Hier die First
FRST Logfile: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 13-09-2017 02
durchgeführt von Lenovo (Administrator) auf HEIKE (14-09-2017 01:43:31)
Gestartet von C:\Users\Lenovo\Desktop
Geladene Profile: Lenovo (Verfügbare Profile: Lenovo)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PSIService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\CredentialUIBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [404376 2015-08-09] ()
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-09-24] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-11] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2777840 2013-08-14] (Synaptics Incorporated)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-06-07] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-06-07] (Lenovo(beijing) Limited)
HKLM\...\Run: [Corel Photo Downloader] => C:\Program Files (x86)\Corel\Corel MediaOne\Corel Photo Downloader.exe [483144 2007-08-17] (Corel, Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [567088 2016-10-14] ()
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161240 2016-05-21] (IvoSoft)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [Corel Photo Downloader] => "C:\Program Files (x86)\Corel\Corel MediaOne\Corel PhotoDownloader.exe" -startup
HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [95504 2007-08-02] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-07-20] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [421768 2016-04-25] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7381720 2017-04-17] ()
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (CANON INC.)
HKU\S-1-5-21-3566350173-3005484379-3849398607-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3566350173-3005484379-3849398607-1001\...\Run: [WinSweep] => C:\Program Files (x86)\WinSweeper\WinSweeper.exe
HKU\S-1-5-21-3566350173-3005484379-3849398607-1001\...\RunOnce: [Application Restart #4] => C:\Users\Lenovo\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [7873512 2017-05-18] (Pokki)
HKU\S-1-5-21-3566350173-3005484379-3849398607-1001\...\RunOnce: [Application Restart #2] => C:\Users\Lenovo\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [7873512 2017-05-18] (Pokki)
HKU\S-1-5-21-3566350173-3005484379-3849398607-1001\...\RunOnce: [Application Restart #1] => C:\Users\Lenovo\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [7873512 2017-05-18] (Pokki)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-06-07]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2015-11-29] (Lavasoft Limited)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2015-11-29] (Lavasoft Limited)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2015-11-29] (Lavasoft Limited)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2015-11-29] (Lavasoft Limited)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [345360 2015-11-29] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-11-29] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-11-29] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-11-29] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-11-29] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-11-29] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{992A9113-D82C-4BEF-88A9-ECE0FB025147}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{9F95483E-99B1-4C77-93C2-E3ACB5BF08B2}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-3566350173-3005484379-3849398607-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3566350173-3005484379-3849398607-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3566350173-3005484379-3849398607-1001 -> DefaultScope {1083F955-C992-4571-99FA-1975CF38BB3F} URL =
SearchScopes: HKU\S-1-5-21-3566350173-3005484379-3849398607-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D112815-A6B219395BABB4E59ADF&form=CONBDF&conlogo=CT3332005&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3566350173-3005484379-3849398607-1001 -> {1083F955-C992-4571-99FA-1975CF38BB3F} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-05-21] (IvoSoft)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> Keine Datei
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-05-21] (IvoSoft)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10] (Adobe Systems Incorporated.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-05-21] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-22] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-22] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-05-21] (IvoSoft)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-05-21] (IvoSoft)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10] (Adobe Systems Incorporated.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-05-21] (IvoSoft)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - Keine Datei
DefaultPrefix-x32: => <==== ACHTUNG
FireFox:
========
FF DefaultProfile: kokgnhpi.default
FF DefaultProfile: sp4uff4n.default
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\kokgnhpi.default [2017-09-10]
FF user.js: detected! => C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\kokgnhpi.default\user.js [2016-06-14]
FF NewTab: Mozilla\Firefox\Profiles\kokgnhpi.default -> hxxp://www.google.de/
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\kokgnhpi.default -> Bing®
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\kokgnhpi.default -> Bing®
FF Homepage: Mozilla\Firefox\Profiles\kokgnhpi.default -> chrome://speeddial/content/speeddial.xul
FF Extension: (Rikaichan Japanese-English Dictionary File) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\kokgnhpi.default\Extensions\rikaichan-jpen@polarcloud.com [2016-11-27]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\kokgnhpi.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2016-07-25]
FF Extension: (Kein Name) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\kokgnhpi.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2015-08-17] [ist nicht signiert]
FF Extension: (Speed Dial) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\kokgnhpi.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2015-09-13]
FF Extension: (ReloadEvery) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\kokgnhpi.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2015-07-13]
FF Extension: (Pinky) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\kokgnhpi.default\Extensions\{9db2522d-0416-4f0d-969c-9cf9f03a20ee}.xpi [2016-12-24]
FF Extension: (Video DownloadHelper) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\kokgnhpi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: (Adblock Plus) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\kokgnhpi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26]
FF Extension: (Greasemonkey) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\kokgnhpi.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-11-21]
FF SearchPlugin: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\kokgnhpi.default\searchplugins\bing-lavasoft.xml [2015-11-29]
FF SearchPlugin: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\kokgnhpi.default\searchplugins\yahoo! powered.xml [2017-02-13]
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\CLIQZ\Profiles\sp4uff4n.default [2017-05-05]
FF Homepage: CLIQZ\Profiles\sp4uff4n.default -> hxxp://www.google.de/
FF Extension: (Kein Name) - C:\Program Files (x86)\CLIQZ\browser\features\https-everywhere@cliqz.com.xpi [nicht gefunden]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-22] (Oracle Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3566350173-3005484379-3849398607-1001: @tools.coowon.com/Coowon Update;version=3 -> C:\Users\Lenovo\AppData\Local\Coowon\Update\1.3.33.0\npCoowonUpdate3.dll [2017-04-27] (Coowon.)
FF Plugin HKU\S-1-5-21-3566350173-3005484379-3849398607-1001: @tools.coowon.com/Coowon Update;version=9 -> C:\Users\Lenovo\AppData\Local\Coowon\Update\1.3.33.0\npCoowonUpdate3.dll [2017-04-27] (Coowon.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.railnation.de/home/
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT2481020&SearchSource=48&UP=SPA8BDDFAB-A85D-4022-A293-C36BDAEC79DD","hxxp://search.conduit.com/?ctid=CT2481020&SearchSource=48&UP=SPA8BDDFAB-A85D-4022-A293-C36BDAEC79DD","hxxp://search.conduit.com/?ctid=CT2481020&SearchSource=48&UP=SPC01EEB7E-586F-498E-A3C3-3533333A019D&SSPV=","hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82L4mwm7l_uYCCbZ6c15-H-fuoWWjVJeSx5lV99C0reYpARoTnimahgIZ8M-2A3RZnMkh_EVWODi8oR0b67jqEeqD6OXrgnqBndk3hjRO-nNAdOoJd1kO6snYBr4xUdwUSXP2wvou63x6FZkVYqaiajpfkJQbDHFOKFvGQ,,","hxxp://www.mystartsearch.com/?type=hp&ts=1415021975&from=bdo&uid=ST9500420AS_5VJA637BXXXX5VJA637B","hxxp://homepage-web.com/?s=lenovo&m=start"
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2017-09-14]
CHR Extension: (Google Präsentationen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-08]
CHR Extension: (Google Docs) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-08]
CHR Extension: (Google Drive) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-08]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-08]
CHR Extension: (Pinky) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eijmklfnehnnkbfcoabieogaomookbna [2017-07-25]
CHR Extension: (Google Tabellen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-08]
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-08]
CHR Extension: (Skype) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-27]
CHR Extension: (Google Mail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-08]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-29]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <nicht gefunden>
Opera:
=======
OPR Extension: (Pinky) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibgecmlomhdooncfjlaelfbbeijbccbd [2017-07-26]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1244408 2016-10-14] ()
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4463592 2017-06-13] ()
S2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2252504 2013-08-08] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-09-04] (Broadcom Corporation.)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [517464 2015-01-28] (Garmin Ltd or its subsidiaries)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-09-24] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 ProtexisLicensing; C:\WINDOWS\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [338944 2013-08-11] (IDT, Inc.) [Datei ist nicht signiert]
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9698296 2016-04-16] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-06-07] ()
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-10-28] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [307576 2015-10-28] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S2 0019311418939465mcinstcleanup; C:\Users\Lenovo\AppData\Local\Temp\001931~1.EXE -cleanup -nolog [X] <==== ACHTUNG
S2 c2cautoupdatesvc; "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service [X]
S2 c2cpnrsvc; "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [170712 2013-08-08] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7474864 2013-08-07] (Broadcom Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [366432 2017-06-13] (Acronis International GmbH)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [74344 2013-07-03] (Intel Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1267552 2017-06-13] (Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [193376 2017-06-13] (Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [601432 2017-06-13] (Acronis International GmbH)
S3 usbrndis6; C:\WINDOWS\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [279392 2016-06-08] (Acronis International GmbH)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [1065728 2013-09-26] (Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 cpuz136; \??\C:\Users\Lenovo\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X] <==== ACHTUNG
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-14 01:43 - 2017-09-14 01:44 - 000030457 _____ C:\Users\Lenovo\Desktop\FRST.txt
2017-09-14 01:43 - 2017-09-14 01:43 - 000000000 ____D C:\FRST
2017-09-14 01:42 - 2017-09-14 01:41 - 002398208 _____ (Farbar) C:\Users\Lenovo\Desktop\FRST64.exe
2017-09-14 01:41 - 2017-09-14 01:41 - 002398208 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64.exe
2017-09-14 01:29 - 2017-09-14 01:29 - 000000415 _____ C:\Users\Lenovo\Desktop\Erneutes Installieren eines Norton-Produkts nach Ausführen des Norton Removal Tool.url
2017-09-14 01:18 - 2017-09-14 01:18 - 000900344 _____ C:\Users\Lenovo\Downloads\Norton_22Removal_Tool.exe
2017-09-13 20:45 - 2017-09-13 20:46 - 000044671 _____ C:\Users\Lenovo\Desktop\Bloo PPT 12 09 17.pdf
2017-09-13 13:34 - 2017-09-13 13:34 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-09-09 18:34 - 2017-09-09 18:34 - 000033939 _____ C:\Users\Lenovo\Desktop\Norton.jpeg
2017-09-09 07:31 - 2017-09-09 07:31 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton AntiVirus
2017-09-09 07:23 - 2017-09-09 07:23 - 000003254 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-09-05 21:48 - 2017-09-05 21:48 - 000001030 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-09-05 21:48 - 2017-09-05 21:48 - 000001018 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-09-05 21:46 - 2017-09-05 21:47 - 015756368 _____ (TeamViewer GmbH) C:\Users\Lenovo\Downloads\TeamViewer_Setup.exe
2017-09-04 12:23 - 2017-09-04 12:25 - 000000000 ____D C:\ProgramData\NortonRnR
2017-09-04 12:12 - 2017-09-04 12:12 - 041951583 _____ C:\Users\Lenovo\Downloads\WD_SmartWare_Installer_2.4.20.48.zip
2017-09-04 12:12 - 2017-09-04 12:12 - 000000000 ____D C:\Users\Lenovo\Downloads\WD_SmartWare_Installer_2.4.20.48
2017-09-04 08:56 - 2017-09-04 08:56 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Opera Software
2017-09-04 08:54 - 2017-09-04 08:54 - 000007601 _____ C:\Users\Lenovo\AppData\Local\Resmon.ResmonCfg
2017-09-02 15:49 - 2017-09-02 15:49 - 000000000 ____D C:\Users\Lenovo\Acronissicherung-28-04-15
2017-09-02 15:32 - 2017-09-02 15:32 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-09-02 15:28 - 2017-09-03 10:30 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-09-02 15:28 - 2017-09-03 10:04 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-09-02 12:00 - 2017-09-03 10:30 - 000000000 ____D C:\Users\Lenovo\Downloads\spacesniffer_1_3_0_2
2017-09-02 12:00 - 2017-09-02 12:00 - 001658900 _____ C:\Users\Lenovo\Downloads\spacesniffer_1_3_0_2.zip
2017-08-31 14:12 - 2017-08-31 14:12 - 000000857 _____ C:\WINDOWS\system32\Drivers\etc\hosts.bak
2017-08-31 12:58 - 2017-09-09 18:40 - 000000000 ____D C:\Users\Lenovo\AppData\Local\NPE
2017-08-30 20:58 - 2017-08-30 21:00 - 000077345 _____ C:\Users\Lenovo\Downloads\WhatsApp Image 2017-08-30 at 20.44.18.jpeg
2017-08-30 17:31 - 2017-08-30 17:31 - 000000000 ____D C:\Program Files\dm
2017-08-30 17:30 - 2017-08-30 17:31 - 001636456 _____ C:\Users\Lenovo\Downloads\setup_dm_Fotowelt.exe
2017-08-30 04:44 - 2017-08-30 04:44 - 000033319 _____ C:\Users\Lenovo\Desktop\PPT - Geburtstage.xlsx
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-14 01:41 - 2016-06-08 16:34 - 000000000 ____D C:\Users\Lenovo\AppData\Local\ClassicShell
2017-09-14 01:41 - 2014-12-19 03:04 - 000000000 __RDO C:\Users\Lenovo\OneDrive
2017-09-14 01:32 - 2016-09-16 05:39 - 000000402 _____ C:\WINDOWS\Tasks\update-S-1-5-21-3566350173-3005484379-3849398607-1001.job
2017-09-14 01:30 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-09-14 01:29 - 2014-09-08 20:50 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3566350173-3005484379-3849398607-1001
2017-09-14 01:28 - 2014-12-20 03:27 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2017-09-14 01:28 - 2014-12-18 22:02 - 000000000 ____D C:\Users\Lenovo\Sicherungen
2017-09-14 01:27 - 2016-05-09 09:16 - 000000000 __SHD C:\Users\Lenovo\IntelGraphicsProfiles
2017-09-14 01:23 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-14 01:22 - 2014-06-07 04:35 - 000027136 _____ C:\WINDOWS\system32\VfService.trf
2017-09-14 01:22 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2017-09-14 01:21 - 2017-06-13 02:05 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-09-14 01:21 - 2016-06-20 21:07 - 000000000 ____D C:\ProgramData\Norton
2017-09-14 00:32 - 2015-01-17 12:55 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
2017-09-14 00:09 - 2015-06-15 12:31 - 000000000 ____D C:\Users\Lenovo\Desktop\Railnation
2017-09-13 23:12 - 2016-09-16 05:39 - 000000402 _____ C:\WINDOWS\Tasks\update-sys.job
2017-09-13 19:08 - 2016-06-10 20:36 - 000010025 _____ C:\Users\Lenovo\Desktop\rn_paxe (Automatisch gespeichert).xlsx
2017-09-13 18:03 - 2016-06-20 18:04 - 000000280 _____ C:\WINDOWS\Tasks\WinThrustersch.job
2017-09-13 09:10 - 2016-01-14 23:54 - 000000000 ____D C:\Users\Lenovo\AppData\Local\The Settlers Online
2017-09-12 16:01 - 2014-12-19 01:14 - 000004342 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-09-12 16:00 - 2016-06-08 15:00 - 005680640 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-09-12 16:00 - 2015-09-08 23:49 - 000004476 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-09-12 16:00 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-12 16:00 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-10 22:05 - 2014-09-16 21:01 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Nitro PDF
2017-09-10 16:19 - 2016-12-24 23:35 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Mozilla
2017-09-09 18:34 - 2015-05-07 15:27 - 002368000 ___SH C:\Users\Lenovo\Desktop\Thumbs.db
2017-09-09 10:52 - 2015-09-11 16:20 - 000000000 ____D C:\Program Files\Common Files\AV
2017-09-09 07:26 - 2017-06-13 01:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\NAVx64
2017-09-09 07:17 - 2014-09-08 20:43 - 000000000 ____D C:\Users\Lenovo
2017-09-08 12:40 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2017-09-07 01:17 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-09-06 13:10 - 2017-06-16 01:11 - 000000000 ____D C:\Program Files\NortonInstaller
2017-09-06 09:45 - 2014-12-18 23:26 - 000070296 _____ C:\Users\Lenovo\AppData\Local\GDIPFONTCACHEV1.DAT
2017-09-05 21:59 - 2013-08-22 16:44 - 001776992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-05 21:48 - 2015-12-09 19:43 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-09-05 12:33 - 2014-09-08 20:44 - 000000000 ____D C:\Users\Lenovo\AppData\Local\VirtualStore
2017-09-05 09:34 - 2015-02-01 21:37 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\FileZilla
2017-09-05 09:08 - 2017-01-23 18:46 - 000000000 ____D C:\Users\Lenovo\AppData\Local\FileZilla
2017-09-04 12:13 - 2015-07-11 00:18 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps
2017-09-04 08:33 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-04 08:30 - 2015-01-12 10:20 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\DVDVideoSoft
2017-09-04 08:29 - 2017-04-09 15:56 - 000000000 ____D C:\Program Files\Core Temp
2017-09-03 11:08 - 2014-06-07 13:02 - 000770130 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-03 11:08 - 2014-06-07 13:02 - 000160912 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-03 11:08 - 2013-10-07 20:27 - 001789004 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-03 10:30 - 2016-05-08 22:44 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\OpenCandy
2017-09-03 10:30 - 2014-12-19 10:49 - 000000000 ____D C:\ProgramData\FLEXnet
2017-09-03 10:28 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-03 10:21 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\registration
2017-09-02 16:16 - 2017-08-01 14:39 - 000000000 ____D C:\Users\Lenovo\Desktop\WeightWAtchers
2017-09-02 15:17 - 2015-06-19 14:15 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\TeamViewer
2017-09-02 11:30 - 2017-05-31 13:22 - 000000000 ____D C:\Users\Lenovo\Desktop\Brand
2017-09-02 11:19 - 2017-02-13 14:15 - 000000000 ____D C:\ProgramData\{FDA738C4-77E5-B202-F123-2C406B61A78E}
2017-08-30 20:59 - 2015-08-21 12:28 - 000097280 ___SH C:\Users\Lenovo\Downloads\Thumbs.db
2017-08-30 20:28 - 2014-06-07 04:23 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-28 22:57 - 2016-06-20 21:44 - 000002178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-29 01:36 - 2015-11-29 01:36 - 000000040 _____ () C:\Users\Lenovo\AppData\Roaming\cdr.ini
2016-02-02 05:50 - 2016-02-02 05:50 - 000038425 _____ () C:\Users\Lenovo\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
2017-02-28 23:15 - 2017-02-28 23:15 - 000038430 _____ () C:\Users\Lenovo\AppData\Roaming\Microsoft Excel 97-2003.ADR
2017-06-13 01:35 - 2017-06-13 01:40 - 503005056 _____ () C:\Users\Lenovo\AppData\Local\AcronisTrueImage2016_6589.exe
2017-09-04 08:54 - 2017-09-04 08:54 - 000007601 _____ () C:\Users\Lenovo\AppData\Local\Resmon.ResmonCfg
2016-09-16 05:39 - 2016-09-16 05:39 - 000000003 _____ () C:\Users\Lenovo\AppData\Local\updater.log
2016-09-16 05:39 - 2017-05-07 09:24 - 000000425 _____ () C:\Users\Lenovo\AppData\Local\UserProducts.xml
2014-09-08 20:47 - 2014-09-08 20:53 - 000378626 _____ () C:\ProgramData\2014-09-08_20-47-32_IPOSInstall.log
2014-09-16 20:59 - 2014-09-16 21:01 - 000390428 _____ () C:\ProgramData\2014-09-16_20-59-13_IPOSInstall.log
2014-12-19 12:19 - 2014-12-19 12:19 - 000000057 _____ () C:\ProgramData\Ament.ini
2014-06-07 03:55 - 2014-06-07 03:55 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-02-13 14:16 - 2017-02-13 14:16 - 000000016 _____ () C:\ProgramData\mntemp
2017-02-13 14:16 - 2017-02-13 14:16 - 000005054 _____ () C:\ProgramData\mudtcpaz.vzs
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-05-09 11:11
==================== Ende von FRST.txt ============================ --- --- ---
[/CODE]
Und hier die Adition
FRST Additions Logfile: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 13-09-2017 02
durchgeführt von Lenovo (14-09-2017 01:45:02)
Gestartet von C:\Users\Lenovo\Desktop
Windows 8.1 (Update) (X64) (2014-09-08 18:43:52)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3566350173-3005484379-3849398607-500 - Administrator - Disabled)
Gast (S-1-5-21-3566350173-3005484379-3849398607-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3566350173-3005484379-3849398607-1005 - Limited - Enabled)
Lenovo (S-1-5-21-3566350173-3005484379-3849398607-1001 - Administrator - Enabled) => C:\Users\Lenovo
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Acronis True Image (HKLM-x32\...\{A10E0F26-6CE4-4038-8A29-3A9AED728B64}) (Version: 19.0.6589 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{A10E0F26-6CE4-4038-8A29-3A9AED728B64}Visible) (Version: 19.0.6589 - Acronis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.198 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Web Premium (HKLM-x32\...\Adobe_4db064343401efd6449f33f8411c14b) (Version: 4.0 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.66 - Hulubulu Software)
Alcor Micro USB Card Reader (HKLM-x32\...\{66DC436D-02B4-48F5-AF30-01EDED35168F}) (Version: 20.2.1245.53580 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 20.2.1245.53580 - Alcor Micro Corp.)
ANT Drivers Installer x64 (HKLM\...\{CC7132C7-8532-4EA7-8E3F-53260C0BE168}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.00 - Canon Inc.)
Classic Shell (HKLM\...\{D4B3454F-7529-4F5F-851D-2C36933F7D64}) (Version: 4.2.5 - IvoSoft)
Corel MediaOne (HKLM-x32\...\{3C569633-C8DE-46E2-BB8F-F65198681C2F}) (Version: 2.00.0000 - Corel Corporation)
Corel Painter Essentials 3 (HKLM-x32\...\_{0C180787-F8C8-42FD-A9D3-689BA44BEAAF}) (Version: - Corel Corporation)
Corel Painter Essentials 3 (HKLM-x32\...\{0C180787-F8C8-42FD-A9D3-689BA44BEAAF}) (Version: 3.2 - Corel Corporation) Hidden
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.38.01 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
DVDFab 9.3.1.6 (19/09/2016) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
Elevated Installer (HKLM-x32\...\{4694981D-8031-4526-90BE-E5F7FB80CBB8}) (Version: 3.2.29.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
FileZilla Client 3.24.0 (HKLM-x32\...\FileZilla Client) (Version: 3.24.0 - Tim Kosse)
Free CD to MP3 Converter (HKLM-x32\...\Free CD to MP3 Converter) (Version: - Eusing Software)
Garmin Express (HKLM-x32\...\{714dc1e5-69a4-4ecd-9552-93397e084298}) (Version: 3.2.29.0 - Garmin Ltd or its subsidiaries)
GeForce Experience NvStream Client Components (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC) (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Host App Service (HKU\S-1-5-21-3566350173-3005484379-3849398607-1001\...\SweetLabs_AP) (Version: 0.269.8.126 - Pokki)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1013 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.5.1000 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7850 - Broadcom Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.38.00 - Lenovo Group Limited)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo Web Start (HKU\S-1-5-21-3566350173-3005484379-3849398607-1001\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.143 - Lenovo)
Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
Nitro Pro 9 (HKLM\...\{4C32F7E8-A65F-4D3C-9153-9F3B57CB6872}) (Version: 9.0.5.9 - Nitro)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 333.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.04 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Opera Stable 42.0.2393.517 (HKLM-x32\...\Opera 42.0.2393.517) (Version: 42.0.2393.517 - Opera Software)
PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixel Bender Toolkit (HKLM-x32\...\{43509E18-076E-40FE-AF38-CA5ED400A5A9}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 1.7.306 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Start Menu (HKU\S-1-5-21-3566350173-3005484379-3849398607-1001\...\SweetLabs_Start_Menu) (Version: 0.269.8.126 - Pokki)
Studie zur Verbesserung von HP Photosmart 7510 series Produkten (HKLM\...\{54FFCA2E-6FAE-4154-B6B3-73776763F173}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
SugarSync (HKLM-x32\...\SugarSync) (Version: 3.7.1.2.143553 - SugarSync, Inc.)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.9.1 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
The Settlers Online - Standalone Client (HKU\S-1-5-21-3566350173-3005484379-3849398607-1001\...\The Settlers Online) (Version: - )
Ulead PhotoImpact X3 (HKLM-x32\...\{15803703-25FA-4C01-A062-3F4A59937E87}) (Version: 1.00.0000 - Corel) Hidden
Ulead PhotoImpact X3 (HKLM-x32\...\InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}) (Version: 1.00.0000 - Corel)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_STANDARDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_STANDARDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_STANDARDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_STANDARDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
WD My Cloud (HKLM\...\{4B86F896-11DC-4711-BB60-81104832FA44}) (Version: 1.0.7.17 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{4D0776BB-71B7-49A2-A439-24791A4620E1}) (Version: 2.4.14.13 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{37BF2365-3EC7-45E4-9D88-61489F932A0B}) (Version: 2.4.14.13 - Western Digital Technologies, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
XAMPP (HKLM-x32\...\xampp) (Version: 5.5.35-0 - Bitnami)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3566350173-3005484379-3849398607-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => -> Keine Datei
ShellIconOverlayIdentifiers: [ !SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2016-03-11] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [ !SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2016-03-11] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [ !SugarSyncSharedSyncing] -> {F7395C2E-A5D8-4a32-9536-5C6A9F1DC450} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2016-03-11] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [ !SugarSyncSynced] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2016-03-11] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-05-21] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-05-21] (IvoSoft)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-06-12] (Adobe Systems Inc.)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Common Files\Nitro\Pro\9.0\NPShellExtension64.dll [2013-12-12] (Nitro PDF)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2016-03-11] (SugarSync, Inc.)
ContextMenuHandlers1-x32: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\versions_page.dll [2016-03-18] (Acronis International GmbH)
ContextMenuHandlers1-x32: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2015-10-28] (Western Digital Technologies, Inc.)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2015-10-28] (Western Digital Technologies, Inc.)
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-08-09] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2014-04-14] (NVIDIA Corporation)
ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2008-06-12] (Adobe Systems Inc.)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2016-05-21] (IvoSoft)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\x64\SugarSyncShellExt_x64.dll [2016-03-11] (SugarSync, Inc.)
ContextMenuHandlers6-x32: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\versions_page.dll [2016-03-18] (Acronis International GmbH)
ContextMenuHandlers6-x32: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2015-10-28] (Western Digital Technologies, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0116AD05-C4E8-4171-9F47-DDCBC9341110} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {0BA5E5A3-B1F3-47FB-98F2-100E1E3F6311} - System32\Tasks\Core Temp Autostart Lenovo => C:\Program Files\Core Temp\Core Temp.exe
Task: {1E72E2C5-A21C-4A7E-A2D2-33076AF31C40} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {22BC5DF0-077B-4C44-807A-6C86874F225E} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {30817DF5-FFDC-442F-9CB3-2DC9D77F67F0} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3566350173-3005484379-3849398607-1001
Task: {30C67085-ABFA-4E13-A469-9BE63EE10ECA} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {3157C07A-F825-47E2-8311-9B9E0A3BB716} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-12] (Adobe Systems Incorporated)
Task: {4276A4F3-8BAE-48C6-944A-093746B01569} - System32\Tasks\Norton AntiVirus\Norton AntiVirus Error Processor => C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\22.10.1.10\SymErr.exe
Task: {564C2030-0C58-48A9-9283-8915AB403EAE} - System32\Tasks\Opera scheduled Autoupdate 1441748591 => C:\Program Files (x86)\Opera\launcher.exe [2017-01-26] (Opera Software)
Task: {5E7F097F-79DD-4D64-AC15-2F808E7D5164} - System32\Tasks\WinThrustersch => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== ACHTUNG
Task: {607A99F3-85DB-49C1-ADF5-53C3DBE3F4B0} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {65D33BF5-BC32-4BB0-966C-0B3A5AD3020C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {6C1222F7-4FDC-4211-87F7-D4C6F7417480} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2017-08-24] (Symantec Corporation)
Task: {6DDE1F31-C462-4388-AA56-B1316CC5A88C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe [2017-09-12] (Adobe Systems Incorporated)
Task: {70232CE6-5222-4AF1-961E-389099C4E7B1} - System32\Tasks\{A247BF44-95B0-489D-8592-A54C3A60E176} => C:\WINDOWS\system32\pcalua.exe -a "C:\ProgramData\Package Cache\{714dc1e5-69a4-4ecd-9552-93397e084298}\GarminExpressInstaller.exe" -c /uninstall
Task: {73FDE658-A390-4BB3-BC45-8B075D4E8DA7} - System32\Tasks\SweetLabs App Platform => C:\Users\Lenovo\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2017-05-18] (Pokki)
Task: {890EE366-9602-458B-9865-F2B36FD08BE3} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {9398B945-2364-4136-AF99-6B655457CCA7} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-12-14] ()
Task: {9B0BB9CF-44F1-4E5D-AF4F-99754ABB042C} - System32\Tasks\update-S-1-5-21-3566350173-3005484379-3849398607-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {A8BF9B45-8CDD-467E-B94D-0F6DA629F39F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\22.10.1.10\WSCStub.exe
Task: {A94FA9A5-6737-40B2-ABE5-DB3B3E67E852} - System32\Tasks\Norton Remove and Reinstall\Norton Remove and Reinstall => C:\Users\Lenovo\Desktop\NRnR.exe [2017-06-13] (Symantec Corporation)
Task: {AE623B8C-1CDE-4276-A0EA-A2F764E1D930} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {B2DF58B7-701D-443A-9699-ABA36306783B} - System32\Tasks\Norton AntiVirus\Norton AntiVirus Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\22.10.1.10\SymErr.exe
Task: {C14D31C6-9A6E-43AC-8BC7-452475F34D01} - System32\Tasks\{0AAF6183-707C-4F11-8309-7270289D6AB5} => C:\WINDOWS\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {C8816308-2907-4CB4-87B6-0AF62FEBA7F0} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {DA0872C5-4077-4938-9C65-37C18AB8F29E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-11] (Microsoft Corporation)
Task: {E1ED8930-05E5-49EF-95C0-116B19958BCB} - System32\Tasks\HPCustParticipation HP Photosmart 7510 series => C:\Program Files\HP\HP Photosmart 7510 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {E76432C8-B44C-49C3-825A-CDDE1AD8C589} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-20] (Google Inc.)
Task: {EAC6E252-E207-48B0-929F-CAB7AD27909E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-20] (Google Inc.)
Task: {EC9B7B5C-3747-42B9-B35D-7475F466FC99} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2015-01-28] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3566350173-3005484379-3849398607-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\WinThrustersch.job => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== ACHTUNG
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-06-07 03:49 - 2014-04-14 01:49 - 000116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-14 15:31 - 2016-10-14 15:31 - 001244408 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2017-06-13 01:46 - 2017-06-13 01:46 - 004463592 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2013-09-04 20:13 - 2013-09-04 20:13 - 000049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2007-06-05 14:20 - 2007-06-05 14:20 - 000177704 _____ () C:\WINDOWS\SysWOW64\PSIService.exe
2014-06-07 04:30 - 2012-04-24 12:43 - 000390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-06-07 04:35 - 2014-06-07 04:35 - 000068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2014-06-07 04:35 - 2014-06-07 04:35 - 000669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2014-06-06 20:50 - 2015-08-09 04:50 - 000404376 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-10-14 15:28 - 2016-10-14 15:28 - 000567088 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2017-06-23 11:50 - 2017-04-17 18:49 - 007381720 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2016-04-16 12:56 - 2016-04-16 12:56 - 009698296 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2017-08-28 22:57 - 2017-08-23 10:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll
2017-08-28 22:57 - 2017-08-23 10:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll
2015-08-09 04:52 - 2015-08-09 04:52 - 017973744 _____ () C:\WINDOWS\SYSTEM32\igd11dxva64.dll
2014-06-07 04:35 - 2014-06-07 04:35 - 000104552 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfCredProv.dll
2015-08-11 15:36 - 2015-08-11 15:36 - 000024896 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\core_workers_shared_context.dll
2017-06-23 10:53 - 2017-04-17 17:55 - 000037808 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2017-06-23 11:49 - 2017-04-17 18:46 - 004355776 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2015-08-23 15:59 - 2015-08-23 15:59 - 000606672 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\sqlite3.dll
2017-06-23 11:48 - 2017-04-17 18:43 - 020604856 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2015-11-16 18:05 - 2015-11-16 18:05 - 000126928 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2016-04-16 12:45 - 2016-04-16 12:45 - 000248240 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2014-12-19 00:14 - 2007-08-02 22:07 - 000034064 _____ () C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll
2017-06-23 10:53 - 2017-04-17 17:56 - 000333744 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2017-06-23 10:53 - 2017-04-17 17:55 - 000050096 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2017-06-23 10:53 - 2017-04-17 17:58 - 000445872 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2017-06-23 10:50 - 2017-04-17 17:53 - 000115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll
2014-06-07 03:53 - 2013-09-04 01:53 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:nlsPreferences [386]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3566350173-3005484379-3849398607-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3566350173-3005484379-3849398607-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2017-09-04 08:31 - 000000056 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3566350173-3005484379-3849398607-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenovo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img7.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "Corel Photo Downloader"
HKLM\...\StartupApproved\Run32: => "AvgUi"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{ED99EA09-89BE-42DE-8EB3-4C30FB142F4E}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{D1BCFA24-9197-4732-AE6F-13D3FA36ABDB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{92535D03-F6E7-476E-9BA9-62D2811F9895}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{12D21865-10D2-4F9F-9732-F384880F20B8}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{C12AE25D-2735-42AD-AC16-0B423B31FB6C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8978273C-BCBC-497F-9F3D-63C612FB8314}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C71EF51B-2626-4E1E-8AC2-E1A776E2F4B6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2A2F12F9-6141-4D3E-9E41-5E7EA0211A5B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C464381F-EA7E-446C-A0E1-677C908854DE}] => (Allow) C:\Users\Lenovo\AppData\Local\Temp\7zS9083.tmp\SymNRT.exe
FirewallRules: [{2C408857-31D4-4F13-B4A6-8E520B42D8F8}] => (Allow) C:\Users\Lenovo\AppData\Local\Temp\7zS9083.tmp\SymNRT.exe
==================== Wiederherstellungspunkte =========================
04-09-2017 11:03:36 04-09-17
13-09-2017 22:48:41 13-09-17
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: UMDF HID minidriver Device
Description: UMDF HID minidriver Device
Class Guid: {177b1d2a-679c-4093-98bf-fd6999695d3b}
Manufacturer: Lenovo
Service: mshidumdf
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Lenovo Primary iM Controller
Description: Lenovo Primary iM Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Lenovo Corporation
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/14/2017 01:35:08 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HEIKE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/14/2017 01:35:08 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HEIKE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/14/2017 01:27:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HEIKE)
Description: Bei der Aktivierung der App „E046963F.LenovoCompanion_k1h2ywk1493x8!App“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/14/2017 01:27:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HEIKE)
Description: Bei der Aktivierung der App „E046963F.LenovoCompanion_k1h2ywk1493x8!App“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/14/2017 01:27:58 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HEIKE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/14/2017 01:27:58 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HEIKE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/14/2017 01:27:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HEIKE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/14/2017 01:27:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HEIKE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/14/2017 01:27:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HEIKE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/14/2017 01:27:52 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HEIKE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (09/14/2017 01:38:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Für diesen Vorgang ist nicht genügend Speicher verfügbar.
Error: (09/14/2017 01:38:59 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
Für diesen Vorgang ist nicht genügend Speicher verfügbar.
Error: (09/14/2017 01:31:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
Für diesen Vorgang ist nicht genügend Speicher verfügbar.
Error: (09/14/2017 01:31:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
Für diesen Vorgang ist nicht genügend Speicher verfügbar.
Error: (09/14/2017 01:31:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
Für diesen Vorgang ist nicht genügend Speicher verfügbar.
Error: (09/14/2017 01:30:56 AM) (Source: WMPNetworkSvc) (EventID: 14329) (User: )
Description: Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden, da die Registrierung wegen eines Fehlers "0x80070005" nicht aktualisiert werden konnte. Installieren Sie Windows Media Player möglichst erneut.
Error: (09/14/2017 01:30:37 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
Für diesen Vorgang ist nicht genügend Speicher verfügbar.
Error: (09/14/2017 01:30:32 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Für diesen Vorgang ist nicht genügend Speicher verfügbar.
Error: (09/14/2017 01:30:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
Für diesen Vorgang ist nicht genügend Speicher verfügbar.
Error: (09/14/2017 01:27:54 AM) (Source: DCOM) (EventID: 10001) (User: HEIKE)
Description: Ein DCOM-Server konnte nicht gestartet werden: App.AppX4wyxv7tq9d7cqhzkt2bk788verra2g6g.mca als Nicht verfügbar/Nicht verfügbar. Fehler:
"15612"
Aufgetreten beim Start dieses Befehls:
"C:\WINDOWS\syswow64\backgroundTaskHost.exe" -ServerName:App.AppXvp7ftfmygftsst0n1x3194vqevfpwc6t.mca
CodeIntegrity:
===================================
Date: 2017-09-02 11:18:43.068
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-09-02 11:18:42.787
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-09-02 11:18:42.474
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-09-02 11:18:42.208
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-09-02 11:18:41.896
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-09-02 11:18:41.568
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-09-02 11:18:41.255
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-09-02 11:18:40.958
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-09-02 11:18:40.662
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-09-02 11:18:40.365
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4210M CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 15%
Installierter physikalischer RAM: 16308.27 MB
Verfügbarer physikalischer RAM: 13727.87 MB
Summe virtueller Speicher: 26308.27 MB
Verfügbarer virtueller Speicher: 23669.28 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:889.96 GB) (Free:648.65 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.75 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 370CAA86)
Partition: GPT.
==================== Ende von Addition.txt ============================ --- --- --- |