| altkanonist | 19.02.2016 12:54 |
Hallo Rafael,
hier Schritt 2:
FRST.txt:
FRST Logfile: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-02-2016
durchgeführt von Georg (Administrator) auf GEORG-PC (18-02-2016 21:54:25)
Gestartet von F:\DOWNLOAD\Downloads
Geladene Profile: Georg & (Verfügbare Profile: Georg & Gast & DefaultAppPool)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
() C:\Program Files (x86)\TwonkyMedia\twonkymediaserverwatchdog.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe
() C:\Program Files (x86)\TwonkyMedia\twonkymediaserver.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Fred's Software) C:\Program Files (x86)\PrintKey2000\Printkey2000.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Users\Georg\AppData\Local\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [804168 2016-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2880314696-201436855-2258341818-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-2880314696-201436855-2258341818-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-2880314696-201436855-2258341818-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2880314696-201436855-2258341818-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Packard Bell.scr [456224 2010-07-29] ()
ShellExecuteHooks: - {7AD1C0F5-07A2-40E5-8608-C6EAA0FF362F} - C:\Users\Georg\AppData\Local\Microsoft\Windows\INetCookies\x64explassist.dll [873072 2015-11-26] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk [2015-11-16]
ShortcutTarget: Printkey2000.lnk -> C:\Program Files (x86)\PrintKey2000\Printkey2000.exe (Fred's Software)
CHR HKU\S-1-5-21-2880314696-201436855-2258341818-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
CHR HKU\S-1-5-21-2880314696-201436855-2258341818-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5-x64 05 C:\Program Files\Bonjour\mdnsNSP.dll Keine Datei
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1f47fec2-1cb9-46ef-bf95-a7e2d3ed6286}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2880314696-201436855-2258341818-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-2880314696-201436855-2258341818-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-2880314696-201436855-2258341818-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-2880314696-201436855-2258341818-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-2880314696-201436855-2258341818-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://packardbell.msn.com
HKU\S-1-5-21-2880314696-201436855-2258341818-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
URLSearchHook: HKLM-x32 - (Kein Name) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Keine Datei
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-2880314696-201436855-2258341818-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-2880314696-201436855-2258341818-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-2880314696-201436855-2258341818-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2880314696-201436855-2258341818-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2013-11-28] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-05-05] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-21] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-05-05] (Oracle Corporation)
BHO-x32: Kein Name -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-05] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-21] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-05] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (CANON INC.)
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-21] (Google Inc.)
Toolbar: HKLM-x32 - Kein Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Keine Datei
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-21] (Google Inc.)
Toolbar: HKU\S-1-5-21-2880314696-201436855-2258341818-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (CANON INC.)
Toolbar: HKU\S-1-5-21-2880314696-201436855-2258341818-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-21] (Google Inc.)
Toolbar: HKU\S-1-5-21-2880314696-201436855-2258341818-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (CANON INC.)
Toolbar: HKU\S-1-5-21-2880314696-201436855-2258341818-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-21] (Google Inc.)
Toolbar: HKU\S-1-5-21-2880314696-201436855-2258341818-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Toolbar: HKU\S-1-5-21-2880314696-201436855-2258341818-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
FireFox:
========
FF ProfilePath: C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-05-05] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-05-05] (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper -> C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll [2008-02-22] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-09-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-09-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-09-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-09-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-09-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2013-01-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2013-01-08] (Apple Inc.)
FF Extension: Oasis Space 1.0.1 - C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{cd788066-4c86-4c4f-85d5-c7a4a0609b55}.xpi [2015-10-23] [ist nicht signiert]
FF Extension: Oasis Space 1.0.1 - C:\Users\Georg\AppData\Roaming\Mozilla\Firefox\Profiles\tt1qxmi6.default-1407251020761\Extensions\{cd788066-4c86-4c4f-85d5-c7a4a0609b55}.xpi [2015-10-23] [ist nicht signiert]
FF HKU\S-1-5-21-2880314696-201436855-2258341818-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [ffox@bandoo.com] - C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles/hb985i1g.default\extensions\ffox@bandoo.com => nicht gefunden
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR DefaultSearchURL: Default -> hxxp://www.google.de/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.de_
CHR Profile: C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-06]
CHR Extension: (YouTube) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-06]
CHR Extension: (Google-Suche) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-06]
CHR Extension: (Google Kalender) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-02-18]
CHR Extension: (Tetriz Challenge) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\emidddocikgklceeeifefomdnbkldhng [2016-02-18]
CHR Extension: (Weather Avenue) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdjjeekgglojebicfpgmiaeaadnhfaol [2016-02-18]
CHR Extension: (Google Maps) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-02-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-06]
CHR Extension: (Google Mail) - C:\Users\Georg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-06]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-08-28]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1417592 2016-02-18] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [187456 2009-01-08] (DATA BECKER GmbH & Co KG) [Datei ist nicht signiert]
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [868896 2010-06-11] (Acer Incorporated)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [74752 2011-12-20] (Freemake) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [255744 2010-06-28] (NewTech Infosystems, Inc.)
R2 StarMoney 10 OnlineUpdate; C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe [698176 2015-11-27] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 TwonkyMedia; C:\Program Files (x86)\TwonkyMedia\twonkymediaserverwatchdog.exe [149136 2009-12-17] ()
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\Windows\System32\drivers\athwnx.sys [4207104 2015-06-18] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146704 2016-02-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-03] (Avira Operations GmbH & Co. KG)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2014-01-23] () [Datei ist nicht signiert]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-08-03] (Synaptics Incorporated)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 cpuz134; \??\C:\Users\Georg\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-18 21:54 - 2016-02-18 21:54 - 00000000 ____D C:\FRST
2016-02-18 21:37 - 2016-02-18 21:37 - 00016148 _____ C:\WINDOWS\system32\GEORG-PC_Georg_HistoryPrediction.bin
2016-02-18 11:34 - 2016-02-18 11:35 - 00259584 _____ (OldTimer Tools) C:\Users\Georg\Desktop\OTH.scr
2016-02-18 10:55 - 2016-02-18 10:55 - 00001349 _____ C:\Users\Georg\Desktop\Revo Uninstaller.lnk
2016-02-18 10:55 - 2016-02-18 10:55 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-02-18 10:55 - 2016-02-18 10:55 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-02-17 21:17 - 2016-02-17 21:17 - 00000000 ____D C:\Program Files (x86)\ESET
2016-02-17 21:09 - 2016-02-17 21:09 - 00001832 _____ C:\Users\Georg\Desktop\sc-cleaner.txt
2016-02-17 18:58 - 2016-02-18 18:17 - 00000718 _____ C:\Users\Georg\Desktop\JRT.txt
2016-02-16 22:49 - 2016-02-18 16:02 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-16 22:48 - 2016-02-16 22:48 - 00001183 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-16 22:48 - 2016-02-16 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-16 22:48 - 2016-02-16 22:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-16 22:48 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-16 22:48 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-02-16 22:48 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-16 20:43 - 2016-02-17 08:34 - 00000000 ____D C:\Users\Georg\AppData\Local\Mozilla Thunderbird
2016-02-16 10:44 - 2016-02-16 10:44 - 00002348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-11 19:28 - 2016-02-11 19:28 - 00046802 _____ C:\Users\Georg\Desktop\KasseKontoauszüge.pdf
2016-02-11 18:15 - 2012-07-07 14:30 - 16719726 _____ C:\Users\Georg\Desktop\DATA.ZIP
2016-02-08 14:34 - 2016-02-08 14:34 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-08 14:34 - 2016-02-08 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-08 14:34 - 2016-02-08 14:34 - 00000000 ____D C:\Program Files\WinRAR
2016-02-04 22:29 - 2016-02-04 22:28 - 00007150 _____ C:\Users\Georg\Desktop\SlimLauncher.ini
2016-02-04 19:46 - 2016-02-04 19:46 - 00253832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rapistub.dll
2016-02-04 19:46 - 2016-02-04 19:46 - 00223112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rapistub.dll
2016-02-04 19:46 - 2016-02-04 19:46 - 00123272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rapi.dll
2016-02-04 19:46 - 2016-02-04 19:46 - 00105352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rapi.dll
2016-02-04 19:46 - 2016-02-04 19:46 - 00075144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ceutil.dll
2016-02-04 19:46 - 2016-02-04 19:46 - 00074120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ceutil.dll
2016-02-04 19:46 - 2016-02-04 19:46 - 00053128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmcoinst-070531-0952.dll
2016-02-04 19:46 - 2016-02-04 19:46 - 00040840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcescommproxy.dll
2016-02-04 19:46 - 2016-02-04 19:46 - 00034696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rapiproxystub.dll
2016-02-04 19:46 - 2016-02-04 19:46 - 00024968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcescommproxy.dll
2016-02-04 19:46 - 2016-02-04 19:46 - 00024456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rapiproxystub.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-18 21:12 - 2013-09-29 19:13 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-18 21:12 - 2011-05-07 11:36 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-18 20:19 - 2011-02-23 03:59 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9234E920-4BB5-4697-8748-57895B8AD861}
2016-02-18 18:14 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-18 18:11 - 2011-05-07 11:36 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-18 15:20 - 2014-11-07 13:38 - 00000000 ____D C:\ProgramData\TwonkyMedia
2016-02-18 15:20 - 2014-11-07 13:38 - 00000000 ____D C:\Program Files (x86)\TwonkyMedia
2016-02-18 12:38 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-18 12:37 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-18 09:46 - 2011-01-24 23:43 - 00000000 ____D C:\Users\Georg\AppData\Local\PasswordSafe
2016-02-18 08:44 - 2015-12-15 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-18 08:41 - 2015-12-15 20:07 - 00146704 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-02-18 08:18 - 2011-12-01 20:52 - 00000000 ____D C:\Program Files (x86)\FoxTabMusicConverter
2016-02-17 23:02 - 2015-03-06 23:02 - 00000330 _____ C:\WINDOWS\Tasks\SuperEasy Registry Cleaner_UPDATES.job
2016-02-17 17:04 - 2015-10-14 15:18 - 02078702 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-17 17:04 - 2015-09-10 06:10 - 00885380 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-17 17:04 - 2015-09-10 06:10 - 00196220 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-17 17:04 - 2015-07-30 23:40 - 00000000 ____D C:\WINDOWS\INF
2016-02-17 16:14 - 2015-07-30 23:42 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-17 15:01 - 2015-03-06 23:02 - 00000322 _____ C:\WINDOWS\Tasks\SuperEasy Registry Cleaner_DEFAULT.job
2016-02-17 14:55 - 2014-08-05 08:35 - 00000000 ____D C:\AdwCleaner
2016-02-17 13:08 - 2014-10-09 14:49 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0
2016-02-16 23:49 - 2011-01-23 23:12 - 00000000 ____D C:\Program Files (x86)\Video DVD Maker
2016-02-16 22:29 - 2013-12-09 07:46 - 00000000 ____D C:\Users\Georg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paragon Partition Manager™ 2013 Free
2016-02-16 19:51 - 2015-11-01 17:10 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-16 10:44 - 2011-05-07 11:36 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-16 10:42 - 2015-10-14 15:20 - 00000000 ____D C:\Users\Georg
2016-02-15 23:09 - 2011-04-05 21:46 - 00000000 ____D C:\Users\Georg\AppData\Roaming\MyPhoneExplorer
2016-02-11 19:28 - 2015-12-02 16:22 - 00000000 ____D C:\Program Files (x86)\StarMoney 10
2016-02-09 21:00 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-08 17:20 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-02-08 17:15 - 2011-01-22 10:47 - 00000316 _____ C:\WINDOWS\IfoEdit.INI
2016-02-08 15:38 - 2015-10-21 14:21 - 00000000 ____D C:\Users\Georg\AppData\Local\JDownloader 2.0
2016-02-08 14:35 - 2011-03-13 11:03 - 00000000 ____D C:\Users\Georg\AppData\Roaming\WinRAR
2016-02-04 19:47 - 2011-01-20 20:30 - 00000000 ____D C:\WINDOWS\WindowsMobile
2016-02-03 19:18 - 2013-08-28 19:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-03 19:18 - 2013-08-28 19:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-03 18:35 - 2013-08-15 07:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-03 18:18 - 2015-10-14 15:15 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-03 18:18 - 2011-01-19 15:32 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-03 18:17 - 2013-08-28 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-03 18:07 - 2011-05-07 11:36 - 00004194 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-03 18:07 - 2011-05-07 11:36 - 00003962 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-08-17 18:18 - 2014-08-17 18:18 - 8943063 _____ () C:\Program Files\CopyTransManagerDEv1.005.zip
2015-11-18 12:29 - 2015-11-18 12:17 - 1404928 _____ () C:\Program Files\MidiSheetMusic-2.6.exe
2011-01-12 01:00 - 2011-01-12 01:00 - 0146944 _____ () C:\Program Files (x86)\Common Files\dsfFLACDecoder.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 0221184 _____ () C:\Program Files (x86)\Common Files\dsfFLACEncoder.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 0204800 _____ () C:\Program Files (x86)\Common Files\dsfNativeFLACSource.dll
2012-05-11 13:16 - 2012-05-11 13:16 - 0171520 _____ () C:\Program Files (x86)\Common Files\dsfOggDemux2.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 0240128 _____ () C:\Program Files (x86)\Common Files\dsfVorbisDecoder.dll
2009-07-11 22:08 - 2009-07-11 22:08 - 0001860 _____ () C:\Program Files (x86)\Common Files\Microsoft.VC90.CRT.manifest
2011-04-18 21:51 - 2011-04-18 21:51 - 0569680 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCP90.dll
2011-04-18 21:51 - 2011-04-18 21:51 - 0653136 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCR90.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 0412672 _____ (Google) C:\Program Files (x86)\Common Files\vp8decoder.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 0701440 _____ (Google) C:\Program Files (x86)\Common Files\vp8encoder.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 0302592 _____ (Google) C:\Program Files (x86)\Common Files\webmmux.dll
2010-12-16 20:39 - 2010-12-16 20:39 - 0292352 _____ (Google) C:\Program Files (x86)\Common Files\webmsplit.dll
2011-01-12 01:00 - 2011-01-12 01:00 - 0030208 _____ () C:\Program Files (x86)\Common Files\wmpinfo.dll
2011-10-05 11:27 - 2011-12-03 17:40 - 0000040 _____ () C:\Users\Georg\AppData\Roaming\cdr.ini
2011-01-31 14:15 - 2011-01-31 14:15 - 0000000 _____ () C:\Users\Georg\AppData\Roaming\chrtmp
2015-11-18 19:40 - 2015-11-18 19:47 - 0000605 _____ () C:\Users\Georg\AppData\Roaming\midisheetmusic.config.ini
2011-01-19 21:12 - 2011-01-19 21:12 - 0033134 _____ () C:\Users\Georg\AppData\Roaming\UserTile.png
2013-12-19 11:58 - 2014-08-03 10:58 - 0000201 _____ () C:\Users\Georg\AppData\Roaming\WB.CFG
2014-01-05 22:39 - 2014-01-07 09:57 - 0000005 _____ () C:\Users\Georg\AppData\Roaming\WBPU-TTL.DAT
2011-05-22 17:16 - 2015-09-30 11:54 - 0003584 _____ () C:\Users\Georg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-20 11:51 - 2012-06-20 11:51 - 0004218 _____ () C:\Users\Georg\AppData\Local\recently-used.xbel
2014-11-07 13:38 - 2014-11-07 13:38 - 0000011 _____ () C:\ProgramData\.tv5
2011-03-09 12:40 - 2012-02-26 13:47 - 0000085 ___SH () C:\ProgramData\.zreglib
2015-08-30 15:05 - 2015-08-30 15:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Georg\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-14 15:11
==================== Ende von FRST.txt ============================
--- --- ---
Addition.txt: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-02-2016
durchgeführt von Georg (2016-02-18 21:56:16)
Gestartet von F:\DOWNLOAD\Downloads
Windows 10 Home (X64) (2015-10-14 14:54:31)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2880314696-201436855-2258341818-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2880314696-201436855-2258341818-503 - Limited - Disabled)
Gast (S-1-5-21-2880314696-201436855-2258341818-501 - Limited - Disabled) => C:\Users\Gast
Georg (S-1-5-21-2880314696-201436855-2258341818-1001 - Administrator - Enabled) => C:\Users\Georg
HomeGroupUser$ (S-1-5-21-2880314696-201436855-2258341818-1002 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
AmazingMIDI (HKLM-x32\...\AmazingMIDI) (Version: - )
Amazon Kindle (HKU\S-1-5-21-2880314696-201436855-2258341818-1001\...\Amazon Kindle) (Version: 1.13.1.42052 - Amazon)
Amazon Kindle (HKU\S-1-5-21-2880314696-201436855-2258341818-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Kindle) (Version: 1.13.1.42052 - Amazon)
Amazon Music (HKU\S-1-5-21-2880314696-201436855-2258341818-1001\...\Amazon Amazon Music) (Version: 3.7.0.693 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-2880314696-201436855-2258341818-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Music) (Version: 3.7.0.693 - Amazon Services LLC)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{BAF4695F-7867-D8B2-528A-A1EF2EE0A9EF}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Audiograbber MP3-Plugin (64 bit) (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.141 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.2 - GPL Public release.)
Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Benutzerhandbücher (HKLM-x32\...\Benutzerhandbücher 1.4.1.4) (Version: 1.4.1.4 - Manuels et Notices)
Benutzerhandbücher (x32 Version: 1.4.1.4 - Manuels et Notices) Hidden
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
calibre (HKLM-x32\...\{5AD205E9-E80E-4F4B-88A5-C6B5CC12BBE4}) (Version: 2.48.0 - Kovid Goyal)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version: - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version: - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
capella 7 (HKLM-x32\...\{99CFF112-0AC1-4650-93C1-4C93FFBCF626}) (Version: 7.1.28 - capella software AG)
capella playAlong 3.0 (HKLM-x32\...\{E53699F2-7E51-4616-A4BF-B5237F17A22F}) (Version: 3.0.40 - capella software)
ccc-core-static (x32 Version: 2010.0825.2205.37769 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cuttermaran 1.70 (HKLM-x32\...\{5F499D33-546A-442B-B0F9-4C58F3B5B6E3}) (Version: 1.7.0 - toarnold)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVR Converter 3.0 (HKLM-x32\...\{B0897D06-68ED-4EB2-0001-2F36270D8621}) (Version: 3.0.12.1129 - Engelmann Media GmbH)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.20140326 - Landesfinanzdirektion Thüringen)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FotoUP_bisabi.de (HKLM-x32\...\FotoUpBisabi) (Version: 3.1.836 - Q4 media AG)
FotoUP_bisabi.de (x32 Version: 3.1.836 - Q4 media AG) Hidden
Free CD to MP3 Converter (HKLM-x32\...\Free CD to MP3 Converter) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GUI for dvdauthor 1.07 (HKLM-x32\...\GUI for dvdauthor) (Version: 1.07 - Boraxsoft)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Haufe iDesk-Browser (HKLM-x32\...\{0F32914F-A633-4516-B531-7084C8F19F93}) (Version: 10.10.14.0000 - Haufe-Lexware GmbH & Co. KG)
Haufe iDesk-Service (HKLM-x32\...\{27F10580-E040-11DF-8C28-005056B12123}) (Version: 10.10.25.7810 - Haufe)
Helix YUV Codecs (remove only) (HKLM-x32\...\HelixYUVCodecs) (Version: - )
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Packard Bell)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.0.0 - LIGHTNING UK!)
Impro-Visor 6.0 (HKLM-x32\...\6140-2535-4985-4395) (Version: 6.0 - Robert Keller)
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)
Java 7 Update 80 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Joulemeter (HKLM-x32\...\{E043568C-1745-4C69-9D52-43F6E79EB03B}) (Version: 1.2.0 - Microsoft Research)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Konz 2012 (HKLM-x32\...\InstallShield_{1D33BCF7-B5B6-4148-B888-9CC2EC208556}) (Version: 1.00.0000 - USM)
Konz 2012 (x32 Version: 1.00.0000 - USM) Hidden
Konz 2013 (HKLM-x32\...\InstallShield_{76651FD7-2B71-4B61-9F3A-E82F52F08D92}) (Version: 1.00.0000 - USM)
Konz 2013 (x32 Version: 1.00.0000 - USM) Hidden
KONZ-Steuer-2014 (HKLM-x32\...\InstallShield_{20F1078B-E3B6-4DA1-9570-003DE110890A}) (Version: 1.00.0000 - USM)
KONZ-Steuer-2014 (x32 Version: 1.00.0000 - USM) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - Packard Bell)
Lexware Info Service (HKLM-x32\...\{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}) (Version: 2.70.00.0081 - Haufe-Lexware GmbH & Co.KG)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 (HKLM-x32\...\EXCEL) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MKVToolNix 6.9.1 (32bit) (HKLM-x32\...\MKVToolNix) (Version: 6.9.1 - Moritz Bunkus)
MotoHelper MergeModules (x32 Version: 1.0.0 - Motorola) Hidden
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.4.0 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
Mozilla Thunderbird 38.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.4.0 (x86 de)) (Version: 38.4.0 - Mozilla)
Mp3tag v2.49a (HKLM-x32\...\Mp3tag) (Version: v2.49a - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyHarmony (HKU\S-1-5-21-2880314696-201436855-2258341818-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
MyHarmony (HKU\S-1-5-21-2880314696-201436855-2258341818-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.7 - F.J. Wechselberger)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
Nero 9 Essentials (HKLM-x32\...\{c501e4e7-4c77-46aa-8cc5-173e31f062eb}) (Version: - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.2 - )
OpenOffice.org 3.2 (HKLM-x32\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.1.3 - WildTangent)
Packard Bell InfoCentre (HKLM-x32\...\Packard Bell InfoCentre) (Version: 3.02.3000 - Packard Bell)
Packard Bell MyBackup (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.03.3003 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0806.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 1.0.1901 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 1.0.1901 - CyberLink Corp.) Hidden
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Paragon Partition Manager™ 2013 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Password Safe (HKLM-x32\...\Password Safe) (Version: - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Philips Songbird (HKLM-x32\...\Philips Songbird) (Version: 2.5.4 (Build: 5.4.1980; Revision: 640) - Koninklijke Philips Electronics N.V.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: - )
PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.0.1.0 - Prolific)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PrintKey2000 (HKLM-x32\...\PrintKey2000) (Version: - )
ProjectX 0.90 (HKLM-x32\...\ProjectX_0) (Version: - )
Protect Disc License Helper 1.0.118 (HKLM-x32\...\Protect Disc License Helper) (Version: 1.0.118 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Python 2.3.2 (HKLM-x32\...\Python 2.3.2) (Version: 2.3.2 - PythonLabs at Zope Corporation)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SDFormatter (HKLM-x32\...\{15EB20D6-5F13-41D0-BEF9-C9C44D6AC620}) (Version: 3.0.0 - SD Association)
SIM MAX (HKLM-x32\...\{DAC0B889-5359-4FDC-893A-2B8EF6B71B6F}) (Version: 1.00.0000 - SIM MAX)
SIMCardReaderPro (HKLM-x32\...\{5FF6DDD0-72CD-4915-9515-BF2C7CAF1F5D}) (Version: 1.0.0 - Moai)
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.101 - Skype Technologies S.A.)
SonyEditor (remove only) (HKLM-x32\...\SonyEditor) (Version: - )
StarMoney (x32 Version: 4.0.4.16 - StarFinanz) Hidden
StarMoney (x32 Version: 5.0.0.226 - StarFinanz) Hidden
StarMoney 10 (HKLM-x32\...\{D16B1C61-28D2-40BE-A2C1-00E910DCD8C0}) (Version: 10 - Star Finanz GmbH)
StarMoney 9.0 (HKLM-x32\...\{CAB3125D-1198-4BFD-9C14-34B04D9447CB}) (Version: 9.0 - Star Finanz GmbH)
Steuer 2010 (HKLM-x32\...\{4B526075-AF27-47A2-860D-3DA92928A051}) (Version: 17.05.00.0003 - Haufe-Lexware GmbH & Co.KG)
Steuer 2011 (HKLM-x32\...\{4785CED6-73B3-45FA-AFE6-EDEDFDE67842}) (Version: 19.00.7304 - Buhl Data Service GmbH)
Steuer 2012 (HKU\S-1-5-21-2880314696-201436855-2258341818-1001\...\{01159E8A-44F7-4885-A7F9-872CE4D74063}) (Version: 20.00.8137 - Buhl Data Service GmbH)
Steuer 2012 (HKU\S-1-5-21-2880314696-201436855-2258341818-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{01159E8A-44F7-4885-A7F9-872CE4D74063}) (Version: 20.00.8137 - Buhl Data Service GmbH)
Steuer 2013 (HKU\S-1-5-21-2880314696-201436855-2258341818-1001\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Steuer 2013 (HKU\S-1-5-21-2880314696-201436855-2258341818-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Steuer 2014 (HKLM-x32\...\{2EE860C7-4551-479F-AF01-328B8AA46051}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Steuer-Hilfesammlung 2010 (HKLM-x32\...\{3BEFC315-7F74-4F71-B704-2CAF4DC046BB}) (Version: 17.10.0.0 - Haufe-Lexware GmbH & Co. KG)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TSDoctor (HKLM-x32\...\{849CD068-032E-4BB8-8FD1-BEE8557E908B}) (Version: 1.2.171 - Cypheros)
TwonkyMedia Manager (HKLM-x32\...\TwonkyMedia Manager) (Version: 1.3.0.101 - )
TwonkyMedia Windows Components (HKLM-x32\...\{7CC673E7-5271-409D-B196-BB76DA60300B}) (Version: 1.0.0 - PacketVideo)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_EXCEL_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_WORD_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Video DVD Maker v3.32.0.80 (HKLM-x32\...\{1A3E23D7-7A1E-43EC-B35D-EB2A31BED943}) (Version: - )
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3004 - Packard Bell)
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.7.7 - Shark007)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2880314696-201436855-2258341818-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Georg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05C75EC1-B316-4A2F-ABEA-B8823C1ECF22} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {06EB0E75-D530-4544-AEA6-09D2A7E7548B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {070199F1-D7D8-4CEA-89A6-C0CB33A9EEBD} - System32\Tasks\{1FBFE7CF-23A7-4472-B87F-468DF9AF75B6} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.179.370&LastError=404
Task: {0CA12085-DAAC-4D96-8122-3009A20679A9} - System32\Tasks\{7340D1F3-776D-42CF-96F3-B04DEB2E8E90} => pcalua.exe -a H:\Downloads\Kcal-View_Setup.exe -d H:\Downloads
Task: {129E9816-C4C1-4F29-A27A-FFCD000A5F51} - System32\Tasks\SuperEasy Registry Cleaner => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {17B721C1-76D9-4C02-BD2B-0FAFE74AFEEB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {1C23588E-C55B-4BC0-BF7F-D28FDCBD0B4C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {2BD2153C-C59F-4F96-998E-40386B926056} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {2CE9052D-CAB7-4B6E-B06E-4C91D4A08834} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {2E88DC43-06EC-4409-8B89-0252881463CA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {312A730C-4F52-40EE-9FEA-2D640BD8573E} - System32\Tasks\SafeZone scheduled Autoupdate 1449158355 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {37CBAF05-7F60-4AC6-B566-C46BCE5398CF} - System32\Tasks\{1C54FD56-6ED5-438F-9AAC-9EE7109EC607} => pcalua.exe -a C:\Users\Georg\AppData\Local\Babylon\Setup\Setup.exe -d C:\Users\Georg\AppData\Local\Babylon\Setup\ -c "C:\Users\Georg\AppData\Local\Temp\68289EA7-BAB0-7891-AE17-9E8BF8B4FF7C\Setup.exe" /mhp /mds /babTrack="affID=100478" /instlref=sst /srcExt=ss /babExt=babExt /rvrt /rt /aflt=babsst /mnt /S /tbGen="/tlbrid=tb9" -rc
Task: {39450F18-0FA2-4F7F-871E-0252583C9503} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3C29E0E5-60E8-4BF4-82D6-E936A152239A} - System32\Tasks\SuperEasy Registry Cleaner_UPDATES => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {443375BC-219B-4705-A94F-2F40EE9769AE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {46D3A17F-8CD3-49A2-AD9B-719A24CEF377} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {49BC855B-2A47-44B4-A70C-75D07A328BE0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {50ABDB1C-C637-4520-9F78-27DEFDD99CE6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {56883300-F271-43F8-8DB2-87929601635A} - System32\Tasks\avastBCLRestartS-1-5-21-2880314696-201436855-2258341818-1001 => Chrome.exe
Task: {601E2B5F-F9DA-405A-8D84-10234F531081} - System32\Tasks\Amazon Music Helper => C:\Users\Georg\AppData\Local\Amazon Music\Amazon Music Helper.exe [2014-11-19] ()
Task: {63CCAA5E-16D4-4400-B34C-2EF168F927A1} - System32\Tasks\{C5D85F3A-59E4-4A4A-A574-AD1878D05D8F} => pcalua.exe -a "C:\Program Files (x86)\MediaPlayerplus\Uninstall.exe" -c /fcp=1
Task: {65028FBB-9852-401E-8F34-77D9975BC4EE} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {698FA2D5-B924-4C7F-AAD4-648650E31D72} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {6BB54127-12A9-459D-BD19-A5D202B27984} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {70668974-CAF0-4E47-BDE0-0B69235F25F7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7418E3B7-4DA0-40A6-A937-D95E009127B2} - System32\Tasks\SuperEasy Registry Cleaner_DEFAULT => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {774D05BA-545C-4E78-8D92-C5A9EBAF17AB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {7B7011B7-C704-463F-9FA4-ADD225616A5B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {80DAC560-BAFE-4534-AF99-7D7B102794D3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {8253B562-E1B1-4653-94E0-A32A41B12C32} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {870B7E35-09F1-4C4A-958C-A15E4DFBA84A} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {90F2908B-A3E2-4DDD-983F-96D0454EC870} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {937330A4-4ED3-451B-B021-C847D0B6DFA0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {9E8346EC-EE2E-4951-AEE7-777FF5127BDB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {9F5242B7-1813-4F14-97B9-780F24B1A566} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {A20AD1D9-114C-4FF8-8227-224A3FEDABF2} - \ProPCCleaner_Start -> Keine Datei <==== ACHTUNG
Task: {A2EFC8B5-1A80-4721-B649-B19815AA8B25} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-03] (Microsoft Corporation)
Task: {A7BF7BC7-38EF-4274-80BC-6002DF9694E8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {AEEE5FE3-21D3-40C1-B20B-E564B2669880} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {B215CBEC-309E-4D3A-9C15-636A391F5AF1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {CAFB4A07-20EB-4DEC-A9F0-6DFB0ACE2255} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {CBDF2A7A-2F5C-4351-996D-7B5A9858A929} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CC84C425-F064-4D7D-AF7E-084A742B40E5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {CF91EBFB-9E31-4DF4-AB46-F8893B2799FB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {D08101F8-C196-44F0-B5C3-62D862CA310F} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {D2F0C37F-8D73-44A4-A5DB-8DF244548D98} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {D7151E88-528E-4ECE-9A46-F059A165F8D9} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {DD80A145-42CC-4202-8247-CCB7B8902AF7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {DEF15E53-3D06-430A-BE46-AF9E6D8EC060} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {E1BA2A56-4B87-4843-A2B7-635C4FD69A21} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe
Task: {E25CFD3C-F080-43FA-A0D1-31AB909D6E44} - \ProPCCleaner_Popup -> Keine Datei <==== ACHTUNG
Task: {E43E1C28-32B6-43A8-AF33-14E1CD1CF7A7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {E75A56AB-0903-4D7D-97E2-CFCA5EC0A1F6} - System32\Tasks\{5EEA4207-D29C-4874-A4D3-5489365AB38A} => pcalua.exe -a H:\Downloads\jxpiinstall.exe -d H:\Downloads
Task: {EF5EFBDA-E593-45EA-9B58-030784F8C7E7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {F00CF127-9A50-462A-BA2B-16FF031FF82A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {F27CD9F6-710A-422E-A84B-B716C641DD8F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {FA143B45-96C0-4B6C-ADD7-135D95A96522} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {FF2E6A7A-7416-4517-AF5A-9C06B6F84E79} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SuperEasy Registry Cleaner_DEFAULT.job => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: C:\WINDOWS\Tasks\SuperEasy Registry Cleaner_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-09-10 06:12 - 2015-09-10 06:12 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2013-01-21 14:31 - 2005-03-12 00:07 - 00087040 _____ () C:\WINDOWS\System32\pdfcmnnt.dll
2015-09-10 06:12 - 2015-09-10 06:12 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2009-12-17 13:25 - 2009-12-17 13:25 - 00149136 _____ () C:\Program Files (x86)\TwonkyMedia\twonkymediaserverwatchdog.exe
2009-12-17 13:25 - 2009-12-17 13:25 - 01148560 _____ () C:\Program Files (x86)\TwonkyMedia\TwonkyMediaServer.exe
2015-10-14 15:58 - 2015-10-14 15:58 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-14 15:58 - 2015-10-14 15:58 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-11-27 10:51 - 2015-11-26 09:54 - 00873072 _____ () C:\Users\Georg\AppData\Local\Microsoft\Windows\INetCookies\x64explassist.dll
2015-12-08 20:25 - 2015-12-08 20:25 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-12-08 21:56 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-08 21:55 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-08 21:56 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-14 15:58 - 2015-10-14 15:58 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 04:13 - 2015-09-10 06:12 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-10-14 15:58 - 2015-10-14 15:58 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 04:13 - 2015-07-10 04:13 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-06-28 23:20 - 2010-06-28 23:20 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\sqlite3.dll
2010-06-28 23:12 - 2010-06-28 23:12 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\ACE.dll
2014-10-09 14:53 - 2011-01-13 09:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2015-12-02 16:27 - 2011-01-13 11:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 10\ouservice\PATCHW32.dll
2009-12-17 13:07 - 2009-12-17 13:07 - 00139264 _____ () C:\Program Files (x86)\TwonkyMedia\wmdrmdll.dll
2010-09-13 08:57 - 2010-04-13 17:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:AD022376
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2880314696-201436855-2258341818-1001\...\google.com -> hxxps://www.google.com
IE trusted site: HKU\S-1-5-21-2880314696-201436855-2258341818-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\google.com -> hxxps://www.google.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2880314696-201436855-2258341818-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-2880314696-201436855-2258341818-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-2880314696-201436855-2258341818-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\PackardBell01.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^Users^Georg^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Password Safe.lnk => C:\Windows\pss\Password Safe.lnk.Startup
MSCONFIG\startupreg: Amazon Music => "C:\Users\Georg\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
HKLM\...\StartupApproved\StartupFolder: => "Mozilla Thunderbird.lnk"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{809A26CE-5A6D-49E1-AE5B-58476E331305}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{CECBAF39-8206-46AD-BB3C-78838F337791}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{7DFE7C7B-1E45-4CAC-8B6B-277C1E5883EE}] => (Allow) C:\Program Files (x86)\Cypheros\TSDoctor\TSDoctor.exe
FirewallRules: [UDP Query User{A4C41928-232D-41E4-BE78-C507D48B8525}C:\program files (x86)\twonkymedia\mediamanager\twonkymediamanager.exe] => (Block) C:\program files (x86)\twonkymedia\mediamanager\twonkymediamanager.exe
FirewallRules: [TCP Query User{FAA88610-7305-41FA-B220-E9DA87A13B15}C:\program files (x86)\twonkymedia\mediamanager\twonkymediamanager.exe] => (Block) C:\program files (x86)\twonkymedia\mediamanager\twonkymediamanager.exe
FirewallRules: [UDP Query User{F52F0081-F32B-46B5-874E-01DD17D50E3A}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{5FDD03E0-2E99-4E29-A911-070890BCFFBF}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{729051B6-4E5C-452F-9AFA-975809C6959F}] => (Allow) C:\Program Files (x86)\TwonkyMedia\MediaManager\TwonkyMediaManager.exe
FirewallRules: [{AAE8323D-389C-4C9A-8B98-9EAEA13B509A}] => (Allow) C:\Program Files (x86)\TwonkyMedia\MediaManager\TwonkyMediaManager.exe
FirewallRules: [{6ED1AEFA-F22B-4220-8F4A-01AD765B1D50}] => (Allow) C:\Program Files (x86)\TwonkyMedia\twonkymediaserver.exe
FirewallRules: [{B9ECF1BE-8402-4B27-B48A-40B3AB13684E}] => (Allow) C:\Program Files (x86)\TwonkyMedia\twonkymediaserver.exe
FirewallRules: [{2F4B936B-F0F9-477F-B4C8-DE3E2B200F63}] => (Allow) C:\Program Files (x86)\TwonkyMedia\twonkymediaserverwatchdog.exe
FirewallRules: [{F3F15527-AD87-481A-8AE9-23CDC8E41C7F}] => (Allow) C:\Program Files (x86)\TwonkyMedia\twonkymediaserverwatchdog.exe
FirewallRules: [{2BD5523F-3303-473A-AB41-C99319B014C6}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\app\StarMoney.exe
FirewallRules: [{D4CF5307-E064-488F-90A4-51703D0A8E20}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\app\StarMoney.exe
FirewallRules: [{44BFBB2E-3628-406D-81B2-2D4BBC6DB358}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{1C81B03C-FC96-4BC8-896A-621C861CA18C}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [UDP Query User{99AD166C-1234-46FF-B4A8-889F6229A24A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{B61AC38A-CDE2-41FD-B72D-E360C9658BAD}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{BFE22C01-5EBC-4266-9FBD-112EF5B97C83}] => (Block) D:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [{E52FDEEF-38C8-4C30-9E57-037117C7716F}] => (Block) D:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [UDP Query User{A9C44E47-D2A0-45C4-A9E9-0308B5038106}D:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) D:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [TCP Query User{F56436C1-6A8A-4F90-9942-3C3E9721E60D}D:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) D:\easysetupassistant\wr841n\easysetupassistant.exe
FirewallRules: [{A4AEF2A2-9AE2-4884-B7D5-9B2798378F6C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B31BF287-5B1C-4902-B1A4-0E343C2522B1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{694246A4-698E-44CE-A7A1-BAA85326235C}] => (Allow) C:\bb\BBHelper\BandinaBoxServer.exe
FirewallRules: [{FC824F10-24CC-4428-89C4-CCE4DF27955C}] => (Allow) C:\bb\BBHelper\BandinaBoxServer.exe
FirewallRules: [UDP Query User{ECADAA37-C843-4D7A-9C40-6E076D3C5A2A}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{E123A9F3-2A5A-432C-88A9-5165AFAE3D7C}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{2C64688B-64D4-40DE-BE52-F86C2BE1A1D8}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [TCP Query User{773531FC-F299-43A0-A058-146FEB560F3C}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [UDP Query User{8EACDDE8-6F37-4D56-AC34-D0B4E0F50FB7}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [TCP Query User{483FD868-4C3E-456E-A0BF-B17D3F3D54A8}C:\program files (x86)\mozilla thunderbird\thunderbird.exe] => (Allow) C:\program files (x86)\mozilla thunderbird\thunderbird.exe
FirewallRules: [{66AF9B46-53C8-48D1-9356-C268D8550847}] => (Allow) LPort=26675
FirewallRules: [{783E6A47-87BC-4DBD-B56B-4FAAE99B2F28}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{74B7D60E-A50F-459E-BA0F-8A34BE29AC3F}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{FAA957D8-F80F-42FD-9C76-69BBB51B24D8}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{9C7248DC-F757-4BA7-83FC-3CA4F20E4825}] => (Allow) LPort=1900
FirewallRules: [{355FC6D4-29A3-4EB1-98CD-8C60189EACE0}] => (Allow) LPort=2869
FirewallRules: [{49A6A459-2D18-4CEA-9A50-6386DDED533F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{ABE677E5-8AD5-4FE0-9BCD-85C28A92B7A9}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{C17C56F5-02A8-44E0-A20B-B6702D62430F}] => (Allow) svchost.exe
FirewallRules: [{3852BD01-F2ED-472D-8D36-A57EAF87AB36}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{29A46067-5EB4-4364-AF40-01CF77D9D9F8}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{615B111F-51FE-4537-99ED-77DDE610A17F}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [TCP Query User{E54960B1-C3AA-4D0D-9B87-9C2061D08571}C:\users\georg\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\georg\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [UDP Query User{E8059891-FA06-4513-A72B-98A3F5838684}C:\users\georg\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\georg\appdata\local\jdownloader 2.0\jdownloader2.exe
FirewallRules: [{E83E7A12-D3A1-4A6A-B44F-F909A3663D90}] => (Allow) C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{39F41E49-6A52-44DE-9B6B-6DAA0213078B}] => (Allow) C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{73BECDE8-AACF-4AF7-B436-4ABE7CBC9108}] => (Allow) C:\Program Files (x86)\StarMoney 10\app\StarMoney.exe
FirewallRules: [{7814523B-E22A-452A-B29B-389A7A8EB512}] => (Allow) C:\Program Files (x86)\StarMoney 10\app\StarMoney.exe
FirewallRules: [{50827594-B93F-4179-9FB9-9DDFACB786BE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{25230CAD-993E-42E0-A482-8E1E32DC8580}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{13751F4E-4604-486C-B5C1-6C5A2B8F4463}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{ED3E1E1F-3A20-46F8-828B-07309E73B3C7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
14-10-2015 20:22:27 Windows Update
14-10-2015 20:23:32 Windows Update
21-10-2015 15:53:25 Windows Modules Installer
20-11-2015 23:02:18 Installed calibre
27-11-2015 09:15:05 Windows Update
27-11-2015 09:16:01 Windows Update
02-12-2015 16:19:58 Installiert StarMoney
03-12-2015 17:15:16 ASU_MSI_TRAN
06-12-2015 16:21:36 Removed Samsung Kies
15-12-2015 19:58:59 Windows Update
15-12-2015 20:14:09 Avira System Speedup 2.0.7
22-12-2015 20:19:29 Installed 7-Zip 9.20 (x64 edition)
06-01-2016 10:04:02 Installed calibre
03-02-2016 18:12:25 Windows Update
03-02-2016 18:13:14 Windows Update
10-02-2016 16:55:27 Installed calibre
17-02-2016 18:54:28 JRT Pre-Junkware Removal
17-02-2016 19:04:03 JRT Pre-Junkware Removal
18-02-2016 18:13:02 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/18/2016 06:21:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
Error: (02/18/2016 06:15:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Georg-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/18/2016 06:13:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (02/18/2016 06:08:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
Error: (02/18/2016 10:55:25 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
Error: (02/18/2016 10:54:10 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
Error: (02/17/2016 09:17:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
Error: (02/17/2016 09:17:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
Error: (02/17/2016 08:44:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Georg-PC)
Description: Das Paket „Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (02/17/2016 07:04:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (02/18/2016 09:41:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (02/18/2016 09:41:11 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Georg\AppData\Local\Temp\ehdrv.sys
Error: (02/18/2016 09:41:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (02/18/2016 09:41:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Georg\AppData\Local\Temp\ehdrv.sys
Error: (02/18/2016 09:41:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (02/18/2016 09:41:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Georg\AppData\Local\Temp\ehdrv.sys
Error: (02/18/2016 09:41:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (02/18/2016 09:41:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Georg\AppData\Local\Temp\ehdrv.sys
Error: (02/18/2016 09:41:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (02/18/2016 09:41:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Georg\AppData\Local\Temp\ehdrv.sys
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 3958.71 MB
Verfügbarer physikalischer RAM: 2105.34 MB
Summe virtueller Speicher: 11958.71 MB
Verfügbarer virtueller Speicher: 10141.39 MB
==================== Laufwerke ================================
Drive c: (Packard Bell) (Fixed) (Total:226.88 GB) (Free:81.94 GB) NTFS
Drive e: (Eigene) (Fixed) (Total:146.76 GB) (Free:46.5 GB) NTFS
Drive f: (DownRecord) (Fixed) (Total:79.02 GB) (Free:35.02 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4B8EBCD7)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=226.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=225.8 GB) - (Type=OF Extended)
==================== Ende von Addition.txt ============================
Gruß
altkanonist
Habe zusätzlich noch festgestellt:
Wenn der PC nicht neu gebootet wurde, kommt bei Google Chrome yessearches als Startseite und Suchmaschine ohne dass es in den Einstellungen steht. Dort steht dann noch "..google.."
Wird der PC neu gebootet kommt bei Google Chrome yessearches als Startseite und Suchmaschine und in den Einstellungen hat sich auch selbständig Startseite und Suchmaschine in yessearches geändert.
Ab und zu geschieht dieses yessearches-Einnisten mit Verzögerung. Manchmal kommt beim ersten Öffnen von Google Chrom nach dem Booten erst für einige Sekunden die richtige Google-Seite als Startseite, dann wird der Bildschirm kurz schwarz, und dann kommt yessearches als Startseite.
Gruß
altkanonist |
FRST 32-Bit | FRST 64-Bit
Tritt das Problem immer noch auf? 