|
Mülltonne: ESET Scanner meldet InfektionWindows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
04.04.2016, 19:46 | #1 |
| ESET Scanner meldet Infektion Hallo zusammen, so ein bischen habe ich ja ein schlechtes Gewissen ... heute Mittag wurde erst ein Thema von mir geschlossen und jetzt mache ich schon gleich das nächste wieder auf. Aber ich bin Eurem Rat gefolgt und habe meinen Laptop mit ESET gescannt und dieser hat auch gleich Infektionen gemeldet. Da ich jetzt nicht weiß, ob alles unerwünschte von meinem Rechner verschwunden ist, würde ich gerne nochmal die Hilfe des Boards in Anspruch nehmen. Infektions-Symptome hat der PC keine gezeigt .. zumindest ist mir nix aufgefallen. Vorgenommen habe ich bisher den Scan mit ESET. Danach dann allerdings nichts mehr um die Dateien zu löschen oder Ähnliches. Vielen Dank schon mal für die Hilfe! Marc Logfile von ESET Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=720c4ce5d62b1d46a21c22be9a3f4808 # end=init # utc_time=2016-04-04 03:08:45 # local_time=2016-04-04 05:08:45 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.2.9200 NT ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=720c4ce5d62b1d46a21c22be9a3f4808 # end=init # utc_time=2016-04-04 03:12:50 # local_time=2016-04-04 05:12:50 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.2.9200 NT Update Init Update Download esets_scanner_update returned -1 esets_gle=41221 Update Finalize Updated modules version: 0 Old modules - leave modules Update Init Update Download Update Init Update Download esets_scanner_update returned -1 esets_gle=37126 Update Finalize Updated modules version: 0 Old modules - leave modules Update Init Update Download esets_scanner_update returned -1 esets_gle=41221 Update Finalize Updated modules version: 0 Old modules - delete modules Update Init Update Download esets_scanner_update returned -1 esets_gle=45315 Update Finalize Updated modules version: 0 'Can not update to actual engine, exiting Update Init Update Download Update Finalize Updated modules version: 28902 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=720c4ce5d62b1d46a21c22be9a3f4808 # end=updated # utc_time=2016-04-04 04:40:35 # local_time=2016-04-04 06:40:35 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=720c4ce5d62b1d46a21c22be9a3f4808 # engine=28902 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2016-04-04 05:51:48 # local_time=2016-04-04 07:51:48 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='avast! Antivirus' # compatibility_mode=788 16777213 100 98 365718 50975826 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 13562196 20655032 0 0 # scanned=253632 # found=7 # cleaned=7 # scan_time=4273 sh=09E369F9EA069BC141F0D34DC18AEC3ABBA77F6B ft=1 fh=241f3ea108f7cde2 vn="Variante von Win32/Adware.Vonteera.L Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Convertor\Convertor.exe.vir" sh=09E369F9EA069BC141F0D34DC18AEC3ABBA77F6B ft=1 fh=241f3ea108f7cde2 vn="Variante von Win32/Adware.Vonteera.L Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Winsta\bin\Winsta.exe.vir" sh=2F016F395DA134CB240A375BD4AFE67BC4F4AACE ft=1 fh=d29baf39a786373a vn="Win32/Adware.Synatix Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marc\AppData\Roaming\Windows Net Data\net.exe.vir" sh=2F016F395DA134CB240A375BD4AFE67BC4F4AACE ft=1 fh=d29baf39a786373a vn="Win32/Adware.Synatix Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Marc\AppData\Roaming\Windows Net Data\uninstaller.exe.vir" sh=09E369F9EA069BC141F0D34DC18AEC3ABBA77F6B ft=1 fh=241f3ea108f7cde2 vn="Variante von Win32/Adware.Vonteera.L Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\FRST\Quarantine\C\Users\Marc\AppData\Roaming\PDFConvert\SWUpdate.exe.xBAD" sh=DEDD8F0F9D5A4010092A2F3638C2E8AFB12BDD41 ft=1 fh=a2211db89c5209d0 vn="Variante von Win32/Packed.Komodia.A verdächtige Datei (Gesäubert durch Löschen)" ac=C fn="C:\FRST\Quarantine\C\Windows\SysWOW64\LavasoftTcpService.dll.xBAD" sh=61FCBBEACD8031A79F03D45020F2943E1155394E ft=1 fh=1a43b97989982f86 vn="Variante von Win64/Packed.Komodia.A verdächtige Datei (Gesäubert durch Löschen)" ac=C fn="C:\Windows\System32\LavasoftTcpService64.dll" Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01 durchgeführt von Marc (Administrator) auf GROMAR-LAPTOP (04-04-2016 20:39:32) Gestartet von C:\Users\Marc\Desktop Geladene Profile: Marc (Verfügbare Profile: Marc) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Edge) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Dritek System INC.) C:\Windows\RfBtnSvc64.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (VMLite, Inc.) C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.18671.0_x64__8wekyb3d8bbwe\Video.UI.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe (Digital Wave Ltd) C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Marc\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-10] (ELAN Microelectronics Corp.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-03-06] (Dritek System Inc.) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-01-14] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-23] (AVAST Software) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2013-12-05] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\...\Run: [Google Update] => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.) HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1565504 2015-01-14] (Samsung) HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2015-01-14] (Samsung) HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\...\Run: [DVSSkypeRecorder] => C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\skyui.exe [1099624 2016-03-23] (Digital Wave Ltd) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-03-01] (AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-11-23] ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2014-01-29] ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 82.212.62.40 192.168.0.1 Tcpip\..\Interfaces\{1f5ae863-4857-4868-84f1-0effdd01a9a3}: [DhcpNameServer] 82.212.62.40 192.168.0.1 Tcpip\..\Interfaces\{9b9dc7ed-4552-49c9-ad5a-1932ad958574}: [DhcpNameServer] 82.212.62.62 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/ HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {CA03FC7B-3CEA-45E3-9DE0-6CA8FA6B1782} URL = SearchScopes: HKU\S-1-5-21-1600321378-2649956060-3219368978-1001 -> {CA03FC7B-3CEA-45E3-9DE0-6CA8FA6B1782} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-01-28] (Qualcomm Atheros Commnucations) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-01] (AVAST Software) BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2013-04-01] (Yahoo! Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-31] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-01] (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-31] (Oracle Corporation) Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2013-04-01] (Yahoo! Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\95p81yx2.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-24] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-24] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-31] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-31] (Oracle Corporation) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1600321378-2649956060-3219368978-1001: @phonostar.de/phonostar-Player -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll [Keine Datei] FF Plugin HKU\S-1-5-21-1600321378-2649956060-3219368978-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin HKU\S-1-5-21-1600321378-2649956060-3219368978-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin HKU\S-1-5-21-1600321378-2649956060-3219368978-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS) FF user.js: detected! => C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\95p81yx2.default\user.js [2015-08-02] FF Extension: Ant Video Downloader - C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\95p81yx2.default\extensions\anttoolbar@ant.com [2016-03-29] FF Extension: anonymoX - C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\95p81yx2.default\Extensions\client@anonymox.net.xpi [2015-10-07] FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-23] [ist nicht signiert] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-03-01] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-03-01] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden Chrome: ======= CHR HomePage: Default -> hxxps://de.yahoo.com?fr=hp-avast&type=avastbcl CHR StartupUrls: Default -> "hxxps://de.yahoo.com?fr=hp-avast&type=avastbcl" CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Angry Birds) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-12-13] CHR Extension: (Google Docs) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04] CHR Extension: (Google Drive) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Docs Offline) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Google Mail) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-01] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-01] (AVAST Software) R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [Datei ist nicht signiert] R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert] R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-25] (Acer Incorporated) S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-17] (Acer Incorporated) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave Ltd.) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-10] (ELAN Microelectronics Corp.) S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company) R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-11] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert] R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-03-06] (Dritek System INC.) R2 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-03-01] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-03-22] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-03-01] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-03-01] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-09] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-03-01] (AVAST Software) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-03-01] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-03-01] (AVAST Software) U5 dc3d; C:\Windows\System32\Drivers\dc3d.sys [76496 2014-03-19] (Microsoft Corporation) S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2016-04-02] (Malwarebytes Corporation) R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-03-06] (Dritek System Inc.) S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.) R3 VBoxNetAdp; C:\Windows\System32\drivers\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.) R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.) R3 vmlitestor; C:\Windows\System32\drivers\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.) R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-04-04 20:39 - 2016-04-04 20:40 - 00022556 _____ C:\Users\Marc\Desktop\FRST.txt 2016-04-04 20:38 - 2016-04-04 20:39 - 02374144 _____ (Farbar) C:\Users\Marc\Desktop\FRST64.exe 2016-04-04 20:13 - 2016-04-04 20:13 - 00063470 _____ C:\Users\Marc\Downloads\Termine (2).pdf 2016-04-04 18:51 - 2016-04-04 18:51 - 00033417 _____ C:\Users\Marc\Downloads\Wettkampfordnung2013.pdf 2016-04-04 18:40 - 2016-04-04 18:40 - 00063470 _____ C:\Users\Marc\Downloads\Termine (1).pdf 2016-04-04 17:08 - 2016-04-04 17:08 - 02870984 _____ (ESET) C:\Users\Marc\Downloads\esetsmartinstaller_deu.exe 2016-04-04 17:08 - 2016-04-04 17:08 - 00000000 ____D C:\Program Files (x86)\ESET 2016-04-04 10:56 - 2016-04-04 10:56 - 00027340 _____ C:\Users\Marc\Downloads\artikel_9531.pdf 2016-04-04 10:56 - 2016-04-04 10:56 - 00027340 _____ C:\Users\Marc\Downloads\artikel_9531 (1).pdf 2016-04-04 09:57 - 2016-04-04 09:57 - 00063470 _____ C:\Users\Marc\Downloads\Termine.pdf 2016-04-03 20:51 - 2016-04-03 20:51 - 27134858 _____ C:\Users\Marc\Downloads\magentacloud.zip 2016-04-03 20:51 - 2016-04-03 20:51 - 00003455 _____ C:\Users\Marc\Downloads\BMS_Programm.html 2016-04-03 20:27 - 2016-04-03 20:28 - 01527608 _____ C:\Users\Marc\Downloads\2 DB 16.zip 2016-04-03 13:54 - 2016-04-03 13:54 - 00246029 _____ C:\Users\Marc\Downloads\Person.pdf 2016-04-02 19:41 - 2016-04-02 19:41 - 00156181 _____ C:\Users\Marc\Downloads\Hinweis Schiezeitnderung DSB 15.01.2014_Sport_WM 2015.pdf 2016-04-02 19:30 - 2016-04-02 19:30 - 00458843 _____ C:\Users\Marc\Downloads\BM16-Neckar-Ausschreibung.pdf 2016-04-01 17:49 - 2016-04-01 17:49 - 20850617 _____ C:\Users\Marc\Downloads\xhamster.com_2344825_pussy_licking.mp4 2016-04-01 17:35 - 2016-04-01 17:35 - 00043268 _____ C:\Users\Marc\Downloads\FRST.txt 2016-04-01 17:35 - 2016-04-01 17:35 - 00001201 _____ C:\Users\Marc\Downloads\Scan Anti-Malware.txt 2016-04-01 17:34 - 2016-04-01 17:34 - 00016442 _____ C:\Users\Marc\Downloads\Addition.txt 2016-04-01 16:18 - 2016-04-01 16:18 - 06310065 _____ C:\Users\Marc\Downloads\xhamster.com_2255483_pussy_licking.mp4 2016-04-01 15:52 - 2016-04-01 15:53 - 14046355 _____ C:\Users\Marc\Downloads\xhamster.com_1179615_pussy_licking.mp4 2016-04-01 15:43 - 2016-04-01 15:43 - 00014553 _____ C:\Users\Marc\Downloads\16-Neckar-BL-KK3-Ausschreibung-290116.pdf 2016-03-29 10:06 - 2016-03-29 10:06 - 01521275 _____ C:\Users\Marc\Downloads\EhrungsordnungDSB (1).pdf 2016-03-29 09:34 - 2016-03-29 09:34 - 00254738 _____ C:\Users\Marc\Downloads\Übergabeprotokoll_Evelyn_Sauermann.pdf 2016-03-28 22:47 - 2016-03-28 22:47 - 00599024 _____ C:\Users\Marc\Downloads\wsv_seminarangeb-plakA4-DRUCK.pdf 2016-03-28 00:13 - 2016-03-28 00:14 - 30000696 _____ (DVDVideoSoft Ltd. ) C:\Users\Marc\Downloads\FreeVideoCallRecorder.exe 2016-03-27 13:42 - 2016-03-27 13:42 - 00000000 ____D C:\Users\Marc\Downloads\3338 Poo-1-sp 2016-03-27 13:20 - 2016-03-27 13:20 - 00070809 _____ C:\Users\Marc\Downloads\NeueEhrungsordnung.pdf 2016-03-27 13:18 - 2016-03-27 13:18 - 01521275 _____ C:\Users\Marc\Downloads\EhrungsordnungDSB.pdf 2016-03-27 11:28 - 2016-03-27 11:28 - 00000000 ____D C:\Users\Marc\Downloads\Another Great 3some.mp4 2016-03-26 17:24 - 2016-03-26 17:24 - 00761348 _____ C:\Users\Marc\Downloads\8719854_216_A_OrdenPinsMehrWeb.pdf 2016-03-25 21:20 - 2016-03-25 21:40 - 146017459 _____ C:\Users\Marc\Downloads\Another Great 3some.mp4.rar 2016-03-23 21:09 - 2016-03-23 21:09 - 00016321 _____ C:\Users\Marc\Downloads\Durchgangsliste KK 100 m Tübingen.pdf 2016-03-23 20:59 - 2016-03-23 20:59 - 00017088 _____ C:\Users\Marc\Downloads\Durchgangsliste 3x20 Tübingen.pdf 2016-03-23 15:30 - 2016-03-23 16:12 - 313540866 _____ C:\Users\Marc\Downloads\3338 Poo-1-sp.rar 2016-03-23 14:30 - 2016-03-26 08:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-03-23 10:08 - 2016-03-23 10:08 - 00072031 _____ C:\Users\Marc\Downloads\Ergebnisse_6.pdf 2016-03-22 22:49 - 2016-04-02 16:23 - 00003196 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458679730 2016-03-22 22:48 - 2016-04-02 16:23 - 00001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2016-03-22 22:48 - 2016-03-22 22:47 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2016-03-22 22:01 - 2016-03-22 22:01 - 00107008 _____ C:\Users\Marc\Downloads\Extract JHV-Bericht_2016_Marc (1).ppt 2016-03-22 21:56 - 2016-03-22 21:56 - 00107008 _____ C:\Users\Marc\Downloads\Extract JHV-Bericht_2016_Marc.ppt 2016-03-22 21:42 - 2016-03-22 21:42 - 00053443 _____ C:\Users\Marc\Downloads\Abschlussliste RWK 2015-2016.pdf 2016-03-22 21:32 - 2016-03-22 21:32 - 00174592 _____ C:\Users\Marc\Downloads\Extract JHV-Bericht_2016.ppt 2016-03-21 10:55 - 2016-03-21 10:55 - 00078044 _____ C:\Users\Marc\Downloads\4518_Startkarte (1).PDF 2016-03-21 09:56 - 2016-03-21 09:56 - 00038091 _____ C:\Users\Marc\Downloads\4518_Zusammen.PDF 2016-03-21 09:03 - 2016-03-21 09:03 - 00034865 _____ C:\Users\Marc\Downloads\bm16-MA-Plan.xlsx 2016-03-21 09:03 - 2016-03-21 09:03 - 00003713 _____ C:\Users\Marc\Downloads\4518_StartgeldV.PDF 2016-03-21 08:50 - 2016-03-21 08:50 - 00078044 _____ C:\Users\Marc\Downloads\4518_Startkarte.PDF 2016-03-20 23:42 - 2016-03-20 23:43 - 29560810 _____ C:\Users\Marc\Downloads\xhamster.com_2827304_eat_pussy.mp4 2016-03-20 16:44 - 2016-03-20 16:44 - 15249584 _____ C:\Users\Marc\Downloads\xhamster.com_4922043_und_die_passanten_schauen.mp4 2016-03-20 16:32 - 2016-03-20 16:37 - 27397827 _____ C:\Users\Marc\Downloads\xhamster.com_5036761_german_chubby_geknebelt.mp4 2016-03-20 16:28 - 2016-03-20 16:29 - 52701287 _____ C:\Users\Marc\Downloads\xhamster.com_5811426_chinese_girl_with_nice_breast.mp4 2016-03-19 21:27 - 2016-03-19 21:27 - 00000000 ____D C:\Users\Marc\Downloads\Ant Videos 2016-03-09 20:09 - 2016-03-01 07:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-03-09 20:09 - 2016-03-01 07:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-03-09 20:09 - 2016-02-24 11:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-03-09 20:09 - 2016-02-24 11:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-03-09 20:09 - 2016-02-24 11:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-03-09 20:09 - 2016-02-24 11:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-03-09 20:09 - 2016-02-24 11:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-03-09 20:09 - 2016-02-24 11:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2016-03-09 20:09 - 2016-02-24 11:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2016-03-09 20:09 - 2016-02-24 11:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-03-09 20:09 - 2016-02-24 10:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2016-03-09 20:09 - 2016-02-24 10:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2016-03-09 20:09 - 2016-02-24 10:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-03-09 20:09 - 2016-02-24 10:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-03-09 20:09 - 2016-02-24 10:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-03-09 20:09 - 2016-02-24 10:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2016-03-09 20:09 - 2016-02-24 10:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-03-09 20:09 - 2016-02-24 10:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe 2016-03-09 20:09 - 2016-02-24 10:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2016-03-09 20:09 - 2016-02-24 10:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-03-09 20:09 - 2016-02-24 10:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-03-09 20:09 - 2016-02-24 10:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-03-09 20:09 - 2016-02-24 10:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-03-09 20:09 - 2016-02-24 10:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-03-09 20:09 - 2016-02-24 10:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-03-09 20:09 - 2016-02-24 10:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll 2016-03-09 20:09 - 2016-02-24 10:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-03-09 20:09 - 2016-02-24 10:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-03-09 20:09 - 2016-02-24 10:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2016-03-09 20:09 - 2016-02-24 10:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2016-03-09 20:09 - 2016-02-24 10:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-03-09 20:09 - 2016-02-24 09:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-03-09 20:09 - 2016-02-24 09:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll 2016-03-09 20:09 - 2016-02-24 09:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll 2016-03-09 20:09 - 2016-02-24 09:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-03-09 20:09 - 2016-02-24 09:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2016-03-09 20:09 - 2016-02-24 09:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll 2016-03-09 20:09 - 2016-02-24 09:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll 2016-03-09 20:09 - 2016-02-24 09:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-03-09 20:09 - 2016-02-24 09:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-03-09 20:09 - 2016-02-24 09:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll 2016-03-09 20:09 - 2016-02-24 09:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-03-09 20:09 - 2016-02-24 09:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2016-03-09 20:09 - 2016-02-24 09:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2016-03-09 20:09 - 2016-02-24 09:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2016-03-09 20:09 - 2016-02-24 09:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll 2016-03-09 20:09 - 2016-02-24 09:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll 2016-03-09 20:09 - 2016-02-24 09:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2016-03-09 20:09 - 2016-02-24 09:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll 2016-03-09 20:09 - 2016-02-24 09:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2016-03-09 20:09 - 2016-02-24 09:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll 2016-03-09 20:09 - 2016-02-24 09:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2016-03-09 20:09 - 2016-02-24 09:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2016-03-09 20:09 - 2016-02-24 09:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2016-03-09 20:09 - 2016-02-24 09:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll 2016-03-09 20:09 - 2016-02-24 09:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-03-09 20:09 - 2016-02-24 09:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll 2016-03-09 20:09 - 2016-02-24 09:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll 2016-03-09 20:09 - 2016-02-24 09:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll 2016-03-09 20:09 - 2016-02-24 09:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll 2016-03-09 20:09 - 2016-02-24 09:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2016-03-09 20:09 - 2016-02-24 09:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll 2016-03-09 20:09 - 2016-02-24 09:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll 2016-03-09 20:09 - 2016-02-24 09:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2016-03-09 20:09 - 2016-02-24 09:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-03-09 20:09 - 2016-02-24 09:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-03-09 20:09 - 2016-02-24 09:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll 2016-03-09 20:09 - 2016-02-24 09:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-03-09 20:09 - 2016-02-24 09:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2016-03-09 20:09 - 2016-02-24 09:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2016-03-09 20:09 - 2016-02-24 09:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2016-03-09 20:09 - 2016-02-24 08:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2016-03-09 20:09 - 2016-02-24 08:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2016-03-09 20:09 - 2016-02-24 08:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2016-03-09 20:09 - 2016-02-24 08:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll 2016-03-09 20:09 - 2016-02-24 08:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2016-03-09 20:09 - 2016-02-24 08:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2016-03-09 20:09 - 2016-02-24 08:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll 2016-03-09 20:09 - 2016-02-24 08:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2016-03-09 20:09 - 2016-02-24 08:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2016-03-09 20:09 - 2016-02-24 08:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2016-03-09 20:09 - 2016-02-24 08:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll 2016-03-09 20:09 - 2016-02-24 08:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2016-03-09 20:09 - 2016-02-24 08:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll 2016-03-09 20:09 - 2016-02-24 08:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2016-03-09 20:09 - 2016-02-24 08:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll 2016-03-09 20:09 - 2016-02-24 08:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-03-09 20:09 - 2016-02-24 08:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2016-03-09 20:09 - 2016-02-24 08:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2016-03-09 20:09 - 2016-02-24 08:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll 2016-03-09 20:09 - 2016-02-24 08:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-03-09 20:09 - 2016-02-24 08:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll 2016-03-09 20:09 - 2016-02-24 08:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2016-03-09 20:09 - 2016-02-24 08:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll 2016-03-09 20:09 - 2016-02-24 08:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-03-09 20:09 - 2016-02-24 08:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2016-03-09 20:09 - 2016-02-24 08:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2016-03-09 20:09 - 2016-02-24 08:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-03-09 20:09 - 2016-02-24 08:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2016-03-09 20:09 - 2016-02-24 08:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2016-03-09 20:09 - 2016-02-24 08:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll 2016-03-09 20:09 - 2016-02-24 08:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-03-09 20:09 - 2016-02-24 08:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2016-03-09 20:09 - 2016-02-24 08:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll 2016-03-09 20:09 - 2016-02-24 08:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2016-03-09 20:09 - 2016-02-24 08:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2016-03-09 20:09 - 2016-02-24 08:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-03-09 20:09 - 2016-02-24 08:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2016-03-09 20:09 - 2016-02-24 08:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2016-03-09 20:09 - 2016-02-24 08:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll 2016-03-09 20:09 - 2016-02-24 08:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2016-03-09 20:09 - 2016-02-24 08:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2016-03-09 20:09 - 2016-02-24 08:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2016-03-09 20:09 - 2016-02-24 08:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll 2016-03-09 20:09 - 2016-02-24 08:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll 2016-03-09 20:09 - 2016-02-24 08:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2016-03-09 20:09 - 2016-02-24 08:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2016-03-09 20:09 - 2016-02-24 08:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2016-03-09 20:09 - 2016-02-24 08:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2016-03-09 20:09 - 2016-02-24 08:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2016-03-09 20:09 - 2016-02-24 08:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2016-03-09 20:09 - 2016-02-24 08:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2016-03-09 20:09 - 2016-02-24 08:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2016-03-09 20:09 - 2016-02-24 08:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2016-03-09 20:09 - 2016-02-24 08:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2016-03-09 20:09 - 2016-02-24 08:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-03-09 20:09 - 2016-02-24 08:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-03-09 20:09 - 2016-02-24 08:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2016-03-09 20:09 - 2016-02-24 08:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2016-03-09 20:09 - 2016-02-24 08:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2016-03-09 20:09 - 2016-02-24 08:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2016-03-09 20:09 - 2016-02-24 08:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-03-09 20:09 - 2016-02-24 08:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-03-09 20:09 - 2016-02-24 08:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2016-03-09 20:09 - 2016-02-24 08:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2016-03-09 20:09 - 2016-02-24 08:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-03-09 20:09 - 2016-02-24 08:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-03-09 20:09 - 2016-02-24 08:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2016-03-09 20:09 - 2016-02-24 07:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-03-09 20:09 - 2016-02-24 07:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-03-09 20:09 - 2016-02-24 07:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll 2016-03-09 20:09 - 2016-02-24 07:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-03-09 20:09 - 2016-02-24 07:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll 2016-03-09 20:09 - 2016-02-24 07:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-03-09 20:09 - 2016-02-24 07:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-03-09 20:09 - 2016-02-24 07:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-03-09 20:09 - 2016-02-24 07:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-03-09 20:09 - 2016-02-24 07:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-03-09 20:09 - 2016-02-24 07:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-03-09 20:09 - 2016-02-24 07:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-03-09 20:09 - 2016-02-24 07:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-03-09 20:09 - 2016-02-24 06:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-03-09 20:09 - 2016-02-24 06:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-03-05 20:31 - 2016-03-05 10:20 - 00020446 _____ C:\Users\Marc\Documents\MGross_Anschreiben_Handwerkskammer_2015-11.doc_0.odt ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-04-04 20:39 - 2015-05-05 09:54 - 00000000 ____D C:\FRST 2016-04-04 20:38 - 2013-06-07 14:00 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Skype 2016-04-04 20:36 - 2013-07-18 14:08 - 00001144 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1600321378-2649956060-3219368978-1001UA.job 2016-04-04 20:29 - 2015-11-03 08:14 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-04-04 20:26 - 2015-01-21 10:26 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-04-04 15:08 - 2013-12-21 19:25 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6FAAAD05-CF46-4A5A-A16E-1896A09B641C} 2016-04-04 11:51 - 2015-12-17 16:19 - 00000350 _____ C:\WINDOWS\BRRBCOM.INI 2016-04-03 21:36 - 2013-07-18 14:08 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1600321378-2649956060-3219368978-1001Core.job 2016-04-03 13:38 - 2015-09-30 15:26 - 00001410 _____ C:\Users\Public\Desktop\Free Video Call Recorder for Skype.lnk 2016-04-03 12:46 - 2015-11-03 08:14 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-04-03 12:45 - 2015-09-13 17:03 - 00000000 __SHD C:\Users\Marc\IntelGraphicsProfiles 2016-04-02 22:54 - 2015-01-17 00:43 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-04-02 20:10 - 2011-11-11 17:01 - 00000000 ____D C:\Users\Marc\Documents\03 Beruf 2016-04-02 17:37 - 2015-05-04 08:39 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-04-02 16:21 - 2015-10-24 17:50 - 00000000 ____D C:\Users\Marc\Documents\EMU64 2016-04-02 12:42 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-04-02 09:22 - 2015-12-13 07:17 - 00000000 ____D C:\Users\Marc 2016-04-02 08:38 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-04-02 08:38 - 2013-06-07 12:47 - 00000000 ____D C:\Users\Marc\AppData\Local\Packages 2016-04-01 17:04 - 2015-10-30 20:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat 2016-04-01 17:04 - 2015-10-30 20:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat 2016-04-01 17:04 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-04-01 17:04 - 2015-09-13 16:44 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-03-31 14:34 - 2015-10-09 15:05 - 00000000 ____D C:\Users\Marc\.oracle_jre_usage 2016-03-31 14:34 - 2015-10-09 15:04 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-03-31 14:34 - 2015-10-09 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-03-31 14:33 - 2015-10-09 15:04 - 00000000 ____D C:\Program Files (x86)\Java 2016-03-31 14:30 - 2013-08-09 12:44 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2016-03-31 14:29 - 2014-04-21 08:42 - 00000000 ____D C:\Users\Marc\AppData\Local\HTC MediaHub 2016-03-31 14:28 - 2015-12-13 07:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-03-30 21:37 - 2013-07-18 14:08 - 00002491 _____ C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-03-30 21:37 - 2013-07-18 14:08 - 00002483 _____ C:\Users\Marc\Desktop\Google Chrome.lnk 2016-03-28 00:15 - 2015-09-30 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-03-28 00:15 - 2014-02-10 11:30 - 00000000 ____D C:\Users\Marc\AppData\Roaming\DVDVideoSoft 2016-03-28 00:15 - 2014-02-10 11:30 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2016-03-26 08:47 - 2013-06-08 21:46 - 00000000 ____D C:\Users\Marc\AppData\Local\CrashDumps 2016-03-26 08:40 - 2013-06-07 14:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-03-25 23:42 - 2013-07-03 14:13 - 00061440 _____ C:\Users\Marc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-03-25 19:20 - 2015-09-30 15:34 - 00000000 ____D C:\Users\Marc\Documents\HyperCam3 2016-03-24 05:26 - 2015-01-17 00:43 - 00004032 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2016-03-23 06:05 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-03-22 22:56 - 2015-08-21 14:13 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-03-22 22:56 - 2013-06-07 14:00 - 00000000 ____D C:\ProgramData\Skype 2016-03-22 22:47 - 2014-08-23 19:54 - 00000000 ____D C:\Program Files\AVAST Software 2016-03-22 22:47 - 2014-08-23 19:53 - 00000000 ____D C:\ProgramData\AVAST Software 2016-03-20 08:51 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-03-17 12:51 - 2013-07-10 15:15 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Media Player Classic 2016-03-17 12:50 - 2013-06-07 13:07 - 00000000 __RHD C:\Users\Marc\Data Sync 2016-03-17 12:32 - 2013-12-05 20:30 - 00000000 ____D C:\Users\Marc\Tracing 2016-03-17 12:31 - 2016-01-01 03:14 - 00000000 ____D C:\WINDOWS\Minidump 2016-03-17 11:56 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-03-10 16:24 - 2013-07-23 01:11 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-03-10 16:18 - 2013-06-08 14:36 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-03-10 07:02 - 2015-12-13 07:08 - 00236168 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-03-10 07:00 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-03-10 07:00 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-03-10 07:00 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-03-10 07:00 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-03-09 19:58 - 2015-11-07 13:08 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-03-09 19:49 - 2014-08-23 19:54 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys 2016-03-09 19:49 - 2014-08-23 19:54 - 00107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys 2016-03-09 11:25 - 2013-06-05 18:13 - 00000000 ____D C:\Users\Marc\Documents\06 Schützenverein 2016-03-08 09:12 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-03-08 09:12 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-03-06 18:06 - 2013-06-08 13:42 - 00000000 ____D C:\Users\Marc\AppData\Roaming\FileZilla ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-06-07 20:47 - 2013-06-07 20:47 - 0001167 _____ () C:\Users\Marc\AppData\Roaming\trace_FilterInstaller.1.txt 2013-06-07 20:47 - 2014-06-23 18:42 - 0000905 _____ () C:\Users\Marc\AppData\Roaming\trace_FilterInstaller.txt 2013-06-07 20:47 - 2014-06-23 18:42 - 0000000 _____ () C:\Users\Marc\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt 2013-07-03 14:13 - 2016-03-25 23:42 - 0061440 _____ () C:\Users\Marc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-01-11 15:14 - 2014-01-11 15:14 - 0002360 _____ () C:\Users\Marc\AppData\Local\recently-used.xbel 2013-06-22 11:00 - 2013-06-22 11:00 - 0000056 ____H () C:\ProgramData\ezsidmv.dat Einige Dateien in TEMP: ==================== C:\Users\Marc\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-04-02 12:52 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01 durchgeführt von Marc (2016-04-04 20:40:48) Gestartet von C:\Users\Marc\Desktop Windows 10 Home Version 1511 (X64) (2015-12-13 05:53:39) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1600321378-2649956060-3219368978-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1600321378-2649956060-3219368978-503 - Limited - Disabled) Gast (S-1-5-21-1600321378-2649956060-3219368978-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1600321378-2649956060-3219368978-1027 - Limited - Enabled) Marc (S-1-5-21-1600321378-2649956060-3219368978-1001 - Administrator - Enabled) => C:\Users\Marc ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation) Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated) Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3015 - Acer Incorporated) AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3125 - Acer Incorporated) AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3204 - Acer Incorporated) Ad-Aware Web Companion (x32 Version: 1.1.922.1860 - Lavasoft) Hidden Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated) Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software) Backup Manager v4 (x32 Version: 4.0.0.0071 - NTI Corporation) Hidden Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation) Brother MFL-Pro Suite DCP-9017CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.5.0 - Brother Industries, Ltd.) clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3112 - Acer Incorporated) clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3109 - Acer Incorporated) clear.fi SDK - Video 2 (x32 Version: 2.1.2128 - CyberLink Corp.) Hidden clear.fi SDK- Movie 2 (x32 Version: 2.1.2112 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Disag OpticScoreServer (HKLM-x32\...\{5DE3F755-A301-47A0-8855-3FED0828E1B9}) (Version: 1.0.0 - cc) ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) FileZilla Client 3.16.0 (HKLM-x32\...\FileZilla Client) (Version: 3.16.0 - Tim Kosse) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Free Desktop Timer 1.2 (HKLM-x32\...\Free Desktop Timer_is1) (Version: - Drive Software Company) Free Video Call Recorder for Skype (HKLM-x32\...\Free Video Call Recorder for Skype_is1) (Version: 1.2.45.323 - DVDVideoSoft Ltd.) Google Chrome (HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\...\Google Chrome) (Version: 49.0.2623.110 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company) HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation) HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.37.2 - HTC) HyperCam 3 (HKLM-x32\...\HyperCam 3 3.5.1310.06) (Version: 3.5.1310.06 - Solveig Multimedia) Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC) Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation) Java 8 Update 74 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation) Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation) K-Lite Codec Pack 9.9.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.0 - ) Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.) LavasoftTcpService (x32 Version: 2.3.3.0 - Lavasoft) Hidden Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3006 - Acer Incorporated) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla) MyFreeCodec (HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\...\MyFreeCodec) (Version: - ) MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9014 - NTI Corporation) NTI Media Maker 9 (x32 Version: 9.0.2.9014 - NTI Corporation) Hidden Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer) Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3202 - Acer) OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.41 - Qualcomm Atheros) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.) SafeZone Stable 1.48.2066.95 (x32 Version: 1.48.2066.95 - Avast Software) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.) Hidden Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.) Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB) Unity Web Player (HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) VMLite Workstation (HKLM\...\{197F2BEF-2705-406E-8CEB-8E404FFFE414}) (Version: 3.2.6 - VMLite) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH) WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH) Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - ) Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - ) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1600321378-2649956060-3219368978-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Marc\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1600321378-2649956060-3219368978-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1600321378-2649956060-3219368978-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-1600321378-2649956060-3219368978-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1600321378-2649956060-3219368978-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1600321378-2649956060-3219368978-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Marc\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {08B77D16-BD2F-4D60-BD23-80C0C6D3A22C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {0E6875BF-66E2-4353-B023-2AD10879B4D3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-03-01] (AVAST Software) Task: {10C7AB81-3327-4078-B9D5-1A011D9585E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1600321378-2649956060-3219368978-1001Core => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {11F3A90C-0279-4B98-B19C-5FDC9FCDC306} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {168843F4-B190-4992-AD1F-0E54244C1A1D} - System32\Tasks\{4CB3DCFB-E48A-4898-8D25-A33CE3ED11EE} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2016-03-01] (Skype Technologies S.A.) Task: {190D85C5-2434-46BA-8760-9E8B66F1619A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {26363A0F-BA89-4E30-A1E3-114149539F54} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_197_pepper.exe [2016-03-24] (Adobe Systems Incorporated) Task: {2EF0C247-8C81-4D1E-82B9-B76EEC764209} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {36B2ECB9-A0BB-4F0A-80D0-D42F8A4BBBA7} - System32\Tasks\SuperEasy Registry Cleaner => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe Task: {3D88E9E6-E1C0-4DAA-8718-7CE7E9382C7F} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {43416FB0-0CED-4305-835D-204029DD8338} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {4379264D-F433-46DD-A857-020CCC076024} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.) Task: {4832C5D4-AC57-4042-8C36-CD7427C4A590} - System32\Tasks\SafeZone scheduled Autoupdate 1458679730 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-03-08] (Avast Software) Task: {4CC312B7-6E38-48D7-968B-5A32EF6DE919} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] () Task: {572B9785-0A85-4F16-A98D-699785A4D976} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1600321378-2649956060-3219368978-1001UA => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {5973892A-E570-48C2-942D-80BCF9A53397} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-11-06] () Task: {5A5E5552-D4E9-4595-8AF1-D992E697DE2F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {5CA420B0-319E-44D0-980C-F2A2198E7E3A} - System32\Tasks\Google Update => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {62EE65B1-FF1A-4D79-B2D5-3CDAF3571FD7} - System32\Tasks\{437AF32D-D20F-43EC-BCF7-2B63A7BBC3F0} => Firefox.exe hxxp://ui.skype.com/ui/0/5.0.0.156/de/go/help.faq.installer?LastError=1603 Task: {67685B68-2316-449C-9B0A-F2C4EAC76E7E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-10] (Microsoft Corporation) Task: {6B5833F4-F6BC-4DEE-A0F1-06F97E1C171B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {742AF962-06F1-420A-BDC1-A1B5365FF541} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft) Task: {7AECAB41-A6C7-402D-B0DB-2D8693E09934} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-10-23] (Acer Incorporated) Task: {7BD9C0A5-704B-41E1-9345-A30E4CC71456} - System32\Tasks\{AEF535A3-7FD5-4CAE-A962-3401F4041F2F} => launchwinapp.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.16.0.102&LastError=404 Task: {7C614D49-40B7-4426-B0AB-B050054D12C3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-24] (Adobe Systems Incorporated) Task: {91E02D50-7009-4BC3-961B-06CB7FB5C98B} - System32\Tasks\{A21C6916-37CB-4434-86B9-53F0CFA40949} => pcalua.exe -a "C:\Program Files (x86)\WinRAR\uninstall.exe" Task: {A87D10E2-AEF3-4453-9E1B-664B4CA70E83} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {ABBEF539-6173-4064-886F-08EF42F826F1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated) Task: {AE776216-667A-4890-9E26-A485AE91B010} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {B1EFA27D-2C24-435C-A7DA-7F9481AED379} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {B1F91900-DC94-47C5-97C0-D6E021EBD691} - System32\Tasks\{87825B6D-200E-40CD-B780-B710EC8A54C8} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe" -c /app FreeVideoCallRecorderForSkype Task: {BCC1D248-EB2D-483C-A8CA-F28827CB35E3} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {C1A12F61-F721-41A8-8E7F-1EC948B02F5F} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {CB8EF0F3-9E00-45FE-8792-DA54CDBF4FD8} - System32\Tasks\{1CC9CC4B-D2FC-4C63-9A9C-766025C8A2C3} => pcalua.exe -a C:\PROGRA~2\Yahoo!\Common\UNYT_W~1.EXE Task: {DAD906A4-8F63-4063-B130-31CB3F4F7C5B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-03] (Google Inc.) Task: {DE20CEFA-51BA-40F5-800F-977CDEE94239} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {E68DE6BF-A61B-40BA-9006-BC6326D1B81D} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.) Task: {E80E6E79-DE4A-492C-9FAB-DC03B685E881} - System32\Tasks\{E431ADF3-4D41-4D40-9AFE-2D35426D31CF} => launchwinapp.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.16.0.102&LastError=404 Task: {F258E06B-40CC-4954-8E32-5A55B0A0EDCB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-03] (Google Inc.) Task: {FEDC6918-998E-4AF0-9EB5-0A60FB32717E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_197_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1600321378-2649956060-3219368978-1001Core.job => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1600321378-2649956060-3219368978-1001UA.job => C:\Users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2014-09-24 10:42 - 2014-09-24 10:42 - 00034304 _____ () C:\WINDOWS\System32\ssj1mlm.dll 2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2015-12-17 16:17 - 2015-06-08 10:13 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll 2010-08-11 14:18 - 2010-08-11 14:18 - 00202344 _____ () C:\Program Files\VMLite\VMLite Workstation\VBoxDDU.dll 2010-08-11 14:18 - 2010-08-11 14:18 - 02725480 _____ () C:\Program Files\VMLite\VMLite Workstation\VBoxRT.dll 2009-03-26 22:03 - 2009-03-26 22:03 - 01289728 _____ () C:\Program Files\VMLite\VMLite Workstation\LIBEAY32.dll 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-03-02 15:04 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-03-02 15:04 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2012-06-22 04:12 - 2012-06-22 04:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll 2016-02-29 12:23 - 2016-02-29 12:23 - 00052912 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2015-12-18 17:53 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-03-02 15:03 - 2016-02-23 10:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-03-02 15:03 - 2016-02-23 10:38 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll 2016-01-22 08:04 - 2016-01-22 08:04 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-01-12 22:03 - 2016-01-05 03:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-12 22:03 - 2016-01-05 03:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-27 23:09 - 2016-01-16 07:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-27 23:10 - 2016-01-16 07:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-01-12 22:03 - 2016-01-05 03:24 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2016-03-29 08:09 - 2016-03-29 08:10 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-03-29 08:09 - 2016-03-29 08:10 - 17535488 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-03-03 22:30 - 2016-03-03 22:31 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2016-03-01 11:56 - 2016-03-01 11:56 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2016-03-01 11:56 - 2016-03-01 11:56 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-03-31 13:35 - 2016-03-31 13:35 - 02846208 _____ () C:\Program Files\AVAST Software\Avast\defs\16033101\algo.dll 2016-03-01 11:56 - 2016-03-01 11:56 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-03-01 11:56 - 2016-03-01 11:56 - 00307808 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll 2016-04-04 12:22 - 2016-04-04 12:22 - 02850816 _____ () C:\Program Files\AVAST Software\Avast\defs\16040400\algo.dll 2014-03-21 15:05 - 2014-03-21 15:05 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll 2014-12-18 16:08 - 2014-12-18 16:08 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll 2014-03-21 15:06 - 2014-03-21 15:06 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll 2014-03-21 15:06 - 2014-03-21 15:06 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll 2014-03-21 15:06 - 2014-03-21 15:06 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll 2014-03-21 15:08 - 2014-03-21 15:08 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll 2014-03-21 15:09 - 2014-03-21 15:09 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll 2015-09-30 15:26 - 2016-03-23 14:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2015-09-30 15:26 - 2016-03-23 14:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll 2015-09-30 15:26 - 2016-03-23 14:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll 2015-09-30 15:26 - 2016-03-23 14:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2015-09-30 15:26 - 2016-03-23 14:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2015-09-30 15:26 - 2016-03-23 14:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2015-12-17 16:16 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2013-03-06 13:08 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2012-11-03 02:38 - 2012-11-03 02:38 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll 2016-01-05 12:30 - 2016-01-05 12:30 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2016-03-30 21:37 - 2016-03-27 09:58 - 01675928 _____ () C:\Users\Marc\AppData\Local\Google\Chrome\Application\49.0.2623.110\libglesv2.dll 2016-03-30 21:37 - 2016-03-27 09:58 - 00086168 _____ () C:\Users\Marc\AppData\Local\Google\Chrome\Application\49.0.2623.110\libegl.dll 2016-01-22 08:04 - 2016-01-22 08:04 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-22 08:04 - 2016-01-22 08:04 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-09-30 15:26 - 2016-03-23 14:06 - 00295272 _____ () C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\stat.dll 2015-09-30 15:26 - 2016-03-23 14:06 - 00086376 _____ () C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\boost_thread-vc120-mt-1_56.dll 2015-09-30 15:26 - 2016-03-23 14:06 - 00020328 _____ () C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\boost_system-vc120-mt-1_56.dll 2015-09-30 15:26 - 2016-03-23 14:00 - 00174952 _____ () C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\easyhook32.dll 2015-09-30 15:26 - 2015-09-13 21:27 - 00110952 _____ () C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\zlib1.dll 2015-09-30 15:26 - 2016-03-23 14:06 - 00104296 _____ () C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\boost_filesystem-vc120-mt-1_56.dll 2015-09-30 15:26 - 2016-03-23 14:06 - 00044392 _____ () C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\boost_date_time-vc120-mt-1_56.dll 2015-09-30 15:26 - 2016-03-23 14:06 - 01268072 _____ () C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\libGLESv2.dll 2015-09-30 15:26 - 2016-03-23 14:06 - 00028520 _____ () C:\Program Files (x86)\DVDVideoSoft\Free Video Call Recorder for Skype\boost_chrono-vc120-mt-1_56.dll 2015-08-02 20:18 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll 2015-08-02 20:17 - 2012-05-25 04:25 - 00078336 _____ () C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll 2016-03-30 21:37 - 2016-03-27 09:58 - 17545880 _____ () C:\Users\Marc\AppData\Local\Google\Chrome\Application\49.0.2623.110\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg DNS Servers: 82.212.62.40 - 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\...\StartupApproved\StartupFolder: => "WISO Mein Steuer-Sparbuch heute.lnk" HKLM\...\StartupApproved\Run: => "SpywareTerminatorUpdater" HKLM\...\StartupApproved\Run: => "SpywareTerminatorShield" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKLM\...\StartupApproved\Run32: => "LManager" HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\...\StartupApproved\Run: => "Google Update" HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\...\StartupApproved\Run: => "DVSSkypeRecorder" HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\...\StartupApproved\Run: => "ooVoo.exe" HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\...\StartupApproved\Run: => "phonostar-PlayerTimer" HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\...\StartupApproved\Run: => "KiesPreload" HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\...\StartupApproved\Run: => "" HKU\S-1-5-21-1600321378-2649956060-3219368978-1001\...\StartupApproved\Run: => "OneDrive" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{3094FF8A-0CC7-4C6B-984E-7B7B161B276C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EBEE6FCC-74CA-4275-8469-E67252C63C25}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E24F9CFA-6FC8-41A5-9BB3-1EA0F935BFBD}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{4BDD25C1-6045-485B-9A98-CE7E510E50A8}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{754D25B5-DF8B-4C97-AD13-75DDBF52A520}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe FirewallRules: [{63A94AA6-9BFB-4AF3-A206-D7EABBBED5A3}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe FirewallRules: [{BD720921-D173-4BA9-B853-05A22551A943}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe FirewallRules: [{81873200-7A77-4700-8099-76E9170EF32B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe FirewallRules: [{4EF5B5A0-8C3C-4A52-AF17-2F8D63ACBF2C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe FirewallRules: [{EB7EB4EC-719F-4B20-99B1-76144C7F84B8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe FirewallRules: [{A4F0373D-D3EE-4C4A-B273-25A812FD6327}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe FirewallRules: [{331980B4-0822-4D3A-B209-3A8B04CC393D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe FirewallRules: [{94008C03-01DD-4C64-8B9D-EC7FCA6746D8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe FirewallRules: [{EEB22E98-C2D8-4768-9B58-0B19AC118E96}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe FirewallRules: [{C49E0FC5-AB78-482C-A103-55F0B157C49B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe FirewallRules: [{56816E5D-4114-4B3D-9398-7BE839FCE464}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{7E4F03AB-8A26-4822-84F2-F2DFE222AC18}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{B67C632B-89F7-4074-94B0-F292E76706E0}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{556980AA-3B0E-4750-9D3E-D3D5C6220AD7}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{B59D6F63-526A-43F7-AC5A-68F2144DCFEA}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe FirewallRules: [{54EF1D26-1E67-4317-862F-5309CF19152C}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe FirewallRules: [{96C2283B-8374-437E-97F5-5050E9B84A97}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe FirewallRules: [{E704956C-3154-4DFD-84CE-C83326D3C12E}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe FirewallRules: [{B16EB615-A058-4BAB-90B0-9A1BFAD90638}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{FFAE9E6C-6CA8-467A-B637-88F47E07998A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E07C4B80-B188-4214-8E4A-EA8208E75FA8}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe FirewallRules: [TCP Query User{AACCC5E2-412A-4431-A920-732FEBA6F2AE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{FDDD54B6-B868-4EEE-A1AB-884542FC661F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{3715D358-5057-4390-A05F-22D7BBFBDF45}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{895BA2F3-6BC3-475E-81DB-8E8F5698B71D}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{91BE64AE-74A1-4B21-B3AF-F791FCDBAB9E}] => (Allow) LPort=54925 FirewallRules: [TCP Query User{7206A447-0E95-413A-952A-C49564B5BFCC}C:\users\marc\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\marc\appdata\local\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{4387A3A9-30F7-45B3-BDCC-1678BB8C321E}C:\users\marc\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\marc\appdata\local\google\chrome\application\chrome.exe FirewallRules: [TCP Query User{2180E701-691F-49C8-9681-101BD6AE2CD0}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [UDP Query User{7CAF6357-0CBE-412B-A5AC-B0C7CD53EFDE}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [{4CDFFB52-DA97-4336-A645-3E010E9F9BB1}] => (Block) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [{5D26648A-770B-4E30-9EF4-4802267E3240}] => (Block) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [{D861099D-0F1A-4EFD-AE5B-B9CC8FF2AD61}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{6A6E6CCA-9CC7-441F-8BBA-4134B624B112}] => (Allow) LPort=2869 FirewallRules: [{8C6148A8-24D0-4E42-B188-629D7E76E2AB}] => (Allow) LPort=1900 FirewallRules: [{FF57EF58-3B39-4B51-9240-C2390EDF031D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [TCP Query User{C94A6A13-8DF6-4F1A-BF27-F7B4D627BEF4}C:\program files (x86)\disag opticscoreserver\opticscoreserver.exe] => (Allow) C:\program files (x86)\disag opticscoreserver\opticscoreserver.exe FirewallRules: [UDP Query User{5C4976E0-7E3C-4133-BF00-C5D9C74AB189}C:\program files (x86)\disag opticscoreserver\opticscoreserver.exe] => (Allow) C:\program files (x86)\disag opticscoreserver\opticscoreserver.exe FirewallRules: [{A6865544-0F21-471D-A293-DD0078D0B5A9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe ==================== Wiederherstellungspunkte ========================= 19-03-2016 20:25:31 Geplanter Prüfpunkt 23-03-2016 06:04:14 Windows Update 31-03-2016 08:28:55 Geplanter Prüfpunkt 02-04-2016 16:20:14 Emu64 V4.30 wird entfernt ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (04/04/2016 08:27:56 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Error: (04/04/2016 05:11:21 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Error: (04/04/2016 05:11:16 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Error: (04/04/2016 05:08:42 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Error: (04/04/2016 05:08:39 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Error: (04/04/2016 05:08:37 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Error: (04/03/2016 04:38:42 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (04/03/2016 07:37:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: GROMAR-LAPTOP) Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (04/02/2016 04:20:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (04/02/2016 01:17:40 PM) (Source: ESENT) (EventID: 474) (User: ) Description: wuaueng.dll (496) SUS20ClientDataStore: Bei der Überprüfung der aus Datei "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb" bei Offset 3620864 (0x0000000000374000) (Datenbankseite wuaueng.dll0) für 16384 (0x00004000) Bytes gelesenen Datenbankseite ist durch eine Inkonsistenz der Seitenprüfsumme ein Fehler aufgetreten. Die gespeicherte Prüfsumme war [0073007200650076:003e002f00220030:00610070002f003c:00670061006b0063], die berechnete Prüfsumme [000000dc89bfcdc6:0000000000000000:0000000000000000:0000000000000000]. Der Lesevorgang wird mit dem Fehler -1018 (0xfffffc06) beendet. Wenn dieser Zustand andauert, stellen Sie die Datenbank aus einer vorherigen Sicherung wieder her. Dieses Problem ist vermutlich durch fehlerhafte Hardware bedingt. Wenden Sie sich für weitere Unterstützung bei der Diagnose des Problems an Ihren Hardwarehersteller. Systemfehler: ============= Error: (04/04/2016 07:51:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (04/04/2016 07:51:50 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Marc\AppData\Local\Temp\ehdrv.sys Error: (04/04/2016 07:51:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (04/04/2016 07:51:49 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Marc\AppData\Local\Temp\ehdrv.sys Error: (04/04/2016 07:51:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (04/04/2016 07:51:49 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Marc\AppData\Local\Temp\ehdrv.sys Error: (04/04/2016 07:51:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (04/04/2016 07:51:49 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Marc\AppData\Local\Temp\ehdrv.sys Error: (04/04/2016 07:51:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (04/04/2016 07:51:49 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Marc\AppData\Local\Temp\ehdrv.sys CodeIntegrity: =================================== Date: 2016-03-23 09:53:09.127 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-12 11:32:35.372 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-11 19:55:56.349 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-10 06:04:26.970 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-03 06:05:22.074 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-02 23:29:34.627 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-11 19:34:38.350 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-10 09:23:09.704 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-10 09:07:34.239 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-30 09:35:35.673 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz Prozentuale Nutzung des RAM: 48% Installierter physikalischer RAM: 8007.27 MB Verfügbarer physikalischer RAM: 4160.5 MB Summe virtueller Speicher: 9287.27 MB Verfügbarer virtueller Speicher: 4352.76 MB ==================== Laufwerke ================================ Drive c: (Acer) (Fixed) (Total:911.85 GB) (Free:685.01 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: C83F9B5A) Partition: GPT. ==================== Ende von Addition.txt ============================ |
06.04.2016, 11:16 | #2 |
/// TB-Ausbilder | ESET Scanner meldet Infektion Jo, du hast die letzten Anweisungen nicht durchgeführt. Die "Funde" sind die Quarantäne von FRST, welche durch DelFix hätte gelöscht werden sollen:
__________________... Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. .... Da ESET jetzt schon die "Funde" gelöscht hast, brauchst du auch nichts weiter machen. Ich lasse das Thema daher schliessen.
__________________ |
Themen zu ESET Scanner meldet Infektion |
antivirus, cpu, dnsapi.dll, downloader, error, flash player, google, home, homepage, install.exe, installation, karte, launch, lavasofttcpservice64.dll, logfile, mozilla, popup, problem, prozesse, realtek, registry, scan, security, software, spyware, svchost.exe, system, windows, windowsapps, wiso |