Trojaner-Board - Chrome , Firefox und Internet Explorer macht ständig Werbung und Security Warnungen in neuen Tabs auf!

hallo =)

Also mein FRST lautet :
FRST Logfile:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015

durchgeführt von MEDIA (Administrator) auf VAIO (18-12-2015 22:08:27)

Gestartet von C:\Users\MEDIA\Downloads

Geladene Profile: UpdatusUser & MEDIA & Administrator & Gast (Verfügbare Profile: UpdatusUser & MEDIA)

Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: Chrome)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe

(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe

() C:\Program Files (x86)\Deals4U\deals4u_helper_service.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Sony Corporation) C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

() C:\Program Files\Andy\HandyAndy.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

() C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe

() C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe

(iolo technologies, LLC) C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

(Microsoft Corporation) C:\Windows\splwow64.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(FileProperties_CompanyName) C:\Program Files (x86)\winter web\winter_web_notification_service.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-10-28] (Realtek Semiconductor)

HKLM\...\Run: [Bluetooth] => c:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [534232 2013-09-25] (Broadcom Corporation.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2013-10-28] (Synaptics Incorporated)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2346008 2013-10-01] (Sony Corporation)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [fst_at_8] => [X]

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2015-01-09] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-21] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896608 2015-12-01] (BlueStack Systems, Inc.)

HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\Run: [iLivid] => "C:\Users\MEDIA\AppData\Local\iLivid\iLivid.exe" -autorun

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50509440 2015-11-17] (Skype Technologies S.A.)

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-12-11] (Google Inc.)

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\MountPoints2: {0099659f-4375-11e5-82bb-34238798652a} - "E:\AutoRun.exe" 

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\MountPoints2: {00996a76-4375-11e5-82bb-34238798652a} - "E:\AutoRun.exe" 

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\MountPoints2: {03981425-cf8f-11e3-8283-34238798652a} - "E:\AutoRun.exe" 

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\MountPoints2: {9bdbb97c-42ad-11e5-82ba-806e6f6e6963} - "E:\AutoRun.exe" 

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\MountPoints2: {9bdbbc28-42ad-11e5-82ba-34238798652a} - "E:\AutoRun.exe" 

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\MountPoints2: {e1c584b6-c3dc-11e3-8280-34238798652a} - "E:\AutoRun.exe" 

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\MountPoints2: {e1c58513-c3dc-11e3-8280-34238798652a} - "E:\AutoRun.exe" 

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\MountPoints2: {f4c6f53f-57d0-11e5-82c3-3c077165f8fb} - "E:\AutoRun.exe" 

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\MountPoints2: {f4c6f56d-57d0-11e5-82c3-3c077165f8fb} - "E:\AutoRun.exe" 

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\MountPoints2: {f4c6f770-57d0-11e5-82c3-3c077165f8fb} - "E:\AutoRun.exe" 

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\MountPoints2: {f4c6fd4c-57d0-11e5-82c3-3c077165f8fb} - "E:\LGAutoRun.exe" 

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> 

HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\logon.scr

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [184048 2013-12-17] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156256 2013-12-17] (NVIDIA Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HandyAndy.lnk [2015-12-10]

ShortcutTarget: HandyAndy.lnk -> C:\Program Files\Andy\HandyAndy.exe ()

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-10-15]

ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

BootExecute: autocheck autochk * sdnclean64.exe

GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.

ProxyServer: [.DEFAULT] => http=127.0.0.1:52085;https=127.0.0.1:52085

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

Tcpip\..\Interfaces\{111F9B52-E7BF-4962-98D0-5EB0BAD9975B}: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{D688F876-69B9-4E9F-85DC-AC5D0923C3D3}: [DhcpNameServer] 192.168.0.1 192.168.0.2
 

Internet Explorer:

==================

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-3140343885-1836807471-1777813533-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_5Ef2vFftz0AjMxYQeEaz2WZ5LAx7p8HHNGR2Df24NvLURJzsUMuIz0ATEmRnoAKsYGEK8s-J6P3VKQ4PBDkC3sFcCKGMFg,,

HKU\S-1-5-21-3140343885-1836807471-1777813533-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_5Ef2vFftz0AjMxYQeEaz2WZ5LAx3TuT3vHQX2-T2JsprztrJHyxU1aKT38oinmHmYpbgR7mN63uioWEzlP2P92e9IdAjYg,,&q={searchTerms}

HKU\S-1-5-21-3140343885-1836807471-1777813533-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_5Ef2vFftz0AjMxYQeEaz2WZ5LAx3TuT3vHQX2-T2JsprztrJHyxU1aKT38oinmHmYpbgR7mN63uioWEzlP2P92e9IdAjYg,,&q={searchTerms}

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_g0KpmHQlPAOcVFNeDHk7Ipa4YKyfy8579Pt4YI_9_lBMWdqxkoC-qu-zBsEbzBeTTjxhy7ODEMUxaXdnZPqhieH6RwUm-yP3gOUsclcz0fQtVQihf9uSquOJ7sexGPUOKFF522SBqXqtXute&q={searchTerms}

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://at.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_42&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutA0CtDyByBtCyCyD0Fzz0F0BtDtDtC0AtN0D0Tzu0StCtAzztBtN1L2XzutAtFtCtAtFyBtFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEtDyCtCtDyEyE0EtGtCyCtBzytGtAyD0FzytGyCtDtC0BtGyDzztCyByB0A0ByDtCzzyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDzztCzyyByC0FtG0Bzy0EyCtGyEtA0DyDtG0AyE0BtBtGzy0E0D0ByEzztB0CtB0Bzyzy2QtN0A0LzuyE%26cr%3D98803853%26a%3Dwncy_ir_15_42%26os%3DWindows%2B8.1

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_g0KpmHQlPAOcVFNeDHk7Ipa4YKyfy8579Pt4YI_9_lBMWdqxkoC-qu-zBsEbzBeTTjxhy7ODEMUxaXdnZPqhieH6RwUm-yP3gOUsclcz0fQtVQihf9uSquOJ7sexGPUOKFF522SBqXqtXute&q={searchTerms}

URLSearchHook: HKLM-x32 -> Standard = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}

URLSearchHook: [S-1-5-21-3140343885-1836807471-1777813533-1001] ACHTUNG => Standard URLSearchHook fehlt

URLSearchHook: [S-1-5-21-3140343885-1836807471-1777813533-500] ACHTUNG => Standard URLSearchHook fehlt

URLSearchHook: [S-1-5-21-3140343885-1836807471-1777813533-501] ACHTUNG => Standard URLSearchHook fehlt

SearchScopes: HKLM -> DefaultScope Wert fehlt

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://at.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_42&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutA0CtDyByBtCyCyD0Fzz0F0BtDtDtC0AtN0D0Tzu0StCtAzztBtN1L2XzutAtFtCtAtFyBtFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEtDyCtCtDyEyE0EtGtCyCtBzytGtAyD0FzytGyCtDtC0BtGyDzztCyByB0A0ByDtCzzyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDzztCzyyByC0FtG0Bzy0EyCtGyEtA0DyDtG0AyE0BtBtGzy0E0D0ByEzztB0CtB0Bzyzy2QtN0A0LzuyE%26cr%3D98803853%26a%3Dwncy_ir_15_42%26os%3DWindows%2B8.1&p={searchTerms}

SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 

SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-3140343885-1836807471-1777813533-1001 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_5Ef2vFftz0AjMxYQeEaz2WZ5LAx3TuT3vHQX2-T2JsprztrJHyxU1aKT38oinmHmYpbgR7mN63uioWEzlP2P92e9IdAjYg,,&q={searchTerms}

SearchScopes: HKU\S-1-5-21-3140343885-1836807471-1777813533-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR3s5PAVMZpZbM61lWNTdgwQHuH_5Ef2vFftz0AjMxYQeEaz2WZ5LAx3TuT3vHQX2-T2JsprztrJHyxU1aKT38oinmHmYpbgR7mN63uioWEzlP2P92e9IdAjYg,,&q={searchTerms}

SearchScopes: HKU\S-1-5-21-3140343885-1836807471-1777813533-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://at.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_42&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutA0CtDyByBtCyCyD0Fzz0F0BtDtDtC0AtN0D0Tzu0StCtAzztBtN1L2XzutAtFtCtAtFyBtFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEtDyCtCtDyEyE0EtGtCyCtBzytGtAyD0FzytGyCtDtC0BtGyDzztCyByB0A0ByDtCzzyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDzztCzyyByC0FtG0Bzy0EyCtGyEtA0DyDtG0AyE0BtBtGzy0E0D0ByEzztB0CtB0Bzyzy2QtN0A0LzuyE%26cr%3D98803853%26a%3Dwncy_ir_15_42%26os%3DWindows%2B8.1&p={searchTerms}

SearchScopes: HKU\S-1-5-21-3140343885-1836807471-1777813533-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://at.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_42&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutA0CtDyByBtCyCyD0Fzz0F0BtDtDtC0AtN0D0Tzu0StCtAzztBtN1L2XzutAtFtCtAtFyBtFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEtDyCtCtDyEyE0EtGtCyCtBzytGtAyD0FzytGyCtDtC0BtGyDzztCyByB0A0ByDtCzzyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDzztCzyyByC0FtG0Bzy0EyCtGyEtA0DyDtG0AyE0BtBtGzy0E0D0ByEzztB0CtB0Bzyzy2QtN0A0LzuyE%26cr%3D98803853%26a%3Dwncy_ir_15_42%26os%3DWindows%2B8.1&p={searchTerms}

SearchScopes: HKU\S-1-5-21-3140343885-1836807471-1777813533-1002 -> {EBC24D3A-9E47-4004-98FA-694C7FBC541B} URL = hxxp://www.only-search.com/?babsrc=SP_kms&affID=129359&tt=020914_onst&mntrid=2A9034238798652A&tsp=5364&q={searchTerms}&r=752

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)

BHO: Kein Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Keine Datei

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-18] (Oracle Corporation)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-18] (Oracle Corporation)

Toolbar: HKU\S-1-5-21-3140343885-1836807471-1777813533-1002 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 

FireFox:

========

FF ProfilePath: C:\Users\MEDIA\AppData\Roaming\Mozilla\Firefox\Profiles\rhqucb5k.default

FF Homepage: www.google.at

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-10] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-10] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-18] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-18] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-18] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-18] (Oracle Corporation)

FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll [Keine Datei]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-03-28] (Microsoft Corporation)

FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2013-06-25] (Sony Corporation)

FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-08-28] (globalUpdate)

FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-08-28] (globalUpdate)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-3140343885-1836807471-1777813533-1002: SkypePlugin -> C:\Users\MEDIA\AppData\Local\SkypePlugin\7.9.0.59\npGatewayNpapi.dll [2015-11-06] (Skype Technologies S.A.)

FF Plugin HKU\S-1-5-21-3140343885-1836807471-1777813533-1002: SkypePlugin64 -> C:\Users\MEDIA\AppData\Local\SkypePlugin\7.9.0.59\npGatewayNpapi-x64.dll [2015-11-06] (Skype Technologies S.A.)

FF user.js: detected! => C:\Users\MEDIA\AppData\Roaming\Mozilla\Firefox\Profiles\rhqucb5k.default\user.js [2014-09-07]

FF SearchPlugin: C:\Users\MEDIA\AppData\Roaming\Mozilla\Firefox\Profiles\rhqucb5k.default\searchplugins\avira-safesearch.xml [2015-02-16]

FF SearchPlugin: C:\Users\MEDIA\AppData\Roaming\Mozilla\Firefox\Profiles\rhqucb5k.default\searchplugins\Binkiland.xml [2015-02-07]

FF SearchPlugin: C:\Users\MEDIA\AppData\Roaming\Mozilla\Firefox\Profiles\rhqucb5k.default\searchplugins\mystartsearch.xml [2015-02-07]

FF SearchPlugin: C:\Users\MEDIA\AppData\Roaming\Mozilla\Firefox\Profiles\rhqucb5k.default\searchplugins\onlysearchkms.xml [2014-09-07]

FF Extension: RedirectCleaner - C:\Users\MEDIA\AppData\Roaming\Mozilla\Firefox\Profiles\rhqucb5k.default\Extensions\redirectcleaner@example.org.xpi [2015-10-25]

FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [ist nicht signiert]

StartMenuInternet: FIREFOX.EXE - firefox.exe

FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)

FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\my.cfg [2015-03-25] <==== ACHTUNG
 

Chrome: 

=======

CHR HomePage: Default -> hxxps://at.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_42&param1=1&param2=f%3D1%26b%3DChrome%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutA0CtDyByBtCyCyD0Fzz0F0BtDtDtC0AtN0D0Tzu0StCtAzztBtN1L2XzutAtFtCtAtFyBtFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEtDyCtCtDyEyE0EtGtCyCtBzytGtAyD0FzytGyCtDtC0BtGyDzztCyByB0A0ByDtCzzyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDzztCzyyByC0FtG0Bzy0EyCtGyEtA0DyDtG0AyE0BtBtGzy0E0D0ByEzztB0CtB0Bzyzy2QtN0A0LzuyE%26cr%3D98803853%26a%3Dwncy_ir_15_42%26os%3DWindows%2B8.1

CHR StartupUrls: Default -> "hxxps://at.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_42&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutA0CtDyByBtCyCyD0Fzz0F0BtDtDtC0AtN0D0Tzu0StCtAzztBtN1L2XzutAtFtCtAtFyBtFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEtDyCtCtDyEyE0EtGtCyCtBzytGtAyD0FzytGyCtDtC0BtGyDzztCyByB0A0ByDtCzzyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDzztCzyyByC0FtG0Bzy0EyCtGyEtA0DyDtG0AyE0BtBtGzy0E0D0ByEzztB0CtB0Bzyzy2QtN0A0LzuyE%26cr%3D98803853%26a%3Dwncy_ir_15_42%26os%3DWindows%2B8.1","hxxps://www.google.at/"

CHR Profile: C:\Users\MEDIA\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Präsentationen) - C:\Users\MEDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-10]

CHR Extension: (Google Drive) - C:\Users\MEDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]

CHR Extension: (Skype-Anrufe) - C:\Users\MEDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2015-11-23]

CHR Extension: (YouTube) - C:\Users\MEDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]

CHR Extension: (Adblock Plus) - C:\Users\MEDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-25]

CHR Extension: (Google-Suche) - C:\Users\MEDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]

CHR Extension: (Google Tabellen) - C:\Users\MEDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-10]

CHR Extension: (Google Docs Offline) - C:\Users\MEDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]

CHR Extension: (Skype) - C:\Users\MEDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-16]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\MEDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-31]

CHR Extension: (Google Mail) - C:\Users\MEDIA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-10]

CHR Extension: () - C:\Users\MEDIA\AppData\Local\Beach Image\Component [2015-08-03]

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
 

==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S4 AdobeActiveFileMonitor12.0; c:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2015-01-09] (Avira Operations GmbH & Co. KG)

S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2015-01-09] (Avira Operations GmbH & Co. KG)

S4 APIInteractiveMotion.exe; C:\Users\MEDIA\AppData\Local\APIInteractiveMotion\APIInteractiveMotion.exe [88100 2014-08-28] () [Datei ist nicht signiert]

R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240360 2015-09-21] (Avira Operations GmbH & Co. KG)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-10-28] (Broadcom Corporation.)

S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433760 2015-12-01] (BlueStack Systems, Inc.)

S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413280 2015-12-01] (BlueStack Systems, Inc.)

S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855648 2015-12-01] (BlueStack Systems, Inc.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)

R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()

S4 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-28] (globalUpdate) [Datei ist nicht signiert] <==== ACHTUNG

S4 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-28] (globalUpdate) [Datei ist nicht signiert] <==== ACHTUNG

R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Datei ist nicht signiert]

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)

R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]

S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-18] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-18] (Intel Corporation)

S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)

S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [Datei ist nicht signiert]

S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-27] (Sony Corporation)

R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-10-01] (Sony Corporation)

S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [Datei ist nicht signiert]

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)

R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)

S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-05-23] (Sony Corporation) [Datei ist nicht signiert]

S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()

S3 VCFw; c:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)

R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

S2 Update App Bud; "C:\Program Files (x86)\App Bud\updateAppBud.exe" [X]
 

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-15] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-15] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7488176 2014-01-26] (Broadcom Corporation)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146016 2015-12-01] (BlueStack Systems)

S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)

S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)

S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)

S3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114560 2009-07-24] (Huawei Technologies Co., Ltd.)

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)

R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)

R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [461528 2013-12-20] (Realsil Semiconductor Corporation)

R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [29352 2015-12-02] ()

S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-09-08] ()

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-28] (Synaptics Incorporated)

R3 vmkbd2; C:\Windows\system32\drivers\VMkbd.sys [33496 2015-06-24] (VMware, Inc.)

R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)

S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)

R1 {e6ca9971-30ed-444a-9489-82fca50b2062}Gw64; C:\Windows\System32\drivers\{e6ca9971-30ed-444a-9489-82fca50b2062}Gw64.sys [61064 2014-09-06] (StdLib)
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2015-12-18 22:08 - 2015-12-18 22:09 - 00037018 _____ C:\Users\MEDIA\Downloads\FRST.txt

2015-12-18 22:08 - 2015-12-18 22:08 - 00000000 ____D C:\FRST

2015-12-18 22:07 - 2015-12-18 22:07 - 02370048 _____ (Farbar) C:\Users\MEDIA\Downloads\FRST64.exe

2015-12-17 15:22 - 2015-12-17 15:22 - 00000493 _____ C:\Windows\wininit.ini

2015-12-17 11:37 - 2015-12-17 11:37 - 00000000 ____D C:\Program Files\Common Files\AV

2015-12-17 11:37 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe

2015-12-17 11:34 - 2015-12-17 11:34 - 00001367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk

2015-12-17 11:34 - 2015-12-17 11:34 - 00001355 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

2015-12-17 11:34 - 2015-12-17 11:34 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking

2015-12-17 11:34 - 2015-12-17 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

2015-12-17 11:33 - 2015-12-17 14:02 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2015-12-17 11:33 - 2015-12-17 11:40 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2015-12-17 11:33 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe

2015-12-17 11:31 - 2015-12-17 11:32 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\MEDIA\Downloads\spybot-2.4.40.exe

2015-12-17 11:29 - 2015-12-17 11:29 - 01466656 _____ C:\Users\MEDIA\Downloads\SpyBot Search Destroy - CHIP-Installer.exe

2015-12-16 18:17 - 2015-12-16 18:17 - 00272656 _____ C:\Users\MEDIA\Downloads\Ticksa-Bands.pdf

2015-12-16 10:06 - 2015-12-16 10:06 - 00000000 ____D C:\Users\Public\Documents\Hewlett-Packard

2015-12-16 09:49 - 2013-08-21 04:12 - 00518432 _____ (HP) C:\Windows\SysWOW64\hpcdmc32.DLL

2015-12-16 09:49 - 2013-08-21 04:09 - 00442656 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn155.dll

2015-12-16 09:49 - 2013-08-21 04:04 - 00440608 _____ C:\Windows\SysWOW64\hpcc3155.DLL

2015-12-14 20:29 - 2015-12-14 20:29 - 01402618 _____ C:\Users\MEDIA\Desktop\Strate kevin 2.pdf

2015-12-14 20:27 - 2015-12-14 20:27 - 01397986 _____ C:\Users\MEDIA\Desktop\Strate kevin 6 und 7.pdf

2015-12-14 20:26 - 2015-12-14 20:26 - 02570800 _____ C:\Users\MEDIA\Downloads\FH-Vie_Unternehmensstrategie_WS1516_MF_ch09-10.pdf

2015-12-14 20:26 - 2015-12-14 20:26 - 01402618 _____ C:\Users\MEDIA\Downloads\FH-Vie_Unternehmensstrategie_WS1516_MF_Session_01.pdf

2015-12-14 20:26 - 2015-12-14 20:26 - 00757030 _____ C:\Users\MEDIA\Downloads\FH-Vie_Unternehmensstrategie_WS1516_MF_ch08.pdf

2015-12-14 20:26 - 2015-12-14 20:26 - 00715645 _____ C:\Users\MEDIA\Downloads\FH-Vie_Unternehmensstrategie_WS1516_MF_EH04.pdf

2015-12-14 20:25 - 2015-12-14 20:25 - 01397986 _____ C:\Users\MEDIA\Downloads\FH-Vie_Unternehmensstrategie_WS1516_MF_ch06-07.pdf

2015-12-11 13:29 - 2015-12-11 13:30 - 00000000 ____D C:\Users\MEDIA\Desktop\Iphone Sachen

2015-12-10 23:57 - 2015-12-11 00:21 - 00000000 ____D C:\Users\MEDIA\AppData\Roaming\VMware

2015-12-10 23:56 - 2015-12-10 23:56 - 00000000 ____D C:\Users\MEDIA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Andy

2015-12-10 23:56 - 2015-12-10 23:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy

2015-12-10 23:55 - 2015-06-24 14:30 - 00064728 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys

2015-12-10 23:55 - 2015-06-24 14:25 - 00033496 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMkbd.sys

2015-12-10 23:55 - 2013-10-08 18:21 - 00073296 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys

2015-12-10 23:55 - 2013-10-08 18:21 - 00067664 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll

2015-12-10 23:55 - 2013-10-08 18:21 - 00063568 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll

2015-12-10 23:53 - 2015-12-10 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware

2015-12-10 23:53 - 2015-12-10 23:53 - 00000000 ____D C:\Program Files\Common Files\VMware

2015-12-10 23:53 - 2015-06-24 14:30 - 00437976 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe

2015-12-10 23:53 - 2015-06-24 14:30 - 00359128 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

2015-12-10 23:53 - 2015-06-24 14:27 - 00931032 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll

2015-12-10 23:53 - 2015-06-24 14:27 - 00031448 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys

2015-12-10 23:53 - 2014-08-21 08:07 - 00054976 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys

2015-12-10 23:52 - 2015-12-17 09:38 - 00000000 ____D C:\ProgramData\VMware

2015-12-10 23:52 - 2015-12-10 23:52 - 00000000 ____D C:\Program Files\Andy

2015-12-10 23:49 - 2015-12-10 23:50 - 00000000 ____D C:\Program Files\AndyOfflineInstaller45.5

2015-12-10 23:45 - 2015-12-10 23:48 - 441092704 _____ C:\Users\MEDIA\Downloads\Andy_v45.5_63_x64.exe

2015-12-10 23:37 - 2015-12-10 23:37 - 00000000 ____D C:\Users\MEDIA\.android

2015-12-10 23:30 - 2015-12-10 23:56 - 00001483 _____ C:\Users\Public\Desktop\Start Andy.lnk

2015-12-10 23:29 - 2015-12-10 23:53 - 01806364 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

2015-12-10 23:27 - 2015-12-10 23:27 - 00000000 ____D C:\ProgramData\Apple

2015-12-10 23:27 - 2015-12-10 23:27 - 00000000 ____D C:\Program Files\Bonjour

2015-12-10 23:27 - 2015-12-10 23:27 - 00000000 ____D C:\Program Files (x86)\Bonjour

2015-12-10 23:26 - 2015-12-10 23:58 - 00000000 ____D C:\Users\MEDIA\Andy

2015-12-10 23:26 - 2015-12-10 23:28 - 444329200 _____ C:\Users\MEDIA\Desktop\Andy_v45.5_57_x86.exe

2015-12-10 23:26 - 2015-12-10 23:26 - 00000000 ____D C:\Program Files (x86)\VMware

2015-12-10 23:23 - 2015-12-10 23:57 - 00000000 ____D C:\Users\MEDIA\AppData\Roaming\Andy

2015-12-10 23:17 - 2015-12-10 23:17 - 01466656 _____ C:\Users\MEDIA\Downloads\AndY Android Emulator - CHIP-Installer.exe

2015-12-10 23:09 - 2015-12-10 23:11 - 297365432 _____ (BlueStack Systems Inc.) C:\Users\MEDIA\Downloads\BlueStacks2-Installer_native (1).exe

2015-12-10 22:47 - 2015-12-10 22:47 - 11540383 _____ C:\Users\MEDIA\Downloads\com.android.vending-5.6.6-80360600-minAPI9.apk

2015-12-10 22:06 - 2015-12-10 22:06 - 01466656 _____ C:\Users\MEDIA\Downloads\BlueStacks App Player - CHIP-Installer.exe

2015-12-10 21:58 - 2015-12-10 21:59 - 00000000 ____D C:\ProgramData\BlueStacks

2015-12-10 21:58 - 2015-12-10 21:59 - 00000000 ____D C:\Program Files (x86)\BlueStacks

2015-12-10 21:57 - 2015-12-10 23:05 - 00000000 ____D C:\ProgramData\BlueStacksSetup

2015-12-10 21:57 - 2015-12-10 21:57 - 00000000 ____D C:\Users\MEDIA\AppData\Local\Bluestacks

2015-12-10 21:54 - 2015-12-10 21:55 - 297365432 _____ (BlueStack Systems Inc.) C:\Users\MEDIA\Downloads\BlueStacks2-Installer_native.exe

2015-12-10 21:38 - 2015-12-10 21:38 - 40979314 _____ C:\Users\MEDIA\Downloads\v1.2.907.apk

2015-12-10 17:38 - 2015-12-10 17:38 - 00294967 _____ C:\Users\MEDIA\Downloads\20151210.pdf

2015-12-09 17:20 - 2015-12-09 17:20 - 00067593 _____ C:\Users\MEDIA\Downloads\Guideline Case analysis 2015.pdf

2015-12-09 09:45 - 2015-12-09 09:48 - 04800602 _____ C:\Users\MEDIA\Downloads\Business-Venture.finished1.pptx

2015-12-09 09:26 - 2015-12-09 09:26 - 00067593 _____ C:\Users\MEDIA\Desktop\Guideline Case analysis 2015.pdf

2015-12-06 12:18 - 2015-12-06 12:18 - 00509821 _____ C:\Users\MEDIA\Desktop\Handy Versicherung 2.pdf

2015-12-06 12:17 - 2015-12-06 12:17 - 00509813 _____ C:\Users\MEDIA\Desktop\Handy Versicherung 1.pdf

2015-12-06 12:16 - 2015-12-06 12:16 - 00509813 _____ C:\Users\MEDIA\Downloads\Annex Neuzugang_5993086.pdf

2015-12-06 12:11 - 2015-12-06 12:11 - 00509821 _____ C:\Users\MEDIA\Downloads\Annex Neuzugang_5993083.pdf

2015-12-04 00:00 - 2015-12-04 00:00 - 00086147 _____ C:\Users\MEDIA\Downloads\Vorschreibung_Teilnehmernummer_1000250184.pdf

2015-12-02 22:12 - 2015-12-02 22:12 - 00003122 _____ C:\Windows\System32\Tasks\USER_ESRV_SVC

2015-12-02 22:12 - 2015-12-02 22:12 - 00002060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk

2015-12-02 22:12 - 2015-12-02 22:12 - 00001992 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk

2015-12-02 22:12 - 2015-12-02 22:12 - 00000000 __RHD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care

2015-12-02 22:12 - 2015-12-02 22:10 - 00029352 _____ C:\Windows\system32\Drivers\semav6msr64.sys

2015-12-02 22:12 - 2015-12-02 22:10 - 00010324 _____ C:\Windows\system32\Drivers\semav6msr64.cat

2015-12-02 16:28 - 2015-12-02 16:28 - 01275465 _____ C:\Users\MEDIA\Downloads\Logistics-Presentation-for-English.pptx

2015-11-29 11:30 - 2015-11-29 11:52 - 00000000 ____D C:\Users\MEDIA\Desktop\cathleen englisvh

2015-11-27 20:21 - 2015-11-27 20:21 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p41].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p40].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p39].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p38].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p37].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p36].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p35].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p34].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p33].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p32].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p31].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p30].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p29].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p28].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p27].bmp

2015-11-27 20:20 - 2015-11-27 20:21 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p26].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p25].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p24].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p23].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p22].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p21].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p20].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p19].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p18].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p17].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 02529622 _____ C:\Users\MEDIA\AppData\Local\[j0002]-[p16].bmp

2015-11-25 22:24 - 2015-11-25 22:26 - 00000000 ____D C:\Users\MEDIA\Desktop\Neuer Ordner

2015-11-25 22:04 - 2015-11-25 22:04 - 00301430 _____ C:\Users\MEDIA\Downloads\Fragenkatalog.pdf

2015-11-24 02:43 - 2015-11-24 02:43 - 00237372 _____ C:\Users\MEDIA\Downloads\Fälle (1).zip

2015-11-23 17:23 - 2015-11-23 17:23 - 00124637 _____ C:\Users\MEDIA\Downloads\3. Einheit.pptx

2015-11-23 17:23 - 2015-11-23 17:23 - 00101866 _____ C:\Users\MEDIA\Downloads\1. Einheit.pptx

2015-11-23 17:23 - 2015-11-23 17:23 - 00093784 _____ C:\Users\MEDIA\Downloads\2. Einheit.pptx

2015-11-23 14:30 - 2015-11-23 14:30 - 01504384 _____ (Skype Technologies S.A.) C:\Users\MEDIA\Downloads\SkypeSetup.exe

2015-11-23 14:27 - 2015-11-23 14:31 - 00000000 ____D C:\Users\MEDIA\AppData\Local\SkypePlugin

2015-11-23 14:26 - 2015-11-23 14:27 - 13402112 _____ C:\Users\MEDIA\Downloads\SkypeWebPlugin.msi

2015-11-23 02:58 - 2015-11-23 02:58 - 00783686 _____ C:\Users\MEDIA\Desktop\Scan_Doc0005.pdf

2015-11-23 02:56 - 2015-11-23 02:57 - 00820786 _____ C:\Users\MEDIA\Desktop\Scan_Doc0004.pdf

2015-11-23 02:55 - 2015-11-23 02:55 - 00702479 _____ C:\Users\MEDIA\Desktop\Scan_Doc0003.pdf

2015-11-23 02:39 - 2015-11-23 02:39 - 01161435 _____ C:\Users\MEDIA\Downloads\DV Daniela Stoffle unterzeichnet.pdf

2015-11-23 02:38 - 2015-11-23 02:38 - 00206187 _____ C:\Users\MEDIA\Downloads\Anmeldung Daniela Stoffle.pdf

2015-11-22 19:41 - 2015-11-22 19:41 - 00027265 _____ C:\Users\MEDIA\Downloads\Morger_Sibylle.pdf

2015-11-21 20:41 - 2015-12-03 19:41 - 00000342 _____ C:\Windows\Tasks\HPCeeScheduleForMEDIA.job

2015-11-21 20:41 - 2015-11-28 20:56 - 00003156 _____ C:\Windows\System32\Tasks\HPCeeScheduleForMEDIA

2015-11-20 18:16 - 2015-12-16 18:34 - 00000000 ____D C:\Users\MEDIA\Desktop\Ticksa

2015-11-20 15:08 - 2015-11-20 15:08 - 01546716 _____ C:\Users\MEDIA\Downloads\Ticksa_Tri-fold Brochure.pdf

2015-11-19 16:50 - 2015-11-23 14:51 - 00000000 ___RD C:\Program Files (x86)\Skype

2015-11-19 16:50 - 2015-11-19 16:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2015-12-18 22:10 - 2015-10-03 13:12 - 00000000 ____D C:\Users\MEDIA\AppData\Roaming\Skype

2015-12-18 22:08 - 2013-08-22 14:36 - 00000000 ____D C:\Windows

2015-12-18 22:03 - 2014-03-28 22:55 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-12-18 21:59 - 2014-09-07 19:59 - 00000298 _____ C:\Windows\Tasks\FoxTab.job

2015-12-18 21:56 - 2015-04-07 21:56 - 00001324 _____ C:\Windows\Tasks\winter_web_notification_service.job

2015-12-18 21:52 - 2015-04-10 22:22 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-12-18 18:56 - 2015-04-08 10:56 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7

2015-12-18 18:56 - 2015-04-07 21:56 - 00000686 _____ C:\Windows\Tasks\winter_web_updating_service.job

2015-12-18 00:33 - 2014-02-21 16:48 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3140343885-1836807471-1777813533-1002

2015-12-17 15:22 - 2015-02-07 00:16 - 00000000 ____D C:\Program Files (x86)\youtubeadblocker

2015-12-17 15:22 - 2014-04-05 19:05 - 00000000 ____D C:\Program Files (x86)\Inbox Toolbar

2015-12-17 11:42 - 2014-08-28 22:42 - 00001550 _____ C:\Windows\Tasks\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-2.job

2015-12-17 11:42 - 2014-08-28 22:41 - 00001938 _____ C:\Windows\Tasks\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-1.job

2015-12-17 11:41 - 2014-08-28 22:41 - 00004504 _____ C:\Windows\Tasks\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-11.job

2015-12-17 11:41 - 2014-08-28 22:41 - 00003822 _____ C:\Windows\Tasks\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-3.job

2015-12-17 10:42 - 2015-06-02 21:42 - 00000494 _____ C:\Windows\Tasks\deals4u_helper_service.job

2015-12-17 09:42 - 2014-01-26 17:24 - 00000000 ____D C:\Users\UpdatusUser

2015-12-17 09:41 - 2014-03-18 23:51 - 00000000 ___DO C:\Users\MEDIA\SkyDrive

2015-12-17 09:38 - 2015-04-10 22:22 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-12-17 09:38 - 2015-04-07 21:56 - 00001018 _____ C:\Windows\Tasks\lkFAVGA7nNkO1WEx6J.job

2015-12-17 09:38 - 2014-08-28 22:41 - 00000908 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job

2015-12-17 09:38 - 2014-02-21 16:42 - 00000000 ____D C:\Users\MEDIA

2015-12-17 09:38 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-12-16 21:01 - 2015-04-10 22:23 - 00002155 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2015-12-16 18:48 - 2014-01-27 01:59 - 00768266 _____ C:\Windows\system32\perfh007.dat

2015-12-16 18:48 - 2014-01-27 01:59 - 00160576 _____ C:\Windows\system32\perfc007.dat

2015-12-16 18:48 - 2013-09-13 22:06 - 01785036 _____ C:\Windows\system32\PerfStringBackup.INI

2015-12-16 18:48 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf

2015-12-16 11:55 - 2014-08-28 22:40 - 00000000 ____D C:\Users\MEDIA\AppData\Local\CrashDumps

2015-12-16 09:59 - 2015-10-16 19:41 - 00000000 ____D C:\ProgramData\Hewlett-Packard

2015-12-16 09:55 - 2014-10-02 00:00 - 00000000 ____D C:\Users\MEDIA\Desktop\FH EWUF

2015-12-15 07:06 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2015-12-15 07:04 - 2014-03-26 21:38 - 00000000 ____D C:\Program Files\Microsoft Office 15

2015-12-10 23:57 - 2014-03-18 22:39 - 00000000 ____D C:\Users\MEDIA\AppData\Roaming\NVIDIA

2015-12-10 23:32 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI

2015-12-10 21:59 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Libraries

2015-12-10 18:03 - 2014-03-28 22:55 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-12-08 18:13 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF

2015-12-08 15:46 - 2014-11-06 15:01 - 00000000 ____D C:\Users\MEDIA\Desktop\Gernot

2015-12-03 23:47 - 2015-04-10 22:22 - 00004100 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-12-03 23:47 - 2015-04-10 22:22 - 00003864 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-12-03 20:00 - 2014-01-26 18:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Office

2015-12-03 19:59 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

2015-12-03 19:45 - 2014-04-17 10:46 - 00000000 ____D C:\Update

2015-12-02 22:16 - 2014-01-26 17:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2015-12-02 22:14 - 2014-01-26 17:31 - 00000000 ____D C:\Program Files (x86)\Sony

2015-12-02 22:12 - 2014-01-27 02:01 - 00000000 ____D C:\Program Files\Sony

2015-11-23 14:45 - 2015-10-03 13:11 - 00000000 ____D C:\ProgramData\Skype

2015-11-23 03:00 - 2015-10-16 11:14 - 00000000 ____D C:\Users\MEDIA\Documents\Eigene Scans

2015-11-23 02:53 - 2015-11-09 08:13 - 00554615 _____ C:\Users\MEDIA\Desktop\Scan_Doc0002.pdf

2015-11-21 20:41 - 2015-10-15 00:20 - 00000000 ____D C:\Users\MEDIA\AppData\Local\Hewlett-Packard

2015-11-19 20:58 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness

2015-11-19 16:58 - 2015-10-02 16:51 - 00000000 ____D C:\Users\MEDIA\Desktop\Danny

2015-11-19 16:50 - 2015-10-03 13:11 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2014-09-07 20:06 - 2014-09-07 20:06 - 0000314 _____ () C:\Users\MEDIA\AppData\Roaming\aps.uninstall.scan.results

2015-03-31 09:14 - 2015-03-31 09:14 - 0004387 _____ () C:\Users\MEDIA\AppData\Roaming\lkFAVGA7nNkO1WEx6J

2015-04-03 14:49 - 2015-04-03 14:49 - 1224704 _____ () C:\Users\MEDIA\AppData\Roaming\lkFAVGA7nNkO1WEx6J.exe

2014-09-07 20:02 - 2014-09-07 20:02 - 0616240 _____ (ClickMeIn Limited) C:\Users\MEDIA\AppData\Local\nsv3E9F.tmp

2015-11-27 20:20 - 2015-11-27 20:20 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p16].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p17].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p18].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p19].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p20].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p21].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p22].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p23].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p24].bmp

2015-11-27 20:20 - 2015-11-27 20:20 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p25].bmp

2015-11-27 20:20 - 2015-11-27 20:21 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p26].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p27].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p28].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p29].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p30].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p31].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p32].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p33].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p34].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p35].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p36].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p37].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p38].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p39].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p40].bmp

2015-11-27 20:21 - 2015-11-27 20:21 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0002]-[p41].bmp

2015-11-04 23:47 - 2015-11-04 23:47 - 2529622 _____ () C:\Users\MEDIA\AppData\Local\[j0024]-[p01].bmp

2014-01-26 17:19 - 2014-01-26 17:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2015-10-15 00:29 - 2015-10-15 00:50 - 0000839 _____ () C:\ProgramData\hpzinstall.log
 

Einige Dateien in TEMP:

====================

C:\Users\MEDIA\AppData\Local\Temp\avgnt.exe

C:\Users\MEDIA\AppData\Local\Temp\DataCard_Setup64.exe

C:\Users\MEDIA\AppData\Local\Temp\ResetDevice.exe
 
 

==================== Bamital & volsnap =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\Windows\system32\winlogon.exe => Datei ist digital signiert

C:\Windows\system32\wininit.exe => Datei ist digital signiert

C:\Windows\explorer.exe => Datei ist digital signiert

C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert

C:\Windows\system32\svchost.exe => Datei ist digital signiert

C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert

C:\Windows\system32\services.exe => Datei ist digital signiert

C:\Windows\system32\User32.dll => Datei ist digital signiert

C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert

C:\Windows\system32\userinit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert

C:\Windows\system32\rpcss.dll => Datei ist digital signiert

C:\Windows\system32\dnsapi.dll => Datei ist digital signiert

C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2015-06-13 16:52
 

==================== Ende von FRST.txt ============================

--- --- ---

Kannst du mir nur vl kurz sagen ob meine fotos und Datein eh nicht verloren gehen durch das bereinigen ? hab da immer bisschen angst =(

Meine Addition lautet:FRST Additions Logfile:

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-12-2015

durchgeführt von MEDIA (2015-12-18 22:10:58)

Gestartet von C:\Users\MEDIA\Downloads

Windows 8.1 (X64) (2014-02-21 15:41:59)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-3140343885-1836807471-1777813533-500 - Administrator - Disabled)

Gast (S-1-5-21-3140343885-1836807471-1777813533-501 - Limited - Disabled)

MEDIA (S-1-5-21-3140343885-1836807471-1777813533-1002 - Administrator - Enabled) => C:\Users\MEDIA

UpdatusUser (S-1-5-21-3140343885-1836807471-1777813533-1001 - Limited - Enabled) => C:\Users\UpdatusUser
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden

6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

6500_E709a (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden

Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)

Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.13)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.159 - Adobe Systems, Inc.)

Andy OS (HKLM\...\Andy OS) (Version: 0.45.5.0 - Andy OS, Inc)

Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)

Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)

Avira Launcher (HKLM-x32\...\{d6a7cfcc-1f1c-4638-8f9e-0f184696fcdb}) (Version: 1.1.48.9049 - Avira Operations GmbH & Co. KG)

Avira Launcher (x32 Version: 1.1.48.9049 - Avira Operations GmbH & Co. KG) Hidden

BlueStacks App Player (HKLM-x32\...\{D080F290-4B2A-4C67-9757-63DA0C6E8855}) (Version: 2.0.0.1011 - BlueStack Systems, Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden

BPDSoftware (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden

BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.181 - Broadcom Corporation)

BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden

Bus Style (HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\{9563BC59-9556-4805-8CD4-886781779D8D}) (Version: 1.8.6 - Comp Follow corp) <==== ACHTUNG

CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5804.52 - CyberLink Corp.)

Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden

DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden

DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden

Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.2.0.10110 - Sony Corporation)

Elements 12 Organizer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden

ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden

Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden

FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)

Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden

GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden

HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)

HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)

HP Officejet 6500 E709 Series (HKLM\...\{9C57D227-1FE7-4F40-BD49-2BCA7761B083}) (Version: 14.0 - HP)

HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)

HP Solution Center Packages (HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\HP Solution Center Packages) (Version:  - ) <==== ACHTUNG

HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.1.40.3 - Hewlett-Packard Company)

HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.0.30.219 - Hewlett-Packard Company)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden

HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden

HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)

Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)

Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)

Java(TM) 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.350 - Oracle)

MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

Media Go (HKLM-x32\...\{B55B7EAE-C58C-496E-A383-3A6ABDD83A62}) (Version: 2.5.290 - Sony)

MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden

Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4779.1002 - Microsoft Corporation)

Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)

Microsoft SkyDrive (HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.030.01.26.75 - Huawei Technologies Co.,Ltd)

Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)

Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden

NFC Connection Utility (HKLM\...\{F3FC1B12-45AA-4ACE-AD9F-DFD87BE9457E}) (Version: 1.0.0.14100 - Sony Corporation)

NVIDIA Grafiktreiber 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)

NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.5.9.0 - NXP Semiconductors)

OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)

Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (Version: 15.0.4779.1002 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden

PepperZip 1.0 (HKLM-x32\...\PepperZip) (Version: 1.0 - PepperWare Co.) <==== ACHTUNG

PlayMemories Home (HKLM-x32\...\{5FC13A4C-BC27-4414-A2E4-9E2277AA88AE}) (Version: 8.0.02.10010 - Sony Corporation)

ProductContext (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden

PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden

Reader for PC (HKLM-x32\...\{7FAEB610-D6B1-42CE-9EEA-6A5001C2E732}) (Version: 2.1.00.06250 - Sony Corporation)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21245 - Realtek Semiconductor Corp.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7054 - Realtek Semiconductor Corp.)

Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden

Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden

Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)

Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)

Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)

Skype Web Plugin (HKLM-x32\...\{84A88532-36E8-4C7E-99D0-FA25D3BCD5D9}) (Version: 7.9.0.59 - Skype Technologies S.A.)

Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.102 - Skype Technologies S.A.)

Snap.Do (HKLM-x32\...\{4130EAB4-F6D3-4981-A6DC-82CBCC308208}) (Version: 11.112.1.19229 - ReSoft Ltd.) <==== ACHTUNG

SOHLib for PlayMemories Home (Version: 1.0.0.09130 - Sony Corporation) Hidden

SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)

SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden

SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden

Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.9.10 - Synaptics Incorporated)

Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden

TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden

VAIO - Remote-Tastatur (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)

VAIO BIOS Data Transfer Utility (x32 Version: 1.1.0.09260 - Sony Corporation) Hidden

VAIO Care (HKLM\...\{036400BD-B717-4D50-ACDC-96480C99EDD3}) (Version: 8.4.4.09186 - Sony Corporation)

VAIO Care Recovery (HKLM\...\{7BF64721-B4E0-4CBC-8D4B-E9E6A8590521}) (Version: 1.1.3.13230 - Sony Corporation)

VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.0.09260 - Sony Corporation)

VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.4.1.13060 - Sony Corporation)

VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.12.0.07300 - Sony Corporation)

VAIO Easy Connect (x32 Version: 8.4.4.07220 - Sony Corporation) Hidden

VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.5.0.09250 - Sony Corporation)

VAIO Gesture Control (x32 Version: 2.5.0.09250 - Sony Corporation) Hidden

VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)

VAIO Image Optimizer (x32 Version: 3.3.00.10220 - Sony Corporation) Hidden

VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 3.0.0.08080 - Sony Corporation)

VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.00.10240 - Sony Corporation)

VAIO Movie Creator (x32 Version: 4.3.00.10240 - Sony Corporation) Hidden

VAIO Sample Music (HKLM-x32\...\{E54A5A2B-E06C-41A6-A0DE-04C5AA4B415C}) (Version: 1.0.1.10240 - Sony Corporation)

VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.1.0.08060 - Sony Corporation)

VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)

VCCMMx64 (Version: 1.0.0 - Sony Corporation) Hidden

VCCMMx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden

VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden

VI3.0x64 (Version: 1.0.0 - Sony Corporation) Hidden

VI3.0x86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VIx64 (Version: 1.0.0 - Sony Corporation) Hidden

VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VMware Player (Version: 6.0.7 - VMware, Inc.) Hidden

VMware VIX (HKLM-x32\...\{F99FC179-EA67-4BBC-8955-BDDA0CB94B88}) (Version: 1.13.7.62285 - VMware, Inc.)

VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden

VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden

VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden

VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden

WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8030 - Broadcom Corporation)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-3140343885-1836807471-1777813533-1002_Classes\CLSID\{5D2C194A-6D36-4244-9ADB-C1D104521BD2}\localserver32 -> C:\Users\MEDIA\AppData\Local\SkypePlugin\7.9.0.59\GatewayVersion-x64.exe (Skype Technologies S.A.)

CustomCLSID: HKU\S-1-5-21-3140343885-1836807471-1777813533-1002_Classes\CLSID\{887D73F6-A8F6-415B-B275-ED889BC74AEA}\InprocServer32 -> C:\Users\MEDIA\AppData\Local\SkypePlugin\7.9.0.59\GatewayActiveX-x64.dll (Skype Technologies S.A.)

CustomCLSID: HKU\S-1-5-21-3140343885-1836807471-1777813533-1002_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\MEDIA\AppData\Local\SkypePlugin\7.9.0.59\EdgeCalling.exe (Skype Technologies S.A.)
 

==================== Wiederherstellungspunkte =========================
 

16-10-2015 19:39:38 Installed HP Support Assistant

19-10-2015 20:15:03 Windows Update

02-12-2015 22:12:18 Entfernt VAIO Easy Connect

02-12-2015 22:14:04 Installiert VAIO Easy Connect

02-12-2015 22:15:17 Installiert VAIO Control Center

17-12-2015 14:07:25 Removed Bonjour
 

==================== Hosts Inhalt: ===============================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {003CAD0A-28E8-4887-BE96-0587CE813F5F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)

Task: {0113275D-FE84-4580-8FF6-8393EFDCC39B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)

Task: {06B0699D-6D7F-4413-B033-D11FD3BFD123} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2015-02-04] (Sony Corporation)

Task: {13E13CC6-ABB2-45A8-A2E6-42E9464ABE89} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)

Task: {15E50CE5-3565-4F13-A500-7512D3EF9C1A} - System32\Tasks\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-1 => C:\Program Files (x86)\videos MediaPlay-Air\videos MediaPlay-Air-codedownloader.exe <==== ACHTUNG

Task: {1F9C6C47-8FCB-4227-ADE0-DE9754E5908D} - System32\Tasks\Beach Image => Rundll32.exe "C:\Users\MEDIA\AppData\Local\Beach Image\Bin\BeachImage.dll",#3 <==== ACHTUNG

Task: {2E354263-9DE8-4D46-ACA5-11B27A4B1138} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-08-14] (Sony Corporation)

Task: {3232609E-C272-462A-910A-77EFFF441FB4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-10] (Google Inc.)

Task: {394160BD-A6FD-4F15-BB7D-885744675C92} - System32\Tasks\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-3 => C:\Program Files (x86)\videos MediaPlay-Air\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-3.exe <==== ACHTUNG

Task: {3C1E320A-DE8E-40D2-A210-75D40608CD1D} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ACHTUNG

Task: {3E3F7792-162A-48B7-8AD5-AF31E2E47317} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)

Task: {4BABFBA0-5611-48B3-9AF4-DAD2280621C5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)

Task: {51FA5C70-4CEE-4400-94E8-32F7F0DF911F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-12-15] (Microsoft Corporation)

Task: {566A7987-58D8-488B-8DDD-5E62B44B9D76} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ACHTUNG

Task: {5A3F571A-5122-41CB-AE9B-EF7FC9C57A35} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)

Task: {61CF65E6-B686-4307-BBBC-6BC3E42FBC76} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-08-28] (globalUpdate) <==== ACHTUNG

Task: {6DD3838D-9543-475B-8DDA-7AB48392A8E0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)

Task: {6FF81A4A-5455-4F6E-B98F-8CAD39C2364C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-10] (Adobe Systems Incorporated)

Task: {76F47283-455A-42EF-9A42-4D573C75379B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-10-19] (Microsoft Corporation)

Task: {7879B03F-CE7D-43F3-9E6F-5CD4B83FB299} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)

Task: {796293D5-09CD-4245-9123-9574CCF310F1} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploaderUserConected => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)

Task: {7B00BAB1-FFBB-41FA-8372-2B509F7FAAEE} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)

Task: {7F826F3E-17CA-4BC2-A5F5-BE5422DFD0A4} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)

Task: {82C48240-065B-46EF-B452-C11B15B72905} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)

Task: {835E8136-EB45-46D6-95EC-A7F4F6409C41} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-17] (Sony Corporation)

Task: {86506D45-6C9C-45FA-835B-10E5124BFB5A} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2015-07-23] (Sony Corporation)

Task: {870F466D-DDF0-47FA-AA6C-735B3EB37C43} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2015-07-31] (Sony Corporation)

Task: {89D027E3-2F01-4072-A5D6-427B4511D82B} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"

Task: {8A1F6482-7692-4C6B-A505-142FA78F7CEE} - System32\Tasks\HPCeeScheduleForMEDIA => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)

Task: {8CF1C67E-F443-4300-8BA6-81582EDF719F} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)

Task: {902E4053-EC8B-42F1-AA40-634FA8AA170A} - System32\Tasks\Sony Corporation\NFC Connection Utility\NFC Logon Start => C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe [2014-02-11] (Sony Corporation)

Task: {9554898D-E288-4F00-846F-57BE79E96B42} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)

Task: {96B12B00-D76D-41B9-BC5B-1F37694DA0BF} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-17] (Sony Corporation)

Task: {98644BCE-DE2B-4FFF-BA51-72FB203F2648} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)

Task: {9C5551EA-6E1B-4C34-9D99-267BAC499494} - System32\Tasks\winter_web_updating_service => C:\Program Files (x86)\winter web\winter_web_updating_service.exe [2015-04-07] () <==== ACHTUNG

Task: {9C60EA05-33AC-4A93-B8A8-D0F67B4B0E99} - System32\Tasks\ASP => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ACHTUNG

Task: {A2D28E4D-19D2-4BF5-BFE3-78E1FBC67370} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-28] (Hewlett-Packard)

Task: {A5D405D1-2222-4A54-951A-5FAFD248C720} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [2013-08-14] (Sony Corporation)

Task: {AE332107-52A7-4289-ABFF-7D92D6ECF753} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ACHTUNG

Task: {AE5DE01C-DE7B-4F98-8E15-21235D196F61} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)

Task: {B05504E4-E25D-4DB6-A659-89E6F01DBB7B} - System32\Tasks\winter_web_notification_service => C:\Program Files (x86)\winter web\winter_web_notification_service.exe [2015-04-07] (FileProperties_CompanyName) <==== ACHTUNG

Task: {B4493629-A2E9-4A25-BE4A-0B83A502E52F} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)

Task: {B6621425-5674-4C3B-8AD5-6AED20F278EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-10] (Google Inc.)

Task: {B70E2851-5E18-4E93-9916-42F73E444E48} - System32\Tasks\Sony Corporation\VAIO Improvement\v3\VAIOImprovementUploaderUserDisconected => C:\Program Files\Sony\VAIO Improvement\v3\Sony.VAIO.VAIOImprovement.Uploader.exe [2013-08-09] (Sony Corporation)

Task: {B8B72B72-FEBA-44F4-B1E7-4E8A4156B552} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)

Task: {B98EBBF7-2FA2-4C64-B561-FD618A4CEC15} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)

Task: {BFFCEAC6-93E0-4A8A-AA5E-CB332463B0A4} - System32\Tasks\deals4u_helper_service => C:\Program Files (x86)\Deals4U\deals4u_helper_service.exe [2015-06-02] () <==== ACHTUNG

Task: {C9DC94C1-A326-4551-A74C-207648B5F3A1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)

Task: {CE2F81B9-35E4-4E7B-B216-D281E4612D4E} - System32\Tasks\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-11 => C:\Program Files (x86)\videos MediaPlay-Air\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-11.exe <==== ACHTUNG

Task: {D84026AD-1696-46F0-A861-301ECF797131} - System32\Tasks\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-2 => C:\Program Files (x86)\videos MediaPlay-Air\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-2.exe <==== ACHTUNG

Task: {E2D57B57-5CA1-449D-980F-A42085B17090} - System32\Tasks\Bus Style => Rundll32.exe "C:\Users\MEDIA\AppData\Local\Bus Style\Bin\BusStyle.dll",#3 <==== ACHTUNG

Task: {E38403A3-806A-4E94-9AF0-3072315D11B7} - System32\Tasks\PDVDServ Task => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.EXE [2013-03-19] (CyberLink Corp.)

Task: {E3F9C5A1-0D92-4740-80D2-D5A960775C7C} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2015-08-06] (Sony Corporation)

Task: {E9FA7EF1-F154-4235-8750-8F3678942C44} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-07-05] (Sony Corporation)

Task: {ECB0912F-52BB-4263-AB88-816119C92348} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)

Task: {EFFE5813-8721-4930-A44C-B41C3B2422D9} - System32\Tasks\Sony Corporation\VAIO Care\DeployVAIOManual => C:\ProgramData\Sony Corporation\VAIO Care\VAIOUserGuideUpdate.exe

Task: {F276201B-0F80-4F0C-B447-900DC31F085E} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-08-14] (Sony Corporation)

Task: {F2BFEC89-40E1-4E15-ABEC-33E073E02E51} - System32\Tasks\FoxTab => C:\Users\MEDIA\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ACHTUNG

Task: {F6E54415-058F-4DE2-8108-8563A012910C} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient

Task: {F987C9D3-09FF-4D2B-B013-8C13CBE81201} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation)

Task: {FA18B89C-FBFE-4131-B631-217D033DD180} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2015-07-31] (Sony Corporation)

Task: {FC0D3D72-3998-47D4-955F-38B13801340C} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => C:\ProgramData\Sony Corporation\VAIO Care\UpdateContacts.exe

Task: {FC49B937-A053-4FD9-9F38-03B926688D75} - System32\Tasks\lkFAVGA7nNkO1WEx6J => C:\Users\MEDIA\AppData\Roaming\lkFAVGA7nNkO1WEx6J.exe [2015-04-03] () <==== ACHTUNG
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\Windows\Tasks\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-1.job => C:\Program Files (x86)\videos MediaPlay-Air\videos MediaPlay-Air-codedownloader.exe̋/reinstallapp /runfrom=task /agentregpath='videos MediaPlay-Air' /appid=61799 /srcid='001673' /subid='verticals-Intext,Pops,ads,shopping' /zdata='0' /bic=6CDEDA9D4A354D8BAE89B3B81AADF73DIE /verifier=793de36292d25ded6cbc53ebf8883203 /installerversion=1_34_08_12 /installerfullversion=1.34.8.12 /installationtime=1409262004 /statsdomain=hxxp:/stats.loadclientinputsrv.com /errorsdomain=hxxp:/errors.loadclientinputsrv.com /codedownloaddomain=hxxp:/js.loadclientinputsrv.com /defbro=ff /crregname='videos MediaPlay-Air' /fbcodedownloaddomain=hxxp:/js.clientdemocloud.com /allusers /addinfojson='{asw:[0, 4, 0],browser_name:__BROWSER_NAME__}' /autoupdateulr='hxxp:/update.loadclientinputsrv.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ACHTUNG

Task: C:\Windows\Tasks\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-11.job => C:\Program Files (x86)\videos MediaPlay-Air\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-11.exe <==== ACHTUNG

Task: C:\Windows\Tasks\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-2.job => C:\Program Files (x86)\videos MediaPlay-Air\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-2.exeɆ/enablebho /agentregpath='videos MediaPlay-Air' /appid=61799 /srcid='001673' /subid='verticals-Intext,Pops,ads,shopping' /zdata='0' /bic=6CDEDA9D4A354D8BAE89B3B81AADF73DIE /verifier=793de36292d25ded6cbc53ebf8883203 /installerversion=1_34_08_12 /installationtime=1409262004 /statsdomain=hxxp:/stats.loadclientinputsrv.com /errorsdomain=hxxp:/errors.loadclientinputsrv.com /bhoguid=11111111-1111-1111-1111-110611171199 /defbro=ff /useiepol /allusers /autoupdateulr='hxxp:/update.loadclientinputsrv.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ACHTUNG

Task: C:\Windows\Tasks\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-3.job => C:\Program Files (x86)\videos MediaPlay-Air\15dfb1b5-37c8-4652-b9c5-426d877dbf8e-3.exe <==== ACHTUNG

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ACHTUNG

Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ACHTUNG

Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ACHTUNG

Task: C:\Windows\Tasks\deals4u_helper_service.job => C:\Program Files (x86)\Deals4U\deals4u_helper_service.exe <==== ACHTUNG

Task: C:\Windows\Tasks\FoxTab.job => C:\Users\MEDIA\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ACHTUNG

Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ACHTUNG

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\HPCeeScheduleForMEDIA.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\Windows\Tasks\lkFAVGA7nNkO1WEx6J.job => C:\Users\MEDIA\AppData\Roaming\lkFAVGA7nNkO1WEx6J.exe <==== ACHTUNG

Task: C:\Windows\Tasks\winter_web_notification_service.job => C:\Program Files (x86)\winter web\winter_web_notification_service.exeǦ/url='hxxp:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='winter web' /appid='73143' /srcid='2913' /bic='a33e631672a5d17334ae3e109ee25545' /verifier='d16a50107c4600529b49558c3b3397d2' /installerversion='1.50.3.10' /statsdomain='hxxp:/stats.buildomserv.com/data.gif?' /errorsdomain='hxxp:/stats.buildomserv.com/data.gif?' /monetizationdomain='hxxp:/logs.buildomserv.com/monetization.gif <==== ACHTUNG

Task: C:\Windows\Tasks\winter_web_updating_service.job => C:\Program Files (x86)\winter web\winter_web_updating_service.exe« /campid=2913 /verid=1 /url=hxxp:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=winter_web_updating_service /funurl=hxxp:/stats.buildomserv.com <==== ACHTUNG
 

==================== Verknüpfungen =============================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2014-01-26 17:23 - 2013-12-17 08:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll

2013-09-25 14:20 - 2013-09-25 14:20 - 00049368 _____ () c:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll

2014-03-28 00:05 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll

2015-06-02 21:42 - 2015-06-02 21:42 - 00191692 _____ () C:\Program Files (x86)\Deals4U\deals4u_helper_service.exe

2015-12-10 23:52 - 2015-10-30 14:39 - 00944840 _____ () C:\Program Files\Andy\HandyAndy.exe

2015-08-26 13:11 - 2015-08-26 13:11 - 00413336 _____ () C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe

2015-08-26 13:11 - 2015-08-26 13:11 - 00709272 _____ () C:\Program Files\Sony\VAIO Care\ESRV\intel_modeler.dll

2015-08-26 13:11 - 2015-08-26 13:11 - 00130712 _____ () C:\Program Files\Sony\VAIO Care\ESRV\intel_process_input.dll

2015-08-26 13:11 - 2015-08-26 13:11 - 00025752 _____ () C:\Program Files\Sony\VAIO Care\ESRV\intel_system_power_state_input.dll

2015-08-26 13:11 - 2015-08-26 13:11 - 00059544 _____ () C:\Program Files\Sony\VAIO Care\ESRV\intel_quality_and_reliability_input.dll

2015-08-26 13:11 - 2015-08-26 13:11 - 00194712 _____ () C:\Program Files\Sony\VAIO Care\ESRV\acpi_battery_input.dll

2015-08-26 13:11 - 2015-08-26 13:11 - 00159896 _____ () C:\Program Files\Sony\VAIO Care\ESRV\sema_thermal_input.dll

2015-08-26 13:11 - 2015-08-26 13:11 - 00158360 _____ () C:\Program Files\Sony\VAIO Care\ESRV\wifi_input.dll

2015-08-26 13:11 - 2015-08-26 13:11 - 00050840 _____ () C:\Program Files\Sony\VAIO Care\ESRV\devices_use_input.dll

2015-08-26 13:11 - 2015-08-26 13:11 - 00032920 _____ () C:\Program Files\Sony\VAIO Care\ESRV\intel_disktrace_input.dll

2015-08-26 13:11 - 2015-08-26 13:11 - 00458904 _____ () C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe

2015-08-26 13:11 - 2015-08-26 13:11 - 00185496 _____ () C:\Program Files\Sony\VAIO Care\ESRV\foreground_window_input.dll

2015-09-18 09:58 - 2015-09-18 09:58 - 00244888 _____ () C:\Program Files\Sony\VAIO Care\analyzer.dll

2015-06-24 14:28 - 2015-06-24 14:28 - 01301720 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll

2015-07-25 17:56 - 2015-07-25 17:56 - 00044032 _____ () C:\Users\MEDIA\AppData\Local\Beach Image\Bin\BeachImage.dll

2015-08-02 15:32 - 2015-08-02 15:32 - 00044544 _____ () C:\Users\MEDIA\AppData\Local\Bus Style\Bin\BusStyle.dll

2015-08-02 15:32 - 2015-08-02 15:32 - 00011776 _____ () C:\Users\MEDIA\AppData\Local\Bus Style\Bin\gszrn.dll

2015-11-14 03:30 - 2015-11-14 03:30 - 00147136 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll

2014-01-26 17:16 - 2013-09-18 03:32 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

2015-02-04 17:29 - 2015-02-04 17:29 - 00347136 _____ () C:\Program Files\Sony\VAIO Care\Iolo\vosges.dll

2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf

2015-12-17 11:33 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl

2015-12-17 11:33 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl

2015-12-17 11:33 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl

2015-12-17 11:33 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll

2015-12-17 11:33 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

2015-12-16 21:01 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll

2015-12-16 21:01 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll

2015-12-16 21:01 - 2015-12-11 04:54 - 16573256 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\MEDIA\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg

DNS Servers: 192.168.0.1 - 192.168.0.2

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

MSCONFIG\Services: AdobeActiveFileMonitor12.0 => 2

MSCONFIG\Services: AdobeARMservice => 2

MSCONFIG\Services: APIInteractiveMotion.exe => 2

MSCONFIG\Services: globalUpdate => 2

MSCONFIG\Services: globalUpdatem => 3

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"

HKLM\...\StartupApproved\Run32: => "avgnt"

HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"

HKLM\...\StartupApproved\Run32: => "HP Software Update"

HKU\S-1-5-21-3140343885-1836807471-1777813533-1002\...\StartupApproved\Run: => "iLivid"
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [{0DFF519A-3D8B-4598-A09E-8D9716BCF47E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [{0C7AADD1-E99D-4C1E-A690-5EFA6097DFEC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [{F959C9CD-57D3-4C3A-ABC6-6ACAA5B73B66}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

FirewallRules: [{7A3004B4-9B44-4687-9021-F75DC9A5911C}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

FirewallRules: [{A3DF3C92-40D7-42F9-93C0-B3CF5F7FC718}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe

FirewallRules: [{32B83293-E175-412D-A457-A6F5E3B5F291}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE

FirewallRules: [{871374F5-DE41-4870-AA7D-53C1E26578DE}] => (Allow) C:\Users\MEDIA\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

FirewallRules: [{12363D60-8F96-4740-B9AD-C8A43DF4BF28}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe

FirewallRules: [{4303BD84-5D7A-4F04-A8D0-2F47A6B2320A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{D65A4C02-293B-4C38-81C6-728A51374D87}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [TCP Query User{29D1507B-740F-4C04-86D1-D25735ECD0B5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe

FirewallRules: [UDP Query User{B7C74982-DB60-47E9-B094-5715D6A867E1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe

FirewallRules: [{D389AD80-52E6-4FCB-A29B-D2D6FBB5DCBE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [{745A4857-0E04-4399-930E-8F8E5DA822A4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [{ACE30A82-DCA3-46FF-9946-2409EE877AB9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

FirewallRules: [{B1A39BB2-6F21-4A99-8297-7B9FFF4B5AA5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe

FirewallRules: [{C74A741C-FF6D-40CA-8AC1-BBB1B9CD5664}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe

FirewallRules: [{757DD534-81B4-4995-937E-5E35F9CE6A12}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe

FirewallRules: [{2EB18D69-FDA2-4854-BAB5-413200DC667B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe

FirewallRules: [{D6B247FF-0F27-444D-AE3D-8FCD74A7EBDE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe

FirewallRules: [{CC5E53DC-BDA5-479E-9130-1F18D4D8456D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe

FirewallRules: [{553D4B73-3701-4E94-B914-949E6AB81AD4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe

FirewallRules: [{0F1AADF3-196F-4718-9AC0-6CD24CC4FCD4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe

FirewallRules: [{8D344589-AFFE-4AF1-9B6B-9E9CEE2372AC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe

FirewallRules: [{60E77F96-CAE9-4F4B-81FA-05BB4E6677A4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe

FirewallRules: [{540064A2-0AA3-4028-81A6-A6F5310A1DA2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe

FirewallRules: [{01AA01C7-BBEA-400C-A499-A3502E4FB312}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe

FirewallRules: [{76D57A55-CD41-4EF2-AA41-0190EEC3BCFA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

FirewallRules: [{2E8EE896-50A0-4874-9D5D-7C87E3EF52A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe

FirewallRules: [{CCE6E991-000D-4BAA-91D0-DA513AD11376}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe

FirewallRules: [{6961E618-43CC-4B15-BD9A-1F6C00F7AA58}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe

FirewallRules: [TCP Query User{8B71833B-19C0-444D-96A4-E26147A66CD5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [UDP Query User{48A1EB0C-E470-4DB8-95B3-7BA870444E1B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [TCP Query User{131C633D-8566-4034-B844-ACDF2054BE04}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [UDP Query User{5D15229A-A479-489E-A446-831FD962D9E2}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [TCP Query User{A3BEFB5B-92FE-48CC-8A04-E5B197BDA4FF}C:\users\media\appdata\local\skypeplugin\7.9.0.59\pluginhost.exe] => (Allow) C:\users\media\appdata\local\skypeplugin\7.9.0.59\pluginhost.exe

FirewallRules: [UDP Query User{7020386A-087C-4C58-9E9C-DB98C619FC8E}C:\users\media\appdata\local\skypeplugin\7.9.0.59\pluginhost.exe] => (Allow) C:\users\media\appdata\local\skypeplugin\7.9.0.59\pluginhost.exe

FirewallRules: [{38C73BAE-58D3-467B-8A3A-BC0F80B1F5DA}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe

FirewallRules: [{DC798B06-27F5-4128-B725-801192DCBE42}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe

FirewallRules: [{49192E0F-AA9C-4405-8770-85614EC2C0A6}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

FirewallRules: [{63ABEB1A-EF3D-43B9-9EA9-B880FA83F7F4}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe

FirewallRules: [{EC7178DB-D44C-495B-BB1C-8F7DF5C812EC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{3F1A8283-6974-4232-BFE7-119E50AAC201}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{C83E96E4-35A9-4C1E-A179-8E63B62BE730}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{E61ED06F-6A71-4805-A29E-21BE5BEB3486}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{0B94C810-4C84-4EC5-9678-B39ED25C14C4}] => (Allow) C:\Users\MEDIA\AppData\Local\Temp\Andy_45.5_x64\Setup.exe

FirewallRules: [{A844BE04-5B9A-4480-92AC-A15491741A86}] => (Allow) C:\Users\MEDIA\AppData\Local\Temp\Andy_45.5_x64\Setup.exe

FirewallRules: [{A17DB460-86D9-4F02-813B-3A32CAF38184}] => (Allow) C:\Program Files\Andy\andy.exe

FirewallRules: [{84C677B0-76A3-42F1-A412-DCE63264FFE5}] => (Allow) C:\Program Files\Andy\andy.exe

FirewallRules: [{57C4BB0F-6F9F-4A6E-9153-22F335AECAA8}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe

FirewallRules: [{9FDFD77C-7357-497A-B7DB-AD0B89E833FD}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe

FirewallRules: [{3338683D-FDFD-41D8-9AE3-7436B1C23A43}] => (Allow) C:\Program Files\Andy\HandyAndy.exe

FirewallRules: [{8116630B-FABD-49F6-BE5F-AD3E10B0C59D}] => (Allow) C:\Program Files\Andy\HandyAndy.exe

FirewallRules: [{E36A9768-45C7-415B-B6B5-2A39450AF762}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 

Name: HP Officejet Pro X476dw MFP

Description: HP Officejet Pro X476dw MFP

Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}

Manufacturer: HP

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (12/18/2015 10:00:00 PM) (Source: ESENT) (EventID: 467) (User: )

Description: svchost (1364) SRUJet: Datenbank C:\Windows\system32\SRU\SRUDB.dat: Index AppIdTimeStamp von Tabelle {FEE4E14F-02A9-4550-B5CE-5FA2DA202E37} ist beschädigt (0).
 

Error: (12/18/2015 09:58:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIO)

Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (12/18/2015 09:58:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIO)

Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (12/18/2015 09:58:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIO)

Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (12/18/2015 09:46:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIO)

Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (12/18/2015 09:26:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIO)

Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (12/18/2015 09:20:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIO)

Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (12/18/2015 09:16:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIO)

Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (12/18/2015 09:16:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIO)

Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (12/18/2015 09:16:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIO)

Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009284. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
 

Systemfehler:

=============

Error: (12/17/2015 10:00:10 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 

%%1
 

Error: (12/17/2015 09:38:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Update App Bud" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (12/17/2015 09:38:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (12/17/2015 09:38:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit-Scanner erreicht.
 

Error: (12/17/2015 09:38:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (12/17/2015 09:38:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Planer erreicht.
 

Error: (12/17/2015 09:38:05 AM) (Source: EventLog) (EventID: 6008) (User: )

Description: Das System wurde zuvor am ‎16.‎12.‎2015 um 21:31:52 unerwartet heruntergefahren.
 

Error: (12/16/2015 02:07:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 

%%1
 

Error: (12/16/2015 09:51:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Update App Bud" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (12/16/2015 09:51:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 
 

CodeIntegrity:

===================================

  Date: 2015-02-07 00:56:03.593

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz

Prozentuale Nutzung des RAM: 21%

Installierter physikalischer RAM: 8103.8 MB

Verfügbarer physikalischer RAM: 6364.43 MB

Summe virtueller Speicher: 10551.8 MB

Verfügbarer virtueller Speicher: 7087.65 MB
 

==================== Laufwerke ================================
 

Drive c: () (Fixed) (Total:904.44 GB) (Free:786.31 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: C2C7468C)
 

Partition: GPT.
 

==================== Ende von Addition.txt ============================

--- --- ---