|
Log-Analyse und Auswertung: MPC Cleaner entfernen - bitte helft mir!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
13.08.2016, 17:38 | #1 |
| MPC Cleaner entfernen - bitte helft mir! Hi, ich habe schon alles Mögliche versucht, komme aber nicht weiter. (Bin kein Profi ) Bei irgendeinem Download habe ich mir den MPC Cleaner eingefangen. Dieser nervt total mit seiner dauernden "Hilfe". In der Systemsteuerung lässt er sich nicht deinstallieren und auch die Dateien im Ordner lassen sich nicht löschen. Wie kann ich die Malware deinstallieren? Schonmal vielen Dank im Vorraus Vincent |
13.08.2016, 19:03 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | MPC Cleaner entfernen - bitte helft mir!Zitat:
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
13.08.2016, 20:26 | #3 |
| Was ich gemacht habe: Ich habe nur mit Anti Virus und Anti Malware Programmen (AdwCleaner, CCleaner, Malewarebytes, McAfee und Avira) Scans durchgeführt und dann versucht die Malware zu löschen. Das hat mit keinem der Programme funktioniert. Auch in die Quarantäne konnte ich es nicht packen.
__________________Außerdem habe ich probiert die Dateien im Programmordner zu löschen, was auch nicht möglich war (Nicht die nötigen Rechte, obwohl ich Admin bin). Im Ordner gab es auch kein Uninstall.exe oder ähnliches. Logs sind nicht vorhanden. Schonmal vielen Dank für die schnelle Antwort Vincent |
13.08.2016, 20:28 | #4 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | MPC Cleaner entfernen - bitte helft mir!Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
13.08.2016, 20:31 | #5 |
| MPC Cleaner entfernen - bitte helft mir! Oh, ok. Wie gesagt, ich hab nicht viel Ahnung. |
13.08.2016, 20:34 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | MPC Cleaner entfernen - bitte helft mir! Malwarebytes: Im Programm unter Verlauf => Anwendungsprotokolle. Von dort alle Scan-Protokolle posten. Und das bitte im TXT-Format. adwCleaner: alle Logs sind in C:\AdwCleaner zu finden
__________________ --> MPC Cleaner entfernen - bitte helft mir! |
13.08.2016, 20:40 | #7 |
| MPC Cleaner entfernen - bitte helft mir! Danke für die Erklärung. Hier die Protokolle: Von Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Malware Protection, Starting, Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Malware Protection, Started, Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Malicious Website Protection, Starting, Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Malicious Website Protection, Started, Update, 12.08.2016 22:38, SYSTEM, VINCENT, Manual, Remediation Database, 2016.2.12.1, 2016.8.8.2, Update, 12.08.2016 22:38, SYSTEM, VINCENT, Manual, IP Database, 2016.2.8.1, 2016.8.11.1, Update, 12.08.2016 22:38, SYSTEM, VINCENT, Manual, Rootkit Database, 2016.2.8.1, 2016.8.9.1, Update, 12.08.2016 22:38, SYSTEM, VINCENT, Manual, Domain Database, 2016.2.16.8, 2016.8.12.4, Update, 12.08.2016 22:38, SYSTEM, VINCENT, Manual, Malware Database, 2016.2.16.6, 2016.8.12.10, Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Refresh, Starting, Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Malicious Website Protection, Stopping, Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Malicious Website Protection, Stopped, Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Refresh, Success, Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Malicious Website Protection, Starting, Protection, 12.08.2016 22:39, SYSTEM, VINCENT, Protection, Malicious Website Protection, Started, Detection, 12.08.2016 22:39, VincentV, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [31094dfdb0ea2a0c98c0e4ae7a87d52b] Detection, 12.08.2016 22:39, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [31094dfdb0ea2a0c98c0e4ae7a87d52b] Detection, 12.08.2016 22:40, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [31094dfdb0ea2a0c98c0e4ae7a87d52b] Detection, 12.08.2016 22:40, VincentV, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [31094dfdb0ea2a0c98c0e4ae7a87d52b] Detection, 12.08.2016 22:53, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [31094dfdb0ea2a0c98c0e4ae7a87d52b] Detection, 12.08.2016 22:53, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [31094dfdb0ea2a0c98c0e4ae7a87d52b] Detection, 12.08.2016 22:53, VincentV, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [31094dfdb0ea2a0c98c0e4ae7a87d52b] Detection, 12.08.2016 22:54, VincentV, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [31094dfdb0ea2a0c98c0e4ae7a87d52b] Detection, 12.08.2016 22:54, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [31094dfdb0ea2a0c98c0e4ae7a87d52b] Detection, 12.08.2016 22:54, VincentV, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [31094dfdb0ea2a0c98c0e4ae7a87d52b] Detection, 12.08.2016 22:57, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [31094dfdb0ea2a0c98c0e4ae7a87d52b] Detection, 12.08.2016 23:01, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [31094dfdb0ea2a0c98c0e4ae7a87d52b] Detection, 12.08.2016 23:01, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [31094dfdb0ea2a0c98c0e4ae7a87d52b] Detection, 12.08.2016 23:01, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [31094dfdb0ea2a0c98c0e4ae7a87d52b] Detection, 12.08.2016 23:01, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [31094dfdb0ea2a0c98c0e4ae7a87d52b] Detection, 12.08.2016 23:01, VincentV, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [31094dfdb0ea2a0c98c0e4ae7a87d52b] Detection, 12.08.2016 23:01, VincentV, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert , [31094dfdb0ea2a0c98c0e4ae7a87d52b] (end) Code:
ATTFilter # AdwCleaner v6.000 - Logfile created 13/08/2016 at 10:10:06 # Updated on 12/08/2016 by ToolsLib # Database : 2016-08-12.4 [Server] # Operating System : Windows 8.1 (X64) # Username : VincentV - VINCENT # Running from : C:\Users\VincentV\AppData\Local\Microsoft\Windows\INetCache\IE\730NSLY7\adwcleaner_6.000.exe # Mode: Scan # Support : https://toolslib.net/forum ***** [ Services ] ***** Service Found: mewumilyzbt Service Found: MPCProtectService Service Found: MPCKpt Service Found: UncheckitSvc Service Found: cktSvc ***** [ Folders ] ***** Folder Found: C:\ProgramData\CwinpC Folder Found: C:\ProgramData\DwinpD Folder Found: C:\ProgramData\hwinph Folder Found: C:\ProgramData\jwinpj Folder Found: C:\ProgramData\zwinpz Folder Found: C:\Users\VincentV\AppData\Local\Nobean Folder Found: C:\Users\VincentV\AppData\Local\Toolrain Folder Found: C:\Users\VincentV\AppData\Roaming\eCyber Folder Found: C:\Users\VincentV\AppData\Roaming\FLV and Media Player Folder Found: C:\Users\VincentV\AppData\Roaming\qksee Folder Found: C:\Users\VincentV\AppData\Roaming\WinZiper Folder Found: C:\Users\VincentV\AppData\Roaming\MCorp Folder Found: C:\Users\VincentV\AppData\Roaming\Uncheckit Folder Found: C:\ProgramData\Uncheckit Folder Found: C:\ProgramData\Nobean Folder Found: C:\ProgramData\Toolrain Folder Found: C:\ProgramData\ChelfNotify Folder Found: C:\ProgramData\uckt Folder Found: C:\ProgramData\Application Data\Uncheckit Folder Found: C:\ProgramData\Application Data\Nobean Folder Found: C:\ProgramData\Application Data\Toolrain Folder Found: C:\ProgramData\Application Data\ChelfNotify Folder Found: C:\ProgramData\Application Data\uckt Folder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC Folder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee Folder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uncheckit Folder Found: C:\Program Files (x86)\MPC Cleaner Folder Found: C:\Program Files (x86)\TXQQBrowser Folder Found: C:\Program Files (x86)\Toolrain Folder Found: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Uncheckit Folder Found: C:\Users\VincentV\AppData\Roaming\MCorp ***** [ Files ] ***** File Found: C:\Windows\SysNative\log\iSafeKrnlCall.log File Found: C:\Windows\SysNative\drivers\MPCKpt.sys ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious keys found. ***** [ Shortcuts ] ***** No infected shortcut found. ***** [ Scheduled Tasks ] ***** Task Found: Browser Updater Task(Core) Task Found: UncheckitTaskMN Task Found: UncheckitUpdateTaskC Task Found: UncheckitUpdateTaskDB Task Found: ChelfNotify Task ***** [ Registry ] ***** Key Found: HKLM\SOFTWARE\Classes\WinZippers.001 Key Found: HKLM\SOFTWARE\Classes\WinZippers.7z Key Found: HKLM\SOFTWARE\Classes\WinZippers.arj Key Found: HKLM\SOFTWARE\Classes\WinZippers.bz2 Key Found: HKLM\SOFTWARE\Classes\WinZippers.bzip2 Key Found: HKLM\SOFTWARE\Classes\WinZippers.cab Key Found: HKLM\SOFTWARE\Classes\WinZippers.cpio Key Found: HKLM\SOFTWARE\Classes\WinZippers.deb Key Found: HKLM\SOFTWARE\Classes\WinZippers.dmg Key Found: HKLM\SOFTWARE\Classes\WinZippers.fat Key Found: HKLM\SOFTWARE\Classes\WinZippers.gz Key Found: HKLM\SOFTWARE\Classes\WinZippers.gzip Key Found: HKLM\SOFTWARE\Classes\WinZippers.hfs Key Found: HKLM\SOFTWARE\Classes\WinZippers.iso Key Found: HKLM\SOFTWARE\Classes\WinZippers.lha Key Found: HKLM\SOFTWARE\Classes\WinZippers.lzh Key Found: HKLM\SOFTWARE\Classes\WinZippers.lzma Key Found: HKLM\SOFTWARE\Classes\WinZippers.ntfs Key Found: HKLM\SOFTWARE\Classes\WinZippers.rar Key Found: HKLM\SOFTWARE\Classes\WinZippers.rpm Key Found: HKLM\SOFTWARE\Classes\WinZippers.squashfs Key Found: HKLM\SOFTWARE\Classes\WinZippers.swm Key Found: HKLM\SOFTWARE\Classes\WinZippers.tar Key Found: HKLM\SOFTWARE\Classes\WinZippers.taz Key Found: HKLM\SOFTWARE\Classes\WinZippers.tbz Key Found: HKLM\SOFTWARE\Classes\WinZippers.tbz2 Key Found: HKLM\SOFTWARE\Classes\WinZippers.tgz Key Found: HKLM\SOFTWARE\Classes\WinZippers.tpz Key Found: HKLM\SOFTWARE\Classes\WinZippers.txz Key Found: HKLM\SOFTWARE\Classes\WinZippers.vhd Key Found: HKLM\SOFTWARE\Classes\WinZippers.wim Key Found: HKLM\SOFTWARE\Classes\WinZippers.xar Key Found: HKLM\SOFTWARE\Classes\WinZippers.xz Key Found: HKLM\SOFTWARE\Classes\WinZippers.z Key Found: HKLM\SOFTWARE\Classes\WinZippers.zip Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService Key Found: [x64] HKLM\SOFTWARE\Classes\CLSID\{98C066AB-D735-4339-9E52-A34875141B56} Key Found: [x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} Key Found: HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} Key Found: HKU\S-1-5-21-547049573-1155005164-433595549-1001\Software\OCS Key Found: HKU\S-1-5-21-547049573-1155005164-433595549-1001\Software\Uncheckit Key Found: HKU\S-1-5-18\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} Key Found: HKCU\Software\OCS Key Found: HKCU\Software\Uncheckit Key Found: HKLM\SOFTWARE\hdcode Key Found: HKLM\SOFTWARE\MPC Key Found: HKLM\SOFTWARE\qkseeSvc Key Found: HKLM\SOFTWARE\qksee Key Found: HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\qksee Data Found: HKU\S-1-5-21-547049573-1155005164-433595549-1001\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms} Data Found: HKU\S-1-5-21-547049573-1155005164-433595549-1001\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms} Data Found: HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms} Data Found: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms} Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mpc.am Key Found: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.mpc.am Key Found: HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper Key Found: HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper Key Found: HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper ***** [ Web browsers ] ***** No malicious Firefox based browser items found. No malicious Chromium based browser items found. ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [4402 Bytes] - [29/04/2016 18:06:57] C:\AdwCleaner\AdwCleaner[C2].txt - [5278 Bytes] - [16/06/2016 17:37:16] C:\AdwCleaner\AdwCleaner[S1].txt - [6778 Bytes] - [29/04/2016 18:02:02] C:\AdwCleaner\AdwCleaner[S2].txt - [6020 Bytes] - [16/06/2016 17:29:31] C:\AdwCleaner\AdwCleaner[S3].txt - [7688 Bytes] - [13/08/2016 10:10:06] ########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [7761 Bytes] ########## |
13.08.2016, 21:09 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | MPC Cleaner entfernen - bitte helft mir! Du solltest die Scan-Protokolle von Malwarebytes posten, keine Schutz-Protokolle.
__________________ Logfiles bitte immer in CODE-Tags posten |
13.08.2016, 21:13 | #9 |
| MPC Cleaner entfernen - bitte helft mir! Es ist nur das Schutzprotokoll vorhanden. Obwohl ich Scans durchgeführt habe. |
13.08.2016, 21:32 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | MPC Cleaner entfernen - bitte helft mir! Versteh ich nicht, was ist denn immer bei euch mit Malwarebytes los Ein anderer Hilfesuchender meinte auch, dass MBAM so ein Log nicht gespeichert habe. Ich hab eben selbst getestet in einer VM. Das Log ist vorhanden. Automatisch. Schau mal bitte in diesem Ordner nach Logs => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \Logs
__________________ Logfiles bitte immer in CODE-Tags posten |
13.08.2016, 21:40 | #11 |
| MPC Cleaner entfernen - bitte helft mir! Da ist leider auch nichts vorhanden. |
14.08.2016, 13:01 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | MPC Cleaner entfernen - bitte helft mir! Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
14.08.2016, 15:58 | #13 |
| MPC Cleaner entfernen - bitte helft mir! Biddeschön : Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-08-2016 01 durchgeführt von VincentV (Administrator) auf VINCENT (14-08-2016 16:51:38) Gestartet von C:\Users\VincentV\Desktop Geladene Profile: VincentV & (Verfügbare Profile: VincentV) Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\McCSPServiceHost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe () C:\Program Files (x86)\MuseScore 2\bin\MuseScore.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] () HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-07-20] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-07-18] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-07-05] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-06-02] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-07-25] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [831064 2016-07-18] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-547049573-1155005164-433595549-1001\...\Run: [Chromium] => "c:\users\vincentv\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session --restore-last-session HKU\S-1-5-21-547049573-1155005164-433595549-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8721624 2016-05-13] (Piriform Ltd) HKU\S-1-5-21-547049573-1155005164-433595549-1001\...\Run: [DelayShred] => c:\Program Files\mcafee\mqs\ShrCL.exe [300640 2016-05-04] (McAfee, Inc.) <===== ACHTUNG HKU\S-1-5-21-547049573-1155005164-433595549-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [974360 2016-07-14] (BlueStack Systems, Inc.) HKU\S-1-5-21-547049573-1155005164-433595549-1001\...\Run: [GoogleChromeAutoLaunch_3725D6833F0C78E578CAEB3E6A038B6B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1152840 2016-08-03] (Google Inc.) HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Chromium] => "c:\users\vincentv\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session --restore-last-session HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8721624 2016-05-13] (Piriform Ltd) HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DelayShred] => c:\Program Files\mcafee\mqs\ShrCL.exe [300640 2016-05-04] (McAfee, Inc.) <===== ACHTUNG HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [974360 2016-07-14] (BlueStack Systems, Inc.) HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_3725D6833F0C78E578CAEB3E6A038B6B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1152840 2016-08-03] (Google Inc.) HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Chromium] => "c:\users\vincentv\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session --restore-last-session HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8721624 2016-05-13] (Piriform Ltd) HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [DelayShred] => c:\Program Files\mcafee\mqs\ShrCL.exe [300640 2016-05-04] (McAfee, Inc.) <===== ACHTUNG HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [974360 2016-07-14] (BlueStack Systems, Inc.) HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [GoogleChromeAutoLaunch_3725D6833F0C78E578CAEB3E6A038B6B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1152840 2016-08-03] (Google Inc.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] () ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 172.16.254.254 Tcpip\..\Interfaces\{A2B1C5A6-2C88-4D9D-B6C9-1C9FBC8B873D}: [DhcpNameServer] 172.16.254.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.attirerpage.com/search/?type=ds&ts=1467117776&z=6c8bca499b301d690d044f2g5z6q9m4g1g6m5m2o3z&from=ihpm0627&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.attirerpage.com/search/?type=ds&ts=1467117776&z=6c8bca499b301d690d044f2g5z6q9m4g1g6m5m2o3z&from=ihpm0627&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.attirerpage.com/search/?type=ds&ts=1467117776&z=6c8bca499b301d690d044f2g5z6q9m4g1g6m5m2o3z&from=ihpm0627&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.attirerpage.com/search/?type=ds&ts=1467117776&z=6c8bca499b301d690d044f2g5z6q9m4g1g6m5m2o3z&from=ihpm0627&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms} HKU\S-1-5-21-547049573-1155005164-433595549-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms} HKU\S-1-5-21-547049573-1155005164-433595549-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms} HKU\S-1-5-21-547049573-1155005164-433595549-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms} HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms} HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms} HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms} HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2016-06-14] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-24] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-24] (Oracle Corporation) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-07-29] (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-07-29] (McAfee, Inc.) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-07-29] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-07-29] (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-05-24] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-05-24] (McAfee, Inc.) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-05-24] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-04-24] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-07-18] (Adobe Systems) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-24] (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-05-24] () FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2016-04-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-13] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-13] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-07-18] (Adobe Systems) FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-08-13] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-07-12] [ist nicht signiert] Chrome: ======= CHR HomePage: ChromeDefaultData -> hxxps://www.google.de/ CHR StartupUrls: ChromeDefaultData -> "hxxp://websearch.thesearchpage.info/?pid=2457&r=2015/01/27&hid=16449104463697224960&lg=EN&cc=DE&unqvl=74","hxxp://www.bing.com/search?FORM=INCOH1&PC=IC02","hxxp://www.mystartsearch.com/?type=hp&ts=1438850670&z=81f9e3b06a606417e8c8eedgaz2c2bcb0wce7q2e3e&from=cvs&uid=ST500LM011XHM501II_S24QJ9FC613279","hxxp://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqBHYtCHMkBE..&v=20160614&uid=C482625F2F8A9F5376FAF8350D9B0CDA&ptid=epf1&mode=loadm","search.mpc.am" CHR Profile: C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData CHR Extension: (Google Präsentationen) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-24] CHR Extension: (Google Docs) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-24] CHR Extension: (Google Drive) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-24] CHR Extension: (Adblock Plus) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-28] CHR Extension: (Google Tabellen) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-24] CHR Extension: (Avira Browserschutz) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-08-13] CHR Extension: (Google Docs Offline) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-24] CHR Extension: (McAfee SECURE Safe Browsing) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lkdiimaiohgpacfbgedcipmgigppaofn [2016-08-13] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-24] CHR Extension: (Google Mail) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-24] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-07] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-07] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [iigcbafcnfakaokfjaplokfbgmjldpfg] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [741568 2016-07-18] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159832 2016-08-10] (Adobe Systems, Incorporated) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-07-18] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [472112 2016-07-18] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [472112 2016-07-18] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1453696 2016-07-18] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [Datei ist nicht signiert] R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1097488 2016-07-20] (AVG Technologies CZ, s.r.o.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [319648 2016-07-25] (Avira Operations GmbH & Co. KG) S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-07-14] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [421400 2016-07-14] (BlueStack Systems, Inc.) S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [458264 2016-07-14] (BlueStack Systems, Inc.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3189488 2016-07-02] (Microsoft Corporation) R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert] R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation) R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.) R4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [158952 2016-07-29] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [989192 2016-05-24] (McAfee, Inc.) S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.) R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe [1903320 2016-04-18] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [795528 2016-04-20] (McAfee, Inc.) S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-03-07] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-04-01] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-03-07] (McAfee, Inc.) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1424352 2016-04-21] (McAfee, Inc.) R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-06-15] (DotC United Inc) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation) R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1029856 2016-04-21] (Intel Security, Inc.) S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1072296 2016-08-11] (Enigma Software Group USA, LLC.) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-10-29] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-10-29] (Microsoft Corporation) S2 0267091471075557mcinstcleanup; C:\Windows\TEMP\026709~1.EXE -cleanup -nolog [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4221952 2014-09-09] (Qualcomm Atheros Communications, Inc.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-09-19] (ASUS Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-07-18] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-07-18] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-07-18] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-07-18] (Avira Operations GmbH & Co. KG) S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-07-14] (BlueStack Systems) S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-07-14] (Bluestack System Inc. ) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [78632 2016-03-11] (McAfee, Inc.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.) R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation) R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-08-11] (Enigma Software Group USA, LLC.) S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-08-11] () R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.) R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( ) R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-14] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation) R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2016-03-11] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [349480 2016-03-11] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83608 2016-03-11] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [493352 2016-03-11] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [842536 2016-03-11] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [543488 2016-02-10] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2016-02-10] (McAfee, Inc.) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [243496 2016-03-11] (McAfee, Inc.) R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-06-15] (DotC United Inc) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-10-29] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-10-29] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-10-29] (Microsoft Corporation) U0 msahci; system32\drivers\msahci.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-08-14 16:51 - 2016-08-14 16:53 - 00037806 _____ C:\Users\VincentV\Desktop\FRST.txt 2016-08-14 16:51 - 2016-08-14 16:51 - 00000000 ____D C:\FRST 2016-08-14 16:50 - 2016-08-14 16:50 - 02393600 _____ (Farbar) C:\Users\VincentV\Desktop\FRST64.exe 2016-08-13 21:28 - 2016-08-13 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2016-08-13 14:41 - 2016-08-13 14:41 - 00002281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-08-13 14:41 - 2016-08-13 14:41 - 00002269 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-08-13 14:40 - 2016-08-13 14:50 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-08-13 14:40 - 2016-08-13 14:45 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-08-13 10:59 - 2016-08-14 16:48 - 00000165 _____ C:\Users\VincentV\AppData\Roaming\sp_data.sys 2016-08-13 10:58 - 2016-08-13 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC 2016-08-13 10:09 - 2016-08-13 10:09 - 00000000 ____D C:\Users\VincentV\AppData\Local\GHISLER 2016-08-13 10:07 - 2016-08-13 10:08 - 00000000 ____D C:\totalcmd 2016-08-13 10:07 - 2016-08-13 10:07 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\GHISLER 2016-08-12 22:38 - 2016-08-14 13:26 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-08-12 22:37 - 2016-08-12 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-08-12 22:37 - 2016-08-12 22:37 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-08-12 22:37 - 2016-08-12 22:37 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-08-12 22:37 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-08-12 22:37 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-08-12 22:37 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-08-12 22:27 - 2016-08-12 22:27 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Avira 2016-08-12 22:22 - 2016-07-18 16:23 - 00154392 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2016-08-12 22:22 - 2016-07-18 16:23 - 00144664 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2016-08-12 22:22 - 2016-07-18 16:23 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2016-08-12 22:22 - 2016-07-18 16:23 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2016-08-12 22:04 - 2016-08-12 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-08-12 22:04 - 2016-08-12 22:22 - 00000000 ____D C:\ProgramData\Avira 2016-08-12 22:04 - 2016-08-12 22:22 - 00000000 ____D C:\Program Files (x86)\Avira 2016-08-12 22:04 - 2016-08-12 22:04 - 00001228 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2016-08-11 22:01 - 2016-08-11 22:01 - 00000000 _____ C:\autoexec.bat 2016-08-11 22:00 - 2016-08-11 22:00 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Enigma Software Group 2016-08-11 22:00 - 2016-08-11 22:00 - 00000000 ____D C:\sh4ldr 2016-08-11 21:59 - 2016-08-11 21:59 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys 2016-08-11 21:59 - 2016-08-11 21:59 - 00000000 ____D C:\Program Files\Enigma Software Group 2016-08-11 21:58 - 2016-08-11 21:58 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\VincentV\Downloads\SpyHunter-Installer.exe 2016-08-10 08:05 - 2016-08-10 08:05 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\dvdcss 2016-08-09 19:06 - 2016-08-09 19:06 - 00001254 _____ C:\Users\VincentV\AppData\Local\recently-used.xbel 2016-08-09 17:03 - 2016-08-09 17:11 - 00000000 ____D C:\Users\VincentV\AppData\Local\RawTherapee 2016-08-09 17:03 - 2016-08-09 17:03 - 00000000 ____D C:\Users\VincentV\AppData\Local\gtk-3.0 2016-08-09 17:02 - 2016-08-09 17:03 - 00000000 ____D C:\Program Files\RawTherapee-4.2.1074 2016-08-09 17:02 - 2016-08-09 17:02 - 00000000 ____D C:\Users\VincentV\Downloads\RawTherapee_WinVista_64_Gtk3_Release_4.2.1074 2016-08-09 16:58 - 2016-08-09 16:58 - 19690929 _____ C:\Users\VincentV\Downloads\RawTherapee_WinVista_64_Gtk3_Release_4.2.1074.zip 2016-08-09 16:57 - 2016-08-09 16:57 - 01474568 _____ C:\Users\VincentV\Downloads\RAW Therapee 64 Bit - CHIP-Installer.exe 2016-08-08 19:53 - 2016-08-08 19:53 - 00000000 ____D C:\Users\VincentV\AppData\Local\ManyCam 2016-08-08 19:53 - 2016-08-08 19:53 - 00000000 ____D C:\ProgramData\ManyCam 2016-08-08 19:52 - 2016-08-08 19:53 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\ManyCam 2016-08-08 19:52 - 2016-08-08 19:53 - 00000000 ____D C:\Program Files (x86)\ManyCam 2016-08-08 19:50 - 2016-08-08 19:50 - 00603640 _____ (Visicom Media inc.) C:\Users\VincentV\Downloads\ManyCamWebInstaller.exe 2016-08-08 17:29 - 2016-08-08 17:29 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\iMobie 2016-08-08 17:29 - 2016-08-08 17:29 - 00000000 ____D C:\Users\VincentV\AppData\Local\iMobie_Inc 2016-08-08 17:29 - 2016-08-08 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie 2016-08-08 17:29 - 2016-08-08 17:29 - 00000000 ____D C:\Program Files (x86)\iMobie 2016-08-08 17:28 - 2016-08-08 17:28 - 01074592 _____ (iMobie Inc.) C:\Users\VincentV\Downloads\anytrans-setup.exe 2016-08-08 17:02 - 2016-08-08 17:02 - 00000000 ____D C:\Users\VincentV\AppData\Local\Apple Computer 2016-08-08 17:02 - 2016-08-08 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-08-08 17:01 - 2016-08-08 17:02 - 00000000 ____D C:\Program Files\iTunes 2016-08-08 17:01 - 2016-08-08 17:01 - 00000000 ____D C:\Program Files\iPod 2016-08-08 17:01 - 2016-08-08 17:01 - 00000000 ____D C:\Program Files (x86)\iTunes 2016-08-08 17:00 - 2016-08-08 17:00 - 00000000 ____D C:\Program Files\Bonjour 2016-08-08 17:00 - 2016-08-08 17:00 - 00000000 ____D C:\Program Files (x86)\Bonjour 2016-08-08 17:00 - 2016-08-08 17:00 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2016-08-08 16:59 - 2016-08-08 17:01 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-08-08 16:29 - 2016-08-08 16:31 - 170493768 _____ (Apple Inc.) C:\Users\VincentV\Downloads\iTunes6464Setup.exe 2016-08-08 16:26 - 2016-08-08 16:26 - 00000000 ____D C:\Users\VincentV\Documents\Xilisoft 2016-08-08 16:26 - 2016-08-08 16:26 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Xilisoft 2016-08-08 16:25 - 2016-08-08 16:25 - 00000000 ____D C:\ProgramData\Xilisoft 2016-08-08 16:25 - 2016-08-08 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft 2016-08-08 16:25 - 2016-08-08 16:25 - 00000000 ____D C:\Program Files (x86)\Xilisoft 2016-08-08 16:21 - 2016-08-08 16:23 - 76829592 _____ C:\Users\VincentV\Downloads\x-ipad-magic-platinum-de.exe 2016-08-06 18:43 - 2016-08-06 18:43 - 00000000 ____D C:\Users\VincentV\Documents\LightZone 2016-08-06 18:43 - 2016-08-06 18:43 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\LightZone 2016-08-06 18:41 - 2016-08-06 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightZone 2016-08-06 18:41 - 2016-08-06 18:41 - 00000000 ____D C:\Program Files (x86)\LightZone 2016-08-06 18:34 - 2016-08-06 18:34 - 01474568 _____ C:\Users\VincentV\Downloads\LightZone - CHIP-Installer.exe 2016-08-06 18:19 - 2016-08-06 18:19 - 00001231 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2016-08-06 18:18 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2016-08-06 18:18 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2016-08-06 18:18 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2016-08-06 18:18 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2016-08-06 18:10 - 2016-08-06 18:10 - 00000095 _____ C:\SILENT 2016-08-06 18:10 - 2016-08-06 18:10 - 00000000 ____D C:\Program Files (x86)\LottaDeals 2016-08-06 18:08 - 2016-08-06 18:09 - 00574328 _____ C:\Users\VincentV\Downloads\adobe-photoshop-lightroom-6-setup.exe 2016-07-29 09:42 - 2016-07-26 13:46 - 00011916 _____ C:\Users\VincentV\Documents\untitled_0.odt 2016-07-27 12:00 - 2016-07-27 12:00 - 01857449 _____ C:\Users\VincentV\Downloads\magiclantern-Nightly.2016Jul09.700D114.zip 2016-07-27 10:04 - 2016-07-27 10:04 - 00000000 ___HD C:\$Windows.~WS 2016-07-26 12:08 - 2016-08-13 09:42 - 00000000 ____D C:\ProgramData\jwinpj 2016-07-26 12:08 - 2016-07-26 12:08 - 00000000 ____D C:\Program Files (x86)\y6074zvd 2016-07-26 10:02 - 2016-07-26 10:02 - 00000017 _____ C:\Users\VincentV\AppData\Local\resmon.resmoncfg 2016-07-25 19:06 - 2016-08-13 09:44 - 00000000 ____D C:\Windows\SysWOW64\_SSpm 2016-07-25 14:50 - 2016-07-25 14:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf 2016-07-25 13:48 - 2016-07-25 13:48 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Samsung 2016-07-25 13:48 - 2016-07-25 13:48 - 00000000 ____D C:\Users\VincentV\AppData\Local\Samsung 2016-07-25 13:48 - 2016-07-25 13:48 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log 2016-07-25 13:47 - 2016-07-25 13:47 - 00000000 ____D C:\Users\VincentV\Documents\samsung 2016-07-25 13:40 - 2016-07-25 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2016-07-25 13:40 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll 2016-07-25 13:40 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll 2016-07-25 13:39 - 2016-07-25 13:46 - 00000000 ____D C:\Program Files (x86)\Samsung 2016-07-25 13:39 - 2016-07-25 13:45 - 00000000 ____D C:\ProgramData\Samsung 2016-07-25 13:37 - 2016-07-25 13:42 - 190959600 _____ C:\Users\VincentV\Downloads\cm-11-20131210-UNOFFICIAL-i9100.zip 2016-07-25 13:37 - 2016-07-25 13:37 - 18351154 _____ C:\Users\VincentV\Downloads\11-7_GApps_Core_4.4_signed.zip 2016-07-25 13:37 - 2016-07-25 13:37 - 00000000 ____D C:\Users\VincentV\AppData\Local\Downloaded Installations 2016-07-25 13:35 - 2016-07-25 13:36 - 71346304 _____ (Samsung Electronics Co., Ltd.) C:\Users\VincentV\Downloads\KiesSetup.exe 2016-07-25 13:33 - 2016-07-25 13:33 - 01474568 _____ C:\Users\VincentV\Downloads\Samsung Kies - CHIP-Installer (1).exe 2016-07-25 13:28 - 2016-07-25 13:28 - 01474568 _____ C:\Users\VincentV\Downloads\Samsung Kies - CHIP-Installer.exe 2016-07-22 05:51 - 2016-07-22 05:51 - 01499408 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2016-07-22 05:51 - 2016-07-22 05:51 - 00716928 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll 2016-07-22 05:51 - 2016-07-22 05:51 - 00164992 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys 2016-07-22 05:51 - 2016-07-22 05:51 - 00130688 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys 2016-07-21 11:27 - 2016-07-21 11:27 - 00000000 ____D C:\Users\VincentV\Downloads\thin_king 2016-07-21 11:26 - 2016-07-21 11:26 - 00356878 _____ C:\Users\VincentV\Downloads\thin_king.zip 2016-07-21 10:24 - 2016-07-26 12:08 - 00003446 _____ C:\Windows\System32\Tasks\ChelfNotify Task 2016-07-21 10:24 - 2016-07-21 10:24 - 00000000 ____D C:\ProgramData\DwinpD 2016-07-21 10:24 - 2016-07-21 10:24 - 00000000 ____D C:\ProgramData\ChelfNotify 2016-07-16 17:18 - 2016-08-12 22:10 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Mozilla 2016-07-16 17:18 - 2016-07-16 17:18 - 00000000 ____D C:\Users\VincentV\AppData\Local\Macromedia 2016-07-16 17:17 - 2016-07-16 17:18 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2016-07-16 17:17 - 2016-07-16 17:17 - 00001840 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk 2016-07-16 17:16 - 2016-07-16 17:17 - 00000000 ____D C:\Program Files (x86)\Bluestacks 2016-07-16 17:16 - 2016-07-16 17:16 - 00000000 ____D C:\ProgramData\Bluestacks 2016-07-16 17:13 - 2016-07-16 17:13 - 00000000 ____D C:\Users\VincentV\AppData\Local\Bluestacks 2016-07-16 17:07 - 2016-07-16 17:11 - 278906024 _____ (BlueStack Systems Inc.) C:\Users\VincentV\Downloads\BlueStacks2_native_58b7ba3fc66e5c6daf7eec0a561509ce.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-08-14 16:51 - 2016-04-24 12:04 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1FF72558-AFAA-4D6F-9DD2-89CDCC764CF2} 2016-08-14 16:48 - 2016-04-24 13:04 - 00000000 ____D C:\Users\VincentV\AppData\Local\Adobe 2016-08-14 13:57 - 2016-04-25 18:57 - 00000935 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {807E12CB-D5B7-42B7-9387-5F09D395E7F9}.job 2016-08-14 13:57 - 2016-04-25 18:57 - 00000749 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {807E12CB-D5B7-42B7-9387-5F09D395E7F9}.job 2016-08-14 13:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\FxsTmp 2016-08-14 13:25 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2016-08-13 21:44 - 2016-04-24 12:03 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-547049573-1155005164-433595549-1001 2016-08-13 16:10 - 2016-05-10 14:10 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\MuseScore 2016-08-13 15:53 - 2016-04-24 13:53 - 00000000 ____D C:\Program Files\Common Files\Adobe 2016-08-13 15:53 - 2016-04-24 13:41 - 00000000 ____D C:\Program Files\Adobe 2016-08-13 15:53 - 2016-04-24 11:58 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Adobe 2016-08-13 15:52 - 2016-04-26 15:54 - 00000000 ___RD C:\Users\VincentV\Creative Cloud Files 2016-08-13 15:52 - 2016-04-24 13:41 - 00000000 ____D C:\ProgramData\boost_interprocess 2016-08-13 15:10 - 2016-04-24 13:31 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-08-13 14:45 - 2016-04-24 12:06 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-08-13 14:45 - 2016-04-24 12:06 - 00003870 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-08-13 14:41 - 2016-04-24 12:06 - 00000000 ____D C:\Program Files (x86)\Google 2016-08-13 14:35 - 2016-04-24 12:19 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1 2016-08-13 14:35 - 2016-04-24 12:19 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2 2016-08-13 11:05 - 2014-10-29 14:02 - 00767018 _____ C:\Windows\system32\perfh007.dat 2016-08-13 11:05 - 2014-10-29 14:02 - 00159786 _____ C:\Windows\system32\perfc007.dat 2016-08-13 11:05 - 2014-03-18 17:26 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI 2016-08-13 10:59 - 2016-04-24 15:44 - 00000000 ___RD C:\Users\VincentV\OneDrive 2016-08-13 10:59 - 2016-04-24 12:04 - 00001539 _____ C:\Users\VincentV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk 2016-08-13 10:57 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-08-13 10:10 - 2016-04-29 17:59 - 00000000 ____D C:\AdwCleaner 2016-08-13 09:42 - 2016-07-04 14:39 - 00000000 ____D C:\ProgramData\hwinph 2016-08-13 09:42 - 2016-06-29 13:11 - 00000000 ____D C:\ProgramData\zwinpz 2016-08-12 22:39 - 2016-04-26 18:41 - 00000000 ____D C:\Users\VincentV\AppData\Local\CrashDumps 2016-08-12 22:39 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\ModemLogs 2016-08-12 22:29 - 2016-06-21 14:56 - 00000170 _____ C:\Users\Public\Documents\report.dat 2016-08-12 22:27 - 2016-04-24 11:58 - 00000000 ____D C:\Users\VincentV 2016-08-12 22:27 - 2013-08-22 16:44 - 05296920 _____ C:\Windows\system32\FNTCACHE.DAT 2016-08-12 22:27 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2016-08-12 22:10 - 2016-06-15 16:07 - 00000000 ____D C:\Program Files (x86)\Arerack 2016-08-12 22:03 - 2014-10-29 08:25 - 00000000 ____D C:\ProgramData\Package Cache 2016-08-10 10:17 - 2016-05-01 21:30 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\vlc 2016-08-08 17:12 - 2016-04-29 20:14 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Apple Computer 2016-08-08 17:01 - 2016-04-26 16:16 - 00000000 ____D C:\ProgramData\Apple Computer 2016-08-08 17:00 - 2016-04-26 16:16 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2016-08-08 17:00 - 2016-04-26 16:16 - 00000000 ____D C:\ProgramData\Apple 2016-08-07 15:39 - 2016-05-18 07:28 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\FLV and Media Player 2016-08-07 14:48 - 2015-03-24 18:08 - 00000000 ____D C:\ProgramData\McAfee 2016-08-06 19:38 - 2016-05-10 16:55 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-08-06 18:43 - 2016-04-30 20:15 - 00000000 ____D C:\Users\VincentV\.oracle_jre_usage 2016-08-06 18:19 - 2016-04-24 13:33 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2016-08-06 18:18 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2016-08-06 18:16 - 2016-04-24 12:48 - 00000000 ____D C:\Program Files (x86)\Opera 2016-08-06 18:15 - 2016-04-24 12:51 - 00000000 ____D C:\Users\VincentV\AppData\Local\AvgSetupLog 2016-08-06 18:09 - 2016-04-24 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen 2016-07-28 12:54 - 2016-07-04 13:33 - 00002602 _____ C:\Users\VincentV\Downloads\Nein_ - Doch_ - Ohh__mp4.HDP 2016-07-27 16:53 - 2016-04-24 12:22 - 00000000 ____D C:\Users\Public\Documents\MAGIX 2016-07-27 16:53 - 2016-04-24 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2016-07-27 16:50 - 2016-07-03 17:56 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Audacity 2016-07-27 16:47 - 2016-04-24 12:29 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\.minecraft 2016-07-27 10:15 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-07-27 10:05 - 2014-10-29 15:02 - 00000000 ____D C:\Windows\Panther 2016-07-27 10:02 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-07-27 10:01 - 2016-04-24 21:47 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-07-26 21:43 - 2013-08-22 17:36 - 00000000 ___HD C:\PerfLogs 2016-07-25 13:39 - 2015-03-24 17:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-07-21 13:59 - 2016-04-24 22:02 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Skype 2016-07-21 11:13 - 2014-10-29 08:25 - 00000000 ____D C:\ProgramData\Skype 2016-07-16 17:17 - 2013-08-22 17:36 - 00000000 __RHD C:\Users\Public\Libraries 2016-07-15 12:09 - 2016-06-28 14:42 - 00000000 ____D C:\Windows\SysWOW64\_TSpm 2016-07-15 11:05 - 2016-05-10 16:55 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-04-24 13:55 - 2016-05-08 21:06 - 0000033 _____ () C:\Users\VincentV\AppData\Roaming\AdobeWLCMCache.dat 2016-06-15 17:23 - 2016-06-15 17:23 - 6867968 _____ () C:\Users\VincentV\AppData\Roaming\agent.dat 2016-06-15 17:23 - 2016-06-15 17:23 - 0054272 _____ () C:\Users\VincentV\AppData\Roaming\ApplicationHosting.dat 2016-06-15 17:23 - 2016-06-15 17:23 - 0069072 _____ () C:\Users\VincentV\AppData\Roaming\Config.xml 2016-04-24 12:46 - 2016-04-24 12:46 - 0249211 _____ () C:\Users\VincentV\AppData\Roaming\inst.lat 2016-04-24 12:46 - 2016-06-15 17:23 - 0018288 _____ () C:\Users\VincentV\AppData\Roaming\InstallationConfiguration.xml 2016-04-24 12:46 - 2016-06-15 17:23 - 0128512 _____ () C:\Users\VincentV\AppData\Roaming\Installer.dat 2016-06-15 17:23 - 2016-06-15 17:23 - 0072704 _____ () C:\Users\VincentV\AppData\Roaming\Itlex.tst 2016-06-15 17:23 - 2016-06-15 17:23 - 0126464 _____ () C:\Users\VincentV\AppData\Roaming\lobby.dat 2016-06-15 17:23 - 2016-06-15 17:23 - 0018432 _____ () C:\Users\VincentV\AppData\Roaming\Main.dat 2016-06-15 17:23 - 2016-06-15 17:23 - 0005568 _____ () C:\Users\VincentV\AppData\Roaming\md.xml 2016-06-15 17:23 - 2016-06-15 17:23 - 0126464 _____ () C:\Users\VincentV\AppData\Roaming\noah.dat 2016-06-15 17:23 - 2016-06-15 17:23 - 1760384 _____ () C:\Users\VincentV\AppData\Roaming\Roundity.tst 2016-08-13 10:59 - 2016-08-14 16:48 - 0000165 _____ () C:\Users\VincentV\AppData\Roaming\sp_data.sys 2016-05-12 15:49 - 2016-06-11 11:50 - 0000165 _____ () C:\Users\VincentV\AppData\Roaming\WB.CFG 2016-05-26 09:10 - 2016-05-26 09:10 - 0003584 _____ () C:\Users\VincentV\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-08-09 19:06 - 2016-08-09 19:06 - 0001254 _____ () C:\Users\VincentV\AppData\Local\recently-used.xbel 2016-07-26 10:02 - 2016-07-26 10:02 - 0000017 _____ () C:\Users\VincentV\AppData\Local\resmon.resmoncfg 2015-03-24 17:54 - 2015-03-24 17:54 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-10-29 08:25 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd 2014-10-29 08:25 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe 2014-10-29 08:25 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS Dateien, die verschoben oder gelöscht werden sollten: ==================== c:\Program Files\mcafee\mqs\ShrCL.exe Einige Dateien in TEMP: ==================== C:\Users\VincentV\AppData\Local\Temp\avgnt.exe C:\Users\VincentV\AppData\Local\Temp\libeay32.dll C:\Users\VincentV\AppData\Local\Temp\msvcr120.dll C:\Users\VincentV\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-08-09 14:44 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-08-2016 01 durchgeführt von VincentV (2016-08-14 16:53:52) Gestartet von C:\Users\VincentV\Desktop Windows 8.1 (Update) (X64) (2016-04-24 09:58:35) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-547049573-1155005164-433595549-500 - Administrator - Disabled) Gast (S-1-5-21-547049573-1155005164-433595549-501 - Limited - Disabled) VincentV (S-1-5-21-547049573-1155005164-433595549-1001 - Administrator - Enabled) => C:\Users\VincentV ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB} FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.5.291 - Adobe Systems Incorporated) Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated) Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.2.0 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated) AnyTrans (HKLM-x32\...\AnyTrans) (Version: 4.9.6.0 - iMobie Inc.) Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.1 - ASUS) ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.0.8 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS) AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.42 - ICEpower a/s) AVG (HKLM\...\AvgZen) (Version: 1.82.2.30772 - AVG Technologies) AVG Zen (Version: 1.82.2 - AVG Technologies) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.18.354 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{05f7f410-0274-45d0-91dc-712a62aadd96}) (Version: 1.2.68.19138 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.2.68.19138 - Avira Operations GmbH & Co. KG) Hidden Blender (HKLM\...\{47A0EA10-D506-4473-AE99-5E07DD1062DE}) (Version: 2.77.1 - Blender Foundation) BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.3.40.6019 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.10.0 - Canon Inc.) Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.10.0 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.) Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.10.0 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform) DaVinci Resolve (HKLM\...\{6C60C7F5-DE14-4EEA-AA1D-650B9DC13E29}) (Version: 12.2.0013 - Blackmagic Design) Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.) EPSON XP-312 313 315 Series Printer Uninstall (HKLM\...\EPSON XP-312 313 315 Series) (Version: - SEIKO EPSON Corporation) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG) FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation) Free Hide IP (HKLM-x32\...\FreeHideIP) (Version: 4.1.3.2 - ) GameMaker-Studio 1.4 (HKU\S-1-5-21-547049573-1155005164-433595549-1001\...\GameMaker-Studio14) (Version: - YoYo Games Ltd.) GameMaker-Studio 1.4 (HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GameMaker-Studio14) (Version: - YoYo Games Ltd.) GameMaker-Studio 1.4 (HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\GameMaker-Studio14) (Version: - YoYo Games Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation) Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.38.1036 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4062 - Intel Corporation) iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) LightZone 4.1.6 (HKLM-x32\...\3263-1164-2624-0047) (Version: 4.1.6 - LightZone Project) MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{328343FF-0466-4E8D-88EB-53CE3150AE11}) (Version: 7.0.2.6 - MAGIX Software GmbH) MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2014 Premium (HKLM-x32\...\MX.{FBCA50BE-C022-45DA-9261-10230EC1012E}) (Version: 13.0.2.8 - MAGIX AG) MAGIX Video deluxe 2014 Premium (Version: 13.0.2.8 - MAGIX AG) Hidden ManyCam 5.3.0 (HKLM-x32\...\ManyCam) (Version: 5.3.0 - Visicom Media Inc.) McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0.9042 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.233 - McAfee, Inc.) Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4841.1002 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-547049573-1155005164-433595549-1001\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MuseScore 2 (HKLM-x32\...\{4F0E15EA-F64C-11E5-9992-E717EA7DB0C8}) (Version: 2.0.3 - Werner Schweer and Others) NVIDIA Graphics Driver 345.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.05 - NVIDIA Corporation) NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (Version: 15.0.4841.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4841.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (Version: 15.0.4841.1002 - Microsoft Corporation) Hidden OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation) qksee (HKLM-x32\...\qksee) (Version: - Taiwan Shui Mu Chih Ching Technology Limited) <==== ACHTUNG Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7417 - Realtek Semiconductor Corp.) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16061.19 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.4.16061.19 - Samsung Electronics Co., Ltd.) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.) Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.) SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.23.2.4686 - Enigma Software Group, LLC) Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN) WavePad Audio-Editor (HKLM-x32\...\WavePad) (Version: 6.53 - NCH Software) WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation) WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent) Windows Driver Package - ASUS (ATP) Mouse (07/02/2014 6.0.0.39) (HKLM\...\51B9B97722559D76D6429B83B71A86106A35BFCE) (Version: 07/02/2014 6.0.0.39 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS) WinZip (HKLM-x32\...\WinZip) (Version: 2.2.41 - Winzipper Pvt Ltd.) <==== ACHTUNG Xilisoft iPad Magic Platinum (HKLM-x32\...\Xilisoft iPad Magic Platinum) (Version: 5.7.12.20160322 - Xilisoft) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-547049573-1155005164-433595549-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\VincentV\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll () CustomCLSID: HKU\S-1-5-21-547049573-1155005164-433595549-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\VincentV\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-547049573-1155005164-433595549-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {006EDC74-1591-4A09-B08C-77D56ADCFE33} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-05] (ASUS) Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent [Argument = /increment] Task: {1DCCDA14-ADD1-4857-9C4C-5D7C48C8F24B} - \UncheckitUpdateTaskC -> Keine Datei <==== ACHTUNG Task: {28DB60A4-16B4-4382-AEFB-DC2A42B89933} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-547049573-1155005164-433595549-1001 => C:\Users\VincentV\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-17] (Microsoft Corporation) Task: {2B9DCE6B-54B7-44B0-88DF-23E128D92EBF} - System32\Tasks\ToolrainUpdateTaskMachineUA => C:\Program Files (x86)\Toolrain\Update\ToolrainUpdate.exe <==== ACHTUNG Task: {32210371-12ED-4DDE-B9CA-8BFEF04CF181} - System32\Tasks\ToolrainUpdateTaskMachineCore => C:\Program Files (x86)\Toolrain\Update\ToolrainUpdate.exe <==== ACHTUNG Task: {329E3861-8E55-42D4-B031-CA3B2DF8C209} - \LefttoeUpdateTaskMachineUA -> Keine Datei <==== ACHTUNG Task: {331268C8-821F-43F4-8724-4F318E665F38} - \LefttoeUpdateTaskMachineCore -> Keine Datei <==== ACHTUNG Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.) Task: {3E9BEE46-385C-4D3B-B96B-6295D13A514C} - \NobeanUpdateTaskMachineUA -> Keine Datei <==== ACHTUNG Task: {43F3E34A-03FD-47CE-A93D-ACC2DD26F5EE} - \UncheckitUpdateTaskDB -> Keine Datei <==== ACHTUNG Task: {655C7265-BC42-4E62-99E3-DA311CF8307C} - System32\Tasks\Arerack Server => C:\Program Files (x86)\Arerack\ArerackServerTask.exe <==== ACHTUNG Task: {66FFF67E-37FD-411E-ADF3-45E4AE95C02E} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {807E12CB-D5B7-42B7-9387-5F09D395E7F9} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [Argument = /EXE:"{807E12CB-D5B7-42B7-9387-5F09D395E7F9}" /F:"Invitation"] Task: {69747406-13B0-4A9A-B8AA-0899751AEE14} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-13] (Google Inc.) Task: {6E891298-1DDB-4C73-88C8-8F0C208C564F} - \McAfeeLogon -> Keine Datei <==== ACHTUNG Task: {727EED26-2599-40A0-B175-F36A6B0EB330} - System32\Tasks\EPSON XP-312 313 315 Series Update {807E12CB-D5B7-42B7-9387-5F09D395E7F9} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [Argument = /EXE:"{807E12CB-D5B7-42B7-9387-5F09D395E7F9}" /F:"Update"] Task: {731C16E7-238A-4488-89EE-5D762DAC0387} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation) Task: {7C37C38E-2148-4B8E-A4A2-0721F76843D3} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {8FAA9B88-0C52-423D-ABE3-D6BE1814C312} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {915DC55F-D1A7-4C94-9E62-DADD28424522} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd) Task: {A0A72EDB-C3E7-4D68-83AC-6B059AEFF234} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {A12383E0-405F-480B-B506-6FA9687E804A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-vincent.velte@outlook.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {AAF5CAB7-20DA-4F36-9231-0247B5044C20} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-26] (Realtek Semiconductor) Task: {B1E97502-E58F-4DD7-9272-F8D6D0B91276} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-13] (Google Inc.) Task: {B33CE882-1819-4BDD-B627-9CAF242D6E5B} - System32\Tasks\VincentVGummingJawbreakersV2 => Rundll32.exe GrogginessWaterworks.dll,main 7 1 <==== ACHTUNG Task: {B7494EEA-7277-4838-8F39-06C4A31466BD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation) Task: {BBD1D99B-46AF-4890-B212-F84D8E254261} - \NobeanUpdateTaskMachineCore -> Keine Datei <==== ACHTUNG Task: {C8EC855A-0CD6-40CD-A923-CABDC36F7735} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-09-19] (AsusTek) Task: {CA44E3DD-FD57-4C35-BCA2-8F5C502E55E0} - System32\Tasks\UncheckitTaskMN => C:\Program Files (x86)\Uncheckit\cktSvc.exe <==== ACHTUNG Task: {CB4B0EB0-0219-4274-8CF5-1A10EC64C7F4} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent Task: {D55F92AE-29B9-4258-BE1D-C0FE0938A069} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\TXQQBrowser\Update\C482625F2F8A9F5376FAF8350D9B0CDA\Update\BrowserUpdate.exe [2016-04-25] (Tencent) <==== ACHTUNG Task: {DC2EABE9-EAE5-48B9-B442-86AC6A224EBF} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.) Task: {DDB19898-AE13-4B03-9BD9-CB2A640E6C5E} - System32\Tasks\AdobeAAMUpdater-1.0-Vincent-VincentV => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {E041C72A-BB6F-4213-8859-B37F5135BB4C} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.) Task: {EC7EA58C-6751-4F65-9490-F65FEAAA5D50} - System32\Tasks\ChelfNotify Task => C:\ProgramData\ChelfNotify\BrowserUpdate.exe [2016-06-30] (Tencent) Task: {EC8C2D05-AFC8-4A36-9F43-2AF3BAC2B4FA} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {F8BFDD34-F13D-491E-99A7-F69086B9CD61} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {807E12CB-D5B7-42B7-9387-5F09D395E7F9}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {807E12CB-D5B7-42B7-9387-5F09D395E7F9}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{807E12CB-D5B7-42B7-9387-5F09D395E7F9} /F:Update WORKGROUP\VINCENT$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\VincentV\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nch.com.au/de/index.html ShortcutWithArgument: C:\Users\VincentV\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2e13e29bcf26a9f0\Lefttoe.lnk -> C:\Program Files (x86)\Lefttoe\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-03-24 17:52 - 2014-12-24 12:38 - 00115912 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-07-05 15:23 - 2016-07-05 15:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-04-24 21:47 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2015-01-14 04:24 - 2014-12-15 07:26 - 00392592 _____ () C:\Windows\system32\igfxTray.exe 2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2016-08-13 14:41 - 2016-08-03 01:41 - 02366280 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll 2016-08-13 14:41 - 2016-08-03 01:40 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll 2015-01-14 04:24 - 2014-12-15 07:24 - 17752056 _____ () C:\Windows\SYSTEM32\igd11dxva64.dll 2016-05-22 19:32 - 2016-05-22 19:32 - 31680176 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2016-04-01 15:23 - 2016-04-01 15:23 - 27089303 _____ () C:\Program Files (x86)\MuseScore 2\bin\MuseScore.exe 2014-10-29 08:36 - 2014-10-29 08:36 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\ErrorReporting.dll 2014-11-05 14:44 - 2014-11-05 14:44 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2014-11-05 14:44 - 2014-11-05 14:44 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2015-01-06 17:40 - 2015-01-06 17:40 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll 2016-07-18 08:55 - 2016-07-18 08:55 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2014-10-23 12:27 - 2014-10-23 12:27 - 00119822 _____ () C:\Program Files (x86)\MuseScore 2\bin\libgcc_s_dw2-1.dll 2014-10-23 12:27 - 2014-10-23 12:27 - 01026574 _____ () C:\Program Files (x86)\MuseScore 2\bin\libstdc++-6.dll 2009-03-19 16:45 - 2009-03-19 16:45 - 00567487 _____ () C:\Program Files (x86)\MuseScore 2\bin\portaudio.dll 2009-03-19 16:45 - 2009-03-19 16:45 - 01743360 _____ () C:\Program Files (x86)\MuseScore 2\bin\libsndfile-1.dll 2008-03-23 15:49 - 2008-03-23 15:49 - 00106496 _____ () C:\Program Files (x86)\MuseScore 2\bin\libvorbisfile.dll 2014-10-16 12:34 - 2014-10-16 12:34 - 03758809 _____ () C:\Program Files (x86)\MuseScore 2\bin\icuin53.dll 2014-10-16 12:33 - 2014-10-16 12:33 - 02093901 _____ () C:\Program Files (x86)\MuseScore 2\bin\icuuc53.dll 2008-03-23 15:48 - 2008-03-23 15:48 - 00061440 _____ () C:\Program Files (x86)\MuseScore 2\bin\libogg.dll 2008-03-23 15:49 - 2008-03-23 15:49 - 01233408 _____ () C:\Program Files (x86)\MuseScore 2\bin\libvorbis.dll 2014-10-16 12:34 - 2014-10-16 12:34 - 21565880 _____ () C:\Program Files (x86)\MuseScore 2\bin\icudt53.dll 2015-03-24 17:54 - 2007-11-29 08:41 - 00086016 _____ () c:\program files (x86)\realtek\audio\asio\rthdasio.dll 2015-10-21 15:50 - 2015-10-21 15:50 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll 2015-10-21 15:49 - 2015-10-21 15:49 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll 2015-10-21 15:49 - 2015-10-21 15:49 - 00136192 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec-mscrypto.dll 2015-10-21 15:49 - 2015-10-21 15:49 - 00303616 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2016-08-12 22:27 - 00002206 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com Da befinden sich 8 zusätzliche Einträge. ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-547049573-1155005164-433595549-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\VincentV\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\VincentV\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\VincentV\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 172.16.254.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: AdobeUpdateService => 2 ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{D48F6F7F-BD46-41F0-BD6B-37F58504FF32}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{7B6414CD-4A9E-4F6D-9EA7-0A269E9B53AF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{015A28FA-38F6-423F-B50A-A5E11A531929}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{438411C4-F95B-4097-8AA0-9BCA7E9DF3A8}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{BEB111DC-55E6-42DE-951B-DCB6E9E85BAE}] => (Allow) C:\Users\VincentV\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{C0468B99-6F57-40CB-ACA2-796C55ED2614}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe FirewallRules: [{7011919F-50E0-49BE-8D55-B505AADF4BAE}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe FirewallRules: [{AA5E597A-E8CC-49CC-88A8-96096129A69D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe FirewallRules: [{655DDBC4-8DFD-401F-8A36-214DC4FA12F5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe FirewallRules: [{D979AF5C-21F7-4D46-B305-AD3598E6B6C6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe FirewallRules: [{945705F3-6234-422B-9EEB-4D9CE5B92389}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe FirewallRules: [{A816ADAE-23BB-411C-8936-6891690E5062}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe FirewallRules: [{3034CAE4-122B-4E00-B943-B2A219E7E87B}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe FirewallRules: [{8B63B4C5-5FB6-48F0-BA2F-31E6E1EA9F27}] => (Allow) C:\Program Files (x86)\Lefttoe\Update\LefttoeUpdate.exe FirewallRules: [{D6857EDF-F2F6-429A-9B39-4CA0FBF34320}] => (Allow) C:\Program Files (x86)\Lefttoe\Application\chrome.exe FirewallRules: [{990FDC14-0FE7-4D51-B80C-DA6102EF976F}] => (Allow) C:\ProgramData\Lefttoe\Lefttoe.exe FirewallRules: [{958D433E-5565-4B7E-B227-144BFD8ADE06}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{5B5F69BC-5C56-4F4F-ACA7-3550E9948896}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{8717AA32-7D5D-43C4-8FB4-2FDFA4484E0B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{8D87B76C-BCC4-4CD5-85CB-1168C8DC4FA4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{1D204B6C-02CA-44B6-AA0A-D9F16CD5A7F3}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{05A98E20-826B-4DDD-B66F-5F9E01B65E13}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe FirewallRules: [UDP Query User{AB4FF260-EEBD-4142-864E-0B659D1B110D}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe FirewallRules: [{8F938ACC-9484-423A-A37F-961E6E85B604}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (08/14/2016 02:21:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3140 Error: (08/14/2016 02:21:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3140 Error: (08/14/2016 02:21:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (08/14/2016 02:21:13 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1234 Error: (08/14/2016 02:21:13 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1234 Error: (08/14/2016 02:21:13 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (08/14/2016 10:25:41 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2375 Error: (08/14/2016 10:25:41 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2375 Error: (08/14/2016 10:25:41 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (08/14/2016 10:25:40 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1125 Systemfehler: ============= Error: (08/13/2016 09:26:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: %%1 = Unzulässige Funktion. Error: (08/13/2016 10:57:48 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 13.08.2016 um 09:57:04 unerwartet heruntergefahren. Error: (08/13/2016 10:11:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Volumeschattenkopie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/13/2016 10:11:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/13/2016 10:11:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/13/2016 10:11:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "GamesAppIntegrationService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/13/2016 10:11:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "FABS - Helping agent for MAGIX media database" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/13/2016 10:11:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/13/2016 10:11:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "McAfee SiteAdvisor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 3000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/13/2016 10:11:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts. CodeIntegrity: =================================== Date: 2016-06-26 22:32:55.253 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2016-06-26 22:21:39.052 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2016-06-24 13:36:20.450 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2016-06-24 07:06:53.877 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2016-06-24 05:52:45.947 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2016-06-23 16:56:16.137 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2016-06-23 16:08:35.585 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2016-06-22 10:37:10.470 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2016-06-22 03:36:02.167 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2016-06-22 03:36:02.162 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz Prozentuale Nutzung des RAM: 34% Installierter physikalischer RAM: 12190.84 MB Verfügbarer physikalischer RAM: 7989.83 MB Summe virtueller Speicher: 14046.84 MB Verfügbarer virtueller Speicher: 8786.21 MB ==================== Laufwerke ================================ Drive c: (OS) (Fixed) (Total:89.43 GB) (Free:7.11 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (Data) (Fixed) (Total:104.26 GB) (Free:31.05 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 223.6 GB) (Disk ID: 712C0698) Partition: GPT. ==================== Ende von Addition.txt ============================ |
14.08.2016, 16:03 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | MPC Cleaner entfernen - bitte helft mir!Code:
ATTFilter AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} Ich seh da auch noch Schrott von AVG, das auch bitte wegschmeißen.
__________________ Logfiles bitte immer in CODE-Tags posten |
14.08.2016, 18:54 | #15 |
| MPC Cleaner entfernen - bitte helft mir! Ok. Sind alle drei deinstalliert. |
Themen zu MPC Cleaner entfernen - bitte helft mir! |
adware, cleaner, dateien, dauernde, deinstalliere, deinstallieren, download, entferne, entfernen, helft, hilfe, löschen, malware, mpc cleaner, mpc cleaner entfernen, mögliche, nervt, nicht, ordner, profi, systems, systemsteuerung, total, versuch, versucht, vielen dank |