 MB
Verfügbarer virtueller Speicher: 6624.54 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:906.46 GB) (Free:825.17 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:24.04 GB) (Free:2.67 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (Iomega_HDD) (Fixed) (Total:465.76 GB) (Free:113.85 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DC13FC01)
Partition: GPT.
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: E948385F)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
bitte die Logs Löschen, mittlerweile hat mein Bekannter ESET und andere Bereinigungstools laufen lassen....ohne meine "Kontrolle". Ich werde also die Logs neu machen und nochmal posten. Sorry! |
Baum-Darstellung