Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-09-2019 durchgeführt von Aniusa (Administrator) auf ANIUSA-TOSH (TOSHIBA Satellite L500D) (16-09-2019 18:18:04) Gestartet von C:\Users\Aniusa\Downloads Geladene Profile: Aniusa (Verfügbare Profile: Aniusa & Natalie ^^) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Safe Mode (minimal) Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: G - G:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {324a1dc0-eaab-11e0-8851-705ab6b8115a} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {3d5957d5-ad6c-11e4-85f7-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {3d5957e4-ad6c-11e4-85f7-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {531fdd0e-b3bb-11e6-87b5-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {5ac2a4ef-dd5f-11e0-87d8-705ab6b8115a} - G:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {5ac2a4f1-dd5f-11e0-87d8-705ab6b8115a} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {619b20b0-17fd-11e5-9ec7-705ab6b8115a} - F:\startme.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {6f990a8c-4ddb-11e6-9b2c-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {6f990a99-4ddb-11e6-9b2c-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {8ae897f3-e099-11e0-a114-705ab6b8115a} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {8ae897fc-e099-11e0-a114-705ab6b8115a} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {8ae898ca-e099-11e0-a114-705ab6b8115a} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {8ae898cc-e099-11e0-a114-705ab6b8115a} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {8ae899cf-e099-11e0-a114-705ab6b8115a} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {96732ce9-df5a-11e0-bc90-705ab6b8115a} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {c31b0b32-d16e-11e0-aada-705ab6b8115a} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {c31b0b3c-d16e-11e0-aada-705ab6b8115a} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {daa240b1-c7d3-11e0-a95e-705ab6b8115a} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {daa240b7-c7d3-11e0-a95e-705ab6b8115a} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {daa24165-c7d3-11e0-a95e-705ab6b8115a} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {e00a5e80-fa6c-11e5-80d9-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {e00a5e8a-fa6c-11e5-80d9-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {e00a5e93-fa6c-11e5-80d9-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {e00a5e9b-fa6c-11e5-80d9-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {e00a5ea4-fa6c-11e5-80d9-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {e00a5eae-fa6c-11e5-80d9-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {e00a5eb6-fa6c-11e5-80d9-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {e00a5ec0-fa6c-11e5-80d9-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed295f96-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed295f9e-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed295fac-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed295fb6-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed295fbf-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed295fc8-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed295fd1-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed295fda-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed295ff4-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed295ffd-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296005-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29600e-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296017-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296020-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296029-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296033-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29603b-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29603f-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296048-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296050-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296059-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296063-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29606b-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296087-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296090-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296099-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2960a1-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2960a9-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2960bc-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2960c5-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2960cd-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2960d6-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2960df-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2960e8-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2960f1-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2960fa-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296103-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296117-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296120-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296129-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296132-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29613b-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296143-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29614f-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296157-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296161-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29616a-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296174-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29617d-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296187-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29618f-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296198-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2961a1-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2961ab-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2961b0-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2961b9-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2961c3-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2961d2-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2961dd-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2961e8-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2961f1-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2961fd-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296208-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296211-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296222-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296229-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296233-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29623c-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296245-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29624f-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296258-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296274-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29627c-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296285-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29628e-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296298-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2962a0-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2962a9-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2962b3-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2962bb-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2962c5-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2962ce-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2962d6-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2962df-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2962e8-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2962fc-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296305-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29630f-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296318-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296323-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29632b-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29632e-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296337-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296341-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29634a-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29635d-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296366-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296370-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296379-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296381-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29638a-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed296393-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed29639d-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2963a6-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2963ae-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2963b7-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2963c0-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2963c9-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2963d2-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2963db-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2963e5-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2963ed-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2963f7-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {ed2963ff-fa88-11e5-b3b4-705ab6b8115a} - F:\AutoRun.exe HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {f0b2df5c-d934-11e0-a1d7-705ab6b8115a} - G:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {f657650f-d7e5-11e0-96fc-705ab6b8115a} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {f6576511-d7e5-11e0-96fc-705ab6b8115a} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {f99009d1-d263-11e0-b5f5-705ab6b8115a} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-1151800961-513661116-123877646-1000\...\MountPoints2: {f99009d3-d263-11e0-b5f5-705ab6b8115a} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-14] (Microsoft Windows -> Intel Corporation) HKLM\Software\...\AppCompatFlags\Custom\chrome.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> HKLM\Software\...\AppCompatFlags\Custom\explorer.zza: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.75\Installer\chrmstp.exe [2019-09-14] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\...\Authentication\Credential Providers: [{B65F237C-AAFF-4df7-8872-91B65663E41F}] -> C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll [2009-07-29] (TOSHIBA Corporation) [Datei ist nicht signiert] Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-09-11] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION -> TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-09-11] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION -> TOSHIBA Europe) Startup: C:\Users\Natalie ^^\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2019-09-09] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION -> TOSHIBA Europe) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {036AF967-2E16-4CF0-819B-B94FBABA8EB4} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {18AA2D1F-1D77-491A-B3EB-1EC2470C547A} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe Task: {2A2CDD7C-162E-4688-980C-ACD7921B6F2D} - System32\Tasks\{EED4BAA9-3B15-40B0-AEE4-8E4F8F47B384} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.10.0.116.280&LastError=-3 Task: {3171AE1A-1935-4654-A7BA-B10F6E0C56B7} - System32\Tasks\Driver Booster SkipUAC (Aniusa) => C:\Program Files (x86)\IObit\Driver Booster\6.6.0\DriverBooster.exe [7607568 2019-08-14] (IObit Information Technology -> IObit) Task: {32C3912E-2331-4CC4-8170-CF6C0FA577BF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [4796696 2014-08-21] (Piriform Ltd -> Piriform Ltd) Task: {4ADBCD01-8C1C-44D3-8022-A9628423C14F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1151800961-513661116-123877646-1000Core => C:\Users\Aniusa\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-23] (Facebook, Inc. -> Facebook Inc.) Task: {51C821FD-F4E5-4164-9093-675031545CC9} - System32\Tasks\{E613BAC7-512F-40DB-92D5-3B6979409945} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.10.0.116.280&LastError=12002 Task: {5571F7D2-386F-4778-83E5-2B43D28A67DE} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1151800961-513661116-123877646-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {67D41349-06A6-4BC2-95C7-F66610E1BE47} - System32\Tasks\Uninstaller_SkipUac_Aniusa => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe Task: {819250E8-BE55-49AB-A8CA-A5951CB4494C} - System32\Tasks\{E2B881AB-A410-4B2D-B2EE-5BD27AFADE1F} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.10.0.116.280&LastError=12007 Task: {8545E815-D78E-4ECB-B2E4-CB7A90435E33} - System32\Tasks\{CFE5DBF3-F548-4C54-AC0D-65BF7FB2B38C} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.10.0.116.280&LastError=-3 Task: {917EC746-2F5D-4E16-81C7-B59FDC43117A} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\6.6.0\Scheduler.exe [149776 2019-08-14] (IObit Information Technology -> IObit) Task: {96090332-27A4-42AD-AAFD-E8DE665AD050} - System32\Tasks\{CADEFCEF-AA50-41FA-8CFA-CFD4E7AB104B} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.10.0.116.280&LastError=-3 Task: {A300B45E-E442-4F81-A9BC-E7B119520C43} - System32\Tasks\ASC8_SkipUac_Aniusa => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe Task: {BC88558C-FD97-43A5-8547-6C8B00D8FD0C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268464 2015-05-08] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {D0141240-17E3-4239-A21A-202C070A727C} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe Task: {E12E4F9E-89F6-4240-BFC6-D54ED084F101} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1151800961-513661116-123877646-1000UA => C:\Users\Aniusa\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-23] (Facebook, Inc. -> Facebook Inc.) Task: {EA800907-0BC5-44CB-A7A3-99F4B2B4E872} - System32\Tasks\{DC7FC340-65AE-46F3-A3E8-D1AB09D0177D} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.10.0.116.280&LastError=12007 Task: {EF65E2E0-BC26-4546-8661-488D5F31745E} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe Task: {FB225FF3-00C7-483D-AD86-F96644FF735B} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Aniusa\Downloads\adwcleaner_7.4.1.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1151800961-513661116-123877646-1000Core.job => C:\Users\Aniusa\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1151800961-513661116-123877646-1000UA.job => C:\Users\Aniusa\AppData\Local\Facebook\Update\FacebookUpdate.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{80D55B03-17E0-4DAB-8049-589AA1748258}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{86B90010-C0F8-48AD-AD1A-516C018065AA}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{92AA8595-DA5A-4C3E-9A76-E623A1B0D4A6}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-1151800961-513661116-123877646-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms} HKU\S-1-5-21-1151800961-513661116-123877646-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.pl/ SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-1151800961-513661116-123877646-1000 -> {szukaj.gazeta.pl} URL = hxxp://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-26] (Oracle America, Inc. -> Oracle Corporation) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.) [Datei ist nicht signiert] BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-26] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-05] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-05] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.) [Datei ist nicht signiert] DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab FireFox: ======== FF DefaultProfile: cj6y7eek.default FF ProfilePath: C:\Users\Aniusa\AppData\Roaming\Mozilla\Firefox\Profiles\cj6y7eek.default [2019-09-15] FF user.js: detected! => C:\Users\Aniusa\AppData\Roaming\Mozilla\Firefox\Profiles\cj6y7eek.default\user.js [2015-04-23] FF Homepage: Mozilla\Firefox\Profiles\cj6y7eek.default -> hxxps://www.google.pl/?gws_rd=ssl FF NewTab: Mozilla\Firefox\Profiles\cj6y7eek.default -> hxxps://safesearch.avira.com/#?source=newtab FF Extension: (ADB Helper) - C:\Users\Aniusa\AppData\Roaming\Mozilla\Firefox\Profiles\cj6y7eek.default\Extensions\adbhelper@mozilla.org.xpi [2019-09-11] [Legacy] FF Extension: (uBlock Origin) - C:\Users\Aniusa\AppData\Roaming\Mozilla\Firefox\Profiles\cj6y7eek.default\Extensions\uBlock0@raymondhill.net.xpi [2017-04-21] [Legacy] FF Extension: (Adblock Plus) - C:\Users\Aniusa\AppData\Roaming\Mozilla\Firefox\Profiles\cj6y7eek.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-04-21] [Legacy] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-05-08] (Adobe Systems Incorporated -> ) FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-26] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-26] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-08] (Adobe Systems Incorporated -> ) FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-05] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-05] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corporation -> Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-09-14] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-09-14] (Google Inc -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1151800961-513661116-123877646-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Aniusa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Aniusa\AppData\Local\Google\Chrome\User Data\Default [2019-09-15] CHR Extension: (Präsentationen) - C:\Users\Aniusa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-14] CHR Extension: (Docs) - C:\Users\Aniusa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-14] CHR Extension: (Google Drive) - C:\Users\Aniusa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-09-14] CHR Extension: (YouTube) - C:\Users\Aniusa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-14] CHR Extension: (Tabellen) - C:\Users\Aniusa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-14] CHR Extension: (Avira Browserschutz) - C:\Users\Aniusa\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-09-14] CHR Extension: (Google Docs Offline) - C:\Users\Aniusa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-09-14] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Aniusa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-14] CHR Extension: (Google Mail) - C:\Users\Aniusa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-14] CHR Extension: (Chrome Media Router) - C:\Users\Aniusa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-14] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR StartupUrls: "hxxp://www.gazeta.pl/0,0.html?p=156" ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [203264 2009-07-29] (Microsoft Windows Hardware Compatibility Publisher -> AMD) S3 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation -> Malwarebytes Corporation) S2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242264 2015-09-23] (Huawei Technologies Co.,Ltd. -> ) S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Sony Mobile Communications AB -> Avanquest Software) [Datei ist nicht signiert] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [X] S3 cfWiMAXService; "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe" [X] S3 ConfigFree Gadget Service; "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe" [X] S3 ConfigFree Service; "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe" [X] S3 GameConsoleService; "C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe" [X] S2 HWDeviceService64.exe; "C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service [X] S3 TemproMonitoringService; "C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe" [X] S3 TosCoSrv; "C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe" [X] S3 TPCHSrv; "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 09732512; C:\Windows\System32\drivers\09732512.sys [478392 2019-09-14] (Kaspersky Lab -> Kaspersky Lab ZAO) S3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1146880 2009-06-10] (Microsoft Windows -> LSI Corp) S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6037504 2009-07-30] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.) R0 AtiPcie; C:\Windows\System32\DRIVERS\AtiPcie.sys [16440 2009-05-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-11-11] (DEVGURU CO LTD -> Devguru Co., Ltd) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [103576 2013-08-20] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr)) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-21] (DT Soft Ltd -> DT Soft Ltd) S1 ElRawDisk; C:\Windows\system32\drivers\dddskx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation) S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] () [Datei ist nicht signiert] S1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-09-15] (Martin Malik - REALiX -> REALiX(tm)) S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation -> Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation -> Malwarebytes Corporation) S3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [427008 2009-06-10] (Microsoft Windows -> Realtek Semiconductor Corporation ) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [204568 2013-08-20] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr)) S0 47652347; system32\drivers\87447834.sys [X] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X] S4 FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [X] S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X] S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [X] S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X] S3 UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [X] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2019-09-15 11:10 - 2019-09-15 11:10 - 000020520 _____ (Chicony Electronics Co., Ltd.) C:\Windows\system32\Drivers\UVCFTR_S.SYS 2019-09-15 10:35 - 2019-09-16 15:57 - 000002848 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Aniusa) 2019-09-15 10:35 - 2019-09-15 10:37 - 000002257 _____ C:\Users\Public\Desktop\Driver Booster 6.lnk 2019-09-15 10:35 - 2019-09-15 10:35 - 000003100 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler 2019-09-15 10:35 - 2019-09-15 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 6 2019-09-15 10:31 - 2019-09-15 10:31 - 022072688 _____ (IObit ) C:\Users\Aniusa\Downloads\driver_booster_setup.exe 2019-09-15 10:27 - 2019-09-15 10:27 - 000000000 ____D C:\Users\Aniusa\AppData\Roaming\DataWorks 2019-09-15 10:26 - 2019-09-15 10:36 - 000000000 ____D C:\ProgramData\IObit 2019-09-15 10:03 - 2019-09-15 10:03 - 005200384 _____ (AVAST Software) C:\Users\Aniusa\Downloads\aswmbr.exe 2019-09-15 09:57 - 2019-09-15 09:57 - 000000290 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job 2019-09-15 09:55 - 2019-09-15 09:57 - 000000000 ____D C:\AdwCleaner 2019-09-15 09:54 - 2019-09-15 09:55 - 007622344 _____ (Malwarebytes) C:\Users\Aniusa\Downloads\adwcleaner_7.4.1.exe 2019-09-14 21:21 - 2019-09-14 21:21 - 000496128 _____ C:\Users\Aniusa\Desktop\SpyHunterCleaner_1.05.exe 2019-09-14 19:26 - 2019-09-16 19:09 - 000041897 _____ C:\Users\Aniusa\Downloads\FRST.txt 2019-09-14 19:24 - 2019-09-14 19:25 - 000291016 _____ C:\Windows\Minidump\091419-25428-01.dmp 2019-09-14 19:24 - 2019-09-14 19:24 - 344517125 _____ C:\Windows\MEMORY.DMP 2019-09-14 19:04 - 2019-09-14 19:04 - 000478392 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\09732512.sys 2019-09-14 19:03 - 2019-09-14 19:11 - 000000000 ____D C:\KVRT_Data 2019-09-14 19:02 - 2019-09-14 19:03 - 168080168 _____ (AO Kaspersky Lab) C:\Users\Aniusa\Downloads\KVRT.exe 2019-09-14 19:00 - 2019-09-14 19:00 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-09-14 19:00 - 2019-09-14 19:00 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-09-14 18:58 - 2019-09-14 18:58 - 001151544 _____ (Google LLC) C:\Users\Aniusa\Downloads\ChromeSetup.exe 2019-09-11 17:54 - 2019-09-16 18:43 - 000873986 _____ C:\Windows\ntbtlog.txt 2019-09-11 17:28 - 2019-09-11 17:31 - 000038038 _____ C:\Users\Aniusa\Desktop\FRST.txt 2019-09-11 17:22 - 2019-09-11 22:25 - 000000000 ____D C:\FRST 2019-09-11 17:19 - 2019-09-14 19:26 - 001614848 _____ (Farbar) C:\Users\Aniusa\Downloads\FRST64.exe ==================== Ein Monat (geänderte) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2019-09-16 18:23 - 2009-07-14 19:58 - 000657356 _____ C:\Windows\system32\perfh007.dat 2019-09-16 18:23 - 2009-07-14 19:58 - 000131804 _____ C:\Windows\system32\perfc007.dat 2019-09-16 18:23 - 2009-07-14 07:13 - 001508910 _____ C:\Windows\system32\PerfStringBackup.INI 2019-09-16 18:23 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2019-09-16 15:58 - 2009-07-14 06:45 - 000019248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-09-16 15:58 - 2009-07-14 06:45 - 000019248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-09-16 15:51 - 2016-04-05 20:00 - 000065536 _____ C:\Windows\system32\Ikeext.etl 2019-09-16 15:51 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-09-15 10:35 - 2014-09-04 21:00 - 000000000 ____D C:\Program Files (x86)\IObit 2019-09-15 10:34 - 2014-09-04 20:59 - 000000000 ____D C:\Users\Aniusa\AppData\Roaming\IObit 2019-09-15 10:30 - 2014-09-04 21:01 - 000000000 ____D C:\ProgramData\ProductData 2019-09-15 10:26 - 2015-04-22 21:23 - 000027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS 2019-09-15 09:57 - 2016-03-22 21:52 - 000000000 ____D C:\Users\Natalie ^^\AppData\Roaming\Toshiba 2019-09-15 09:57 - 2014-09-04 21:01 - 000000000 ____D C:\Users\Aniusa\AppData\LocalLow\IObit 2019-09-15 09:57 - 2013-10-24 18:24 - 000000000 ____D C:\Users\Aniusa\AppData\Local\Toshiba 2019-09-15 09:57 - 2011-08-15 19:09 - 000000000 ____D C:\Users\Aniusa\AppData\Roaming\Toshiba 2019-09-15 09:57 - 2009-09-11 10:07 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA 2019-09-15 09:57 - 2009-09-11 10:06 - 000000000 ____D C:\Program Files\TOSHIBA 2019-09-15 00:11 - 2011-08-15 19:19 - 000000000 ____D C:\Users\Aniusa\AppData\Local\Google 2019-09-14 21:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing 2019-09-14 21:27 - 2016-12-15 20:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2019-09-14 21:27 - 2013-01-13 19:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-09-14 19:24 - 2013-10-27 18:10 - 000000000 ____D C:\Windows\Minidump 2019-09-14 19:15 - 2015-10-07 15:45 - 000000000 ____D C:\Users\Natalie ^^ 2019-09-14 19:00 - 2016-11-22 10:42 - 000000000 ____D C:\Users\Aniusa\AppData\LocalLow\Mozilla 2019-09-14 18:59 - 2009-09-11 10:12 - 000000000 ____D C:\Program Files (x86)\Google 2019-09-13 00:09 - 2013-01-13 19:15 - 000000000 ____D C:\ProgramData\Mozilla 2019-09-12 23:43 - 2015-02-05 21:29 - 000000000 ____D C:\ProgramData\DatacardService 2019-09-11 21:43 - 2011-08-21 20:12 - 000000000 ____D C:\Users\Aniusa\AppData\Roaming\Mozilla 2019-09-11 21:37 - 2015-01-08 17:13 - 000000000 ____D C:\Users\Aniusa\AppData\LocalLow\Temp 2019-09-11 21:23 - 2014-09-29 22:11 - 000000000 ____D C:\Program Files (x86)\ipla 2019-09-11 17:13 - 2014-09-21 20:21 - 000000000 ____D C:\Program Files (x86)\Avira 2019-09-11 11:25 - 2014-09-21 20:22 - 000000000 ____D C:\Users\Aniusa\AppData\Roaming\Avira 2019-09-11 11:25 - 2014-09-21 20:21 - 000000000 ____D C:\ProgramData\Avira 2019-09-09 09:03 - 2017-05-19 18:37 - 000000000 ____D C:\Users\Aniusa\AppData\LocalLow\uTorrent 2019-09-08 20:47 - 2016-08-13 19:01 - 000000000 ____D C:\Users\Aniusa\Desktop\drogowka 2019-09-08 19:08 - 2009-07-14 07:08 - 000032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ================ 2012-05-06 22:27 - 2012-06-11 20:48 - 000000114 _____ () C:\Users\Aniusa\AppData\Roaming\default.pls 2013-02-19 22:01 - 2013-02-19 22:02 - 000000004 _____ () C:\Users\Aniusa\AppData\Roaming\skype.ini 2014-03-22 13:19 - 2014-03-31 17:19 - 000000061 _____ () C:\Users\Aniusa\AppData\Roaming\WB.CFG 2011-08-21 22:09 - 2017-11-17 11:55 - 000000158 _____ () C:\Users\Aniusa\AppData\Roaming\wklnhst.dat 2016-08-18 20:16 - 2016-08-18 20:16 - 000003584 _____ () C:\Users\Aniusa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== SigCheck =============================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) LastRegBack: 2017-08-31 19:50 ==================== Ende von FRST.txt ============================