LNK Agent CH, Probleme mit Windows Installer, keine Updates möglich,Programmprobleme
Hallo Trojaner-Board,
seit rund 22.03.16 entstehen gravierende Probleme. Bluetooth stürzte ab. Microsoft Word nicht mehr nutzbar. Dann bei jedem Programmstart mehrere Fenster mit der Angabe:
"C:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_ d09154e044272b9a\MSVCR80.dll entweder nicht für Windows vorgesehen oder enthält einen Fehler."
Hilfreiche Dateien:
C:\windows\minidump\mini040116-0.dmp
C:\Users\Michi\Appdata\local\temp\WER-102133-0.sysdata.xml
C:\Users\Michi\Appdata\local\temp\WERC8AB.temp.version.txt
Mehrere Programme hatte ich vorher neu installiert:
OpenOffice Update
Snippingtool
Calibri
Kompozer
Ich wollte die Windows Updates laden, aber das schlägt fehl.
Ich dachte, es sei ein Fehler mit MSVCR80.dll.
Ich machte mit Eingabeaufforderung eine Registryreparatur, dabei zeigten sich mehrere nicht reparierbare Dateien.
Bei der Suche nach Hilfe fiel ich deswegen auf WinThrust rein, sofort meldete sich AVAST, alles runtergefahren und System-Check.
Dann lud ich Eset Online-Scan. Er fand LNK Agent CH und weitere PUPs.
LNK Agent konnte aber unter "all users" nicht gelöscht werden.
Habe Eset sofort wieder deinstalliert, um keine Probleme mit Avast zu haben.
Aber auch Avast macht Probleme. Stürzt ständig ab, funktioniert nicht richtig. Hatte extra Komponenten deinstalliert (den SafeBrowser, das Clean-Up, weil nicht genutzt).
Kann Avast nicht mehr aufrufen, blockiert.
Finde weiterhin in meinen Verzeichnen hinter Media Center das kürzel lnk als Dateianhang.
Datenträgersystem C geschädigt.
Weiß mir keinen Rat mehr. Befürchte Schlimmstes!
Habe nun FRST durchlaufen lassen. Hier die Editor Logfiles: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
durchgeführt von Michi (Administrator) auf MICHI-PC (10-04-2016 07:39:56)
Gestartet von C:\Users\Michi\Desktop
Geladene Profile: Michi (Verfügbare Profile: Michi)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 7 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_7c71e337\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files\SMINST\BLService.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
() C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
() C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Software 2000 Limited) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Apache Software Foundation) C:\Program Files\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files\OpenOffice 4\program\soffice.bin
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [434232 2009-01-06] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-23] (AVAST Software)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-10-05] (Malwarebytes)
HKU\S-1-5-21-1755791093-2845836895-1122057984-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1755791093-2845836895-1122057984-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5529880 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-1755791093-2845836895-1122057984-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_286_Plugin.exe [1163968 2016-01-27] (Adobe Systems Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-02-09] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk [2009-03-14]
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1C613B85-84DA-482C-A28B-F5EC0F9A7C42}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{BC6BC541-453F-4A98-9DA9-2AE9AF03A230}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-1755791093-2845836895-1122057984-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-1755791093-2845836895-1122057984-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-1755791093-2845836895-1122057984-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl
URLSearchHook: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000 - (Kein Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - Keine Datei
URLSearchHook: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000 - (Kein Name) - {9d81af43-de53-48d0-a199-42c2a226b24c} - Keine Datei
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM -> {160468A8-250A-40C1-8291-01921104DC01} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM -> {AB949608-D76B-43E2-965F-450A19373E61} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM -> {FB6FD6F0-63A6-4763-B6AE-B86CE47DB10B} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000 -> {160468A8-250A-40C1-8291-01921104DC01} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000 -> {AB949608-D76B-43E2-965F-450A19373E61} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000 -> {FB6FD6F0-63A6-4763-B6AE-B86CE47DB10B} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> Keine Datei
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-09] (AVAST Software)
BHO: Kein Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Keine Datei
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - Keine Datei
Toolbar: HKLM - Kein Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - Keine Datei
Toolbar: HKLM - Kein Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} - Keine Datei
Toolbar: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000 -> Kein Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - Keine Datei
Toolbar: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000 -> Kein Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Keine Datei
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Keine Datei
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Michi\AppData\Roaming\Mozilla\Firefox\Profiles\bq8c8hm6.default-1453654144328
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-27] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2008-08-06] (Adobe Systems, Inc.)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Extension: Bitdefender QuickScan - C:\Users\Michi\AppData\Roaming\Mozilla\Firefox\Profiles\bq8c8hm6.default-1453654144328\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2016-04-07]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-05-15] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-07-10] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-03]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-02-09]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-09]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <kein Path\update_url>
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-09] (AVAST Software)
S4 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [167264 2011-11-10] ()
S4 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Datei ist nicht signiert]
S2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [Datei ist nicht signiert]
S3 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [223232 2008-10-23] (Hewlett-Packard Development Company, L.P.) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-12-23] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_7c71e337\STacSV.exe [249938 2008-12-21] (IDT, Inc.)
R2 TVCapSvc; C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2009-01-06] ()
R2 TVSched; C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116096 2009-01-06] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-02-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-03-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-02-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-02-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [816304 2016-03-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447848 2016-03-04] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [171608 2016-02-09] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [67088 2016-02-09] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221240 2016-03-04] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [271360 2011-01-15] () [Datei ist nicht signiert]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [18048 2011-01-15] () [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37208 2013-01-05] (Anchorfree Inc.)
U0 ywhysnb; C:\Windows\System32\drivers\cjmcsyg.sys [52440 2016-04-09] (Malwarebytes)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-10 07:39 - 2016-04-10 07:40 - 00016596 _____ C:\Users\Michi\Desktop\FRST.txt
2016-04-10 07:37 - 2016-04-10 07:39 - 00000000 ____D C:\FRST
2016-04-10 07:35 - 2016-04-10 07:35 - 01725440 _____ (Farbar) C:\Users\Michi\Desktop\FRST.exe
2016-04-09 21:43 - 2016-04-09 21:43 - 00052440 _____ (Malwarebytes) C:\Windows\system32\Drivers\cjmcsyg.sys
2016-04-08 20:25 - 2016-04-08 20:25 - 00001854 _____ C:\Users\Michi\Desktop\eset080416.txt
2016-04-08 09:29 - 2016-04-08 09:30 - 00000000 ____D C:\Users\Michi\Desktop\Sicherspeicher
2016-04-08 09:09 - 2016-04-09 21:43 - 00000000 ____D C:\Users\Michi\AppData\Roaming\Solvusoft
2016-04-07 23:33 - 2016-04-07 23:33 - 00347440 _____ (Microsoft Corporation) C:\Users\Michi\Downloads\MicrosoftFixit-portable.exe
2016-04-07 23:31 - 2016-04-07 23:31 - 00347816 _____ (Microsoft Corporation) C:\Users\Michi\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.Run.exe
2016-04-07 23:13 - 2016-04-07 23:13 - 00029736 _____ C:\Users\Michi\Desktop\sfcdetails.txt
2016-04-07 22:28 - 2016-04-07 22:28 - 02867656 _____ C:\Users\Michi\Downloads\bitdefender_isecurity(1).exe
2016-04-07 18:53 - 2016-04-10 07:06 - 00000000 ____D C:\Users\Michi\AppData\Roaming\QuickScan
2016-04-07 15:19 - 2016-04-07 15:34 - 455611504 _____ (Microsoft Corporation) C:\Users\Michi\Downloads\Windows6.0-KB936330-X86-wave0.exe.part
2016-04-07 14:58 - 2016-04-07 14:58 - 02867656 _____ C:\Users\Michi\Downloads\bitdefender_isecurity.exe
2016-04-05 15:49 - 2016-04-07 18:15 - 00000094 ____H C:\Users\Michi\Documents\.~lock.Stroband300316.doc#
2016-04-03 18:10 - 2016-04-03 18:10 - 00000000 ____D C:\Program Files\ESET
2016-04-03 18:06 - 2016-04-03 18:06 - 02870984 _____ (ESET) C:\Users\Michi\Downloads\esetsmartinstaller_deu.exe
2016-04-03 17:33 - 2016-04-03 17:33 - 00000350 ____H C:\Windows\Tasks\avast! Emergency Update.job
2016-04-03 17:32 - 2016-02-09 16:20 - 00334280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-04-03 17:02 - 2016-04-03 17:03 - 00027158 _____ C:\Users\Michi\Documents\Registry_cc_20160403_170142.reg
2016-04-03 16:52 - 2016-04-03 16:52 - 00001138 _____ C:\Users\Michi\Documents\Registry_cc_20160403_165150.reg
2016-04-01 14:25 - 2016-04-01 08:56 - 00030544 _____ C:\Users\Michi\Documents\Stroband190316.doc_0.odt
2016-04-01 14:25 - 2016-03-31 17:30 - 00024895 _____ C:\Users\Michi\Documents\Nutrilovers.doc_0.odt
2016-04-01 14:25 - 2016-03-28 14:15 - 00023668 _____ C:\Users\Michi\Documents\Schlüsseldienst%20Dortmund.doc_0.odt
2016-04-01 14:25 - 2016-03-18 14:08 - 00030843 _____ C:\Users\Michi\Documents\Quebbemann_allgemeine_Mängel180316.doc_1.odt
2016-04-01 08:59 - 2016-04-01 08:59 - 00142640 _____ C:\Windows\Minidump\Mini040116-01.dmp
2016-04-01 08:58 - 2016-04-01 08:59 - 198466986 _____ C:\Windows\MEMORY.DMP
2016-03-30 22:52 - 2016-03-30 22:52 - 01128344 _____ C:\Users\Michi\Downloads\small_claims_practice_guide_EU_de.pdf
2016-03-30 15:51 - 2016-03-31 19:11 - 00000000 ____D C:\Users\Michi\Desktop\Snippingtoolfotos
2016-03-30 15:48 - 2016-03-30 15:48 - 00000727 _____ C:\Users\Michi\Desktop\Snipping Tool Plus - Verknüpfung.lnk
2016-03-29 15:51 - 2016-04-08 09:29 - 00000094 ____H C:\Users\Michi\Documents\.~lock.Stroband190316.doc#
2016-03-28 22:36 - 2016-03-28 22:36 - 00000819 _____ C:\Users\Michi\Desktop\kompozer - Verknüpfung.lnk
2016-03-19 23:13 - 2016-03-22 23:24 - 00033025 _____ C:\Users\Michi\Documents\Stroband190316.odt
2016-03-19 10:35 - 2016-03-19 10:35 - 00039067 _____ C:\Users\Michi\Documents\Quebbemann_Schimmel190316.odt
2016-03-19 10:35 - 2016-03-19 10:35 - 00000094 ____H C:\Users\Michi\Documents\.~lock.Quebbemann_Schimmel190316.odt#
2016-03-18 12:05 - 2016-03-18 16:04 - 00024167 _____ C:\Users\Michi\Documents\Quebbemann_Schimmel180316.odt
2016-03-18 12:05 - 2016-03-18 16:03 - 00000094 ____H C:\Users\Michi\Documents\.~lock.Quebbemann_Schimmel180316.odt#
2016-03-18 12:04 - 2016-04-08 09:28 - 00000094 ____H C:\Users\Michi\Documents\.~lock.Quebbemann_allgemeine_Mängel180316.doc#
2016-03-18 10:24 - 2016-03-16 17:29 - 00027791 _____ C:\Users\Michi\Documents\Waldmeister.doc_0.odt
2016-03-18 10:24 - 2016-03-14 06:25 - 00015983 _____ C:\Users\Michi\Documents\Hosting.doc_0_2.odt
2016-03-16 19:15 - 2016-03-16 19:15 - 00000000 ____D C:\Users\Michi\AppData\Roaming\KompoZer
2016-03-16 19:11 - 2016-03-16 19:14 - 00000000 ____D C:\Program Files\KompoZer 0.7.10
2016-03-14 15:20 - 2016-03-14 15:20 - 00248600 _____ C:\Users\Michi\Desktop\BenmhimedLebenslauf.pdf
2016-03-14 15:14 - 2016-03-14 15:14 - 00248632 _____ C:\Users\Michi\Desktop\Benmhimed_Lebenslauf.pdf
2016-03-14 07:39 - 2016-03-14 07:51 - 00000000 ____D C:\Users\Michi\AppData\Local\calibre-cache
2016-03-14 07:37 - 2016-03-14 07:57 - 00000000 ____D C:\Users\Michi\Documents\Calibre-Bibliothek
2016-03-14 07:36 - 2016-03-14 07:55 - 00000000 ____D C:\Users\Michi\AppData\Roaming\calibre
2016-03-14 07:36 - 2016-03-14 07:36 - 00000841 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2016-03-14 07:35 - 2016-03-14 07:50 - 00000000 ____D C:\Program Files\Calibre2
2016-03-14 07:35 - 2016-03-14 07:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2016-03-14 07:11 - 2016-03-14 07:11 - 00000570 _____ C:\Users\Michi\Desktop\calibre-2.52.0 - Verknüpfung.lnk
2016-03-14 06:09 - 2016-03-13 20:08 - 00015983 _____ C:\Users\Michi\Documents\Hosting.doc_0_1.odt
2016-03-13 20:24 - 2016-03-13 20:27 - 67330048 _____ C:\Users\Michi\Downloads\calibre-2.52.0.msi
2016-03-13 19:53 - 2016-03-13 01:54 - 00015550 _____ C:\Users\Michi\Documents\Hosting.doc_0.odt
2016-03-13 12:17 - 2008-04-18 07:30 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-13 12:17 - 2008-04-18 07:30 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-03-13 12:17 - 2008-04-18 04:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-03-13 12:17 - 2008-04-18 04:33 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-03-11 19:42 - 2016-03-11 19:42 - 00070465 _____ C:\Users\Michi\Downloads\Siguron GmbH • Bonität Handelsregister Bewertung HRB 171981.htm
2016-03-11 19:42 - 2016-03-11 19:42 - 00000000 ____D C:\Users\Michi\Downloads\Siguron GmbH • Bonität Handelsregister Bewertung HRB 171981-Dateien
2016-03-11 19:24 - 2016-03-11 19:24 - 00000000 ____D C:\Users\Michi\Desktop\Büro-Orga
2016-03-11 16:44 - 2016-03-11 16:44 - 00493334 _____ C:\Users\Michi\Documents\Das weit geschnittene Dekolleté.pdf
2016-03-11 15:52 - 2016-03-11 15:52 - 00000000 ____D C:\Users\Michi\AppData\Local\www.rene-zeidler.de
2016-03-11 15:51 - 2016-03-11 15:51 - 00000000 ____D C:\Users\Michi\AppData\Roaming\www.rene-zeidler.de
2016-03-11 15:51 - 2016-03-11 15:51 - 00000000 ____D C:\ProgramData\www.rene-zeidler.de
2016-03-11 01:26 - 2016-03-11 01:26 - 00000000 ____D C:\Users\Michi\AppData\Roaming\OpenOffice
2016-03-11 01:19 - 2016-03-11 01:22 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2016-03-11 01:19 - 2016-03-11 01:19 - 00000981 _____ C:\Users\Public\Desktop\OpenOffice 4.1.2.lnk
2016-03-11 01:16 - 2016-03-11 01:17 - 00000000 ____D C:\Program Files\OpenOffice 4
2016-03-11 00:42 - 2016-03-11 00:42 - 00000000 ____D C:\Users\Michi\Desktop\OpenOffice 4.1.2 (de) Installation Files
2016-03-11 00:39 - 2016-03-11 00:41 - 164803434 _____ C:\Users\Michi\Downloads\Apache_OpenOffice_4.1.2_Win_x86_install_de.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-10 07:29 - 2015-03-15 04:15 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-09 22:20 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-09 22:20 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-09 19:12 - 2016-03-08 03:41 - 00000000 ____D C:\Users\Michi\Desktop\Marketing
2016-04-09 19:05 - 2016-01-21 15:28 - 00000000 ____D C:\Users\Michi\Desktop\Textarbeiten2016
2016-04-08 20:17 - 2012-03-29 11:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
2016-04-08 08:38 - 2009-02-20 08:21 - 00632252 _____ C:\Windows\system32\perfh007.dat
2016-04-08 08:38 - 2009-02-20 08:21 - 00127464 _____ C:\Windows\system32\perfc007.dat
2016-04-08 08:38 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-04-08 08:38 - 2006-11-02 12:33 - 01453910 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-08 02:41 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-07 23:45 - 2009-02-20 00:24 - 00001076 _____ C:\Windows\bthservsdp.dat
2016-04-07 23:45 - 2006-11-02 15:01 - 00032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-07 18:45 - 2015-09-02 10:17 - 00049536 _____ (Absolute Software Corp.) C:\Windows\system32\agremove.exe
2016-04-03 17:53 - 2015-08-22 05:16 - 00000000 ____D C:\Program Files\AVAST Software
2016-04-03 17:36 - 2012-06-14 01:46 - 00001356 _____ C:\Users\Michi\AppData\Local\d3d9caps.dat
2016-04-03 17:35 - 2015-08-22 05:07 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-03 17:33 - 2015-10-11 13:33 - 00001829 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-04-03 16:47 - 2011-11-02 14:39 - 01484356 _____ C:\Windows\ntbtlog.txt
2016-04-01 18:17 - 2015-02-09 17:07 - 00000000 ____D C:\Users\Michi\Desktop\Textagenturen
2016-04-01 08:59 - 2011-11-02 14:39 - 00000000 ____D C:\Windows\Minidump
2016-04-01 08:57 - 2009-10-06 14:24 - 40375689 _____ C:\ProgramData\HPWALog.txt
2016-03-22 20:30 - 2015-03-04 20:38 - 00000000 ____D C:\Windows\system32\MRT
2016-03-22 19:44 - 2006-11-02 12:24 - 141270216 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-03-18 10:25 - 2014-09-23 13:45 - 00000000 ____D C:\Users\Michi\Desktop\BOOKS
2016-03-14 07:21 - 2016-01-30 17:38 - 00000000 ____D C:\Users\Michi\Desktop\Informative Downloads
2016-03-13 20:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2016-03-13 19:47 - 2006-11-02 14:47 - 00416120 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-13 18:25 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\lv-LV
2016-03-13 18:25 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\lt-LT
2016-03-13 18:25 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\et-EE
2016-03-11 15:51 - 2011-11-04 13:48 - 00014698 _____ C:\Program Files\ReadMe.txt
2016-03-11 15:51 - 2011-11-04 13:46 - 00733184 _____ (www.rene-zeidler.de) C:\Program Files\Snipping Tool Plus.exe
2016-03-11 15:51 - 2011-11-04 13:44 - 00010192 _____ C:\Program Files\Changelog.txt
2016-03-11 15:51 - 2009-10-06 14:17 - 00114648 _____ C:\Users\Michi\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-11 01:22 - 2009-10-06 17:40 - 00000000 ____D C:\Program Files\OpenOffice.org 3
2016-03-11 00:31 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\DigitalLocker
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2011-11-04 13:44 - 2016-03-11 15:51 - 0010192 _____ () C:\Program Files\Changelog.txt
2013-07-31 02:52 - 2013-11-11 02:01 - 0003725 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2011-11-04 13:48 - 2016-03-11 15:51 - 0014698 _____ () C:\Program Files\ReadMe.txt
2011-11-04 13:46 - 2016-03-11 15:51 - 0733184 _____ (www.rene-zeidler.de) C:\Program Files\Snipping Tool Plus.exe
2010-07-08 19:50 - 2015-12-31 16:27 - 0007127 _____ () C:\Users\Michi\AppData\Roaming\.freeciv-client-rc-2.2
2009-10-06 14:24 - 2009-10-06 14:24 - 0000000 _____ () C:\Users\Michi\AppData\Local\AtStart.txt
2013-12-26 23:17 - 2013-12-26 23:17 - 0000552 _____ () C:\Users\Michi\AppData\Local\d3d8caps.dat
2012-06-14 01:46 - 2016-04-03 17:36 - 0001356 _____ () C:\Users\Michi\AppData\Local\d3d9caps.dat
2009-10-06 15:56 - 2015-09-04 22:45 - 0013312 _____ () C:\Users\Michi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-10-06 14:24 - 2009-10-06 14:24 - 0000000 _____ () C:\Users\Michi\AppData\Local\DSwitch.txt
2011-09-28 08:11 - 2012-02-17 13:22 - 0000000 _____ () C:\Users\Michi\AppData\Local\FnF4.txt
2012-07-10 08:34 - 2012-07-10 08:34 - 0004096 ____H () C:\Users\Michi\AppData\Local\keyfile3.drm
2009-10-06 14:24 - 2009-10-06 14:24 - 0000000 _____ () C:\Users\Michi\AppData\Local\QSwitch.txt
2015-11-02 22:19 - 2015-11-02 22:19 - 0000057 _____ () C:\ProgramData\Ament.ini
2009-10-06 14:24 - 2016-04-01 08:57 - 40375689 _____ () C:\ProgramData\HPWALog.txt
2009-03-14 01:47 - 2009-03-14 01:47 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-02-20 02:14 - 2009-02-20 02:14 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-03-14 01:45 - 2009-03-14 01:45 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-02-20 02:05 - 2009-02-20 02:07 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-03-14 01:44 - 2009-03-14 01:44 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2009-03-14 01:46 - 2009-03-14 01:46 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-02-20 02:03 - 2009-02-20 02:04 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-02-20 02:07 - 2009-02-20 02:14 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2009-03-14 01:46 - 2009-03-14 01:46 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-04-08 12:57
==================== Ende vom FRST.txt ============================
Hier der Addition Text: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:05-03-2016 01
durchgeführt von Michi (2016-04-10 07:40:56)
Gestartet von C:\Users\Michi\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 1 (X86) (2009-03-13 22:46:08)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1755791093-2845836895-1122057984-500 - Administrator - Disabled)
Gast (S-1-5-21-1755791093-2845836895-1122057984-501 - Limited - Disabled)
Michi (S-1-5-21-1755791093-2845836895-1122057984-1000 - Administrator - Enabled) => C:\Users\Michi
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.12 (HKLM\...\{23170F69-40C1-2701-1512-000001000000}) (Version: 15.12.00.0 - Igor Pavlov)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
ActiveCheck component for HP Active Support Library (Version: 1.1.18.0 - Hewlett-Packard) Hidden
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
ATI Catalyst Install Manager (HKLM\...\{5F686CBB-09AB-38F0-4F49-6FA3CA2F194E}) (Version: 3.0.704.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 11.1.2253 - AVAST Software)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 5.10.38.26 - Broadcom Corporation)
calibre (HKLM\...\{DCB4A686-C75A-4F07-A5AE-00A4A618CE81}) (Version: 2.52.0 - Kovid Goyal)
capella reader (HKLM\...\{3D1329AF-4A0F-43B8-B712-607449DBD12E}) (Version: 7.1.15 - capella software AG)
ccc-core-static (Version: 2009.0113.1620.29287 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2424 - CyberLink Corp.)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 16.3.170.20151019 - Landesfinanzdirektion Thüringen)
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Freeciv 2.2.0 (GTK+ client) (HKLM\...\Freeciv-2.2.0-gtk2) (Version: - )
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard)
HP Help and Support (HKLM\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.3.0 - Hewlett-Packard Company)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6204 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6204 - HP)
HP LaserJet P1000 series (HKLM\...\HP LaserJet P1000 series) (Version: - )
HP MediaSmart Music/Photo/Video (HKLM\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.1.2508 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{A7AC8E69-01FF-494E-9A2C-423B82CEA604}) (Version: 2.1.7 - Hewlett-Packard)
HP MediaSmart TV (HKLM\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 2.1.1306 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.1.1315 - Hewlett-Packard)
HP Officejet 4630 series - Grundlegende Software für das Gerät (HKLM\...\{221AC42E-7EF2-4716-8B99-733A39BD7EF0}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet 4630 series Hilfe (HKLM\...\{08B9332C-26DB-4EF3-85D6-6DC62B937681}) (Version: 31.0.0 - Hewlett Packard)
HP Quick Launch Buttons 6.40 M1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 M1 - Hewlett-Packard)
HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.5991.2847 - Hewlett-Packard)
HP Total Care Setup (HKLM\...\{95A747E0-DF19-46CB-A622-20A0107201BD}) (Version: 1.1.2413.2876 - Hewlett-Packard Company)
HP User Guides 0127 (HKLM\...\{D590F022-35E6-45B5-A140-324FD614EF88}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{38196504-D4E7-4E22-8589-263557DCCDB7}) (Version: 3.50.2.1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 2.0.64.3 - Hewlett-Packard) Hidden
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6138.0 - IDT)
iLivid (HKLM\...\iLivid) (Version: 1.92.0.115302 - Bandoo Media Inc.) <==== ACHTUNG
iLivid (Version: 1.92.0.115302 - Bandoo Media Inc.) Hidden <==== ACHTUNG
Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 de) (HKLM\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
MrvlUsgTracking (HKLM\...\{A82D052A-0806-42DF-80CD-1730A1AC0ED3}) (Version: 1.0.7 - Marvell)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
Norton Internet Security (Version: 16.0.0.125 - Symantec Corporation) Hidden
Noten-Manager 6.1 (HKLM\...\{F11E0783-56FD-11D6-9675-525405F68C75}) (Version: 6.1.0.0 - H.Kranz)
OpenOffice 4.1.2 (HKLM\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 34.0.2036.25 (HKLM\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software)
ProtectSmart Hard Drive Protection (HKLM\...\{CB71A20E-B1B4-4562-81FA-33E1DBD0342F}) (Version: 3.10 A7 - Hewlett-Packard)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20116 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1755791093-2845836895-1122057984-1000_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> kein Dateipfad
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1334008C-0C6F-46F7-9FF6-693074718729} - System32\Tasks\Hewlett-Packard-Online-Aktualisierungsprogramm => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {1C473EC8-8213-4947-9920-3E5306F9C6F7} - System32\Tasks\MUI StartMenu Application => C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2008-11-14] (CyberLink Corp.)
Task: {1D5D7D68-64AB-49EA-A7C6-13E18E6C781D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {27AF7F5A-DCAD-4E02-8AF6-0A78404FF4C0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-09] (AVAST Software)
Task: {2B975FB7-7AAD-46C6-9CC8-7E5EE43479AB} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {2EF76B89-4B48-4F36-A66E-697D04B22AF7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-27] (Adobe Systems Incorporated)
Task: {5133BF26-180B-4069-AACB-424966EB9CF5} - System32\Tasks\Opera scheduled Autoupdate 1440273364 => C:\Program Files\Opera\launcher.exe [2015-12-04] (Opera Software)
Task: {7E7DC841-D341-4F55-9F56-84447B3D1953} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1755791093-2845836895-1122057984-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {7F710CB3-6441-4CCA-9E82-CCAF9A21D960} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1755791093-2845836895-1122057984-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {9368CB86-BBDE-4EA1-9CB5-6580F6618502} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {A8BCB90C-372B-4BAD-AB82-2E3793303C81} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {D9296841-34AC-4EA6-9ECC-377ACE408620} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-02-10] (Oracle Corporation)
Task: {E226B80E-E71C-43DD-9BF4-C767C9B6ECBC} - System32\Tasks\SafeZone scheduled Autoupdate 1458772068 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-22 05:19 - 2016-02-09 16:20 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-22 05:19 - 2016-02-09 16:20 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-04-07 22:40 - 2016-04-07 22:40 - 02853376 _____ () C:\Program Files\AVAST Software\Avast\defs\16040702\algo.dll
2016-02-09 16:20 - 2016-02-09 16:20 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-04-08 20:56 - 2016-04-08 20:56 - 02876416 _____ () C:\Program Files\AVAST Software\Avast\defs\16040802\algo.dll
2009-01-20 15:37 - 2009-01-20 15:37 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2009-02-20 02:22 - 2008-12-23 17:18 - 00365952 _____ () C:\Program Files\SMINST\BLService.exe
2009-02-20 02:22 - 2008-12-23 17:18 - 00132480 _____ () C:\Program Files\SMINST\STWmiM.dll
2009-01-06 18:40 - 2009-01-06 18:40 - 00296320 ____N () C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
2009-01-06 18:40 - 2009-01-06 18:40 - 00263560 ____N () C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\CLCapEngine.dll
2009-01-06 18:40 - 2009-01-06 18:40 - 00038184 ____N () C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\CLCapSvcps.dll
2009-01-06 18:40 - 2009-01-06 18:40 - 00116096 ____N () C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
2009-01-06 18:40 - 2009-01-06 18:40 - 00124288 ____N () C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\CLSchMgr.dll
2009-01-06 18:40 - 2009-01-06 18:40 - 00349480 ____N () C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\CLTinyDB.dll
2015-08-22 05:19 - 2016-02-09 16:21 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2009-01-06 18:39 - 2009-01-06 18:39 - 00066856 ____N () C:\Program Files\Hewlett-Packard\Media\TV\Kernel\Common\MCEMediaStatus.dll
2015-10-21 16:50 - 2015-10-21 16:50 - 00988160 _____ () C:\Program Files\OpenOffice 4\program\libxml2.dll
2015-10-21 16:49 - 2015-10-21 16:49 - 00170496 _____ () C:\Program Files\OpenOffice 4\program\libxslt.dll
2015-10-21 16:49 - 2015-10-21 16:49 - 00136192 _____ () C:\Program Files\OpenOffice 4\program\libxmlsec-mscrypto.dll
2015-10-21 16:49 - 2015-10-21 16:49 - 00303616 _____ () C:\Program Files\OpenOffice 4\program\libxmlsec.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1755791093-2845836895-1122057984-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Michi\Pictures\Fruehsommer-a22011326.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: AVG Security Toolbar Service => 3
MSCONFIG\Services: ezSharedSvc => 2
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\startupfolder: C:^Users^Michi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Officejet 4630 series.lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP Officejet 4630 series.lnk.Startup
MSCONFIG\startupreg: Apoint => C:\Program Files\Apoint2K\Apoint.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: CLMLServer for HP TouchSmart => "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: QlbCtrl.exe => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
MSCONFIG\startupreg: SmartMenu => %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SysTrayApp => %ProgramFiles%\IDT\WDM\sttray.exe
MSCONFIG\startupreg: TSMAgent => "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
MSCONFIG\startupreg: TVAgent => "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePDIRShortCut => "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{06ADC0CD-3591-48A6-8EF6-D632E26D471A}] => (Allow) C:\Program Files\MSN Messenger\msnmsgr.exe
FirewallRules: [{36786BDE-2234-45E7-A8BF-EBB7E4DE9424}] => (Allow) svchost.exe
FirewallRules: [{B165B8B6-DBBA-42FC-9F53-FB707EA1B132}] => (Allow) C:\Program Files\MSN Messenger\livecall.exe
FirewallRules: [{9966B976-CF89-4727-AC91-58F509C7D224}] => (Allow) C:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{6D0809F2-665A-48BD-8688-55B05BC39F12}] => (Allow) C:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{689E4A59-96A8-480D-8A9F-9B8271935910}] => (Allow) C:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{C0E557F5-7EAB-4C99-A8C5-5A4C8B69EDC6}] => (Allow) C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{7E919C11-490C-419E-B41E-200E8457CC30}] => (Allow) C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{34C07FA0-DBD2-46A7-925C-9A7207FF511C}] => (Allow) C:\Program Files\Hewlett-Packard\Media\TV\QP.exe
FirewallRules: [{20B19825-8E5E-4F64-914D-F1ADDA8EEB9B}] => (Allow) C:\Program Files\Hewlett-Packard\Media\TV\QPService.exe
FirewallRules: [{10E2EECC-A741-405D-AFA8-45D226C0359E}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{05357BD4-EEA2-482E-B1DB-9060AFDDF3CF}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{DE134AC2-335F-4C66-B3EE-212E380F627D}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
FirewallRules: [{9D92476C-E2A5-4C29-9538-B084C2F3930B}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
FirewallRules: [TCP Query User{CD007257-DD9E-4507-BC6B-948072D00A46}C:\program files\freeciv-2.2.0-gtk2\freeciv-server.exe] => (Block) C:\program files\freeciv-2.2.0-gtk2\freeciv-server.exe
FirewallRules: [UDP Query User{9D710243-1890-46C7-BE0F-AFCBEC283345}C:\program files\freeciv-2.2.0-gtk2\freeciv-server.exe] => (Block) C:\program files\freeciv-2.2.0-gtk2\freeciv-server.exe
FirewallRules: [TCP Query User{6EB3448B-B69E-4031-AD2A-02C3472149CA}C:\program files\freeciv-2.2.0-gtk2\freeciv-server.exe] => (Block) C:\program files\freeciv-2.2.0-gtk2\freeciv-server.exe
FirewallRules: [UDP Query User{69DC3EDA-E57E-4137-B7E6-0D8CA28E55AF}C:\program files\freeciv-2.2.0-gtk2\freeciv-server.exe] => (Block) C:\program files\freeciv-2.2.0-gtk2\freeciv-server.exe
FirewallRules: [{DA1D045D-5C14-422A-A39E-8096A37406F8}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{200CC8AA-21C1-4E85-8102-82A29ECD82A4}] => (Allow) LPort=80
FirewallRules: [{58D93DE2-EDD6-4C96-BD22-FD18B2228824}] => (Allow) LPort=80
FirewallRules: [{2DD50CAC-6604-44F1-8705-5CAEC212A19B}] => (Allow) LPort=80
FirewallRules: [TCP Query User{7A89993E-1360-49DA-BD86-BB51E349D5F6}C:\program files\ilivid\vlc\vlc.exe] => (Block) C:\program files\ilivid\vlc\vlc.exe
FirewallRules: [UDP Query User{242EC7A9-4D52-4C77-A354-2E8BD48AA1CC}C:\program files\ilivid\vlc\vlc.exe] => (Block) C:\program files\ilivid\vlc\vlc.exe
FirewallRules: [TCP Query User{C61FF837-20E9-4F4B-8300-2B2586B8889C}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{AA91BA13-CE88-41EB-BDCD-66D871E14FB5}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{D6C6FCCE-6D8C-45E3-BDCD-0CDB62095B2B}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{1568153C-8903-4C37-A9BC-15040B98E532}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{9AEF94EA-C757-4256-ACDB-96F21824C109}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{78B59AE8-A704-430C-8E48-AFA16F7A4E3B}] => (Allow) svchost.exe
FirewallRules: [{03864A1F-5D53-4FB4-92F7-DA3EB2474A96}] => (Allow) C:\Program Files\MSN Messenger\msnmsgr.exe
FirewallRules: [{35C4F7B9-FE33-498A-A0A2-D52C595760BA}] => (Allow) C:\Program Files\MSN Messenger\livecall.exe
FirewallRules: [{0B5DC8E3-A2C3-4DB5-A1D3-6B7BD35359ED}] => (Allow) E:\AliceSetup.exe
FirewallRules: [{4E392E6C-3010-4DCB-8827-ED5940D4E732}] => (Allow) E:\AliceSetup.exe
FirewallRules: [{5C49AA60-E36B-4199-9443-A5C8EAF509E7}] => (Allow) C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{484BE12F-FA1A-4AEF-A26E-BADB878909D7}] => (Allow) C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe
FirewallRules: [{29C39F57-3225-4597-9256-6D0C05BC6C4D}] => (Allow) C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe
FirewallRules: [{7FD96618-9DF1-4E8D-B400-E5EBD05C1AFF}] => (Allow) C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{F19A489F-1604-4F09-82B3-6858F3AD9227}] => (Allow) C:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{CE564BFD-9F14-420E-BDAA-11DBD65CF6C9}] => (Allow) C:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{01103480-A275-4303-942E-367385F7D5BE}] => (Allow) C:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{5DFB498D-2296-40CC-AD17-64F6E609BBAE}] => (Allow) C:\Program Files\Hewlett-Packard\Media\TV\QP.exe
FirewallRules: [{33DB98F8-2909-4B6C-BF0A-54AC37DDA186}] => (Allow) C:\Program Files\Hewlett-Packard\Media\TV\QPService.exe
FirewallRules: [{9902963A-A447-4CEF-A438-DAE9CF0F8625}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0D345324-DBE8-44EC-A1C7-F9B665562DD4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{81D0F828-CA6C-4EA8-8EA0-01FA3E8DC353}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C8F1E9CE-F9D6-4BCD-BC76-ADE77D90BE71}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{E7E73889-988F-4293-B986-BFD8A1E2109D}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{338D9BAB-CA3E-4AEB-B967-F01CF0DA9764}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{A9DE23CA-2164-4157-8446-893B024DDF1C}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\FaxApplications.exe
FirewallRules: [{480E2336-20F9-40D4-B340-4D1C038B8D05}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\DigitalWizards.exe
FirewallRules: [{0A2A384F-9929-461D-94B8-E00564C49133}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\SendAFax.exe
FirewallRules: [{AD1F29D9-8730-4307-9D38-AFAEB8037B2F}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\DeviceSetup.exe
FirewallRules: [{53058B4B-979C-491A-A25E-3BD5B7D76463}] => (Allow) LPort=5357
FirewallRules: [{BE1B7959-2BEA-425A-AE67-78F3F2E88F79}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{E84AB25C-5ED6-466E-9B8E-71645A36A507}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{7F6BAC21-2CBD-4145-9262-4139C31D8A10}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
==================== Wiederherstellungspunkte =========================
30-03-2016 08:45:11 Windows Update
31-03-2016 08:45:12 Windows Update
01-04-2016 08:45:56 Windows Update
01-04-2016 18:31:43 Windows Update
01-04-2016 19:14:09 Windows Update
03-04-2016 11:24:08 Geplanter Prüfpunkt
04-04-2016 03:48:36 Windows Defender Checkpoint
04-04-2016 21:48:12 Geplanter Prüfpunkt
05-04-2016 08:53:27 Windows Update
06-04-2016 20:52:13 Geplanter Prüfpunkt
07-04-2016 21:46:57 Geplanter Prüfpunkt
08-04-2016 08:54:04 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (04/10/2016 07:38:02 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: .
Error: (04/10/2016 07:35:45 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: .
Error: (04/10/2016 07:24:13 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: .
Error: (04/10/2016 07:16:49 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: .
Error: (04/10/2016 07:11:09 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: .
Error: (04/10/2016 07:05:53 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: .
Error: (04/10/2016 06:53:46 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: .
Error: (04/10/2016 06:46:55 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: .
Error: (04/10/2016 06:41:49 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: .
Error: (04/10/2016 06:25:37 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: .
Systemfehler:
=============
Error: (04/10/2016 05:54:12 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "C:" aus.
Error: (04/10/2016 05:54:12 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "C:" aus.
Error: (04/10/2016 05:54:12 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "C:" aus.
Error: (04/09/2016 10:25:21 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "C:" aus.
Error: (04/09/2016 10:25:21 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "C:" aus.
Error: (04/09/2016 10:25:21 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "C:" aus.
Error: (04/09/2016 10:21:24 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "C:" aus.
Error: (04/09/2016 10:21:24 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "C:" aus.
Error: (04/09/2016 10:10:04 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "C:" aus.
Error: (04/09/2016 10:10:03 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie chkdsk auf Volume "C:" aus.
CodeIntegrity:
===================================
Date: 2016-04-10 07:40:19.780
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-04-10 07:40:19.468
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-04-10 07:40:19.156
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-04-10 07:40:18.813
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-04-10 07:40:18.407
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-04-10 07:40:18.080
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-04-10 07:40:17.752
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-04-10 07:40:17.425
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-04-10 07:40:10.217
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-04-10 07:40:09.905
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD Athlon(tm) Neo Processor MV-40
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 2045.25 MB
Verfügbarer physikalischer RAM: 869.81 MB
Summe virtueller Speicher: 4347.02 MB
Verfügbarer virtueller Speicher: 2591.92 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:287.42 GB) (Free:233.92 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10.66 GB) (Free:1.27 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1B8DD3BA)
Partition 1: (Active) - (Size=287.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10.7 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
Hier die Ergebniss von der Windows-Registry-Reparatur: Code:
2016-04-07 22:54:15, Info CSI 00000006 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:54:15, Info CSI 00000007 [SR] Beginning Verify and Repair transaction
2016-04-07 22:54:21, Info CSI 00000009 [SR] Verify complete
2016-04-07 22:54:22, Info CSI 0000000a [SR] Verifying 100 (0x00000064) components
2016-04-07 22:54:22, Info CSI 0000000b [SR] Beginning Verify and Repair transaction
2016-04-07 22:54:29, Info CSI 0000000d [SR] Verify complete
2016-04-07 22:54:30, Info CSI 0000000e [SR] Verifying 100 (0x00000064) components
2016-04-07 22:54:30, Info CSI 0000000f [SR] Beginning Verify and Repair transaction
2016-04-07 22:54:34, Info CSI 00000011 [SR] Verify complete
2016-04-07 22:54:35, Info CSI 00000012 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:54:35, Info CSI 00000013 [SR] Beginning Verify and Repair transaction
2016-04-07 22:54:37, Info CSI 00000015 [SR] Verify complete
2016-04-07 22:54:38, Info CSI 00000016 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:54:38, Info CSI 00000017 [SR] Beginning Verify and Repair transaction
2016-04-07 22:54:39, Info CSI 00000019 [SR] Verify complete
2016-04-07 22:54:40, Info CSI 0000001a [SR] Verifying 100 (0x00000064) components
2016-04-07 22:54:40, Info CSI 0000001b [SR] Beginning Verify and Repair transaction
2016-04-07 22:54:42, Info CSI 0000001d [SR] Verify complete
2016-04-07 22:54:43, Info CSI 0000001e [SR] Verifying 100 (0x00000064) components
2016-04-07 22:54:43, Info CSI 0000001f [SR] Beginning Verify and Repair transaction
2016-04-07 22:54:44, Info CSI 00000021 [SR] Verify complete
2016-04-07 22:54:45, Info CSI 00000022 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:54:45, Info CSI 00000023 [SR] Beginning Verify and Repair transaction
2016-04-07 22:54:46, Info CSI 00000025 [SR] Verify complete
2016-04-07 22:54:47, Info CSI 00000026 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:54:47, Info CSI 00000027 [SR] Beginning Verify and Repair transaction
2016-04-07 22:54:49, Info CSI 00000029 [SR] Verify complete
2016-04-07 22:54:50, Info CSI 0000002a [SR] Verifying 100 (0x00000064) components
2016-04-07 22:54:50, Info CSI 0000002b [SR] Beginning Verify and Repair transaction
2016-04-07 22:54:51, Info CSI 0000002d [SR] Verify complete
2016-04-07 22:54:52, Info CSI 0000002e [SR] Verifying 100 (0x00000064) components
2016-04-07 22:54:52, Info CSI 0000002f [SR] Beginning Verify and Repair transaction
2016-04-07 22:54:54, Info CSI 00000031 [SR] Verify complete
2016-04-07 22:54:55, Info CSI 00000032 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:54:55, Info CSI 00000033 [SR] Beginning Verify and Repair transaction
2016-04-07 22:54:56, Info CSI 00000035 [SR] Verify complete
2016-04-07 22:54:57, Info CSI 00000036 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:54:57, Info CSI 00000037 [SR] Beginning Verify and Repair transaction
2016-04-07 22:55:00, Info CSI 00000039 [SR] Verify complete
2016-04-07 22:55:01, Info CSI 0000003a [SR] Verifying 100 (0x00000064) components
2016-04-07 22:55:01, Info CSI 0000003b [SR] Beginning Verify and Repair transaction
2016-04-07 22:55:02, Info CSI 0000003d [SR] Verify complete
2016-04-07 22:55:03, Info CSI 0000003e [SR] Verifying 100 (0x00000064) components
2016-04-07 22:55:03, Info CSI 0000003f [SR] Beginning Verify and Repair transaction
2016-04-07 22:55:04, Info CSI 00000041 [SR] Verify complete
2016-04-07 22:55:05, Info CSI 00000042 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:55:05, Info CSI 00000043 [SR] Beginning Verify and Repair transaction
2016-04-07 22:55:07, Info CSI 00000045 [SR] Verify complete
2016-04-07 22:55:07, Info CSI 00000046 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:55:07, Info CSI 00000047 [SR] Beginning Verify and Repair transaction
2016-04-07 22:55:10, Info CSI 00000049 [SR] Verify complete
2016-04-07 22:55:11, Info CSI 0000004a [SR] Verifying 100 (0x00000064) components
2016-04-07 22:55:11, Info CSI 0000004b [SR] Beginning Verify and Repair transaction
2016-04-07 22:55:12, Info CSI 0000004d [SR] Verify complete
2016-04-07 22:55:13, Info CSI 0000004e [SR] Verifying 100 (0x00000064) components
2016-04-07 22:55:13, Info CSI 0000004f [SR] Beginning Verify and Repair transaction
2016-04-07 22:55:16, Info CSI 00000051 [SR] Verify complete
2016-04-07 22:55:17, Info CSI 00000052 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:55:17, Info CSI 00000053 [SR] Beginning Verify and Repair transaction
2016-04-07 22:55:19, Info CSI 00000055 [SR] Verify complete
2016-04-07 22:55:20, Info CSI 00000056 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:55:20, Info CSI 00000057 [SR] Beginning Verify and Repair transaction
2016-04-07 22:55:22, Info CSI 00000059 [SR] Verify complete
2016-04-07 22:55:24, Info CSI 0000005a [SR] Verifying 100 (0x00000064) components
2016-04-07 22:55:24, Info CSI 0000005b [SR] Beginning Verify and Repair transaction
2016-04-07 22:55:27, Info CSI 0000005d [SR] Verify complete
2016-04-07 22:55:27, Info CSI 0000005e [SR] Verifying 100 (0x00000064) components
2016-04-07 22:55:27, Info CSI 0000005f [SR] Beginning Verify and Repair transaction
2016-04-07 22:55:30, Info CSI 00000061 [SR] Verify complete
2016-04-07 22:55:31, Info CSI 00000062 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:55:31, Info CSI 00000063 [SR] Beginning Verify and Repair transaction
2016-04-07 22:55:32, Info CSI 00000065 [SR] Verify complete
2016-04-07 22:55:33, Info CSI 00000066 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:55:33, Info CSI 00000067 [SR] Beginning Verify and Repair transaction
2016-04-07 22:55:34, Info CSI 00000069 [SR] Verify complete
2016-04-07 22:55:35, Info CSI 0000006a [SR] Verifying 100 (0x00000064) components
2016-04-07 22:55:35, Info CSI 0000006b [SR] Beginning Verify and Repair transaction
2016-04-07 22:55:37, Info CSI 0000006d [SR] Verify complete
2016-04-07 22:55:38, Info CSI 0000006e [SR] Verifying 100 (0x00000064) components
2016-04-07 22:55:38, Info CSI 0000006f [SR] Beginning Verify and Repair transaction
2016-04-07 22:55:43, Info CSI 00000071 [SR] Verify complete
2016-04-07 22:55:43, Info CSI 00000072 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:55:43, Info CSI 00000073 [SR] Beginning Verify and Repair transaction
2016-04-07 22:55:50, Info CSI 00000075 [SR] Verify complete
2016-04-07 22:55:51, Info CSI 00000076 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:55:51, Info CSI 00000077 [SR] Beginning Verify and Repair transaction
2016-04-07 22:55:52, Info CSI 00000079 [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-07 22:55:57, Info CSI 0000007c [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-07 22:55:57, Info CSI 0000007d [SR] This component was referenced by [l:160{80}]"Package_30_for_KB936330~31bf3856ad364e35~x86~~6.0.1.18000.936330-187_neutral_GDR"
2016-04-07 22:55:57, Info CSI 00000080 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"autochk.exe"; source file in store is also corrupted
2016-04-07 22:55:58, Info CSI 00000082 [SR] Verify complete
2016-04-07 22:55:58, Info CSI 00000083 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:55:58, Info CSI 00000084 [SR] Beginning Verify and Repair transaction
2016-04-07 22:56:04, Info CSI 00000087 [SR] Verify complete
2016-04-07 22:56:05, Info CSI 00000088 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:56:05, Info CSI 00000089 [SR] Beginning Verify and Repair transaction
2016-04-07 22:56:09, Info CSI 0000008b [SR] Verify complete
2016-04-07 22:56:10, Info CSI 0000008c [SR] Verifying 100 (0x00000064) components
2016-04-07 22:56:10, Info CSI 0000008d [SR] Beginning Verify and Repair transaction
2016-04-07 22:56:19, Info CSI 00000095 [SR] Verify complete
2016-04-07 22:56:19, Info CSI 00000096 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:56:19, Info CSI 00000097 [SR] Beginning Verify and Repair transaction
2016-04-07 22:56:26, Info CSI 0000009b [SR] Verify complete
2016-04-07 22:56:26, Info CSI 0000009c [SR] Verifying 100 (0x00000064) components
2016-04-07 22:56:26, Info CSI 0000009d [SR] Beginning Verify and Repair transaction
2016-04-07 22:56:31, Info CSI 0000009f [SR] Verify complete
2016-04-07 22:56:31, Info CSI 000000a0 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:56:31, Info CSI 000000a1 [SR] Beginning Verify and Repair transaction
2016-04-07 22:56:38, Info CSI 000000a3 [SR] Verify complete
2016-04-07 22:56:39, Info CSI 000000a4 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:56:39, Info CSI 000000a5 [SR] Beginning Verify and Repair transaction
2016-04-07 22:56:45, Info CSI 000000a7 [SR] Verify complete
2016-04-07 22:56:46, Info CSI 000000a8 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:56:46, Info CSI 000000a9 [SR] Beginning Verify and Repair transaction
2016-04-07 22:56:59, Info CSI 000000ab [SR] Verify complete
2016-04-07 22:56:59, Info CSI 000000ac [SR] Verifying 100 (0x00000064) components
2016-04-07 22:56:59, Info CSI 000000ad [SR] Beginning Verify and Repair transaction
2016-04-07 22:57:09, Info CSI 000000b1 [SR] Verify complete
2016-04-07 22:57:10, Info CSI 000000b2 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:57:10, Info CSI 000000b3 [SR] Beginning Verify and Repair transaction
2016-04-07 22:57:23, Info CSI 000000b5 [SR] Verify complete
2016-04-07 22:57:23, Info CSI 000000b6 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:57:23, Info CSI 000000b7 [SR] Beginning Verify and Repair transaction
2016-04-07 22:57:48, Info CSI 000000b9 [SR] Verify complete
2016-04-07 22:57:49, Info CSI 000000ba [SR] Verifying 100 (0x00000064) components
2016-04-07 22:57:49, Info CSI 000000bb [SR] Beginning Verify and Repair transaction
2016-04-07 22:57:58, Info CSI 000000bd [SR] Verify complete
2016-04-07 22:57:58, Info CSI 000000be [SR] Verifying 100 (0x00000064) components
2016-04-07 22:57:58, Info CSI 000000bf [SR] Beginning Verify and Repair transaction
2016-04-07 22:58:03, Info CSI 000000c1 [SR] Verify complete
2016-04-07 22:58:04, Info CSI 000000c2 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:58:04, Info CSI 000000c3 [SR] Beginning Verify and Repair transaction
2016-04-07 22:58:07, Info CSI 000000c5 [SR] Verify complete
2016-04-07 22:58:07, Info CSI 000000c6 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:58:07, Info CSI 000000c7 [SR] Beginning Verify and Repair transaction
2016-04-07 22:58:10, Info CSI 000000c9 [SR] Verify complete
2016-04-07 22:58:11, Info CSI 000000ca [SR] Verifying 100 (0x00000064) components
2016-04-07 22:58:11, Info CSI 000000cb [SR] Beginning Verify and Repair transaction
2016-04-07 22:58:26, Info CSI 000000e9 [SR] Verify complete
2016-04-07 22:58:27, Info CSI 000000ea [SR] Verifying 100 (0x00000064) components
2016-04-07 22:58:27, Info CSI 000000eb [SR] Beginning Verify and Repair transaction
2016-04-07 22:58:31, Info CSI 000000ed [SR] Verify complete
2016-04-07 22:58:32, Info CSI 000000ee [SR] Verifying 100 (0x00000064) components
2016-04-07 22:58:32, Info CSI 000000ef [SR] Beginning Verify and Repair transaction
2016-04-07 22:58:35, Info CSI 000000f1 [SR] Verify complete
2016-04-07 22:58:36, Info CSI 000000f2 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:58:36, Info CSI 000000f3 [SR] Beginning Verify and Repair transaction
2016-04-07 22:58:39, Info CSI 000000f5 [SR] Verify complete
2016-04-07 22:58:40, Info CSI 000000f6 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:58:40, Info CSI 000000f7 [SR] Beginning Verify and Repair transaction
2016-04-07 22:58:51, Info CSI 000000f9 [SR] Verify complete
2016-04-07 22:58:51, Info CSI 000000fa [SR] Verifying 100 (0x00000064) components
2016-04-07 22:58:51, Info CSI 000000fb [SR] Beginning Verify and Repair transaction
2016-04-07 22:59:02, Info CSI 000000fd [SR] Verify complete
2016-04-07 22:59:03, Info CSI 000000fe [SR] Verifying 100 (0x00000064) components
2016-04-07 22:59:03, Info CSI 000000ff [SR] Beginning Verify and Repair transaction
2016-04-07 22:59:05, Info CSI 00000101 [SR] Verify complete
2016-04-07 22:59:06, Info CSI 00000102 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:59:06, Info CSI 00000103 [SR] Beginning Verify and Repair transaction
2016-04-07 22:59:13, Info CSI 00000105 [SR] Verify complete
2016-04-07 22:59:14, Info CSI 00000106 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:59:14, Info CSI 00000107 [SR] Beginning Verify and Repair transaction
2016-04-07 22:59:20, Info CSI 00000109 [SR] Verify complete
2016-04-07 22:59:21, Info CSI 0000010a [SR] Verifying 100 (0x00000064) components
2016-04-07 22:59:21, Info CSI 0000010b [SR] Beginning Verify and Repair transaction
2016-04-07 22:59:26, Info CSI 0000010d [SR] Verify complete
2016-04-07 22:59:27, Info CSI 0000010e [SR] Verifying 100 (0x00000064) components
2016-04-07 22:59:27, Info CSI 0000010f [SR] Beginning Verify and Repair transaction
2016-04-07 22:59:42, Info CSI 00000134 [SR] Verify complete
2016-04-07 22:59:43, Info CSI 00000135 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:59:43, Info CSI 00000136 [SR] Beginning Verify and Repair transaction
2016-04-07 22:59:59, Info CSI 00000138 [SR] Verify complete
2016-04-07 22:59:59, Info CSI 00000139 [SR] Verifying 100 (0x00000064) components
2016-04-07 22:59:59, Info CSI 0000013a [SR] Beginning Verify and Repair transaction
2016-04-07 23:00:31, Info CSI 0000013c [SR] Verify complete
2016-04-07 23:00:31, Info CSI 0000013d [SR] Verifying 100 (0x00000064) components
2016-04-07 23:00:31, Info CSI 0000013e [SR] Beginning Verify and Repair transaction
2016-04-07 23:00:52, Info CSI 00000140 [SR] Verify complete
2016-04-07 23:00:53, Info CSI 00000141 [SR] Verifying 100 (0x00000064) components
2016-04-07 23:00:53, Info CSI 00000142 [SR] Beginning Verify and Repair transaction
2016-04-07 23:01:05, Info CSI 00000144 [SR] Verify complete
2016-04-07 23:01:05, Info CSI 00000145 [SR] Verifying 100 (0x00000064) components
2016-04-07 23:01:05, Info CSI 00000146 [SR] Beginning Verify and Repair transaction
2016-04-07 23:01:12, Info CSI 00000148 [SR] Verify complete
2016-04-07 23:01:13, Info CSI 00000149 [SR] Verifying 100 (0x00000064) components
2016-04-07 23:01:13, Info CSI 0000014a [SR] Beginning Verify and Repair transaction
2016-04-07 23:01:18, Info CSI 0000014c [SR] Verify complete
2016-04-07 23:01:19, Info CSI 0000014d [SR] Verifying 100 (0x00000064) components
2016-04-07 23:01:19, Info CSI 0000014e [SR] Beginning Verify and Repair transaction
2016-04-07 23:01:25, Info CSI 00000151 [SR] Verify complete
2016-04-07 23:01:25, Info CSI 00000152 [SR] Verifying 100 (0x00000064) components
2016-04-07 23:01:25, Info CSI 00000153 [SR] Beginning Verify and Repair transaction
2016-04-07 23:01:37, Info CSI 00000155 [SR] Verify complete
2016-04-07 23:01:38, Info CSI 00000156 [SR] Verifying 100 (0x00000064) components
2016-04-07 23:01:38, Info CSI 00000157 [SR] Beginning Verify and Repair transaction
2016-04-07 23:01:48, Info CSI 00000159 [SR] Verify complete
2016-04-07 23:01:49, Info CSI 0000015a [SR] Verifying 100 (0x00000064) components
2016-04-07 23:01:49, Info CSI 0000015b [SR] Beginning Verify and Repair transaction
2016-04-07 23:01:57, Info CSI 0000015d [SR] Verify complete
2016-04-07 23:01:58, Info CSI 0000015e [SR] Verifying 100 (0x00000064) components
2016-04-07 23:01:58, Info CSI 0000015f [SR] Beginning Verify and Repair transaction
2016-04-07 23:02:05, Info CSI 00000161 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-07 23:02:08, Info CSI 00000163 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-07 23:02:08, Info CSI 00000164 [SR] This component was referenced by [l:158{79}]"Package_20_for_KB936330~31bf3856ad364e35~x86~~6.0.1.18000.936330-33_neutral_GDR"
2016-04-07 23:02:08, Info CSI 00000167 [SR] Could not reproject corrupted file [ml:520{260},l:72{36}]"\??\C:\Program Files\Windows Sidebar"\[l:24{12}]"settings.ini"; source file in store is also corrupted
2016-04-07 23:02:12, Info CSI 00000169 [SR] Verify complete
2016-04-07 23:02:13, Info CSI 0000016a [SR] Verifying 100 (0x00000064) components
2016-04-07 23:02:13, Info CSI 0000016b [SR] Beginning Verify and Repair transaction
2016-04-07 23:02:21, Info CSI 0000016d [SR] Verify complete
2016-04-07 23:02:21, Info CSI 0000016e [SR] Verifying 100 (0x00000064) components
2016-04-07 23:02:21, Info CSI 0000016f [SR] Beginning Verify and Repair transaction
2016-04-07 23:02:26, Info CSI 00000171 [SR] Verify complete
2016-04-07 23:02:27, Info CSI 00000172 [SR] Verifying 100 (0x00000064) components
2016-04-07 23:02:27, Info CSI 00000173 [SR] Beginning Verify and Repair transaction
2016-04-07 23:02:34, Info CSI 00000176 [SR] Verify complete
2016-04-07 23:02:35, Info CSI 00000177 [SR] Verifying 100 (0x00000064) components
2016-04-07 23:02:35, Info CSI 00000178 [SR] Beginning Verify and Repair transaction
2016-04-07 23:02:39, Info CSI 0000017a [SR] Verify complete
2016-04-07 23:02:40, Info CSI 0000017b [SR] Verifying 100 (0x00000064) components
2016-04-07 23:02:40, Info CSI 0000017c [SR] Beginning Verify and Repair transaction
2016-04-07 23:02:46, Info CSI 0000017e [SR] Verify complete
2016-04-07 23:02:47, Info CSI 0000017f [SR] Verifying 100 (0x00000064) components
2016-04-07 23:02:47, Info CSI 00000180 [SR] Beginning Verify and Repair transaction
2016-04-07 23:02:56, Info CSI 0000018c [SR] Verify complete
2016-04-07 23:02:56, Info CSI 0000018d [SR] Verifying 100 (0x00000064) components
2016-04-07 23:02:56, Info CSI 0000018e [SR] Beginning Verify and Repair transaction
2016-04-07 23:03:07, Info CSI 000001ac [SR] Verify complete
2016-04-07 23:03:08, Info CSI 000001ad [SR] Verifying 100 (0x00000064) components
2016-04-07 23:03:08, Info CSI 000001ae [SR] Beginning Verify and Repair transaction
2016-04-07 23:03:17, Info CSI 000001b0 [SR] Verify complete
2016-04-07 23:03:18, Info CSI 000001b1 [SR] Verifying 100 (0x00000064) components
2016-04-07 23:03:18, Info CSI 000001b2 [SR] Beginning Verify and Repair transaction
2016-04-07 23:03:29, Info CSI 000001b4 [SR] Verify complete
2016-04-07 23:03:29, Info CSI 000001b5 [SR] Verifying 100 (0x00000064) components
2016-04-07 23:03:29, Info CSI 000001b6 [SR] Beginning Verify and Repair transaction
2016-04-07 23:03:34, Info CSI 000001b8 [SR] Verify complete
2016-04-07 23:03:35, Info CSI 000001b9 [SR] Verifying 100 (0x00000064) components
2016-04-07 23:03:35, Info CSI 000001ba [SR] Beginning Verify and Repair transaction
2016-04-07 23:03:37, Info CSI 000001bc [SR] Verify complete
2016-04-07 23:03:38, Info CSI 000001bd [SR] Verifying 100 (0x00000064) components
2016-04-07 23:03:38, Info CSI 000001be [SR] Beginning Verify and Repair transaction
2016-04-07 23:03:47, Info CSI 000001c0 [SR] Verify complete
2016-04-07 23:03:48, Info CSI 000001c1 [SR] Verifying 100 (0x00000064) components
2016-04-07 23:03:48, Info CSI 000001c2 [SR] Beginning Verify and Repair transaction
2016-04-07 23:03:57, Info CSI 000001c4 [SR] Verify complete
2016-04-07 23:03:57, Info CSI 000001c5 [SR] Verifying 100 (0x00000064) components
2016-04-07 23:03:57, Info CSI 000001c6 [SR] Beginning Verify and Repair transaction
2016-04-07 23:04:04, Info CSI 000001c8 [SR] Verify complete
2016-04-07 23:04:04, Info CSI 000001c9 [SR] Verifying 100 (0x00000064) components
2016-04-07 23:04:04, Info CSI 000001ca [SR] Beginning Verify and Repair transaction
2016-04-07 23:04:19, Info CSI 000001cc [SR] Verify complete
2016-04-07 23:04:20, Info CSI 000001cd [SR] Verifying 100 (0x00000064) components
2016-04-07 23:04:20, Info CSI 000001ce [SR] Beginning Verify and Repair transaction
2016-04-07 23:04:24, Info CSI 000001d0 [SR] Verify complete
2016-04-07 23:04:24, Info CSI 000001d1 [SR] Verifying 100 (0x00000064) components
2016-04-07 23:04:24, Info CSI 000001d2 [SR] Beginning Verify and Repair transaction
2016-04-07 23:04:30, Info CSI 000001d4 [SR] Verify complete
2016-04-07 23:04:31, Info CSI 000001d5 [SR] Verifying 100 (0x00000064) components
2016-04-07 23:04:31, Info CSI 000001d6 [SR] Beginning Verify and Repair transaction
2016-04-07 23:04:40, Info CSI 000001e1 [SR] Verify complete
2016-04-07 23:04:41, Info CSI 000001e2 [SR] Verifying 6 components
2016-04-07 23:04:41, Info CSI 000001e3 [SR] Beginning Verify and Repair transaction
2016-04-07 23:04:41, Info CSI 000001e5 [SR] Verify complete
2016-04-07 23:04:41, Info CSI 000001e6 [SR] Repairing 2 components
2016-04-07 23:04:41, Info CSI 000001e7 [SR] Beginning Verify and Repair transaction
2016-04-07 23:04:41, Info CSI 000001e9 [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-07 23:04:41, Info CSI 000001eb [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-07 23:04:41, Info CSI 000001ed [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-07 23:04:41, Info CSI 000001ee [SR] This component was referenced by [l:160{80}]"Package_30_for_KB936330~31bf3856ad364e35~x86~~6.0.1.18000.936330-187_neutral_GDR"
2016-04-07 23:04:41, Info CSI 000001f1 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"autochk.exe"; source file in store is also corrupted
2016-04-07 23:04:41, Info CSI 000001f3 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-07 23:04:41, Info CSI 000001f4 [SR] This component was referenced by [l:158{79}]"Package_20_for_KB936330~31bf3856ad364e35~x86~~6.0.1.18000.936330-33_neutral_GDR"
2016-04-07 23:04:41, Info CSI 000001f7 [SR] Could not reproject corrupted file [ml:520{260},l:72{36}]"\??\C:\Program Files\Windows Sidebar"\[l:24{12}]"settings.ini"; source file in store is also corrupted
2016-04-07 23:04:41, Info CSI 000001f9 [SR] Repair complete
2016-04-07 23:04:42, Info CSI 000001fa [SR] Committing transaction
2016-04-07 23:04:42, Info CSI 000001fe [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired
Hier noch die Übersicht von Eset: Code:
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Media Finder\Get the Media Finder License.URL LNK/Agent.CH Trojaner
C:\$RECYCLE.BIN\S-1-5-21-1755791093-2845836895-1122057984-1000\$RF0UHK9.exe Win32/Systweak.U evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder\Get the Media Finder License.URL LNK/Agent.CH Trojaner Gesäubert durch Löschen
C:\Users\Michi\AppData\Local\Temp\XUlkgYK5.exe.part Variante von Win32/UniBlue.F evtl. unerwünschte Anwendung gelöscht
C:\Users\Michi\AppData\LocalLow\Sun\Java\jre1.8.0_40\java_sp.dll Variante von Win32/Bundled.Toolbar.Ask.M potenziell unsichere Anwendung Gesäubert durch Löschen
C:\Users\Michi\Downloads\ccsetup504.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung gelöscht
C:\Users\Michi\Downloads\OJ4630_198.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung gelöscht
Habe zuletzt noch Malwarebytes durchlaufen lassen. Das Programm hat WinThrust gefunden, obwohl die Installation angeblich von Avast blockiert wurde. Das habe ich gelöscht.
Von Malwarebytes habe ich noch folgende Logfiles:
9.4.16: Code:
<?xml version="1.0" encoding="UTF-8" ?>
<logs>
<record severity="debug" LoggingEventType="1" datetime="2016-04-09T20:51:50.611800+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2.2.0.1024" last_modified_tag="21b0e766-e254-40b6-873e-433258eb6b00" name="program" toVersion="2.2.1.0"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-04-09T20:51:51.261800+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2016.3.30.1" last_modified_tag="bad299dd-462a-4466-abf7-a930aa01f0bd" name="Rootkit Database" toVersion="2016.4.3.1"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-04-09T20:51:51.339800+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2016.3.24.1" last_modified_tag="f2d78e42-f7d4-45f1-b7c3-23a308c0dd72" name="Remediation Database" toVersion="2016.4.5.1"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-04-09T20:51:51.475800+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2016.4.1.1" last_modified_tag="cb6e83e2-5d17-45ae-b941-76140d5b6ca1" name="IP Database" toVersion="2016.4.7.1"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-04-09T20:51:58.231800+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2016.4.2.1" last_modified_tag="f682daeb-9e75-44f0-9fce-73ec70a59c8a" name="Domain Database" toVersion="2016.4.9.1"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-04-09T20:52:10.571400+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2016.4.3.2" last_modified_tag="2c3bb8c7-55a7-4c37-9377-3d8b06ec9cf4" name="Malware Database" toVersion="2016.4.9.3"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-04-09T20:55:12.701400+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2.2.0.1024" last_modified_tag="8030bd00-6830-4343-a246-790bebde3e1b" name="program" toVersion="2.2.1.0"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-04-09T20:55:27.162600+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2016.4.9.3" last_modified_tag="54526e84-d16c-4e90-ae67-dbf75f57b016" name="Malware Database" toVersion="2016.4.9.4"></record>
</logs>
08.04.16: Code:
<?xml version="1.0" encoding="UTF-8" ?>
<logs>
<record severity="debug" LoggingEventType="4" datetime="2016-04-08T02:42:06.843662+02:00" source="Protection" type="Error" username="SYSTEM" systemname="MICHI-PC" code="13" last_modified_tag="22244505-9b37-4196-b10f-aa76cc2b9f60" message="IsLicensed"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-04-08T02:42:06.906062+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="MICHI-PC" last_modified_tag="82050dfd-81f1-47fe-b364-ac45c01cd5fb" result="Stopping" subtype="Malware Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-04-08T02:42:06.937262+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="MICHI-PC" last_modified_tag="7728f711-d718-46a6-96ae-cdcbdcd53eaf" result="Stopped" subtype="Malware Protection"></record>
</logs>
7.4.16: Code:
<?xml version="1.0" encoding="UTF-8" ?>
<logs>
<record severity="debug" LoggingEventType="4" datetime="2016-04-07T18:40:04.522695+02:00" source="Protection" type="Error" username="SYSTEM" systemname="MICHI-PC" code="13" last_modified_tag="4cff5f3e-dea5-4f91-a05d-15bee637c214" message="IsLicensed"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-04-07T18:40:04.538295+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="MICHI-PC" last_modified_tag="9414372c-d98e-4fca-8a51-353d1bd313f6" result="Stopping" subtype="Malware Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-04-07T18:40:04.553895+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="MICHI-PC" last_modified_tag="d0126d9d-d752-43bf-a41c-abd3037c70f0" result="Stopped" subtype="Malware Protection"></record>
</logs>
3.4.16: Code:
<?xml version="1.0" encoding="UTF-8" ?>
<logs>
<record severity="debug" LoggingEventType="1" datetime="2016-04-03T09:25:40.467600+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2.2.0.1024" last_modified_tag="e0f5b33a-2538-4304-aa77-bf676a348016" name="program" toVersion="2.2.1.0"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-04-03T09:25:40.661600+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2016.3.12.1" last_modified_tag="ed12d3a1-9e15-4d1d-b93b-f2c0a6e1b3be" name="Rootkit Database" toVersion="2016.3.30.1"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-04-03T09:25:41.865600+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2016.3.21.3" last_modified_tag="5d5eea39-6c6e-40a5-8758-52231654fc7d" name="IP Database" toVersion="2016.4.1.1"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-04-03T09:25:49.364400+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2016.3.28.4" last_modified_tag="6c2cafea-7dfc-4952-bf96-5971ec23457a" name="Domain Database" toVersion="2016.4.2.1"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-04-03T09:26:05.136000+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2016.3.28.6" last_modified_tag="53381530-ad5c-451e-a101-3248ba153212" name="Malware Database" toVersion="2016.4.3.2"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-04-03T09:26:55.742400+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2.2.0.1024" last_modified_tag="e911705a-798b-47ac-b1e4-5c7219b19a68" name="program" toVersion="2.2.1.0"></record>
<record severity="debug" scantype="threat" LoggingEventType="6" starttime="2016-04-03T09:26:56+02:00" datetime="2016-04-03T10:27:54.372200+02:00" source="Manual" type="Scan" username="SYSTEM" systemname="MICHI-PC" last_modified_tag="4bbe524d-22a8-4d56-a3fe-33188b471111" duration="3657" malwaredetections="0" nonmalwaredetections="0" scanresult="completed"></record>
<record severity="debug" LoggingEventType="4" datetime="2016-04-03T17:54:21.253166+02:00" source="Protection" type="Error" username="SYSTEM" systemname="MICHI-PC" code="13" last_modified_tag="ded10149-8e7c-4559-8414-2431a1197ad8" message="IsLicensed"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-04-03T17:54:21.315566+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="MICHI-PC" last_modified_tag="074af064-1225-4c3f-9427-efe4536ace16" result="Stopping" subtype="Malware Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-04-03T17:54:21.331166+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="MICHI-PC" last_modified_tag="3df90b25-dbf7-4a9f-8970-acb0c2ce85bd" result="Stopped" subtype="Malware Protection"></record>
<record severity="debug" LoggingEventType="4" datetime="2016-04-03T18:20:23.759711+02:00" source="Protection" type="Error" username="SYSTEM" systemname="MICHI-PC" code="13" last_modified_tag="f17cbe39-a02f-4ad7-a7a9-dbfa5c091fb6" message="IsLicensed"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-04-03T18:20:23.868911+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="MICHI-PC" last_modified_tag="081fd149-42a4-42ba-8bf0-6a28b9dfe0f1" result="Stopping" subtype="Malware Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-04-03T18:20:23.884511+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="MICHI-PC" last_modified_tag="2b23223c-7b98-4d5a-a9f7-74021083bcfd" result="Stopped" subtype="Malware Protection"></record>
</logs>
1.4.16: Code:
<?xml version="1.0" encoding="UTF-8" ?>
<logs>
<record severity="debug" LoggingEventType="4" datetime="2016-04-01T08:58:59.074106+02:00" source="Protection" type="Error" username="SYSTEM" systemname="MICHI-PC" code="13" last_modified_tag="36880a2d-fa71-44df-90d0-1e34874c6510" message="IsLicensed"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-04-01T08:58:59.105306+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="MICHI-PC" last_modified_tag="a48fc107-0fe8-40ba-b35d-af1bbe2bd047" result="Stopping" subtype="Malware Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-04-01T08:58:59.198906+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="MICHI-PC" last_modified_tag="88f8e434-d096-4f37-a762-a8f0b86e1478" result="Stopped" subtype="Malware Protection"></record>
</logs>
28.3.16: Code:
<?xml version="1.0" encoding="UTF-8" ?>
<logs>
<record severity="debug" LoggingEventType="1" datetime="2016-03-28T20:00:01.714000+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2016.3.5.1" last_modified_tag="a79ca960-6561-4406-8e75-e217dbc77916" name="Remediation Database" toVersion="2016.3.24.1"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-03-28T20:00:01.875000+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2016.2.27.1" last_modified_tag="ff2d4cde-9484-4c43-b0a1-f82b0c362efd" name="Rootkit Database" toVersion="2016.3.12.1"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-03-28T20:00:07.005000+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2016.3.3.1" last_modified_tag="abdc7285-9483-4291-993f-425baa60e454" name="IP Database" toVersion="2016.3.21.3"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-03-28T20:00:08.949000+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2016.3.6.1" last_modified_tag="5246b1de-7d03-442e-a39a-812c46cfe901" name="Domain Database" toVersion="2016.3.28.4"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-03-28T20:00:29.755000+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2.2.0.1024" last_modified_tag="b95d9b57-703a-409e-9a5a-cee74199c4eb" name="program" toVersion="2.2.1.0"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-03-28T20:00:30.043000+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2016.3.6.4" last_modified_tag="957aee06-d387-4b76-b21e-a9b01a53aa45" name="Malware Database" toVersion="2016.3.28.6"></record>
<record severity="debug" LoggingEventType="1" datetime="2016-03-28T20:01:28.944000+02:00" source="Manual" type="Update" username="SYSTEM" systemname="MICHI-PC" fromVersion="2.2.0.1024" last_modified_tag="f859b6b0-9ba7-4058-b2b1-08dab4682572" name="program" toVersion="2.2.1.0"></record>
<record severity="debug" scantype="threat" LoggingEventType="6" starttime="2016-03-28T20:01:29+02:00" datetime="2016-03-28T21:00:53.573000+02:00" source="Manual" type="Scan" username="SYSTEM" systemname="MICHI-PC" last_modified_tag="89689c3f-d709-4b7f-9a65-15437d629c73" duration="1911" malwaredetections="0" nonmalwaredetections="50" scanresult="completed"></record>
</logs>
Und hier noch einer, als ich noch keine Probleme merkte:
18.3.16: Code:
<?xml version="1.0" encoding="UTF-8" ?>
<logs>
<record severity="debug" LoggingEventType="4" datetime="2016-03-18T09:20:55.312293+01:00" source="Protection" type="Error" username="SYSTEM" systemname="MICHI-PC" code="13" last_modified_tag="4e5040b9-654a-4d23-9630-7ca6690b6bd9" message="IsLicensed"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-03-18T09:20:55.327893+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="MICHI-PC" last_modified_tag="255db6d9-f594-4674-87bf-08feee6abe30" result="Stopping" subtype="Malware Protection"></record>
<record severity="debug" LoggingEventType="2" datetime="2016-03-18T09:20:55.421493+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="MICHI-PC" last_modified_tag="ee3cbf86-31f6-4c88-8cb1-1df91d0d056f" result="Stopped" subtype="Malware Protection"></record>
</logs>
:confused:
Über Hilfe -- so sie denn noch möglich ist -- wäre ich unendlich dankbar!!!!! :bussi:
Viele Grüße,
Mimimo |
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Malware 
SecurityCheck und:
Farbar Service Scanner 
WARNUNG an die MITLESER: 
und 
und speichere die Logdatei auf Deinem Desktop.