Laptop extrem langsam svchost.exe problem
Hallo miteinander,
ich habe zu Weihnachten den alten Laptop meines Bruders bekommen, der mir aber, für seine Konfiguration sehr langsam vorkommt.
Es handelt sich um ein MSI GE60: hxxp://www.notebooksbilliger.de/msi+ge60+2oei745fd+
Leider sind wohl noch Programme drauf und einzelne Dateien die er für die Uni benötigt und ich nicht löschen kann, sonst hätte ich versucht ihn neu aufzusetzen.
Aufgefallen ist mir, das der PC nicht runterfährt regulär, Windows updates austehen, sich aber nicht installieren lassen und die AntiViren programme den PC super langsam machen.
Auch nahm die svchost.exe bis zu 85% des physikalischen Speichers im Task Managers in Anspruch.
FRST: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-12-2015
durchgeführt von Michael (Administrator) auf MICHAEL-PC (25-12-2015 13:40:10)
Gestartet von C:\Users\Michael\Downloads
Geladene Profile: Michael (Verfügbare Profile: Michael)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
() C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Chip Digital GmbH) C:\Users\Michael\AppData\Local\Temp\DMR\dmr_72.exe
(Trend Micro Inc.) C:\Users\Michael\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\7b4e384f5b096b9656fee276ba88bb81\HijackThis_2.0.5.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2889072 2013-04-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-08] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3593299673-3517801396-409504777-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3593299673-3517801396-409504777-1000\...\MountPoints2: {446baf55-e90f-11e3-afc3-806e6f6e6963} - D:\CDSetup.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-25] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [196096 2013-05-16] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [196096 2013-05-16] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [196096 2013-05-16] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [196096 2013-05-16] (Bigfoot Networks, Inc.)
Winsock: Catalog9 16 C:\Windows\SysWOW64\BfLLR.dll [196096 2013-05-16] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [216064 2013-05-16] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [216064 2013-05-16] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [216064 2013-05-16] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [216064 2013-05-16] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 16 C:\Windows\system32\BfLLR.dll [216064 2013-05-16] (Bigfoot Networks, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{13BCD09E-9EA0-4451-9093-B70058AFCDA7}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{D9D2F323-8E57-4AB7-85CB-F2715CFBA7D3}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3593299673-3517801396-409504777-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKU\S-1-5-21-3593299673-3517801396-409504777-1000 -> {1BEEC742-7CEB-4138-B7D0-A6884554C8AD} URL = hxxp://search.strtpoint.com/results.html?v=insMac&t=1411&ap=578080078&q={searchTerms}&r=813
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-25] (AVAST Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-25] (AVAST Software)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rf05mf5m.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-07-16] (Nitro PDF)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3593299673-3517801396-409504777-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Michael\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1401100-0-npoctoshape.dll [2014-01-10] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-3593299673-3517801396-409504777-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-12-07] (Ubisoft)
FF user.js: detected! => C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rf05mf5m.default\user.js [2015-06-21]
FF Plugin ProgramFiles/Appdata: C:\Users\Michael\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2015-04-14] (Octoshape ApS)
FF SearchPlugin: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rf05mf5m.default\searchplugins\avira-safesearch.xml [2015-07-28]
FF SearchPlugin: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rf05mf5m.default\searchplugins\startpointkms.xml [2015-01-16]
FF Extension: Browser-Security - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rf05mf5m.default\extensions\firefox@browser-security.de.xpi [2015-08-25]
FF Extension: Avira SafeSearch Plus - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rf05mf5m.default\Extensions\safesearchplus@avira.com [2015-07-28] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rf05mf5m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-06-18] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-13]
FF HKU\S-1-5-21-3593299673-3517801396-409504777-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff => nicht gefunden
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-28]
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-06] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-06] (Avira Operations GmbH & Co. KG)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-25] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4048280 2015-09-25] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-07-16] (Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [417800 2014-07-16] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [503296 2013-05-16] () [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-25] (AVAST Software)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [66928 2013-05-16] (Qualcomm Atheros, Inc.)
R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-16] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-22] (Intel Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [165824 2013-05-16] (Qualcomm Atheros, Inc.)
S3 KovaPlusFltr; C:\Windows\System32\drivers\KovaPlusFltr.sys [15104 2010-01-25] (ROCCAT Development, Inc.)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [132656 2015-09-25] (AVAST Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3064024 2013-11-29] (Realtek Semiconductor Corporation )
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [274336 2015-09-25] (Avast Software)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-25 13:40 - 2015-12-25 13:40 - 00022948 _____ C:\Users\Michael\Downloads\FRST.txt
2015-12-25 13:39 - 2015-12-25 13:40 - 00000000 ____D C:\FRST
2015-12-25 13:39 - 2015-12-25 13:39 - 01466656 _____ C:\Users\Michael\Downloads\HijackThis - CHIP-Installer(1).exe
2015-12-25 13:38 - 2015-12-25 13:38 - 02370560 _____ (Farbar) C:\Users\Michael\Downloads\FRST64.exe
2015-12-22 01:49 - 2015-12-22 01:49 - 00370835 _____ C:\Users\Michael\Downloads\Andy Jeans Coaching Proposal.pdf
2015-12-18 21:13 - 2015-12-18 21:13 - 00030790 _____ C:\Users\Michael\Downloads\koo analysis.xlsx
2015-12-17 14:54 - 2015-12-17 14:54 - 00051891 _____ C:\Users\Michael\Desktop\Michai.csv
2015-12-14 22:30 - 2015-12-14 22:31 - 00800879 _____ C:\Users\Michael\Downloads\Apple Mac 27 Schmelz.pdf
2015-12-13 23:09 - 2015-09-25 12:59 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-12-13 23:03 - 2015-12-13 23:03 - 00006824 ____N C:\bootsqm.dat
2015-12-11 23:57 - 2015-12-11 23:57 - 00433916 _____ C:\Users\Michael\Downloads\logo_posters_001 (1).pdf
2015-12-11 02:42 - 2015-12-11 02:42 - 01188740 _____ C:\Users\Michael\Downloads\2015 Summer CS Rule Set v2_03(3).pdf
2015-12-11 02:41 - 2015-12-11 02:41 - 01136891 _____ C:\Users\Michael\Downloads\CS Rule Set 2.01(1).pdf
2015-12-05 01:21 - 2015-12-05 01:22 - 32755453 _____ C:\Users\Michael\Downloads\BaronReplays(1).exe
2015-12-04 06:50 - 2015-12-04 06:50 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-04 06:50 - 2015-12-04 06:50 - 00000000 ____D C:\Program Files\Common Files\AV
2015-11-27 00:13 - 2015-11-27 00:13 - 00075821 _____ C:\Users\Michael\Downloads\Departed+Analysis(3).pdf
2015-11-27 00:13 - 2015-11-27 00:13 - 00075821 _____ C:\Users\Michael\Downloads\Departed+Analysis(2).pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-25 13:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-25 13:35 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-25 13:35 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-25 13:26 - 2015-07-28 01:57 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-25 13:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-25 04:21 - 2014-06-28 14:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-25 01:42 - 2014-07-20 13:36 - 00000000 ____D C:\Users\Michael\AppData\Local\Deployment
2015-12-24 01:31 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-18 02:55 - 2014-05-31 18:11 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Skype
2015-12-15 23:39 - 2014-05-31 18:09 - 00000000 ____D C:\ProgramData\Skype
2015-12-13 23:10 - 2015-07-28 01:57 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-12-13 23:06 - 2014-06-14 11:03 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-12-13 14:23 - 2015-03-03 04:30 - 00000000 ____D C:\Users\Michael\AppData\Local\ElevatedDiagnostics
2015-12-09 20:21 - 2014-09-10 11:01 - 09498816 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-12-09 20:21 - 2014-06-28 14:15 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 20:21 - 2014-05-31 18:07 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 20:21 - 2014-05-31 18:07 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-05 01:23 - 2015-01-07 18:55 - 00000000 ____D C:\Users\Michael\Downloads\BaronReplays
2015-11-30 07:14 - 2014-07-01 02:51 - 00000000 ____D C:\Users\Michael\AppData\Roaming\vlc
2015-11-27 01:20 - 2014-10-20 12:18 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-25 13:50 - 2014-09-02 01:07 - 00000000 ____D C:\Users\Michael\AppData\Roaming\BitTorrent
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-10 02:41 - 2015-04-10 02:41 - 0000046 _____ () C:\Users\Michael\AppData\Roaming\Camdata.ini
2015-04-10 02:41 - 2015-04-10 02:41 - 0000408 _____ () C:\Users\Michael\AppData\Roaming\CamLayout.ini
2015-04-10 02:41 - 2015-04-10 02:41 - 0000408 _____ () C:\Users\Michael\AppData\Roaming\CamShapes.ini
2015-04-10 02:41 - 2015-04-10 02:41 - 0004510 _____ () C:\Users\Michael\AppData\Roaming\CamStudio.cfg
2014-06-18 17:53 - 2014-06-19 11:33 - 0000291 _____ () C:\Users\Michael\AppData\Local\killertool.log
2015-01-16 22:31 - 2015-01-17 00:26 - 0007602 _____ () C:\Users\Michael\AppData\Local\Resmon.ResmonCfg
2014-08-17 08:51 - 2014-08-17 08:51 - 0000000 _____ () C:\ProgramData\rebootpending.txt
Einige Dateien in TEMP:
====================
C:\Users\Michael\AppData\Local\Temp\avgnt.exe
C:\Users\Michael\AppData\Local\Temp\bitool.dll
C:\Users\Michael\AppData\Local\Temp\EBU3A7D.EXE
C:\Users\Michael\AppData\Local\Temp\EBU3B76.DLL
C:\Users\Michael\AppData\Local\Temp\EBU7E4F.EXE
C:\Users\Michael\AppData\Local\Temp\EBU7F49.DLL
C:\Users\Michael\AppData\Local\Temp\EBUA0BD.EXE
C:\Users\Michael\AppData\Local\Temp\EBUB315.DLL
C:\Users\Michael\AppData\Local\Temp\EBUF005.EXE
C:\Users\Michael\AppData\Local\Temp\EBUF1F9.DLL
C:\Users\Michael\AppData\Local\Temp\Gw2.exe
C:\Users\Michael\AppData\Local\Temp\i4jdel0.exe
C:\Users\Michael\AppData\Local\Temp\nsdD810.exe
C:\Users\Michael\AppData\Local\Temp\nsk34E8.exe
C:\Users\Michael\AppData\Local\Temp\nstAF95.exe
C:\Users\Michael\AppData\Local\Temp\nstB1C7.exe
C:\Users\Michael\AppData\Local\Temp\nsyD5CE.exe
C:\Users\Michael\AppData\Local\Temp\optprosetup.exe
C:\Users\Michael\AppData\Local\Temp\proxy_vole5472542739139998353.dll
C:\Users\Michael\AppData\Local\Temp\Quarantine.exe
C:\Users\Michael\AppData\Local\Temp\setup.exe
C:\Users\Michael\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Michael\AppData\Local\Temp\SPSetup.exe
C:\Users\Michael\AppData\Local\Temp\startpoint_1.exe
C:\Users\Michael\AppData\Local\Temp\startup.exe
C:\Users\Michael\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Michael\AppData\Local\Temp\_is7F2D.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-10 02:25
==================== Ende von FRST.txt ============================
Addition: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-12-2015
durchgeführt von Michael (2015-12-25 13:40:53)
Gestartet von C:\Users\Michael\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2014-05-31 16:13:46)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3593299673-3517801396-409504777-500 - Administrator - Disabled)
Gast (S-1-5-21-3593299673-3517801396-409504777-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3593299673-3517801396-409504777-1003 - Limited - Enabled)
Michael (S-1-5-21-3593299673-3517801396-409504777-1000 - Administrator - Enabled) => C:\Users\Michael
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.06 beta (HKLM-x32\...\7-Zip) (Version: 15.06 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Baldur's Gate 2 Complete (German) (HKLM-x32\...\GOGPACKBALDURSGATE2_is1) (Version: 2.0.0.12 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-3593299673-3517801396-409504777-1000\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.)
BoBrowser (HKU\S-1-5-21-3593299673-3517801396-409504777-1000\...\BoBrowser) (Version: 36.0.1985.136 - BoBrowser) <==== ACHTUNG
Box Mapper (HKU\S-1-5-21-3593299673-3517801396-409504777-1000\...\Box Mapper) (Version: - )
Browser-Security (HKLM-x32\...\Browser-Security) (Version: 1.0.5.0 - )
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
Cimaware WordFIX (HKU\S-1-5-21-3593299673-3517801396-409504777-1000\...\Cimaware WordFIX) (Version: 5.64 - Cimaware Software)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cockatrice (HKLM-x32\...\Cockatrice) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version: - Red Hook Studios)
DFX (HKLM-x32\...\DFX) (Version: 11.200.0.0 - Power Technology)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Endless Legend (HKLM-x32\...\RW5kbGVzc0xlZ2VuZA==_is1) (Version: 1 - )
Endless Space (HKLM-x32\...\Steam App 208140) (Version: - AMPLITUDE Studios)
EssentialPIM (HKLM-x32\...\EssentialPIM) (Version: 5.81 - Astonsoft Ltd)
ETDWare PS/2-X64 11.13.3.3_WHQL (HKLM\...\Elantech) (Version: 11.13.3.3 - ELAN Microelectronic Corp.)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
Free Image Convert and Resize version 2.1.31.616 (HKLM-x32\...\Free Image Convert and Resize_is1) (Version: 2.1.31.616 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.59.505 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.505 - DVDVideoSoft Ltd.)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Infinite HD™ App (HKU\S-1-5-21-3593299673-3517801396-409504777-1000\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3272 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KONICA MINOLTA magicolor 2400W (HKLM\...\KONICA MINOLTA magicolor 2400W) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Magic The Gathering Online (HKU\S-1-5-21-3593299673-3517801396-409504777-1000\...\35c9d60442fbb010) (Version: 3.4.89.548 - Wizards of the Coast)
Magic Workstation 0.94f (HKLM-x32\...\Magic Workstation_is1) (Version: - Magic Technology)
Max Recorder (HKLM-x32\...\Max Recorder) (Version: 1.026.0.0 - Silver Vine, LLC)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.1 - Ubisoft)
Might and Magic X Legacy (HKLM-x32\...\TWlnaHRhbmRNYWdpY1hMZWdhY3k=_is1) (Version: 1 - )
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MTG Card Images for Magic Workstation (HKLM-x32\...\MTG Card Images for Magic Workstation_is1) (Version: - )
MTG GamePack for Magic Workstation (HKLM-x32\...\MTG GamePack for Magic Workstation_is1) (Version: - Magic Technology)
Nitro Pro 9 (HKLM-x32\...\{6c7aa0a5-870a-42d0-b872-8f02790fd868}) (Version: 9.5.2.29 - Nitro)
Nitro Pro 9 (Version: 9.5.2.29 - Nitro) Hidden
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Opera Stable 21.0.1432.67 (HKLM-x32\...\Opera 21.0.1432.67) (Version: 21.0.1432.67 - Opera Software ASA)
Outlast (HKLM-x32\...\Steam App 238320) (Version: - Red Barrels)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Password Remover v4.0 (HKLM-x32\...\PDF Password Remover v4.0_is1) (Version: - VeryPDF.com Inc.)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.1.0.3 - GOG.com)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.596 - Qualcomm Atheros)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.596 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6914 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0235 - REALTEK Semiconductor Corp.)
Recovery Toolbox for Word 2.5 (HKLM-x32\...\Recovery Toolbox for Word_is1) (Version: - Recovery Toolbox, Inc.)
Rise of Nations: Extended Edition (HKLM-x32\...\Rise of Nations: Extended Edition_is1) (Version: - Microsoft Studios)
Savvy DOCX Recovery version 3.0.0 (HKLM-x32\...\{557E7CB2-9506-4D94-8002-5FAFAADE5F64}_is1) (Version: 3.0.0 - S2 Services)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.103 - Skype Technologies S.A.)
Starcraft (HKLM-x32\...\Starcraft) (Version: - )
StartPoint (HKU\S-1-5-21-3593299673-3517801396-409504777-1000\...\startpoint) (Version: - StartPoint)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version: - SQUARE ENIX)
Trillian (HKLM-x32\...\Trillian) (Version: - Cerulean Studios, LLC)
UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version: - )
Unknown Device Identifier 8.01 (HKLM\...\Unknown Device Identifier_is1) (Version: 8.01 - Huntersoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01E3095E-4B11-4129-B3C4-6B5E18FDE3A1} - System32\Tasks\Run_Bobby_Browser => C:\Users\Michael\AppData\Local\BoBrowser\Application\bobrowser.exe [2014-11-19] (The BoBrowser Authors) <==== ACHTUNG
Task: {0571F5FF-9872-4398-A8F8-BE9E3952605E} - System32\Tasks\StartPoint Updater => C:\Users\Michael\AppData\Local\StartPoint\startpoint\1.3.18.7\startup.exe <==== ACHTUNG
Task: {20BEF354-6502-4CA7-B6BA-CC01B8EF3C77} - System32\Tasks\StartPoint => C:\Users\Michael\AppData\Local\StartPoint\startpoint\1.3.18.7\startpoint.exe <==== ACHTUNG
Task: {2302FF75-E190-42BE-8518-E824EED50B8D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-15] (AVAST Software)
Task: {2A8C1DEF-8971-4765-A929-DB383249C020} - System32\Tasks\{F40C3A7A-4F32-406F-9FB5-797E38E8EE04} => c:\program files (x86)\opera\launcher.exe [2014-05-12] (Opera Software)
Task: {30CFCD96-AB43-4FAB-BCE7-29DB669B601D} - System32\Tasks\{9A7F9A4E-CD44-44D7-A276-7549C6CB3AD8} => C:\Users\Michael\Downloads\2400W_Vista64_Drvr_German\setup.exe [2007-01-23] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
Task: {3C6D08F9-CAF6-4A1C-A6D3-71C9EB37ECFC} - System32\Tasks\{9FF9ED26-C613-4846-8369-B1C0C7E81543} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {666A08E7-E97E-481D-847D-5F664F374F41} - System32\Tasks\{91495F19-0ECD-44BF-B56A-EF9E6BE312F0} => C:\Riot Games\League of Legends\lol.launcher.admin.exe [2013-06-12] ()
Task: {6E0B73D8-78DB-4808-BDA5-4625E6D7C752} - System32\Tasks\{7D68EEDE-1079-469E-BFED-632CB74B3C63} => pcalua.exe -a "C:\Users\Michael\Desktop\Shandalar 2012\SoundMod_Shandalar2012_Default.exe" -d "C:\Users\Michael\Desktop\Shandalar 2012"
Task: {7C8ECC71-89F8-46CF-A4E5-FE5A5D6AA22C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {82C8DE63-6898-4EA3-BD0B-359E387A2EC8} - System32\Tasks\{1BAFC24B-AB53-43B4-91BC-3D589866D731} => pcalua.exe -a "C:\Users\Michael\Desktop\Vitarium 20 Jazz\magic.part1.exe" -d "C:\Users\Michael\Desktop\Vitarium 20 Jazz"
Task: {8CF4362B-AD01-4758-9815-AFAC9246C6C6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {A525F15F-4448-4C06-B178-BA26AEF703CF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-09-25] (AVAST Software)
Task: {A9900A84-FCED-4FCA-AA16-7CDFFFE06225} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {B0035945-6624-40C4-8D96-4D7BAE3F1CFE} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {CD714A4B-1687-41C2-A522-F210FA2A0272} - System32\Tasks\{074F1C1F-D190-4F76-8E5A-311E5036CB5B} => pcalua.exe -a "C:\Users\Michael\Desktop\Shandalar 2012\ArtMod_Shandalar2012_Default.exe" -d "C:\Users\Michael\Desktop\Shandalar 2012"
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-05-31 17:39 - 2014-05-20 02:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-07-16 14:50 - 2014-07-16 14:50 - 00417800 _____ () C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
2013-05-16 16:30 - 2013-05-16 16:30 - 00503296 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
2011-05-09 19:46 - 2011-05-09 19:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-09 19:56 - 2011-05-09 19:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-09 19:47 - 2011-05-09 19:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2013-05-16 16:30 - 2013-05-16 16:30 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-10 11:32 - 2011-05-10 11:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2011-05-09 19:48 - 2011-05-09 19:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2013-10-10 17:48 - 2013-10-10 17:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-09-25 12:59 - 2015-09-25 12:59 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-09-25 12:59 - 2015-09-25 12:59 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-25 01:20 - 2015-12-25 01:20 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\15122405\algo.dll
2015-12-25 13:26 - 2015-12-25 13:26 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\15122505\algo.dll
2012-09-23 19:43 - 2012-09-23 19:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2015-09-25 12:59 - 2015-09-25 12:59 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3593299673-3517801396-409504777-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Qualcomm Atheros Killer Network Manager.lnk => C:\Windows\pss\Qualcomm Atheros Killer Network Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Michael^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Trillian.lnk => C:\Windows\pss\Trillian.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: BitTorrent => "C:\Users\Michael\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: BoBrowser => "C:\Users\Michael\AppData\Local\BoBrowser\Application\bobrowser.exe"
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DFX => C:\Program Files (x86)\DFX\DFX.exe -startup
MSCONFIG\startupreg: Gyazo => C:\Program Files (x86)\Gyazo\GyStation.exe
MSCONFIG\startupreg: KakaoTalk => "C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe" -bystartup
MSCONFIG\startupreg: KONICA MINOLTA magicolor 2400W STD => C:\Windows\system32\MSTMON_S.EXE STARTUP
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\Michael\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: puush => C:\Program Files (x86)\puush\puush.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartPoint => C:\Users\Michael\AppData\Local\StartPoint\startpoint\1.3.18.7\startpoint.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{1B11E593-580C-4EFD-9B99-EF35747D247D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9F5D90FC-D1CC-4210-8331-0EDF27513754}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0ABEC1AF-40F8-4DA9-8CBE-3171A28CCF44}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EC054FDE-6CC9-4FAF-AF2F-3A93A5D5C874}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7058DB25-BD45-45AE-AEE0-7199215A4BA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2859EFF4-2684-456E-871C-EC2BDA88D002}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9774B932-C345-4508-A424-EC7F13B05EF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{23B3C25B-77CD-4333-82BA-B973557A8D6E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{035CFD4C-0603-4ACA-BF52-D18A8482B3AB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{DBB13086-3753-4329-8CF5-1A1D65D2F18D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{26F0E902-E2CA-4D12-94A5-83B26BE0653D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{E731000C-D013-406B-B1DC-C8406FB5361A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{A0737DCC-D686-454D-A40E-C6D43F627956}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{9416E331-2707-460E-A307-D5B2A1ECBCFA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{56ABE3A1-EE8C-42B5-94C5-9A9F20B14A4D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [TCP Query User{4DAC4167-F6F9-4737-A6ED-49E34B4773E8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{87F5C49B-42C8-4707-91B4-9AD08F965E59}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{4F29CED1-814E-417A-B777-6A12263BE5AC}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{5E1C2D5F-7C22-46BA-8FE3-786E57A7BBCA}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{253EC794-F9E9-4825-ACFB-42E1E970A0A8}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{8F72699E-FDEC-450E-B835-03668C15CD25}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{21299659-F148-4A1C-AC46-506B7B294716}C:\windows\syswow64\java.exe] => (Allow) C:\windows\syswow64\java.exe
FirewallRules: [UDP Query User{4581E739-F5A1-4475-B6D9-D77989704D8D}C:\windows\syswow64\java.exe] => (Allow) C:\windows\syswow64\java.exe
FirewallRules: [{9CC0973B-1B1E-4BC4-B762-F2FF80F053E9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{64E22902-5009-43F9-90F3-920378B6E150}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [TCP Query User{411413AA-EB85-4A97-BB34-3E2BCC3F765D}C:\users\michael\desktop\warcraft iii - copy\war3.exe] => (Allow) C:\users\michael\desktop\warcraft iii - copy\war3.exe
FirewallRules: [UDP Query User{49EBC8F7-89ED-4816-B496-7795967566BF}C:\users\michael\desktop\warcraft iii - copy\war3.exe] => (Allow) C:\users\michael\desktop\warcraft iii - copy\war3.exe
FirewallRules: [TCP Query User{9DF994D4-8415-43CE-AB0A-1A9CCA415B48}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{435B390A-9606-4AAA-B687-58E5818490EB}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{92973301-EFC7-41EB-A6B4-DCD6216BD23D}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [UDP Query User{6E06E117-C5F6-45E1-B91E-E70A24634827}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [{C7FE2EDA-962C-4AFB-A54B-927DC1EDE73A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{AE4344B6-BE8E-4B68-8B05-18ED2EEA234E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [TCP Query User{3162129D-FAE4-46DF-97BF-23D09AF7F4E8}C:\program files (x86)\magic workstation\mwsplay.exe] => (Allow) C:\program files (x86)\magic workstation\mwsplay.exe
FirewallRules: [UDP Query User{BE8C17BE-4FE8-42C5-9563-7D70FC4C341F}C:\program files (x86)\magic workstation\mwsplay.exe] => (Allow) C:\program files (x86)\magic workstation\mwsplay.exe
FirewallRules: [{2E330581-3A55-4582-A442-D849FBEFAB5C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{68618357-670A-4E63-9454-964136CEB458}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [TCP Query User{69D1B232-9DAC-4B04-8BB7-84BF22B5021B}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe
FirewallRules: [UDP Query User{CE52DD93-A5E2-4A3C-BBF4-76B8A4CB7A86}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe
FirewallRules: [{B5834BCB-6CEE-494D-B361-7DA32EBDAD2C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AB10D19C-81D8-4529-9DF4-492ADBB0BFB5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7CD0E1BA-DB81-4C09-9D9D-34E66BB8489B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{15A7E5FD-5166-4083-8965-127B3565DD1C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{297D3296-3518-4373-886E-B2483DA73DD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{070E064F-D5B8-41E6-BAAD-F60F33CF9A74}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{56D24FE7-AD24-44B1-A45E-906F2A5F38C4}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{F32EE4B1-F109-4C50-AE7A-172A53B42AFF}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [TCP Query User{288438FB-28C7-41A6-892C-E7C33114514C}C:\program files (x86)\rise of nations\rise.exe] => (Allow) C:\program files (x86)\rise of nations\rise.exe
FirewallRules: [UDP Query User{23AB4F5C-55BE-4946-916B-345A2A2C61E0}C:\program files (x86)\rise of nations\rise.exe] => (Allow) C:\program files (x86)\rise of nations\rise.exe
FirewallRules: [{93BC6731-22F6-4E78-90B7-0FF42A79A377}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{3565BF7E-84CD-4938-B7F0-E49422BCAF8C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [TCP Query User{FD46CEEB-8A58-4D41-9E83-DD054BC6D216}C:\programdata\battle.net\agent\agent.3235\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3235\agent.exe
FirewallRules: [UDP Query User{3CB6C7DC-3045-4C2F-B311-6E6141F2ECF2}C:\programdata\battle.net\agent\agent.3235\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3235\agent.exe
FirewallRules: [{739370EE-0DA2-461C-89B2-8FCCC27ECF78}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{E9D73B80-AD40-44A5-B1B8-C572E633B59B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [TCP Query User{9FB33396-5552-426A-A7D5-0174DA663AE8}C:\users\michael\appdata\local\temp\gw2.exe] => (Allow) C:\users\michael\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{71578C25-0A09-4C54-B98E-2660AD0D91CF}C:\users\michael\appdata\local\temp\gw2.exe] => (Allow) C:\users\michael\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{DA1E476E-FB29-48B1-992D-DB549DA86733}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{28820A14-A436-49EC-958E-899657AE3BA3}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{0738A914-B5FF-4ECE-9B6A-8D0E81F8B6E6}] => (Allow) C:\Users\Michael\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{215CE358-F319-467B-8C81-D39964410436}] => (Allow) C:\Users\Michael\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B6B87633-1729-49D4-9B17-72936C4A09ED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{4876F2A6-33B6-49FC-8C19-0C77D22F74D9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{F1419EFC-565E-4514-8506-A23956DBB155}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{E46342C1-1D1F-4471-A0C5-CCDA9C57E0E0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{4ED98272-04B2-4816-9589-AEFE66331156}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{E82A4960-748D-43EE-831D-5F1CA6E3BE24}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{2730FD6A-14FC-4179-BCF5-4C251C6A075C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{8AEEDE28-B1ED-4068-8284-995E72B5D98E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{19267183-D313-4299-945A-1C86A30B3E57}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{7D15D0CC-D4DB-4B2B-A8D9-BC0B5E169978}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [TCP Query User{0D4DADA4-214B-4066-A7B6-2A54BF58B0E8}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{222ACACE-2169-474B-AF39-A55CE38B203E}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{ABDABE8B-E0D7-4B4B-8B8D-884739102295}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{34A15162-1195-4421-B52B-E13D8064D125}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8415B444-01D1-4B99-A21A-B4040E34267E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C00EE8C1-71E1-41BB-A38F-627D5E527954}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7698D278-F688-462E-9101-6CDD5105AB7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{0E150860-C63E-4764-BE58-AA1A90B39759}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{45514606-89D7-40E3-B8CC-B4EC5BA8A1BD}] => (Allow) C:\Users\Michael\AppData\Local\BoBrowser\Application\bobrowser.exe
FirewallRules: [{64D072C2-AA43-4785-901A-FA3A10003C86}] => (Allow) C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{C8C36AFF-7F58-4B4D-940C-6CE4ED8E51BC}] => (Allow) C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{E379D573-C57A-4C7C-9027-8F4A8DD27C91}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{53D58299-A470-4D8F-A9B7-4535A1CA4F28}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1E693AF2-3ADC-44D0-8E19-65E73E53E807}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{82EC3291-F82D-4E98-AF2B-73B81707240C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{557B0D89-7C2A-4EEB-BFBA-BAAEC91C3FDB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{6DF23C07-C256-4E76-AD01-B097B9DCD526}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{DABF2058-3353-4216-B6E3-A75EC654DD90}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{785B6084-CDEC-4A80-B8BB-4F1B5C7ED9F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{3FC880DA-2251-4913-B3BF-06B267D383A4}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{65246D67-2348-4712-B979-C5FCA20CEB01}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
==================== Wiederherstellungspunkte =========================
24-11-2015 18:08:41 Geplanter Prüfpunkt
02-12-2015 22:48:08 Geplanter Prüfpunkt
10-12-2015 02:31:42 Geplanter Prüfpunkt
13-12-2015 23:06:20 avast! antivirus system restore point
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/25/2015 01:25:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/25/2015 01:22:34 AM) (Source: ESENT) (EventID: 439) (User: )
Description: taskhost (4524) WebCacheLocal: Die Shadowkopfzeile für Datei C:\Users\Michael\AppData\Local\Microsoft\Windows\WebCache\V01.chk konnte nicht geschrieben werden. Fehler -1032.
Error: (12/25/2015 01:22:34 AM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (4524) WebCacheLocal: Versuch, Datei "C:\Users\Michael\AppData\Local\Microsoft\Windows\WebCache\V01.chk" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error: (12/25/2015 01:22:10 AM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (4524) WebCacheLocal: Versuch, Datei "C:\Users\Michael\AppData\Local\Microsoft\Windows\WebCache\V01.chk" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error: (12/25/2015 01:19:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/24/2015 01:32:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/24/2015 01:29:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 38.0.5.5623, Zeitstempel: 0x5563c49a
Name des fehlerhaften Moduls: NPSWF32_20_0_0_235.dll, Version: 20.0.0.235, Zeitstempel: 0x565dffa1
Ausnahmecode: 0x80000003
Fehleroffset: 0x00366aed
ID des fehlerhaften Prozesses: 0x1bb4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (12/24/2015 12:51:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 38.0.5.5623, Zeitstempel: 0x5563c49a
Name des fehlerhaften Moduls: mozalloc.dll, Version: 38.0.5.5623, Zeitstempel: 0x5563b229
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x1e0c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (12/23/2015 11:32:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Avast.VC110.DebugCRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"1".
Die abhängige Assemblierung "Avast.VC110.DebugCRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/23/2015 11:25:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (12/25/2015 01:30:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (12/25/2015 01:25:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/25/2015 01:25:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit-Scanner erreicht.
Error: (12/25/2015 01:24:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/25/2015 01:24:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Planer erreicht.
Error: (12/25/2015 01:24:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 25.12.2015 um 04:56:45 unerwartet heruntergefahren.
Error: (12/25/2015 01:19:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/25/2015 01:19:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit-Scanner erreicht.
Error: (12/25/2015 01:19:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/25/2015 01:19:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Planer erreicht.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4710MQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 56%
Installierter physikalischer RAM: 4016.07 MB
Verfügbarer physikalischer RAM: 1746.72 MB
Summe virtueller Speicher: 8030.34 MB
Verfügbarer virtueller Speicher: 5662.24 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:463.9 GB) (Free:118.58 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0CA85495)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=463.9 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
HiJackThis: Code:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 13:40:33, on 25.12.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
FIREFOX: 38.0.5 (x86 de)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\Michael\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\7b4e384f5b096b9656fee276ba88bb81\HijackThis_2.0.5.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bfllr.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit-Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFDriverCreatorReadSpool9 (NitroDriverReadSpool9) - Nitro PDF Software - C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
O23 - Service: NitroUpdateService - Unknown owner - C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Atheros Killer Service - Unknown owner - C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10781 bytes
Vielen Dank für die Hilfe und frohe Feiertage! |
Hinweis:
AdwCleaner auf deinen Desktop.
