|
Mülltonne: Windows 10: Rechner extrem langsam, Programme werden nicht mehr gestartetWindows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
30.01.2017, 14:31 | #1 |
| Windows 10: Rechner extrem langsam, Programme werden nicht mehr gestartet Hallo zusammen, nach langer Zeit brauche ich mal wieder eure Hilfe: Mein WIN10 ist seit etwa 4 Wochen extrem langsam. Schreibe ich zB etwas in Word kommt das eingetippte Wort erst nach 10 Sekunden. Starte ich ein Programm bleibt es schon beim Start hängen, es kommt die Meldung "keine Rückmeldung", im TaskManager verbrät das Teil aber 70% der CPU. Stoppen kann man es dann auch nicht mehr, nicht mal mit "Task beenden". Entweder warten (manchmal bis zu zwei Stunden) oder Neustart. Auch der Neustart dauert ewig. Normalerweise war in 10 Sekunden alles da, jetzt warte ich mindestens 7-8 Minuten. Ich habe AVG TuneUP laufen, aber der meldet "alles in Ordnung". Ich habe auch Malwarebites, und das ist zB so ein Programm, wie oben beschrieben, das nicht startet und dann ewig hängt und alle Ressourcen frisst... Könnt Ihr mir helfen? besten Dank bereits... Hier meine Auswertungen von FRST txt: (Die Addition-Datei kommt in extra-Post, da zu lange.) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017 durchgeführt von Jürgen (Administrator) auf JUES-LINKER-PC (30-01-2017 14:02:13) Gestartet von C:\Users\Jürgen\Downloads Geladene Profile: Jürgen & _ashbackuppb_ (Verfügbare Profile: Jürgen & _ashbackuppb_ & Administrator) Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Edge) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\backupClient-abpb.exe () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\oxHelper.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Sysinternals - www.sysinternals.com) C:\Users\Jürgen\Downloads\Desktops2(1)\Desktops.exe (Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (HTTrack) C:\Program Files (x86)\WinHTTrack\WinHTTrack.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\backupService-abpb.exe (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe (DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\oxHelper.exe (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avpui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Farbar) C:\Users\Jürgen\Downloads\FRST64 (1).exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64 HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation) HKLM\...\Run: [PrintDisp] => C:\WINDOWS\system32\PrintDisp.exe [883168 2013-10-30] (ActMask Co.,Ltd - hxxp://www.all2pdf.com) HKLM\...\Run: [Ashampoo Backup PB] => C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\backupClient-abpb.exe [323400 2016-04-21] () HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2004-08-27] (Ulead Systems, Inc.) HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.) HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [36168 2013-05-14] (Nuance Communications, Inc.) HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [18248 2013-05-14] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PPort14reminder] => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\14\Config\Ereg\Ereg.ini" HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe HKU\S-1-5-21-1791603094-1891881837-2934167099-1002\...\Run: [Sysinternals Desktops] => C:\Users\Jürgen\Downloads\Desktops2(1)\Desktops.exe [116824 2015-03-29] (Sysinternals - www.sysinternals.com) HKU\S-1-5-21-1791603094-1891881837-2934167099-1002\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC.) HKU\S-1-5-21-1791603094-1891881837-2934167099-1002\...\MountPoints2: {ad771f79-9020-11e6-82b2-48d2245c6953} - "K:\autorun.exe" HKU\S-1-5-21-1791603094-1891881837-2934167099-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-1791603094-1891881837-2934167099-1008\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation) IFEO: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\acpanel_win.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\expressaccounts.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\hotkeyutility.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\iumsvc.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk [2017-01-18] ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH) GroupPolicy: Beschränkung - Chrome <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{10a2951e-5d6f-431d-a96d-a7e620c8d627}: [DhcpNameServer] 82.163.142.7 Tcpip\..\Interfaces\{36ebfe67-9416-4c7c-b587-29ab3068e8e5}: [DhcpNameServer] 82.163.142.7 Tcpip\..\Interfaces\{7a5e4593-ac89-43e1-bb65-b22592e9684f}: [DhcpNameServer] 82.163.142.7 Tcpip\..\Interfaces\{b0050abb-9db8-493d-8bd7-1acb946687bf}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{cb13880e-a3e5-4a82-b1b9-e11d3506e1bf}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-1791603094-1891881837-2934167099-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM-x32 -> {4CCF9AF7-541E-449C-AB6A-84D81FAEBB7D} URL = hxxp://amigofriends.com/search/?q={searchTerms}&lang=Deutsch (Deutschland) SearchScopes: HKU\S-1-5-21-1791603094-1891881837-2934167099-1002 -> {3D62447E-FED0-46D5-89BC-A306BA085800} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-1791603094-1891881837-2934167099-1002 -> {4CCF9AF7-541E-449C-AB6A-84D81FAEBB7D} URL = hxxp://amigofriends.com/search/?q={searchTerms}&lang=Deutsch (Deutschland) SearchScopes: HKU\S-1-5-21-1791603094-1891881837-2934167099-1002 -> {CE3942CD-0EDE-4F4B-A88A-FC6783355464} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-1791603094-1891881837-2934167099-1002 -> {CEEBEF38-7BC0-4B5B-B0F7-E9F080FDDE6C} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-1791603094-1891881837-2934167099-1002 -> {FEDE6BF6-CC65-4C5C-B859-86223AA468BC} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02] (AO Kaspersky Lab) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-29] (Oracle Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-29] (Oracle Corporation) BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2016-12-02] (AO Kaspersky Lab) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-29] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-29] (Oracle Corporation) Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll [2016-12-02] (AO Kaspersky Lab) IE Session Restore: HKU\S-1-5-21-1791603094-1891881837-2934167099-1002 -> ist aktiviert. Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation) Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-1791603094-1891881837-2934167099-1002 -> hxxp://go.gmx.net/tb/ie_startpage Edge Session Restore: HKU\S-1-5-21-1791603094-1891881837-2934167099-1002 -> ist aktiviert. FireFox: ======== FF ProfilePath: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\xttgsyc9.default [2017-01-21] FF Homepage: Mozilla\Firefox\Profiles\xttgsyc9.default -> hxxps://www.google.de/?gfe_rd=cr&ei=fxP9Vqi3I-jj8wfthLKoCg FF Session Restore: Mozilla\Firefox\Profiles\xttgsyc9.default -> ist aktiviert. FF Extension: (Video DownloadHelper) - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\xttgsyc9.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-08-18] FF Extension: (Ecosia — The search engine that plants trees!) - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\xttgsyc9.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2015-11-12] FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\xttgsyc9.default\searchplugins\ecosia.xml [2015-11-12] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-12-02] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] () FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-29] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-29] (Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-19] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-19] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-29] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-29] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-09] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-09] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1791603094-1891881837-2934167099-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Jürgen\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-04-09] (Citrix Online) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> s.piesearch.com/?type=chhp CHR StartupUrls: Default -> "hxxps://homepage-web.com/?s=acer&m=start" CHR DefaultSearchURL: Default -> hxxps://secure.homepage-web.com/?partner=acer&src=omnibox&q={searchTerms} CHR DefaultSearchKeyword: Default -> t CHR DefaultSuggestURL: Default -> hxxps://secure-suggest.homepage-web.com/suggest?format=json&locale={language}&q={searchTerms} CHR Profile: C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default [2016-05-10] CHR Extension: (Google Docs) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-24] CHR Extension: (Google Drive) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-24] CHR Extension: (HD Video Downloader) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\biiihkbgimdfdjdmiglnkokopflmjehp [2015-09-24] CHR Extension: (YouTube) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Google-Suche) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-24] CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-24] CHR Extension: (Download Button) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\iccodbepgnkhafhjajchdjkadbflkijl [2015-11-15] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-24] CHR Extension: (Google Mail) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-24] CHR HKLM\...\Chrome\Extension: [iccodbepgnkhafhjajchdjkadbflkijl] - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\iccodbepgnkhafhjajchdjkadbflkijl.crx [2015-11-15] CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [iccodbepgnkhafhjajchdjkadbflkijl] - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\iccodbepgnkhafhjajchdjkadbflkijl.crx [2015-11-15] CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi Opera: ======= OPR Extension: (HD Video Downloader) - C:\Users\Jürgen\AppData\Roaming\Opera Software\Opera Stable\Extensions\gacckcgfmoapndlfjdjiffiblljijhep [2016-04-27] OPR Extension: (Video Downloader 2015) - C:\Users\Jürgen\AppData\Roaming\Opera Software\Opera Stable\Extensions\mpnpijldpdipnfbjpfjgopcdnjejgbda [2016-05-02] ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 ashbackuppb; c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\backupService-abpb.exe [32072 2016-04-21] () R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab) S4 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-26] (Acer Incorporated) S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-12-17] (Creative Labs) [Datei ist nicht signiert] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-12-17] (Creative Labs) [Datei ist nicht signiert] S4 ExpressAccountsService; C:\Program Files (x86)\NCH Software\ExpressAccounts\expressaccounts.exe [3660328 2013-10-08] (NCH Software) S3 ExpressInvoiceService; C:\Program Files (x86)\NCH Software\ExpressInvoice\expressinvoice.exe [2597928 2014-11-13] (NCH Software) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-08-26] () R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-19] (Intel Corporation) R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel(R) Corporation) S4 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation) S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77640 2013-05-14] (Nuance Communications, Inc.) R2 Printer Control; C:\WINDOWS\system32\PrintCtrl.exe [127456 2013-11-01] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [Datei ist nicht signiert] R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.) R2 StarMoney 10 OnlineUpdate; C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe [701760 2016-11-25] (Star Finanz-Software Entwicklung und Vertriebs GmbH) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies) S2 UxTuneUp; C:\WINDOWS\System32\uxtuneup.dll [44760 2015-08-04] (AVG Technologies) S2 UxTuneUp; C:\WINDOWS\SysWOW64\uxtuneup.dll [36568 2015-08-04] (AVG Technologies) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d64x64.sys [469264 2013-06-26] (Intel Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] () U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-04-08] (Huawei Technologies Co., Ltd.) S3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider) R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab) R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78200 2015-12-01] (AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab) R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [237912 2016-12-02] (AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-08-16] (AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [992600 2016-08-16] (AO Kaspersky Lab) R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [51288 2016-04-29] (AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [87984 2016-08-16] (AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [110424 2016-08-16] (AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194440 2015-12-02] (AO Kaspersky Lab) R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176584 2017-01-30] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [110536 2017-01-30] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-30] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251848 2017-01-30] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-30] (Malwarebytes) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation) S3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.) S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.) S1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [50448 2015-07-28] (Intel Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 NetTap630; C:\WINDOWS\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaewu.inf_amd64_8cbfa7509ac4e6cb\nvlddmkm.sys [13754928 2016-08-26] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-01-30 14:00 - 2017-01-30 14:01 - 02420736 _____ (Farbar) C:\Users\Jürgen\Downloads\FRST64 (1).exe 2017-01-30 13:45 - 2017-01-30 13:45 - 00000000 ____D C:\Program Files (x86)\WinHTTrack 2017-01-30 13:44 - 2017-01-30 13:44 - 04185176 _____ (HTTrack ) C:\Users\Jürgen\Downloads\httrack-3.48.22.exe 2017-01-30 13:38 - 2017-01-30 13:45 - 00001108 _____ C:\Users\Jürgen\Desktop\HTTrack Website Copier.lnk 2017-01-30 13:38 - 2017-01-30 13:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack 2017-01-30 13:38 - 2017-01-30 13:38 - 00000000 ____D C:\Program Files\WinHTTrack 2017-01-30 13:37 - 2017-01-30 13:37 - 04498888 _____ (HTTrack ) C:\Users\Jürgen\Downloads\httrack_x64-3.48.22.exe 2017-01-30 11:40 - 2017-01-30 11:40 - 01496584 _____ C:\Users\Jürgen\Downloads\XYplorerFree - CHIP-Installer (1).exe 2017-01-30 11:35 - 2017-01-30 11:36 - 01496584 _____ C:\Users\Jürgen\Downloads\XYplorerFree - CHIP-Installer.exe 2017-01-30 10:15 - 2017-01-30 13:53 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-01-30 10:15 - 2017-01-30 10:15 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-01-30 10:15 - 2017-01-30 10:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-01-30 10:15 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-01-30 10:14 - 2017-01-30 10:14 - 00000000 ____D C:\Program Files\Malwarebytes 2017-01-26 21:19 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2017-01-26 21:19 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2017-01-26 14:20 - 2017-01-30 11:53 - 00000000 ____D C:\Users\Jürgen\Downloads\te170117 2017-01-26 14:19 - 2017-01-26 14:20 - 00520701 _____ C:\Users\Jürgen\Downloads\te170117 (1).zip 2017-01-24 16:04 - 2017-01-24 16:04 - 00218974 _____ C:\Users\Jürgen\Downloads\2016-12-29-1292934184_05-RG.PDF 2017-01-23 16:11 - 2017-01-23 16:11 - 00010681 _____ C:\Users\Jürgen\Downloads\Adac.pdf 2017-01-22 19:17 - 2017-01-30 11:41 - 00520701 _____ C:\Users\Jürgen\Downloads\te170117.zip 2017-01-22 19:10 - 2017-01-30 11:41 - 01543522 _____ C:\Users\Jürgen\Downloads\tabbyfile_8081.exe 2017-01-19 20:27 - 2017-01-19 20:27 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\0B957970.sys 2017-01-15 18:02 - 2017-01-18 19:09 - 00001741 _____ C:\Users\Public\Desktop\Recuva.lnk 2017-01-15 18:02 - 2017-01-15 18:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2017-01-15 18:02 - 2017-01-15 18:02 - 00000000 ____D C:\Program Files\Recuva 2017-01-15 18:00 - 2017-01-15 18:01 - 05562976 _____ (Piriform Ltd) C:\Users\Jürgen\Downloads\rcsetup153.exe 2017-01-15 17:58 - 2017-01-15 17:58 - 00000000 ____D C:\Users\Jürgen\Downloads\rettung 2017-01-15 17:58 - 2017-01-15 17:58 - 00000000 ____D C:\Users\Jürgen\Downloads\Neuer Ordner (3) 2017-01-15 17:58 - 2017-01-15 17:58 - 00000000 ____D C:\Users\Jürgen\Downloads\Neuer Ordner (2) 2017-01-15 17:58 - 2017-01-15 17:58 - 00000000 ____D C:\Users\Jürgen\Desktop\Rettung 2017-01-15 17:45 - 2017-01-15 17:45 - 00000000 ____D C:\Users\Jürgen\Downloads\testdisk-7.0.win 2017-01-15 17:36 - 2017-01-15 17:39 - 12444088 _____ C:\Users\Jürgen\Downloads\testdisk-7.0.win.zip 2017-01-15 17:35 - 2017-01-15 17:36 - 01496584 _____ C:\Users\Jürgen\Downloads\TestDisk PhotoRec - CHIP-Installer.exe 2017-01-15 17:29 - 2017-01-15 17:35 - 01496584 _____ C:\Users\Jürgen\Downloads\PhotoRec Sorter - CHIP-Installer.exe 2017-01-15 17:16 - 2017-01-15 17:17 - 00000000 _____ C:\Users\Jürgen\Downloads\1009398154 (1).js 2017-01-15 17:16 - 2017-01-15 17:16 - 00000000 _____ C:\Users\Jürgen\Downloads\1009398154.js 2017-01-13 14:21 - 2017-01-13 14:21 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\5ADE0C8D.sys 2017-01-12 08:54 - 2017-01-18 19:09 - 00001156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhraseExpress.lnk 2017-01-12 08:51 - 2017-01-12 08:52 - 17900181 _____ C:\Users\Jürgen\Downloads\PhraseExpressSetup.zip 2017-01-12 08:48 - 2017-01-12 08:48 - 00000000 ____D C:\WINDOWS\Panther 2017-01-11 18:06 - 2017-01-11 18:06 - 02859305 _____ C:\Users\Jürgen\Desktop\Sauna selbstausbau.sh3d 2017-01-11 18:06 - 2017-01-11 18:06 - 00033749 _____ C:\Users\Jürgen\Desktop\Womo-selbstausbau.sh3d 2017-01-10 23:57 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2017-01-10 23:57 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll 2017-01-10 23:57 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-01-10 23:57 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-01-10 23:57 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-01-10 23:57 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-01-10 23:57 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2017-01-10 23:57 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-01-10 23:57 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-01-10 23:57 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-01-10 23:57 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-01-10 23:57 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-01-10 23:57 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2017-01-10 23:57 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-01-10 23:57 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-01-10 23:57 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-01-10 23:57 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-01-10 23:57 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2017-01-10 23:57 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2017-01-10 23:57 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2017-01-10 23:57 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2017-01-10 23:57 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll 2017-01-10 23:57 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2017-01-10 23:57 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2017-01-10 23:57 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-01-10 23:57 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-01-10 23:57 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2017-01-10 23:57 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-01-10 23:57 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-01-10 23:57 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-01-10 23:57 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-01-10 23:57 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-01-10 23:57 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-01-10 23:57 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-01-10 23:57 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-01-10 23:57 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-01-10 23:57 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2017-01-10 23:57 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-01-10 23:57 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll 2017-01-10 23:57 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-01-10 23:57 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2017-01-10 23:57 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-01-10 23:57 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll 2017-01-10 23:57 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll 2017-01-10 23:57 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2017-01-10 23:57 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-01-10 23:57 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-01-10 23:57 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2017-01-10 23:57 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2017-01-10 23:57 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-01-10 23:57 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-01-10 23:57 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-01-10 23:57 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-01-10 23:57 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-01-10 23:57 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-01-10 23:57 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-01-10 23:57 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-01-10 23:57 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2017-01-10 23:57 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-01-10 23:57 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll 2017-01-10 23:57 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-01-10 23:57 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-01-10 23:57 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-01-10 23:57 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-01-10 23:57 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-01-10 23:57 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2017-01-10 23:57 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-01-10 23:57 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-01-10 23:57 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2017-01-10 23:57 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-01-10 23:57 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll 2017-01-10 23:57 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-01-10 23:57 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-01-10 23:57 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2017-01-10 23:57 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-01-10 23:57 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-01-10 23:57 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-01-10 23:57 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-01-10 23:57 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2017-01-10 23:57 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-01-10 23:57 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2017-01-10 23:57 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-01-10 23:57 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-01-10 23:57 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-01-10 23:57 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2017-01-10 23:57 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-01-10 23:57 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2017-01-10 23:57 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll 2017-01-10 23:57 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-01-10 23:57 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2017-01-10 23:57 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-01-10 23:57 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-01-10 23:57 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-01-10 23:57 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-01-10 23:57 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-01-10 23:57 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2017-01-10 23:57 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-01-10 23:57 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-01-10 23:57 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2017-01-10 23:57 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2017-01-10 23:57 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-01-10 23:57 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2017-01-10 23:57 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-01-10 23:57 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-01-10 23:57 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2017-01-10 23:57 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2017-01-10 23:57 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-01-10 23:57 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2017-01-10 23:57 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2017-01-10 23:57 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-01-10 23:57 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-01-10 23:57 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-01-10 23:57 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2017-01-10 23:57 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2017-01-10 23:57 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-01-10 23:57 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-01-10 23:57 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-01-10 23:57 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2017-01-10 23:57 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll 2017-01-10 23:57 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2017-01-10 23:57 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll 2017-01-10 23:57 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-10 23:57 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll 2017-01-10 23:57 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-01-10 23:57 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-01-10 23:57 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2017-01-10 23:57 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2017-01-10 23:57 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2017-01-10 23:57 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-10 23:57 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2017-01-10 23:57 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-01-10 23:57 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll 2017-01-10 23:57 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-01-10 23:57 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-01-10 23:57 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll 2017-01-10 23:57 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll 2017-01-10 23:57 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-01-10 23:57 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2017-01-10 23:57 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-01-10 23:57 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-01-10 23:57 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-01-10 23:57 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-01-10 23:57 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll 2017-01-10 23:57 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll 2017-01-10 23:57 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2017-01-10 23:57 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-01-10 23:57 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-01-10 23:57 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-01-10 23:57 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2017-01-10 23:57 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2017-01-10 23:57 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-01-10 23:57 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2017-01-10 23:57 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-01-10 23:57 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-01-10 23:57 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2017-01-10 23:57 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-01-10 23:57 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-01-10 23:57 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-01-10 23:57 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-01-10 23:57 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-01-10 23:57 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-01-10 23:57 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2017-01-10 23:57 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-01-10 23:57 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-01-10 23:57 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-01-10 23:57 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-01-07 14:58 - 2017-01-07 14:59 - 00000000 ____D C:\Users\Jürgen\AppData\Local\AvgSetupLog 2017-01-07 14:57 - 2017-01-07 14:58 - 03312432 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Jürgen\Downloads\AVG_Performance_824.exe 2017-01-02 14:14 - 2017-01-02 14:14 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\34AF2B28.sys ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-01-30 14:02 - 2015-02-08 16:27 - 00030143 _____ C:\Users\Jürgen\Downloads\FRST.txt 2017-01-30 14:02 - 2015-02-04 18:54 - 00000000 ____D C:\FRST 2017-01-30 13:59 - 2016-07-16 23:51 - 00923792 _____ C:\WINDOWS\system32\perfh007.dat 2017-01-30 13:59 - 2016-07-16 23:51 - 00211608 _____ C:\WINDOWS\system32\perfc007.dat 2017-01-30 13:59 - 2015-08-03 12:33 - 02265422 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-01-30 13:53 - 2016-10-09 16:27 - 00000000 ____D C:\ProgramData\NVIDIA 2017-01-30 13:53 - 2016-04-27 11:43 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-01-30 13:53 - 2016-04-27 11:43 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-01-30 13:53 - 2016-04-27 11:43 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-01-30 13:53 - 2015-03-12 23:13 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2017-01-30 13:52 - 2016-10-09 16:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-01-30 13:48 - 2016-07-16 07:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI 2017-01-30 13:48 - 2014-02-15 14:58 - 00000000 ____D C:\Users\Jürgen\Documents\Outlook-Dateien 2017-01-30 13:32 - 2016-10-09 17:05 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Deployment 2017-01-30 13:06 - 2015-06-01 12:20 - 00000694 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1791603094-1891881837-2934167099-1002.job 2017-01-30 13:06 - 2015-04-09 08:02 - 00000598 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1791603094-1891881837-2934167099-1002.job 2017-01-30 13:03 - 2016-10-09 16:31 - 00000000 ____D C:\Users\_ashbackuppb_ 2017-01-30 13:03 - 2016-01-05 11:08 - 00000000 ____D C:\Users\Jürgen\Documents\PhraseExpress 2017-01-30 13:01 - 2016-01-04 11:19 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\vlc 2017-01-30 10:57 - 2015-03-31 17:31 - 00000000 ____D C:\Users\Jürgen\AppData\Roaming\.oit 2017-01-30 10:14 - 2016-04-27 11:43 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-01-30 09:48 - 2016-10-09 16:27 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-01-29 16:34 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-29 16:31 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-01-28 16:06 - 2016-10-09 16:42 - 00003990 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1434391471 2017-01-28 16:06 - 2015-06-15 19:04 - 00001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2017-01-28 16:06 - 2015-06-15 18:58 - 00000000 ____D C:\Program Files (x86)\Opera 2017-01-28 01:24 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-01-26 21:07 - 2014-01-30 19:09 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Packages 2017-01-25 10:58 - 2013-12-17 10:04 - 00000000 ____D C:\ProgramData\Temp 2017-01-22 19:10 - 2015-03-12 20:46 - 00000000 ____D C:\Users\Jürgen\AppData\Local\VirtualStore 2017-01-22 19:06 - 2015-03-29 12:55 - 00000000 ____D C:\Program Files (x86)\FreeCommander XE 2017-01-21 20:27 - 2015-06-30 11:12 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-01-21 16:33 - 2016-10-09 16:31 - 00000000 ____D C:\Users\Jürgen 2017-01-20 09:49 - 2015-03-12 20:58 - 00000000 ____D C:\ProgramData\firebird 2017-01-20 09:49 - 2014-04-23 17:03 - 00000000 ____D C:\orgaMAX 2017-01-19 17:17 - 2016-03-21 14:54 - 00000000 ____D C:\Program Files (x86)\StarMoney 10 2017-01-18 19:09 - 2016-12-27 17:46 - 00001097 _____ C:\Users\Public\Desktop\Pixum Fotoimporter.lnk 2017-01-18 19:09 - 2016-12-27 17:46 - 00001082 _____ C:\Users\Public\Desktop\Pixum Fotoschau.lnk 2017-01-18 19:09 - 2016-12-27 17:46 - 00001077 _____ C:\Users\Public\Desktop\Pixum Fotowelt.lnk 2017-01-18 19:09 - 2016-10-12 08:13 - 00001062 _____ C:\Users\Public\Desktop\HiSuite.lnk 2017-01-18 19:09 - 2016-10-09 16:35 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2017-01-18 19:09 - 2016-08-03 09:58 - 00002356 _____ C:\Users\Public\Desktop\Sicherer Zahlungsverkehr.lnk 2017-01-18 19:09 - 2016-08-03 09:58 - 00002288 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk 2017-01-18 19:09 - 2016-04-27 13:46 - 00001267 _____ C:\Users\Public\Desktop\Ashampoo Backup Pro 10.lnk 2017-01-18 19:09 - 2016-04-03 17:10 - 00001220 _____ C:\Users\Public\Desktop\GOM Player.lnk 2017-01-18 19:09 - 2016-03-21 14:55 - 00002265 _____ C:\Users\Public\Desktop\StarMoney 10.lnk 2017-01-18 19:09 - 2016-01-24 18:10 - 00001309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Accounts.lnk 2017-01-18 19:09 - 2016-01-24 18:10 - 00001291 _____ C:\Users\Public\Desktop\Express Accounts.lnk 2017-01-18 19:09 - 2016-01-04 11:19 - 00000958 _____ C:\Users\Public\Desktop\VLC media player.lnk 2017-01-18 19:09 - 2016-01-04 11:04 - 00000913 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VidCoder.lnk 2017-01-18 19:09 - 2015-10-04 13:56 - 00001136 _____ C:\Users\Public\Desktop\posterXXL Designer.lnk 2017-01-18 19:09 - 2015-08-12 13:20 - 00001297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Invoice.lnk 2017-01-18 19:09 - 2015-08-12 13:20 - 00001279 _____ C:\Users\Public\Desktop\Express Invoice.lnk 2017-01-18 19:09 - 2015-08-05 10:15 - 00001954 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shotcut.lnk 2017-01-18 19:09 - 2015-07-06 09:38 - 00002298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-01-18 19:09 - 2015-06-30 11:12 - 00002065 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2017-01-18 19:09 - 2015-06-19 13:23 - 00002243 _____ C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk 2017-01-18 19:09 - 2015-06-19 13:23 - 00002237 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk 2017-01-18 19:09 - 2015-06-19 13:23 - 00002219 _____ C:\Users\Public\Desktop\AVG PC TuneUp 2015.lnk 2017-01-18 19:09 - 2015-06-15 19:04 - 00001125 _____ C:\Users\Public\Desktop\Opera.lnk 2017-01-18 19:09 - 2015-05-26 16:18 - 00002086 _____ C:\Users\Public\Desktop\PaperPort.lnk 2017-01-18 19:09 - 2015-03-14 12:58 - 00001179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-01-18 19:09 - 2015-03-14 12:58 - 00001161 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-01-18 19:09 - 2015-03-12 23:16 - 00002388 _____ C:\Users\Public\Desktop\PSTViewer Pro.lnk 2017-01-18 19:09 - 2015-03-12 20:46 - 00001684 _____ C:\Users\Public\Desktop\Online kaufen.lnk 2017-01-18 19:09 - 2013-12-17 10:18 - 00001361 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-01-18 19:09 - 2013-12-17 10:17 - 00001245 _____ C:\Users\Public\Desktop\Help and Support.lnk 2017-01-18 19:09 - 2013-12-17 10:17 - 00000988 _____ C:\Users\Public\Desktop\Acer Docs.lnk 2017-01-18 19:09 - 2013-12-17 10:10 - 00001110 _____ C:\Users\Public\Desktop\Acer Portal.lnk 2017-01-18 19:09 - 2013-12-17 10:06 - 00001061 _____ C:\Users\Public\Desktop\Acer Media.lnk 2017-01-18 19:09 - 2013-12-17 09:59 - 00001178 _____ C:\Users\Public\Desktop\Acer Remote Files.lnk 2017-01-18 19:09 - 2013-12-17 09:54 - 00002276 _____ C:\Users\Public\Desktop\What's EAX ADVANCED HD 5.0.lnk 2017-01-18 19:09 - 2013-12-17 09:53 - 00002417 _____ C:\Users\Public\Desktop\Sound Blaster Cinema.lnk 2017-01-18 19:09 - 2013-12-17 09:53 - 00002314 _____ C:\Users\Public\Desktop\Creative Software AutoUpdate.lnk 2017-01-18 19:09 - 2013-12-17 09:53 - 00002028 _____ C:\Users\Public\Desktop\Creative ALchemy.lnk 2017-01-18 19:08 - 2016-05-14 15:19 - 00001023 _____ C:\Users\Jürgen\Desktop\Sweet Home 3D.lnk 2017-01-18 19:08 - 2016-04-27 10:17 - 00001305 _____ C:\Users\Jürgen\Desktop\Revo Uninstaller.lnk 2017-01-18 19:08 - 2016-04-03 17:10 - 00001250 _____ C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk 2017-01-18 19:08 - 2016-01-04 12:42 - 00001982 _____ C:\Users\Jürgen\Desktop\Magic DVD Ripper.lnk 2017-01-18 19:08 - 2015-08-03 13:02 - 00002438 _____ C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-01-18 19:08 - 2015-06-04 13:13 - 00001015 _____ C:\Users\Jürgen\Desktop\DVDx 4.1.lnk 2017-01-18 19:08 - 2015-05-26 16:18 - 00001890 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk 2017-01-18 19:08 - 2015-04-26 14:14 - 00000821 _____ C:\Users\Jürgen\Desktop\video-editor_setup_full1080.exe.lnk 2017-01-18 19:08 - 2015-03-21 13:41 - 00001875 _____ C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\orgaMAX starten....lnk 2017-01-18 19:08 - 2014-04-23 17:04 - 00001538 _____ C:\Users\Jürgen\Desktop\orgaMAX starten....lnk 2017-01-18 19:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Branding 2017-01-18 18:59 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-01-18 18:58 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2017-01-12 12:45 - 2015-03-14 08:35 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2017-01-12 12:44 - 2013-08-22 14:25 - 00000199 _____ C:\WINDOWS\win.ini 2017-01-12 12:42 - 2015-03-14 13:33 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-01-12 12:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache 2017-01-12 12:39 - 2015-03-14 13:33 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-01-12 09:08 - 2016-10-09 16:42 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-01-12 08:54 - 2016-01-05 10:32 - 00000000 ____D C:\Program Files (x86)\PhraseExpress 2017-01-12 08:49 - 2014-01-30 19:02 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-01-12 08:48 - 2016-10-09 16:27 - 00366864 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-01-12 08:48 - 2015-07-06 09:38 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2017-01-12 08:48 - 2015-03-14 18:37 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2017-01-11 18:12 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-01-11 18:12 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-01-11 18:12 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-01-11 18:12 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-01-11 18:12 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning 2017-01-11 01:04 - 2016-10-09 16:42 - 00004036 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-01-11 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-01-11 01:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-01-07 14:58 - 2015-06-19 13:20 - 00000000 ____D C:\Users\Jürgen\AppData\Local\Avg 2017-01-07 14:58 - 2015-06-19 13:19 - 00000000 ____D C:\ProgramData\AVG 2017-01-02 10:01 - 2016-12-27 17:47 - 00000000 ____D C:\ProgramData\tmp ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-09-24 19:08 - 2015-09-24 19:08 - 0000139 _____ () C:\Users\Jürgen\AppData\Roaming\dllreg.bat 2015-06-19 16:57 - 2015-06-19 16:57 - 0000427 _____ () C:\Users\Jürgen\AppData\Local\dvdx41vip.lic 2015-08-05 09:36 - 2015-08-05 09:36 - 0019674 _____ () C:\Users\Jürgen\AppData\Local\internal.grp 2016-04-28 14:19 - 2016-04-28 14:19 - 0000017 _____ () C:\Users\Jürgen\AppData\Local\resmon.resmoncfg ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-01-12 12:20 ==================== Ende von FRST.txt ============================ |
30.01.2017, 14:33 | #2 |
| Windows 10: Rechner extrem langsam, Programme werden nicht mehr gestartet Und hier kommt die Addition:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-01-2017 durchgeführt von Jürgen (30-01-2017 14:02:48) Gestartet von C:\Users\Jürgen\Downloads Windows 10 Home Version 1607 (X64) (2016-10-09 15:43:35) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1791603094-1891881837-2934167099-500 - Administrator - Disabled) => C:\Users\Administrator BitBox (S-1-5-21-1791603094-1891881837-2934167099-1005 - Limited - Enabled) DefaultAccount (S-1-5-21-1791603094-1891881837-2934167099-503 - Limited - Disabled) Gast (S-1-5-21-1791603094-1891881837-2934167099-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1791603094-1891881837-2934167099-1004 - Limited - Enabled) Jürgen (S-1-5-21-1791603094-1891881837-2934167099-1002 - Administrator - Enabled) => C:\Users\Jürgen _ashbackuppb_ (S-1-5-21-1791603094-1891881837-2934167099-1008 - Administrator - Enabled) => C:\Users\_ashbackuppb_ ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.01.2005.1 - Acer Incorporated) Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.3006 - Acer Incorporated) Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.3104.3 - Acer Incorporated) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.3104 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated) Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated) Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated) AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.03.2001.0 - Acer Incorporated) Ashampoo Backup Pro 10 (HKLM\...\{FDAE1FAD-F9D8-4215-E9A3-24B2088C0FA7}_is1) (Version: 10.01 - Ashampoo GmbH & Co. KG) AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.638 - AVG Technologies) AVG PC TuneUp 2015 (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden AVS Audio Converter 8.0 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.0.2.541 - Online Media Technologies Ltd.) AVS Audio Editor 8.0 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 8.0.2.501 - Online Media Technologies Ltd.) AVS Disc Creator 5.2 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.2.4.534 - Online Media Technologies Ltd.) AVS Document Converter 3.0.1 (HKLM-x32\...\AVS Document Converter_is1) (Version: 3.0.1.237 - Online Media Technologies Ltd.) AVS Image Converter 4.0.1.280 (HKLM-x32\...\AVS Image Converter_is1) (Version: 4.0.1.280 - Online Media Technologies Ltd.) AVS Media Player 4.2.5.108 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.2.5.108 - Online Media Technologies Ltd.) AVS Photo Editor 2.3.3.147 (HKLM-x32\...\AVS Photo Editor_is1) (Version: 2.3.3.147 - Online Media Technologies Ltd.) AVS Registry Cleaner 3.0.2.271 (HKLM-x32\...\AVS Registry Cleaner_is1) (Version: 3.0.2.271 - Online Media Technologies Ltd.) AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.4.574 - Online Media Technologies Ltd.) AVS Video Editor 7.1 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.1.4.264 - Online Media Technologies Ltd.) AVS Video ReMaker 5.0.1.172 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: 5.0.1.172 - Online Media Technologies Ltd.) Citrix Online Launcher (HKLM-x32\...\{1EFF9E6C-76E1-43F9-81FB-BC8C037B0902}) (Version: 1.0.258 - Citrix) DVDx 4.1 (HKLM-x32\...\DVDx 4.1) (Version: 4.1 - labDV) eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM) Express Accounts (HKLM-x32\...\ExpressAccounts) (Version: 4.77 - NCH Software) Express Invoice (HKLM-x32\...\ExpressInvoice) (Version: 4.29 - NCH Software) FileZilla Client 3.17.0 (HKLM-x32\...\FileZilla Client) (Version: 3.17.0 - Tim Kosse) GeForce Experience NvStream Client Components (Version: 0.1.87 - NVIDIA Corporation) Hidden GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.0.5248 - Gretech Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden GoToMeeting 7.31.0.6291 (HKU\S-1-5-21-1791603094-1891881837-2934167099-1002\...\GoToMeeting) (Version: 7.31.0.6291 - CitrixOnline) HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - ) HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd) Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.8101 - Acer Incorporated) Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel) Intel(R) Technology Access (HKLM-x32\...\{efc54997-dfa9-44b1-afac-3a7ac4f45730}) (Version: 1.3.6.1042 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation) Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) Kaspersky Total Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab) Kaspersky Total Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated) Magic DVD Ripper V8.2.0 (HKLM-x32\...\Magic DVD Ripper_is1) (Version: - Magic DVD Software, Inc.) Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes) Max Local Application (x32 Version: 1.4.5 - eQ-3 Entwicklung GmbH) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla) Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG) Nuance PaperPort 14 (HKLM-x32\...\{AEF2D1F4-0696-11D5-8E6A-00C04F7FA234}) (Version: 14.5.0000 - Nuance Communications, Inc.) NVIDIA 3D Vision Controller-Treiber 326.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 326.01 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 326.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 326.60 - NVIDIA Corporation) NVIDIA GeForce Experience 1.6.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1 - NVIDIA Corporation) NVIDIA Grafiktreiber 326.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 326.60 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA Virtual Audio 1.2.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.5 - NVIDIA Corporation) Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer) Opera Stable 42.0.2393.517 (HKLM-x32\...\Opera 42.0.2393.517) (Version: 42.0.2393.517 - Opera Software) Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0001 - Nuance Communications, Inc.) PhraseExpress v12.0.124 (HKLM-x32\...\PhraseExpress_is1) (Version: 12.0.124 - Bartels Media GmbH) Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.2.1 - CEWE Stiftung u Co. KGaA) posterXXL Designer 5.3 (HKLM-x32\...\posterXXL Designer_is1) (Version: - ) Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden PSTViewer Pro (HKLM\...\{FC8FEFE3-9286-406C-86E0-CF4245D3A427}) (Version: 6.0.0.294 - Encryptomatic, LLC) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30166 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 1.05.28 - NVIDIA Corporation) Hidden Shotcut (HKLM-x32\...\Shotcut) (Version: - ) Sound Blaster Cinema (HKLM-x32\...\{AF2E323C-1E8A-4CE6-BE9E-B29296BF7FAE}) (Version: 1.00.03 - Creative Technology Limited) StarMoney (x32 Version: 4.0.7.94 - StarFinanz) Hidden StarMoney (x32 Version: 5.0.0.226 - StarFinanz) Hidden StarMoney 10 (HKLM-x32\...\{5B962BBA-721A-4411-BADB-0D520EDB59D7}) (Version: 10 - Star Finanz GmbH) StartIsBack+ (HKU\S-1-5-21-1791603094-1891881837-2934167099-1002\...\StartIsBack) (Version: 1.6.1 - startisback.com) Sweet Home 3D version 5.2 (HKLM\...\Sweet Home 3D_is1) (Version: 5.2 - eTeks) Ulead Photo Explorer (HKLM-x32\...\{025C3792-E9C6-432A-92C1-661F99D021CA}) (Version: 8.5 - ) Ulead PhotoImpact 10 (HKLM-x32\...\{FE58B892-3825-4610-A6A2-E6EFCA83BD97}) (Version: 10.0 - Ulead System) Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3141468) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CB85A0CF-0448-43D8-8006-173A8C84A018}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3141468) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{CB85A0CF-0448-43D8-8006-173A8C84A018}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3141468) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CB85A0CF-0448-43D8-8006-173A8C84A018}) (Version: - Microsoft) VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden VidCoder 1.5.33 (x64) (HKLM\...\VidCoder-x64_is1) (Version: 1.5.33 - RandomEngy) Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) WinHTTrack Website Copier 3.48-22 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack) WinHTTrack Website Copier 3.48-22 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1791603094-1891881837-2934167099-1002_Classes\CLSID\{1248BD21-B584-4EB8-85D0-8EC479CD043B}\InprocServer32 -> C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1791603094-1891881837-2934167099-1002_Classes\CLSID\{61625667-893E-4707-B925-A82B528C00B9}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com) CustomCLSID: HKU\S-1-5-21-1791603094-1891881837-2934167099-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\Citrix\GoToMeeting\2491\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.) CustomCLSID: HKU\S-1-5-21-1791603094-1891881837-2934167099-1002_Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c9}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com) CustomCLSID: HKU\S-1-5-21-1791603094-1891881837-2934167099-1002_Classes\CLSID\{AD1405D2-30CF-4877-8468-1EE1C52C759F}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com) CustomCLSID: HKU\S-1-5-21-1791603094-1891881837-2934167099-1002_Classes\CLSID\{E5C31EC8-C5E6-4E07-957E-944DB4AAD85E}\InprocServer32 -> C:\Users\Jürgen\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {021BE72E-26BF-4185-9581-F87032457C26} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {09C4D8AA-E083-47F8-8938-5A04BC9A5BB4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {11E66B71-BE0B-4C05-83A3-78502D5DC240} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {165EA5D9-E226-4869-BA1E-01E367D5BF95} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {20C6B2FC-5B2A-4DF1-80B1-4DB889C9A739} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {2385EEC3-84E0-4D12-B66A-4616A886A34A} - System32\Tasks\G2MUploadTask-S-1-5-21-1791603094-1891881837-2934167099-1002 => C:\Users\Jürgen\AppData\Local\Citrix\GoToMeeting\5636\g2mupload.exe [2016-10-04] (Citrix Online, a division of Citrix Systems, Inc.) Task: {274DC441-6EA1-4485-A226-93C2EA589D1E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {2DBC9889-62D2-4CE7-9232-A9D2067DCFE9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {3135A68A-2282-47D3-A6CC-82D06FF47E5C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {31478576-8568-4A55-922A-0FE670A34769} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-07-26] (Acer Incorporated) Task: {316708CA-6C08-4058-8E12-AB8330395B94} - \WPD\SqmUpload_S-1-5-21-1791603094-1891881837-2934167099-1002 -> Keine Datei <==== ACHTUNG Task: {33691A7C-8772-49B2-B88F-F9E8C7CAB8D4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {3E31A7AE-C899-4A35-9AF3-36051682F052} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2013-08-22] (Acer Incorporated) Task: {498D6BFD-8D8F-4A45-8A7E-AD36565CCF86} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {53FA74BA-951A-4371-B7EB-4E761D61651E} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] () Task: {67230626-7526-493E-A5FB-D59C7E63B8B0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {77F7F97A-6E2D-4617-B9CD-17319C67D9C6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {7F5023A6-C132-4B8B-8E8B-BB9A3E27197C} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22] (Oracle Corporation) Task: {912E01CE-AE3C-422A-8055-192575B77F14} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {994BEDB0-9710-4E1A-AF59-DCB23D22654B} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG Task: {9E063207-97E2-482E-81D1-41758E3F6F2C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {A45C0F95-9120-446C-B7F0-3FA429D3B3B8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-01-11] (Adobe Systems Incorporated) Task: {A9600C3F-9746-4B57-88F3-4B0B5D4D68E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {AB19571B-7A35-4945-8D9F-64A3CE483716} - System32\Tasks\Opera scheduled Autoupdate 1434391471 => C:\Program Files (x86)\Opera\launcher.exe [2017-01-26] (Opera Software) Task: {AB8A3D6A-A3F2-417A-B23B-163EC20ED358} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-08-04] (AVG Technologies) Task: {B56ED7AA-F3B1-47CD-8981-1E9916F7E394} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] () Task: {B8DF5539-996C-4AB8-ACBD-694EBB730B78} - System32\Tasks\G2MUpdateTask-S-1-5-21-1791603094-1891881837-2934167099-1002 => C:\Users\Jürgen\AppData\Local\Citrix\GoToMeeting\5636\g2mupdate.exe [2016-10-04] (Citrix Online, a division of Citrix Systems, Inc.) Task: {C15D4E8A-904C-456E-9E90-7913D8DE1B4B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-12] (Microsoft Corporation) Task: {C920EFE7-0202-4095-BBFB-B38F5ED27AEF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {CEF1F9CA-CF9B-4E1B-A58C-A759E806E74A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {E573B9AB-9792-4F56-A7B3-5E9FE3987EF8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {EE784D72-B34D-455F-A6EF-F4559B532B4B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {F091E858-923B-4AC8-95F3-12C91C5F292A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1791603094-1891881837-2934167099-1002.job => C:\Users\Jürgen\AppData\Local\Citrix\GoToMeeting\6291\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1791603094-1891881837-2934167099-1002.job => C:\Users\Jürgen\AppData\Local\Citrix\GoToMeeting\6291\g2mupload.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-14 00:56 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-10-09 16:27 - 2016-08-01 13:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-02-20 07:01 - 2015-02-20 07:01 - 00022528 _____ () C:\WINDOWS\System32\us001lm.dll 2016-12-14 00:56 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-10-09 16:54 - 2016-10-09 16:54 - 00959168 _____ () C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll 2013-12-17 09:54 - 2012-11-01 11:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL 2016-04-27 13:46 - 2016-04-21 07:36 - 00323400 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\backupClient-abpb.exe 2016-04-27 13:46 - 2016-04-21 07:36 - 06356808 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\ox.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 07397704 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\backupClientLib.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00431432 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\updateman.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00165192 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\featback.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 12083528 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\backupCore.dll 2016-04-27 13:46 - 2016-03-02 10:59 - 01406464 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\webdave.dll 2016-04-27 13:46 - 2016-03-02 10:59 - 00324096 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\party.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00573768 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\twirl.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00388424 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\tomb.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00174408 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\deemon.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00231752 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\netutil.dll 2016-04-27 13:46 - 2016-03-02 10:58 - 00081920 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\zdll.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00388424 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\crumb.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00589640 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\veem.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00068936 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\minizutil.dll 2016-04-27 13:46 - 2016-03-02 10:59 - 00220672 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\jsoncpp.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00061768 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\lzmaUtil.dll 2016-04-27 13:46 - 2016-03-02 10:58 - 00091648 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\ziputil.dll 2016-04-27 13:46 - 2016-03-02 10:58 - 00022528 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\zlibutil.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00163144 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\scoolite.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00031560 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\lz4util.dll 2016-04-27 13:46 - 2016-03-02 10:59 - 00049664 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\lzma.dll 2016-04-27 13:46 - 2016-03-02 10:58 - 00107008 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\minizip.dll 2016-04-27 13:46 - 2016-03-02 10:59 - 00626688 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\sqlite.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00049480 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\lz4.dll 2016-04-27 13:46 - 2016-04-21 07:37 - 00067912 _____ () C:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\oxHelper.exe 2017-01-30 10:15 - 2017-01-20 07:47 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2017-01-30 10:15 - 2017-01-20 07:47 - 02254800 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-01-30 10:15 - 2017-01-20 07:47 - 02829776 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll 2016-08-26 09:14 - 2016-08-26 09:14 - 00192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe 2015-03-17 12:43 - 2015-03-17 12:43 - 00087552 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll 2015-02-08 11:20 - 2015-02-08 11:20 - 01793248 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll 2015-03-17 13:15 - 2015-03-17 13:15 - 00355040 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll 2016-04-27 13:46 - 2016-04-21 07:37 - 00032072 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\backupService-abpb.exe 2016-04-27 13:46 - 2016-04-21 07:37 - 00119112 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\backupServiceLib.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00174408 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\deemon.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00573768 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\twirl.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 12083528 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\backupCore.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 06356808 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\ox.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00388424 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\tomb.dll 2016-04-27 13:46 - 2016-03-02 10:59 - 01406464 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\webdave.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00388424 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\crumb.dll 2016-04-27 13:46 - 2016-03-02 10:59 - 00324096 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\party.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00589640 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\veem.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00068936 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\minizutil.dll 2016-04-27 13:46 - 2016-03-02 10:59 - 00220672 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\jsoncpp.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00061768 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\lzmaUtil.dll 2016-04-27 13:46 - 2016-03-02 10:58 - 00091648 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\ziputil.dll 2016-04-27 13:46 - 2016-03-02 10:58 - 00022528 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\zlibutil.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00231752 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\netutil.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00163144 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\scoolite.dll 2016-04-27 13:46 - 2016-03-02 10:58 - 00081920 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\zdll.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00031560 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\lz4util.dll 2016-04-27 13:46 - 2016-03-02 10:59 - 00049664 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\lzma.dll 2016-04-27 13:46 - 2016-03-02 10:58 - 00107008 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\minizip.dll 2016-04-27 13:46 - 2016-03-02 10:59 - 00626688 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\sqlite.dll 2016-04-27 13:46 - 2016-04-21 07:36 - 00049480 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\lz4.dll 2012-03-16 23:35 - 2012-03-16 23:35 - 00325120 _____ () C:\WINDOWS\system32\SaMinDrv.dll 2015-08-04 13:26 - 2015-08-04 13:26 - 00718040 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll 2016-04-27 13:46 - 2016-04-21 07:37 - 00067912 _____ () c:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\oxHelper.exe 2015-08-04 13:26 - 2015-08-04 13:26 - 00861912 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll 2016-10-09 17:24 - 2016-10-09 17:24 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-01-10 23:57 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-01-10 23:57 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-01-10 23:57 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-01-10 23:57 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-01-10 23:57 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-01-10 23:57 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-01-10 23:57 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2013-12-17 10:06 - 2013-07-30 18:11 - 00110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll 2016-04-22 14:15 - 2016-04-22 14:15 - 00052912 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2016-10-09 16:54 - 2016-10-09 16:54 - 00679624 _____ () C:\Users\Jürgen\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\ClientTelemetry.dll 2016-01-05 10:32 - 2016-12-12 14:52 - 00496664 _____ () C:\Program Files (x86)\PhraseExpress\pexlang.dll 2015-04-26 14:37 - 2004-07-26 16:11 - 00028672 ____N () C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll 2017-01-30 13:45 - 2016-04-26 19:34 - 00550400 _____ () C:\Program Files (x86)\WinHTTrack\libhttrack.dll 2017-01-30 13:45 - 2016-04-26 19:30 - 00123392 _____ () C:\Program Files (x86)\WinHTTrack\zlib1.dll 2017-01-30 13:45 - 2016-04-26 19:34 - 00170480 _____ () C:\Program Files (x86)\WinHTTrack\htsswf.DLL 2017-01-30 13:45 - 2016-04-26 19:34 - 00069616 _____ () C:\Program Files (x86)\WinHTTrack\htsjava.DLL 2015-12-22 01:47 - 2015-12-22 01:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\kpcengine.2.3.dll 2016-12-18 18:36 - 2016-01-28 15:33 - 01058624 _____ () C:\Program Files (x86)\StarMoney 10\ouservice\libxml2.dll 2016-12-18 18:36 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 10\ouservice\PATCHW32.dll 2013-12-17 09:50 - 2013-08-19 04:12 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\Temp:01C66DD9 [372] AlternateDataStreams: C:\ProgramData\Temp:FD9CE1F3 [254] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1791603094-1891881837-2934167099-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg HKU\S-1-5-21-1791603094-1891881837-2934167099-1008\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run32: => "UpdReg" HKLM\...\StartupApproved\Run32: => "Sound Blaster Cinema" HKLM\...\StartupApproved\Run32: => "ISUSPM" HKLM\...\StartupApproved\Run32: => "PPort14reminder" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-1791603094-1891881837-2934167099-1002\...\StartupApproved\Run: => "ISUSPM" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [{EA49DC47-EBA0-4062-B6C2-F24F601FCFC1}] => C:\Program Files (x86)\StarMoney 10\app\StarMoney.exe FirewallRules: [{4B253B60-51D5-45C9-A6FE-1C44021083E7}] => C:\Program Files (x86)\StarMoney 10\app\StarMoney.exe FirewallRules: [{263C6B32-A116-4C0A-A15B-324C46F19AF1}] => C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{311E07C7-16D4-4E33-85FD-CE244635D659}] => C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{AB65C7FF-BF3C-4182-BBA6-6584A1EE4425}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{0D380962-F47F-43E3-A85D-269AFF248DFB}] => LPort=23272 FirewallRules: [{A048D45F-65E3-45F5-9947-19E2033BF8DC}] => LPort=23272 FirewallRules: [{B1600D6F-27B2-471D-AFA4-DB23FE883695}] => LPort=62910 FirewallRules: [{544BD89E-C76D-441E-AC2D-AE238AEE616A}] => LPort=62910 FirewallRules: [{B1FC9EE0-9430-4252-BCBE-535BFDAF76BE}] => C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe FirewallRules: [{EFBAEEB9-ABC7-4F82-9DEA-125737A45101}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B758F2AD-7C62-4B88-A62D-84127B1C60BD}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{AD56AC9F-5F16-4E54-AFAD-41FD64A1BAFD}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{18795B3C-35D0-4946-8D43-7C6F7135B7D9}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{5361CEC2-6536-4925-9170-3E5E175A1F99}] => C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{B18D7521-C855-463C-8475-67E67058FA0D}] => C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{6B1D20CE-F584-45BA-BB3F-C49D69D0AF9F}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{FA1F3D72-A0DF-4B48-88D2-AD0B8B43F503}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{C3F9519C-6339-4E44-8FB5-D768D2391E04}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{F628CC01-5A8C-4024-8218-FA07360DC85F}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{8D3062EF-57D5-4CA7-A06C-C17E328DA18E}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{07805303-7514-48D2-9419-264A38B00F2E}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{14F0E81E-FF71-403D-A6D3-3666EE93D94A}] => C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{C9B674D5-D6AF-4DBE-90FE-F02149862442}] => C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{5704A84F-9141-4678-AB68-160A8E5ECF87}] => C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe FirewallRules: [{3D127A32-6758-4AF0-96BD-528A47D4CA75}] => C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe FirewallRules: [{EC4C9F2C-7B2F-4A9F-A49D-2BC64D9965D6}] => C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe FirewallRules: [{4288A344-51B7-4531-B940-F77ED63D5FB0}] => C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe FirewallRules: [{263D84D3-24C2-4967-9F65-3D8F5A1650C9}] => C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{83E44EAF-FBC9-4F91-A2FB-E665FB36D470}] => C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{4BCDC6CB-47D2-4FC0-B281-0630F4F5BC8F}] => C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{5C33F25D-D95D-4BCA-BA83-0B4693E53B7C}] => C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{5E27F73A-7F35-40E8-A2CF-AEB000F39150}] => C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{0C3AAA66-B60B-4E50-BC36-251211C4244C}] => C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{05E66F6E-2102-438A-B92F-95ABCE96D6E3}] => C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{3F1A59A3-78F9-4BAE-83E9-42BB6120345C}] => C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{5BF6D938-754D-4BDC-BB3F-31B7D3F128FA}] => C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{A9685B26-D32E-4641-AC31-07350AA4FD75}] => C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{77F408F6-13A5-4690-B209-B703128D4A65}] => C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{311BA5DA-E238-4894-8F2E-BD4C2AAACF65}] => C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{EB390CA3-899F-4944-AF22-6800BE39B926}] => C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{FFC042BE-25B8-4431-94FC-2A4FB6D1A125}] => C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{6A27C06F-D355-4FD0-B0A0-6CDD45498B4C}] => C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{E35E91E3-B800-4541-A285-627DCDE5257E}] => C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{C00CCE16-394F-4F19-BCED-07E9628AF0F6}] => C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{FFB3F391-082D-428E-A995-13252A60DD35}] => C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{41F8ED07-4FA6-4BC5-B6A3-CAEA61D2E2E8}] => C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe FirewallRules: [{57FBABCE-7AD9-48C8-8880-C526A97D4AC2}] => C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe FirewallRules: [{31ED3965-2679-413C-9233-02C892783D92}] => C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe FirewallRules: [{EA27838B-42A6-40B1-ACF9-4B29C6DBE8DE}] => C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe FirewallRules: [{D4BA30CC-DB96-4678-9E12-A2C84CE7D778}] => C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (01/30/2017 01:47:37 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm WinHTTrack.exe, Version 3.48.22.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 2d0 Startzeit: 01d27af6d01571bb Beendigungszeit: 4 Anwendungspfad: C:\Program Files (x86)\WinHTTrack\WinHTTrack.exe Berichts-ID: 45a50344-e6ea-11e6-82c2-48d2245c6953 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (01/30/2017 01:46:50 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nuance\PaperPort\CheckPPFolders.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest. Error: (01/30/2017 01:45:16 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm WinHTTrack.exe, Version 3.48.22.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: b70 Startzeit: 01d27af6911ed97e Beendigungszeit: 3 Anwendungspfad: C:\Program Files\WinHTTrack\WinHTTrack.exe Berichts-ID: f0ff9e10-e6e9-11e6-82c2-48d2245c6953 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (01/30/2017 01:43:00 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nuance\PaperPort\CheckPPFolders.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest. Error: (01/30/2017 01:39:32 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nuance\PaperPort\CheckPPFolders.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest. Error: (01/30/2017 12:04:04 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm mbam.exe, Version 3.0.0.912 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1a10 Startzeit: 01d27ad95ff110ed Beendigungszeit: 60000 Anwendungspfad: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe Berichts-ID: a428c018-e6db-11e6-82c1-d43d7ef75c17 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (01/30/2017 10:50:00 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 15.0.4893.1000, Zeitstempel: 0x584fa15a Name des fehlerhaften Moduls: mso.dll, Version: 15.0.4893.1000, Zeitstempel: 0x584faa28 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000037db43 ID des fehlerhaften Prozesses: 0x2104 Startzeit der fehlerhaften Anwendung: 0x01d273fd44fe182d Pfad der fehlerhaften Anwendung: C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE Pfad des fehlerhaften Moduls: C:\Program Files\Common Files\Microsoft Shared\Office15\mso.dll Berichtskennung: 76ede61b-e6d1-11e6-82c1-d43d7ef75c17 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (01/30/2017 10:49:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Jues-linker-PC) Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{a02a3bb5-151d-4f4d-be3a-dd5212fd172a}“ wurde beendet, da das Anhalten zu lange dauerte. Error: (01/30/2017 10:49:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Jues-linker-PC) Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{5b03edac-7f1a-4bb0-912f-3bb171810667}“ wurde beendet, da das Anhalten zu lange dauerte. Error: (01/30/2017 10:49:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Jues-linker-PC) Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{4643270e-6235-41ea-928b-73cb5415ae6c}“ wurde beendet, da das Anhalten zu lange dauerte. Systemfehler: ============= Error: (01/30/2017 01:57:09 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (01/30/2017 01:54:56 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht. Error: (01/30/2017 01:54:26 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht. Error: (01/30/2017 01:53:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "CDPUserSvc_3c8b5" wurde mit folgendem Fehler beendet: Unbekannter Fehler Error: (01/30/2017 01:53:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "nvUpdatusService" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden. Error: (01/30/2017 01:53:55 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: Das System kann die angegebene Datei nicht finden. Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC). Error: (01/30/2017 01:53:55 PM) (Source: NETLOGON) (EventID: 3095) (User: ) Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser Konfiguration nicht gestartet zu sein. Error: (01/30/2017 01:53:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (01/30/2017 01:53:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (01/30/2017 01:53:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "UxTuneUp" wurde aufgrund folgenden Fehlers nicht gestartet: In dem ausführbaren Programm, in dem der Dienst ausgeführt wird, ist der Dienst nicht implementiert. CodeIntegrity: =================================== Date: 2017-01-30 13:46:45.314 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-30 13:46:45.298 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-30 13:42:55.318 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-30 13:42:55.302 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-30 13:39:25.101 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-30 13:39:25.080 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-30 10:36:22.008 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-01-30 10:36:21.658 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-01-30 10:28:47.543 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-01-30 10:28:47.541 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz Prozentuale Nutzung des RAM: 37% Installierter physikalischer RAM: 8111.71 MB Verfügbarer physikalischer RAM: 5033.33 MB Summe virtueller Speicher: 16815.71 MB Verfügbarer virtueller Speicher: 13388.3 MB ==================== Laufwerke ================================ Drive c: (Acer) (Fixed) (Total:118.19 GB) (Free:31.71 GB) NTFS Drive e: (Eigene Dateien) (Fixed) (Total:292.97 GB) (Free:155.11 GB) NTFS Drive f: (Programme) (Fixed) (Total:193.81 GB) (Free:178.26 GB) NTFS Drive g: (INTENSO) (Removable) (Total:29.8 GB) (Free:29.38 GB) FAT32 Drive h: (Speicherplatz) (Fixed) (Total:678.02 GB) (Free:677.06 GB) NTFS Drive j: (Toshiba_S1) (Fixed) (Total:931.51 GB) (Free:134.93 GB) NTFS Drive l: (Datensicher) (Fixed) (Total:931.51 GB) (Free:245.9 GB) NTFS Drive m: (EXTERNHD) (Fixed) (Total:1862.56 GB) (Free:463.22 GB) FAT32 Drive z: (Laufwerk) (Fixed) (Total:680.22 GB) (Free:434.09 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: 7810DBF1) Partition: GPT. ======================================================== Disk: 1 (Size: 1863 GB) (Disk ID: 7810DBDA) Partition: GPT. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E55BC55D) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 696FC7C4) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 4 (Size: 29.8 GB) (Disk ID: 00000000) Partition: GPT. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 5. ======================================================== Disk: 6 (Size: 1863 GB) (Disk ID: 6ADD1247) Partition 1: (Active) - (Size=1863 GB) - (Type=0B) ==================== Ende von Addition.txt ============================ |
31.01.2017, 13:45 | #3 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Rechner extrem langsam, Programme werden nicht mehr gestartetZitat:
Deinstallieren und ganz weit weg werfen! Testweise auch Kaspersky deinstallieren. Virenscanner sind mittlerweile strk umstritten, Suites die auch noch "Firewalls" und anderen Mist mitbringen waren schon immer umstritten und haben das System nachhaltig gebremst. Die Dinger kann man mittlerweile auf die selbe Stufe stellen wie die Tuning-Progamme: es werden Wirkungen hineingedichtet, die es so nicht geben kann, gleichzeitig werden alle Risiken verschwiegen.
__________________ |
31.01.2017, 14:16 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Rechner extrem langsam, Programme werden nicht mehr gestartet und bitte keine Doppelpostings! =>http://www.trojaner-board.de/184172-...gestartet.html
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Windows 10: Rechner extrem langsam, Programme werden nicht mehr gestartet |
downloader, flash player, format, home, homepage, hängen, hängt, kaspersky, kaspersky total security, keine rückmeldung, langsam, mozilla, performance, programm, prozesse, realtek, registry, rundll, scan, security, services.exe, svchost.exe, system, taskmanager, usb, windows |