| |
| |||||||
Log-Analyse und Auswertung: Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USBWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
22.02.2017, 21:01
| #1 |
 |  Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USB Hallo liebes Board-Team, mein Avira ist angesprungen, ich bekomme aber damit leider den Wurm/Trojaner nicht entfernt. Könnt ihr mir bitte helfen? Log-Dateien mit FRST hab ich bereits erstellt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22-02-2017
durchgeführt von Roland_Home (Administrator) auf ROLAND_HOME-PC (22-02-2017 20:47:43)
Gestartet von C:\Users\Roland_Home\Desktop
Geladene Profile: Roland_Home (Verfügbare Profile: Roland_Home)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Sanford, L.P.) U:\Programme\DYMO Label Software\DymoQuickPrint.exe
(Cisco) C:\Users\Roland_Home\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Octoshape ApS) C:\Users\Roland_Home\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
() C:\Program Files (x86)\Launchy\Launchy.exe
() C:\Users\Roland_Home\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
(Fred's Software) U:\Programme\PrintKey2000\Printkey2000.exe
(EIZO Corporation) C:\Program Files (x86)\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe
(Sanford, L.P.) U:\Programme\DYMO Label Software\DymoPnpService.exe
() U:\Programme\EIZO EasyPIX\EIZO EasyPIX.exe
(EIZO Corporation) C:\Program Files (x86)\EIZO\UniColor Pro\ucpro.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
() U:\Programme\Razer\Razer\Diamondback\razerhid.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CheckNDISPort_df.exe
() C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CancelAutoPlay_df.exe
() U:\Programme\EIZO EasyPIX\core\ep_eacore.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Razer Inc.) U:\Programme\Razer\Razer\Diamondback\razerofa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Disc Soft Ltd) U:\Programme\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) V:\Games\Steam\Steam.exe
(Valve Corporation) V:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
ഊ⡗敮渠敩渠䕩湴牡朠楮楥⁆楸汩獴畦来湯浭敮⁷楲搬⁷楲搠摥爠剥杩獴特敩湴牡朠慵映摥渠却慮摡牤睥牴⁺畲쎼捫来獥瑺琠潤敲湴晥牮琮⁄楥⁄慴敩⁷楲搠湩捨琠癥牳捨潢敮⸩ഊഊ䡋䱍尮⸮屒畮㨠孁摯扥䅁䵕灤慴敲ⴱ⸰崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䍯浭潮⁆楬敳屁摯扥屏佂䕜偄䅰灜啗䅜啰摡瑥牓瑡牴異啴楬楴礮數攠嬴㐶㌹㈠㈰ㄲⴰ㐭〴崠⡁摯扥⁓祳瑥浳⁉湣潲灯牡瑥搩ഊ䡋䱍尮⸮屒畮㨠孌慵湣栠䱃潲敝‽㸠䌺屐牯杲慭⁆楬敳屌潧楴散栠䝡浩湧⁓潦瑷慲敜䱃潲攮數攠嬱㌳ㄸ㐲㐠㈰ㄵⴰ㌭ㄲ崠⡌潧楴散栠䥮挮⤍ੈ䭌䵜⸮⹜創渺⁛䵓䍝‽㸠䌺屐牯杲慭⁆楬敳屍楣牯獯晴⁓散畲楴礠䍬楥湴屭獳散敳硥⁛ㄳ㔳㘸〠㈰ㄶⴱㄭㄴ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭌䵜⸮⹜創渺⁛楔畮敳䡥汰敲崠㴾⁃㩜偲潧牡洠䙩汥獜楔畮敳屩呵湥獈敬灥爮數攠嬱㜰㈵㘠㈰ㄵⴱ㈭ㄷ崠⡁灰汥⁉湣⸩ഊ䡋䱍㌲尮⸮屒畮㨠孕湩䍯汯爠偲潝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩居䥚作啮楃潬潲⁐牯屵捰牯硥⁛㐴㈰㐱㘠㈰ㄴⴰ㔭〹崠⡅䥚传䍯牰潲慴楯温ഊ䡋䱍㌲尮⸮屒畮㨠孓睩瑣桂潡牤崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䍯浭潮⁆楬敳屁摯扥屓睩瑣桂潡牤屓睩瑣桂潡牤硥⁛㔱㜰㤶′〱〭〲ⴱ㥝
䅤潢攠卹獴敭猠䥮捯牰潲慴敤⤍ੈ䭌䴭砳㉜⸮⹜創渺⁛䅤潢敃匶卥牶楣敍慮慧敲崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䍯浭潮⁆楬敳屁摯扥屃匶卥牶楣敍慮慧敲屃匶卥牶楣敍慮慧敲硥⁛㜳㌱㈠㈰ㄲⴰ㌭〹崠⡁摯扥⁓祳瑥浳⁉湣潲灯牡瑥搩ഊ䡋䱍㌲尮⸮屒畮㨠孂䍓卹湣崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䵩捲潳潦琠佦晩捥屏晦楣攱㑜䉃卓祮挮數攠嬸㤱㠴′〱㈭ㄱⴰ㕝
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋䱍㌲尮⸮屒畮㨠孄楶塍敤楡卥牶敲崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䑩癘屄楶堠䵥摩愠卥牶敲屄楶塍敤楡卥牶敲硥⁛㐴㠵㈰′〱㔭〵ⴰ㕝
䑩癘Ⱐ䱌䌩ഊ䡋䱍㌲尮⸮屒畮㨠孄楶塕灤慴敝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屄楶塜䑩癘⁕灤慴敜䑩癘啰摡瑥硥⁛ㄸ㘱㤶㠠㈰ㄴⴰㄭ崠⠩ഊ䡋䱍㌲尮⸮屒畮㨠孂牍晣坮摝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩层牯瑨敲层牭晣浯湜䉲䵦捗湤硥⁛ㄱ㔹ㄶ㠠㈰〹ⴰ㔭㈶崠⡂牯瑨敲⁉湤畳瑲楥猬⁌瑤⸩ഊ䡋䱍㌲尮⸮屒畮㨠孃潮瑲潬䍥湴敲㍝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩层牯瑨敲屃潮瑲潬䍥湴敲㍜扲捴牣敮硥⁛ㄱ㐶㠸′〰㠭ㄲⴲ㑝
䉲潴桥爠䥮摵獴物敳Ⱐ䱴搮⤍ੈ䭌䴭砳㉜⸮⹜創渺⁛䑩慭潮摢慣歝‽㸠唺屐牯杲慭浥屒慺敲屒慺敲屄楡浯湤扡捫屲慺敲桩搮數攠嬲㈶㠱㘠㈰〹ⴱ〭〹崠⠩ഊ䡋䱍㌲尮⸮屒畮㨠孄䱓卥牶楣敝‽㸠≕㩜偲潧牡浭敜䑙䵏⁌慢敬⁓潦瑷慲敜䑌卓敲癩捥硥∍ੈ䭌䴭砳㉜⸮⹜創渺⁛偄䙐物湴崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜偄䘲㑜灤昲㐮數攠嬲㐳㈠㈰ㄶⴰ㜭〵崠⡇敥欠卯晴睡牥⁇浢䠩ഊ䡋䱍㌲尮⸮屒畮㨠孁獩潔桫㌲剥杝‽㸠剅䝓噒㌲⹅塅 匠䍔䅓䥏⹄䱌ഊ䡋䱍㌲尮⸮屒畮㨠孃呈敬灥牝‽㸠䍔䡅䱐䕒⹅塅
ੈ䭌䴭砳㉜⸮⹜創渺⁛䅖䵗污湃汩敮瑝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屡癭睬慮獴楣歜睬慮杵椮數攠嬲㔳㐴′〱〭ⴲ㉝
䅖䴠䉥牬楮⤍ੈ䭌䴭砳㉜⸮⹜創渺⁛慶杮瑝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屁癩牡屁湴楖楲⁄敳歴潰屡癧湴硥⁛㤱㜵㜶′〱㘭ㄲⴱ㕝
䅶楲愠佰敲慴楯湳⁇浢䠠☠䍯⸠䭇⤍ੈ䭌䴭砳㉜⸮⹜創渺⁛䅶楲愠卹獴牡祓瑡牴呲楧来牝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屁癩牡屌慵湣桥牜䅶楲愮卹獴牡祓瑡牴呲楧来爮數攠嬶ㄸ㤶′〱㘭ㄲⴲ㥝
䅶楲愠佰敲慴楯湳⁇浢䠠☠䍯⸠䭇⤍ੈ䭌䴭砳㉜⸮⹜創渺⁛䍨散歎䑉卐潲瑆ち捁㝝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屈潳瑬敳猠䵯摥浜漲⁓畲晳瑩捫屃桥捫乄䥓偯牴彤昮數攠嬴ㄹ〷㈠㈰ㄳⴰ㔭崠⠩ഊ䡋䱍㌲尮⸮屒畮㨠孃慮捥汁畴潐污祟摦崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䡯獴汥獳⁍潤敭屯㈠卵牦獴楣歜䍡湣敬䅵瑯偬慹彤昮數攠嬴㐶㜲〠㈰ㄳⴰ㔭崠⠩ഊ䡋䱍尮⸮屗楮汯杯渺⁛啳敲楮楴崠䌺屗楮摯睳屓祳瑥洳㉜啳敲楮楴硥Ⱐ嬳〷㈰′〱〭ㄱⴲそ
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋䱍㌲尮⸮屗楮汯杯渺⁛啳敲楮楴崠䌺屗楮摯睳屳祳坏圶㑜畳敲楮楴硥⁛㈶㘲㐠㈰ⴱㄭ㈰崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭌䵜⸮⹜坩湬潧潮㨠孓桥汬崠數灬潲敲硥⁛㌲㈹㘹㘠㈰ㄶⴰ㠭㈹崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭌䴭砳㉜⸮⹜坩湬潧潮㨠孓桥汬崠數灬潲敲硥⁛㈹㜲㘷㈠㈰ㄶⴰ㠭㈹崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭌䵜⸮⹜偯汩捩敳居硰汯牥爺⁛乯䅣瑩癥䑥獫瑯灝‱ഊ䡋䱍尮⸮屐潬楣楥獜䕸灬潲敲㨠孎潁捴楶敄敳歴潰䍨慮来獝‱ഊ䡋䱍尮⸮屐潬楣楥獜䕸灬潲敲㨠孆潲捥䅣瑩癥䑥獫瑯灏湝‰ഊ䡋啜匭ㄭ㔭ㄹ尮⸮屒畮㨠孓楤敢慲崠㴾⁃㩜偲潧牡洠䙩汥獜坩湤潷猠卩摥扡牜卩摥扡爮數攠嬱㐷㔵㠴′〱〭ㄱⴲそ
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋啜匭ㄭ㔭ㄹ尮⸮屒畮佮捥㨠孭捴慤浩湝‽㸠䌺屗楮摯睳屓祳瑥洳㉜浣瑡摭楮硥⁛㤷㈸〠㈰〹ⴰ㜭ㄴ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭕屓ⴱⴵⴲぜ⸮⹜創渺⁛卩摥扡牝‽㸠䌺屐牯杲慭⁆楬敳屗楮摯睳⁓楤敢慲屓楤敢慲硥⁛ㄴ㜵㔸㐠㈰ⴱㄭ㈰崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭕屓ⴱⴵⴲぜ⸮⹜創湏湣攺⁛浣瑡摭楮崠㴾⁃㩜坩湤潷獜卹獴敭㌲屭捴慤浩渮數攠嬹㜲㠰′〰㤭〷ⴱ㑝
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屒畮㨠孁摯扥䉲楤来崠㴾⁛塝ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屒畮㨠孄䅅䵏丠呯潬猠䱩瑥崠㴾⁕㩜偲潧牡浭敜䑁䕍低⁔潯汳⁌楴敜䑔䱩瑥硥⁛㔵㠳ㄲ〠㈰ㄵⴰ㈭㈶崠⡄楳挠卯晴⁌瑤⤍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛却敡浝‽㸠嘺屇慭敳屓瑥慭屳瑥慭硥⁛㈸㠱㠲㐠㈰ㄷⴰㄭㄹ崠⡖慬癥⁃潲灯牡瑩潮⤍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛楃汯畤卥牶楣敳崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䍯浭潮⁆楬敳屁灰汥屉湴敲湥琠卥牶楣敳屩䍬潵摓敲癩捥献數攍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛䅰灬敐桯瑯却牥慭獝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屃潭浯渠䙩汥獜䅰灬敜䥮瑥牮整⁓敲癩捥獜䅰灬敐桯瑯却牥慭献數攍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛楐桯湥⁐䌠卵楴敝‽㸠唺屐牯杲慭浥屩灨潮攠灣畩瑥屩偨潮敜楐桯湥屩偨潮攠偃⁓畩瑥硥 獴慲琍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛䑹浯兵楣歐物湴崠㴾⁕㩜偲潧牡浭敜䑙䵏⁌慢敬⁓潦瑷慲敜䑹浯兵楣歐物湴硥⁛ㄸ㘷〵㘠㈰ㄴⴰ㌭㈰崠⡓慮景牤Ⱐ䰮倮⤍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛偃卨潷卥牶敲崠㴾⁃㩜啳敲獜副污湤彈潭敜䅰灄慴慜䱯捡汜䑉剅䍔嘠偬慹敲屐䍓桯睓敲癥牐䵗牡灰敲硥⁛ㄶ㌲㜵㈠㈰ㄵⴰ㠭㈳崠⡃楳捯⤠㰽㴽㴽⁁䍈呕乇ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屒畮㨠孏捴潳桡灥⁓瑲敡浩湧⁓敲癩捥獝‽㸠䌺展獥牳屒潬慮摟䡯浥屁灰䑡瑡屒潡浩湧屏捴潳桡灥屏捴潳桡灥⁓瑲敡浩湧⁓敲癩捥獜佣瑯獨慰敃汩敮琮數攠嬵〰〱㘠㈰ㄴⴰ㠭〱崠⡏捴潳桡灥⁁灓⤍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜䵯畮瑐潩湴猲㨠删ⴠ刺屁畴潒畮硥ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屍潵湴偯楮瑳㈺⁻ㄸㄷ㝥㤷ⴸㄹ搭ㄱ收ⵢ挶㠭〰ㅣ㑡晢㤲㜴素ⴠ伺屁畴潒畮硥ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屍潵湴偯楮瑳㈺⁻ㄸㄷ㝥愱ⴸㄹ搭ㄱ收ⵢ挶㠭〰ㅣ㑡晢㤲㜴素ⴠ伺屁畴潒畮硥ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屍潵湴偯楮瑳㈺⁻㑤㉤慤㠴ⵤ戸〭ㄱ攴ⴹ㌴㠭ㄴ摡改敢搴㌷素ⴠ伺屓䕔啐⹅塅ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屍潵湴偯楮瑳㈺⁻愶挴摢搴ⵤ慢戭ㄱ攴ⴹ㈴㠭挲㔲愰㌷捣㤷素ⴠ刺屰畳桩湳琮數攍ੈ䭕屓ⴱⴵⴱ㡜⸮⹜創湏湣攺⁛卐剥癩敷崠㴾⁃㩜坩湤潷獜卹獴敭㌲屓偒敶楥睜卐剥癩敷硥⁛㌰ㄵ㘸′〱㔭〴ⴰ㙝
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋䱍尮⸮屐牯癩摥牳屉湴敲湥琠偲楮琠偲潶楤敲㨠䌺屗楮摯睳屳祳瑥洳㉜楮整灰汬⁛ㄶ㘴〰′〱㘭〶ⴲ㙝
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋䱍尮⸮屐牯癩摥牳屌慮䵡渠偲楮琠卥牶楣敳㨠䌺屗楮摯睳屳祳瑥洳㉜睩渳㉳灬汬⁛㜵㘷㌶′〱㘭〹ⴰ㥝
䵩捲潳潦琠䍯牰潲慴楯温ഊ䱳愺⁛䅵瑨敮瑩捡瑩潮⁐慣歡来獝獶ㅟ」ੌ獡㨠孎潴楦楣慴楯渠偡捫慧敳崠獣散汩ഊ卥捵物瑹偲潶楤敲猺牥摳獰汬ഊ卓佄䰺⁗敢䍨散欠ⴠ筅㙆䈵䔲〭䑅㌵ⴱㅃ䘭㥃㠷ⴰぁ䄰〵ㄲ㝅䑽*†䭥楮攠䑡瑥植协䑌㌲㨠坥扃桥捫*⁻䔶䙂㕅㈰ⵄ䔳㔭ㄱ䍆ⴹ䌸㜭〰䅁〰㔱㈷䕄素ⴠ⁋敩湥⁄慴敩ഊ卨敬汅硥捵瑥䡯潫猭砳㈺⁇牯潶攠䝆匠却畢⁅硥捵瑩潮⁈潯欠ⴠ筂㕁㝆ㄹ〭䑄䄶ⴴ㐲〭䈳䉁ⴵ㈴㔳㐹㑅㙃䑽*⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䵩捲潳潦琠佦晩捥屏晦楣攱㑜䝒住噅䕘⹄䱌⁛㐱㜱㐸〠㈰ㄳⴱ㈭ㄸ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍桥汬䥣潮佶敲污祉摥湴楦楥牳㨠孅湨慮捥摓瑯牡来卨敬汝*㸠筄㤱㐴䑃䐭䔹㤸ⴴ䕃䄭䅂㙁ⵄ䍄㠳䍃䉁ㄶ䑽‽㸠䌺屗楮摯睳屳祳瑥洳㉜䕨却潲卨敬氮摬氠嬲〰㤭〷ⴱ㑝
䵩捲潳潦琠䍯牰潲慴楯温ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛佦晬楮攠䙩汥獝*㸠笴䔷㜱㌱䐭㌶㈹ⴴ㌱挭㤸ㄸⵃ㔶㜹䑃㠳䔸ㅽ‽㸠䌺屗楮摯睳屓祳瑥洳㉜捳捵椮摬氠嬲〱〭ㄱⴲそ
䵩捲潳潦琠䍯牰潲慴楯温ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛卨慲楮材物癡瑥崠ⴾ⁻〸㈴㑅䔶ⴹ㉆〭㐷昲ⴹ䙃㤭㤲㥂䅁㉅㜲㌵素㴾⁃㩜坩湤潷獜獹獴敭㌲屮瑳桲畩汬⁛㈰ㄲⴰㄭ〴崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍桥汬䥣潮佶敲污祉摥湴楦楥牳㌲㨠孅湨慮捥摓瑯牡来卨敬汝*㸠筄㤱㐴䑃䐭䔹㤸ⴴ䕃䄭䅂㙁ⵄ䍄㠳䍃䉁ㄶ䑽‽㸠䌺屗楮摯睳屓祳坏圶㑜䕨却潲卨敬氮摬氠嬲〰㤭〷ⴱ㑝
䵩捲潳潦琠䍯牰潲慴楯温ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猭砳㈺⁛䝲潯癥⁅硰汯牥爠䥣潮⁏癥牬慹‱
䝆匠啮牥慤⁓瑵戩崠ⴾ⁻㤹䙄㤷㡃ⵄ㈸㜭㑆㔰ⴸ㈷䘭䈲䌶㔸䕄䄸䔷素㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䵩捲潳潦琠佦晩捥屏晦楣攱㑜䝒住噅䕘⹄䱌⁛㈰ㄳⴱ㈭ㄸ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍桥汬䥣潮佶敲污祉摥湴楦楥牳㌲㨠孇牯潶攠䕸灬潲敲⁉捯渠佶敲污礠㈠⡇䙓⁓瑵戩崠ⴾ⁻䅂㕃㔶〰ⴷ䔶䔭㑂〶ⴹㄹ㜭㥅䍅䘷㑄㌱䍃素㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䵩捲潳潦琠佦晩捥屏晦楣攱㑜䝒住噅䕘⹄䱌⁛㈰ㄳⴱ㈭ㄸ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍桥汬䥣潮佶敲污祉摥湴楦楥牳㌲㨠孇牯潶攠䕸灬潲敲⁉捯渠佶敲污礠㈮㔠⡇䙓⁕湲敡搠䙯汤敲⥝*㸠笹㈰䔶䑂ㄭ㤹〷ⴴ㌷〭䈳䄰ⵂ䅆䌰㍄㠱㌹㥽‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屍楣牯獯晴⁏晦楣敜佦晩捥ㄴ屇剏佖䕅堮䑌䰠嬲〱㌭ㄲⴱ㡝
䵩捲潳潦琠䍯牰潲慴楯温ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猭砳㈺⁛䝲潯癥⁅硰汯牥爠䥣潮⁏癥牬慹″
䝆匠䙯汤敲⥝*㸠笱㙆㍄䐵㘭ㅁ䘵ⴴ㌴㜭㠴㙄ⴷ䌱ぃ㐱㤲㘱㥽‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屍楣牯獯晴⁏晦楣敜佦晩捥ㄴ屇剏佖䕅堮䑌䰠嬲〱㌭ㄲⴱ㡝
䵩捲潳潦琠䍯牰潲慴楯温ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猭砳㈺⁛䝲潯癥⁅硰汯牥爠䥣潮⁏癥牬慹‴
䝆匠啮牥慤⁍慲欩崠ⴾ⁻㈹ㄶ䌸㙅ⴸ㙁㘭㐳䙅ⴸㄱ㈭㐳䅂䔶䉆㡄䍃素㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䵩捲潳潦琠佦晩捥屏晦楣攱㑜䝒住噅䕘⹄䱌⁛㈰ㄳⴱ㈭ㄸ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍桥汬䥣潮佶敲污祉摥湴楦楥牳㌲㨠孓桡物湧偲楶慴敝*㸠笰㠲㐴䕅㘭㤲䘰ⴴ㝦㈭㥆䌹ⴹ㈹䉁䄲䔷㈳㕽‽㸠䌺屗楮摯睳屓祳坏圶㑜湴獨牵椮摬氠嬲〱㈭〱ⴰ㑝
䵩捲潳潦琠䍯牰潲慴楯温ഊ却慲瑵瀺⁃㩜偲潧牡浄慴慜䵩捲潳潦瑜坩湤潷獜却慲琠䵥湵屐牯杲慭獜却慲瑵灜䱡畮捨礮汮欠嬲〱㔭〴ⴰ㕝ഊ卨潲瑣畴呡牧整㨠䱡畮捨礮汮欠ⴾ⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䱡畮捨祜䱡畮捨礮數攠⠩ഊ却慲瑵瀺⁃㩜偲潧牡浄慴慜䵩捲潳潦瑜坩湤潷獜却慲琠䵥湵屐牯杲慭獜却慲瑵灜偲楮瑫敹㈰〰湫⁛㈰ㄵⴰ㔭ㄷ崍桯牴捵瑔慲来琺⁐物湴步礲〰〮汮欠ⴾ⁕㩜偲潧牡浭敜偲楮瑋敹㈰〰屐物湴步礲〰〮數攠⡆牥搧猠卯晴睡牥⤍瑡牴異㨠䌺屐牯杲慭䑡瑡屍楣牯獯晴屗楮摯睳屓瑡牴⁍敮畜偲潧牡浳屓瑡牴異屓捲敥湍慮慧敲⁐牯潲⁌䍄⁖敲㌮㌮㌮汮欠嬲〱㔭〴ⴰ㑝ഊ卨潲瑣畴呡牧整㨠卣牥敮䵡湡来爠偲漠景爠䱃䐠噥爳⸳⸳湫*㸠䌺屐牯杲慭⁆楬敳
砸㘩居䥚作卣牥敮䵡湡来爠偲漠景爠䱃䑜䱣摣瑲氮數攠⡅䥚传䍯牰潲慴楯温ഊ却慲瑵瀺⁃㩜啳敲獜副污湤彈潭敜䅰灄慴慜副慭楮杜䵩捲潳潦瑜坩湤潷獜却慲琠䵥湵屐牯杲慭獜却慲瑵灜䕉婏⁅慳祐䥘湫⁛㈰ㄵⴰ㐭〴崍桯牴捵瑔慲来琺⁅䥚传䕡獹偉堮汮欠ⴾ⁕㩜偲潧牡浭敜䕉婏⁅慳祐䥘居䥚传䕡獹偉堮數攠⠩ഊ
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0E6504EB-8100-43F5-85E2-C051E8E74838}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0F2D20F3-211E-484D-8E20-E2E6ED003411}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{0F8AA8EC-B565-412C-88A4-28FBC08B8CC4}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9733a813
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9733a813
HKU\S-1-5-21-1586491574-1117352788-3011048425-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1586491574-1117352788-3011048425-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1586491574-1117352788-3011048425-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1586491574-1117352788-3011048425-1000 -> {38967B81-6133-4591-90EC-E3812C7D79C5} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1586491574-1117352788-3011048425-1000 -> {4B4E23CD-200D-4F20-820D-E80E56AB17AF} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1586491574-1117352788-3011048425-1000 -> {A87F2632-354F-487D-9140-82B953B5272C} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1586491574-1117352788-3011048425-1000 -> {C2E986AF-4EE0-4CBC-AED9-B838F64D1756} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://files.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
FireFox:
========
FF DefaultProfile: iprwapdk.default
FF ProfilePath: C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default [2017-02-12]
FF NewTab: Mozilla\Firefox\Profiles\iprwapdk.default -> about:newtab
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\iprwapdk.default -> Search Provided by Bing
FF Homepage: Mozilla\Firefox\Profiles\iprwapdk.default -> hxxp://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-9733a813
FF Extension: (All Downloader Professional) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\alldownloader@link64.xpi [2016-05-02]
FF Extension: (EPUBReader) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2017-01-18]
FF Extension: (Video DownloadHelper) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-01-12]
FF Extension: (Flash and Video Download) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-11-05]
FF Extension: (DownThemAll!) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-21]
FF Extension: (Greasemonkey) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-09-10]
FF Extension: (Copy All Links) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{e6a9a96e-4a08-4719-b9bd-0e91c35aaabc}.xpi [2016-05-05]
FF SearchPlugin: C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\searchplugins\Search Provided by Bing.xml [2016-02-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-22] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> U:\Programme\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-05-14] (DivX, LLC)
FF Plugin-x32: @dymo.com/DymoLabelFramework -> U:\Programme\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2014-03-20] ( Sanford L.P.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-1586491574-1117352788-3011048425-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Roland_Home\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1411300-0-npoctoshape.dll [2014-11-30] (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Roland_Home\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2016-03-19] (Octoshape ApS)
StartMenuInternet: FIREFOX.EXE - U:\Programme\mozilla Firefox\firefox.exe
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.bing.com/search?FORM=INCOH1&PC=IC03&PTAG=ICO-9733a813
CHR StartupUrls: Default -> "hxxp://www.bing.com/search?FORM=INCOH1&PC=IC03&PTAG=ICO-9733a813"
CHR Profile: C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default [2017-02-22]
CHR Extension: (Google Präsentationen) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-04]
CHR Extension: (Google Docs) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-04]
CHR Extension: (Google Drive) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (OneTab) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2017-02-22]
CHR Extension: (Google-Suche) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (ICE Quick Stream) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpioikmjnfipgphjldakcaocbbpnfabl [2016-08-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-31]
CHR Extension: (Google Tabellen) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-04]
CHR Extension: (Trusted Shops-Erweiterung für Google Chrome) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcpnemckonbbmnoakbjgjkgokkbaeo [2017-01-24]
CHR Extension: (Google Docs Offline) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Windscribe - Free VPN and Ad Block) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2016-11-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Google Mail) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-08-16] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-01-19] (Digital Wave Ltd.)
R3 Disc Soft Lite Bus Service; U:\Programme\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd)
R2 DymoPnpService; U:\Programme\DYMO Label Software\DymoPnpService.exe [33072 2014-03-20] (Sanford, L.P.)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [Datei ist nicht signiert]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [456640 2016-10-25] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [456640 2016-10-25] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-10-25] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files (x86)\PureVPN\bin\openvpnserv.exe [31872 2015-12-23] (The OpenVPN Project)
S3 Origin Client Service; V:\Games\Origin\OriginClientService.exe [2119688 2017-01-06] (Electronic Arts)
S2 Origin Web Helper Service; V:\Games\Origin\OriginWebHelperService.exe [2180624 2017-01-06] (Electronic Arts)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672024 2015-02-26] (Wacom Technology, Corp.)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176464 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148032 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-06-14] (Avira Operations GmbH & Co. KG)
S3 cpuz138; C:\Users\Roland_Home\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2016-10-28] (CPUID) <==== ACHTUNG
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-05] (Disc Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-10-25] (NVIDIA Corporation)
S3 Razerlow; C:\Windows\System32\drivers\Razerlow.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd)
S3 Spyder3; C:\Windows\System32\DRIVERS\Spyder3.sys [15360 2012-09-14] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [Datei ist nicht signiert]
S1 ayjzwrjw; \??\C:\Windows\system32\drivers\ayjzwrjw.sys [X]
S1 gfjcndos; \??\C:\Windows\system32\drivers\gfjcndos.sys [X]
S1 jcbyyxin; \??\C:\Windows\system32\drivers\jcbyyxin.sys [X]
S1 jiljbspe; \??\C:\Windows\system32\drivers\jiljbspe.sys [X]
S1 qxxcibpv; \??\C:\Windows\system32\drivers\qxxcibpv.sys [X]
S1 tdgdeuho; \??\C:\Windows\system32\drivers\tdgdeuho.sys [X]
S1 whqjjpsr; \??\C:\Windows\system32\drivers\whqjjpsr.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-22 20:47 - 2017-02-22 20:48 - 00038460 _____ C:\Users\Roland_Home\Desktop\FRST.txt
2017-02-22 20:47 - 2017-02-22 20:47 - 00000000 ____D C:\FRST
2017-02-22 20:47 - 2017-02-22 16:44 - 04015056 _____ C:\Users\Roland_Home\Desktop\AdwCleaner_6.043.exe
2017-02-22 20:47 - 2017-02-22 16:43 - 02422784 _____ (Farbar) C:\Users\Roland_Home\Desktop\FRST64.exe
2017-02-22 10:18 - 2017-02-22 14:45 - 00000000 ____D C:\Users\Roland_Home\Desktop\Fernando
2017-02-22 10:17 - 2017-02-22 10:17 - 20359768 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-02-07 20:45 - 2017-02-07 20:45 - 00500857 _____ C:\Users\Roland_Home\Downloads\BoardingPass.pdf
2017-02-05 17:19 - 2017-02-05 17:19 - 01795926 _____ C:\Users\Roland_Home\Downloads\Shell_EM_Gutschein_BRD_5ct.pdf
2017-01-31 19:48 - 2017-01-31 19:48 - 00001136 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-01-28 23:54 - 2017-01-28 23:54 - 00319429 _____ C:\Users\Roland_Home\Documents\Bosch Retrofit Ecall.pdf
2017-01-26 21:51 - 2017-01-26 21:51 - 00204257 _____ C:\Users\Roland_Home\Downloads\DHL_label_2017-1-26_21-51-29.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-22 20:45 - 2016-02-28 17:13 - 00000372 _____ C:\Windows\Tasks\JTGQQGOOU1.job
2017-02-22 20:45 - 2015-04-04 12:47 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-22 20:45 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-22 15:17 - 2015-04-04 14:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-22 15:04 - 2009-07-14 05:45 - 00013776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-22 15:04 - 2009-07-14 05:45 - 00013776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-22 15:02 - 2009-07-14 18:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2017-02-22 15:02 - 2009-07-14 18:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2017-02-22 15:02 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-22 15:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-02-22 12:25 - 2016-02-28 17:13 - 00000000 ____D C:\ProgramData\BrowsingSecure
2017-02-22 12:24 - 2016-02-27 23:19 - 00000000 ____D C:\Users\Roland_Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-02-22 12:23 - 2016-02-27 23:17 - 00000000 ____D C:\Users\Roland_Home\AppData\Local\JDownloader v2.0
2017-02-22 10:23 - 2015-04-13 20:05 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 10:19 - 2015-04-04 12:50 - 00000000 ____D C:\Users\Roland_Home\AppData\Local\Deployment
2017-02-22 10:17 - 2015-04-04 14:07 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-22 10:17 - 2015-04-04 14:07 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-22 10:17 - 2015-04-04 14:07 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-22 10:17 - 2015-04-04 14:07 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-22 10:17 - 2015-04-04 14:07 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-13 19:52 - 2015-04-05 12:48 - 00000000 ____D C:\Users\Roland_Home\Documents\Outlook-Dateien
2017-02-12 23:20 - 2016-11-23 19:23 - 00000000 ____D C:\Users\Roland_Home\AppData\LocalLow\Mozilla
2017-02-07 20:32 - 2015-04-04 12:51 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 20:32 - 2015-04-04 12:51 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-05 17:56 - 2015-10-11 15:34 - 00000000 ____D C:\Users\Roland_Home\Documents\Urlaub
2017-01-31 19:48 - 2016-06-14 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-01-31 19:48 - 2015-05-02 19:31 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-30 22:49 - 2015-04-04 14:06 - 00000000 ____D C:\Users\Roland_Home\AppData\Roaming\vlc
2017-01-23 22:48 - 2016-11-20 13:36 - 00000000 ____D C:\Users\Roland_Home\Documents\Baby
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-05-17 12:11 - 2015-05-17 12:12 - 0035165 __RSH () C:\Program Files (x86)\DLS8Uninstall.log
2015-05-18 20:25 - 2016-08-30 19:41 - 0000132 _____ () C:\Users\Roland_Home\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-05-25 20:11 - 2015-05-25 20:12 - 0000093 _____ () C:\Users\Roland_Home\AppData\Roaming\ARCompanion.log
2016-03-01 21:05 - 2016-03-05 15:44 - 0067913 _____ () C:\Users\Roland_Home\AppData\Roaming\PS13_panel.log
2016-02-28 13:17 - 2016-02-28 13:17 - 0000046 _____ () C:\Users\Roland_Home\AppData\Roaming\WB.CFG
2016-01-30 18:39 - 2016-01-30 23:12 - 0001456 _____ () C:\Users\Roland_Home\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2015-08-16 16:11 - 2015-08-16 16:11 - 0000017 _____ () C:\Users\Roland_Home\AppData\Local\resmon.resmoncfg
2016-07-31 13:08 - 2016-07-31 13:08 - 0042788 _____ () C:\Users\Roland_Home\AppData\Local\Tempdivx5c22
2016-06-28 05:53 - 2016-06-28 05:53 - 0262304 _____ () C:\Users\Roland_Home\AppData\Local\Tempdivxeafd
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Roland_Home\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
Einige Dateien in TEMP:
====================
2016-06-14 18:54 - 2016-06-14 18:55 - 0000000 ____D () C:\Users\Roland_Home\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-02-22 12:47
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22-02-2017
durchgeführt von Roland_Home (22-02-2017 20:48:11)
Gestartet von C:\Users\Roland_Home\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-04-02 23:35:42)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1586491574-1117352788-3011048425-500 - Administrator - Disabled)
Gast (S-1-5-21-1586491574-1117352788-3011048425-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1586491574-1117352788-3011048425-1002 - Limited - Enabled)
Roland_Home (S-1-5-21-1586491574-1117352788-3011048425-1000 - Administrator - Enabled) => C:\Users\Roland_Home
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.2.2.000 - Asmedia Technology)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Brother MFL-Pro Suite DCP-385C (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative-Audiokonsole (HKLM-x32\...\AudioCS) (Version: 1.33 - Creative Technology Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
DIRECTV Player (HKLM-x32\...\{04f0c8c0-e0c8-4292-8676-db9174655d7a}) (Version: 12.1 - DIRECTV)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.70 - DivX, LLC)
DYMO Label v.8 (HKLM-x32\...\DYMO Label v.8) (Version: 8.5.1.1816 - Sanford, L.P.)
DYMO LabelWriter Drivers (HKLM\...\{CE16D92B-50F3-4FC5-B29C-13FAFEE1A6C6}) (Version: 8.3.0.443 - Sanford L.P.)
EOSInfo (HKLM-x32\...\{CC23FF9A-989C-4DEB-8970-50E6E4862315}) (Version: 0.2.0 - astrojargon.net)
Epic Games Launcher (HKLM\...\{B42F7D9C-53DA-4A0D-B16C-A6F85A4B9C6E}) (Version: 1.1.26.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Infinite HD™ App (HKU\S-1-5-21-1586491574-1117352788-3011048425-1000\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
MakeMKV v1.9.5 (HKLM-x32\...\MakeMKV) (Version: v1.9.5 - GuinpinSoft inc)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{F7930EE9-0929-439D-A57B-D40C2C69C890}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Firefox 51.0.1 (x86 de) (HKU\S-1-5-21-1586491574-1117352788-3011048425-1000\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
o2 Surfstick (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.11.2855 - Electronic Arts, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PrintKey2000 (HKLM-x32\...\PrintKey2000) (Version: - )
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Razer Diamondback (HKLM-x32\...\{DE4CF159-4AD2-4754-BDA0-5FB088C8B58B}) (Version: 5.01 - Razer USA Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
ScreenManager Pro for LCD (HKLM-x32\...\{DAB265AD-27B2-4651-B8D8-F4F3A8ECC705}) (Version: 3.3.3.0 - EIZO Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 7.1.0330 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 18.1 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11-4 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Datacolor (Spyder3) USB (09/10/2007 1.0.0.3) (HKLM\...\2F24D930929D08C29A697E2C2E0574EC1CCCAE1D) (Version: 09/10/2007 1.0.0.3 - Datacolor)
Windows-Treiberpaket - Datacolor (Spyder4) USB (06/01/2011 1.0.0.1) (HKLM\...\E5E9268B6D7B0E662E34736CC110C89D595E4222) (Version: 06/01/2011 1.0.0.1 - Datacolor)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0DB89FBC-DDC8-4269-B98C-3F84E73C6B66} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {24656705-2C3F-414D-AD23-1B3A86F257E8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {3950B57C-600D-48E7-908B-BC577CF38E68} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {3953D91E-EF09-40CE-8592-EB4E7364A740} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-25] (NVIDIA Corporation)
Task: {8450A7E6-C07B-4007-9D30-F9511F7399CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-04] (Google Inc.)
Task: {84E31CF2-5090-4CC0-91F7-3D67AB4160CE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {9640FFAC-7371-4CBB-A8FE-DE9BBE6D4EFD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-22] (Adobe Systems Incorporated)
Task: {9CE4A9F1-56C6-4834-96DF-8D6A623F5AAA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {9CFD57B9-96BB-4D90-A690-4AE5391B9893} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-10-25] (NVIDIA Corporation)
Task: {AA948A37-B283-4608-B65F-6CE5460C75ED} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {BC6B2DFB-E863-407E-9379-2651627D2B09} - System32\Tasks\JTGQQGOOU1 => C:\ProgramData\BrowsingSecure\BrowsingSecure.exe <==== ACHTUNG
Task: {DB344B31-42C6-447B-898D-9DC02B74A798} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-04] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\JTGQQGOOU1.job => C:\ProgramData\BrowsingSecure\BrowsingSecure.exe <==== ACHTUNG
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Roland_Home\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
ShortcutWithArgument: C:\Users\Public\Desktop\o2 Surfstick.lnk -> C:\Program Files (x86)\Hostless Modem\o2 Surfstick\LaunchWebUI.exe () -> hxxp://o2surf.stick
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-12-17 18:38 - 2015-12-17 18:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-12 19:23 - 2015-03-12 19:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-12 19:23 - 2015-03-12 19:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-04-05 19:42 - 2010-04-03 13:05 - 00380928 _____ () C:\Program Files (x86)\Launchy\Launchy.exe
2015-08-23 12:06 - 2015-08-23 12:06 - 01384416 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
2015-04-04 13:31 - 2013-07-26 08:33 - 00142336 _____ () U:\Programme\EIZO EasyPIX\EIZO EasyPIX.exe
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-04-21 12:13 - 2009-10-09 19:11 - 00226816 _____ () U:\Programme\Razer\Razer\Diamondback\razerhid.exe
2016-10-28 19:37 - 2016-10-25 21:19 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-28 19:37 - 2016-10-25 21:19 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-28 19:37 - 2016-10-25 21:19 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-10-04 20:28 - 2013-05-10 12:03 - 00419072 _____ () C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CheckNDISPort_df.exe
2016-10-04 20:28 - 2013-05-10 12:03 - 00446720 _____ () C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CancelAutoPlay_df.exe
2015-04-04 13:31 - 2013-07-26 08:33 - 00074240 _____ () U:\Programme\EIZO EasyPIX\core\ep_eacore.exe
2015-04-04 12:47 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-05 23:08 - 2015-02-26 23:16 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2014-03-20 21:50 - 2014-03-20 21:50 - 00093696 _____ () U:\Programme\DYMO Label Software\DYMO.Common.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-04-05 19:42 - 2009-12-16 22:13 - 08314880 _____ () C:\Program Files (x86)\Launchy\QtGui4.dll
2015-04-05 19:42 - 2009-12-16 21:54 - 02236416 _____ () C:\Program Files (x86)\Launchy\QtCore4.dll
2015-04-05 19:42 - 2009-12-16 21:56 - 00712704 _____ () C:\Program Files (x86)\Launchy\QtNetwork4.dll
2015-04-05 19:42 - 2009-12-17 00:18 - 00233472 _____ () C:\Program Files (x86)\Launchy\imageformats\qmng4.dll
2015-04-05 19:42 - 2010-04-03 21:40 - 00081920 _____ () C:\Program Files (x86)\Launchy\plugins\calcy.dll
2015-04-05 19:42 - 2010-04-03 13:05 - 00090112 _____ () C:\Program Files (x86)\Launchy\plugins\controly.dll
2015-04-05 19:42 - 2010-04-03 13:06 - 00024064 _____ () C:\Program Files (x86)\Launchy\plugins\gcalc.dll
2015-04-05 19:42 - 2010-04-03 13:06 - 00094208 _____ () C:\Program Files (x86)\Launchy\plugins\runner.dll
2015-04-05 19:42 - 2010-04-03 13:05 - 00057344 _____ () C:\Program Files (x86)\Launchy\plugins\verby.dll
2015-04-05 19:42 - 2010-04-03 13:05 - 00122880 _____ () C:\Program Files (x86)\Launchy\plugins\weby.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 11424224 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\PCShowServer.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 03301344 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\DrmSingleton.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 00340440 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\ndsLogStore.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 02101224 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\DiscoveryManager.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 08347104 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\gsttspplugin.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 00690152 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 01404376 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\libxml2-2.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 00093128 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\z.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-04-20 08:58 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-04-04 13:31 - 2013-07-26 08:33 - 00155648 _____ () U:\Programme\EIZO EasyPIX\core\libcolour.dll
2015-04-04 13:31 - 2013-07-26 08:33 - 00299008 _____ () U:\Programme\EIZO EasyPIX\core\plugins\ep_Procs.dll
2016-10-28 19:37 - 2016-10-25 21:19 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-28 19:37 - 2016-10-25 20:57 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-28 19:37 - 2016-10-25 20:57 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-28 19:37 - 2016-10-25 20:57 - 02808256 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-28 19:37 - 2016-10-25 21:19 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-28 19:37 - 2016-10-25 21:19 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-28 19:37 - 2016-10-25 20:57 - 00246840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-28 19:37 - 2016-10-25 20:57 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-28 19:37 - 2016-10-25 20:57 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-28 19:37 - 2016-10-25 20:57 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2015-04-05 21:08 - 2016-12-23 19:28 - 00657184 _____ () V:\Games\Steam\SDL2.dll
2015-04-05 21:08 - 2016-09-01 02:02 - 04969248 _____ () V:\Games\Steam\v8.dll
2015-04-05 21:08 - 2016-09-01 02:02 - 01563936 _____ () V:\Games\Steam\icui18n.dll
2015-04-05 21:08 - 2016-09-01 02:02 - 01195296 _____ () V:\Games\Steam\icuuc.dll
2015-04-05 21:08 - 2017-01-19 02:30 - 02327840 _____ () V:\Games\Steam\video.dll
2015-04-05 21:08 - 2016-01-27 08:49 - 02549760 _____ () V:\Games\Steam\libavcodec-56.dll
2015-04-05 21:08 - 2016-01-27 08:49 - 00442880 _____ () V:\Games\Steam\libavutil-54.dll
2015-04-05 21:08 - 2016-01-27 08:49 - 00491008 _____ () V:\Games\Steam\libavformat-56.dll
2015-04-05 21:08 - 2016-01-27 08:49 - 00332800 _____ () V:\Games\Steam\libavresample-2.dll
2015-04-05 21:08 - 2016-01-27 08:49 - 00485888 _____ () V:\Games\Steam\libswscale-3.dll
2015-04-05 21:08 - 2017-01-19 02:30 - 00838432 _____ () V:\Games\Steam\bin\chromehtml.DLL
2016-12-13 17:29 - 2017-01-05 04:12 - 68813088 _____ () V:\Games\Steam\bin\cef\cef.win7\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1586491574-1117352788-3011048425-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Roland_Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{C3E40374-4844-4F49-85FA-A82A1CC5483C}] => (Allow) U:\Programme\mozilla Firefox\firefox.exe
FirewallRules: [{266DD0B7-3E3C-45D8-B7F7-D90173195D35}] => (Allow) U:\Programme\mozilla Firefox\firefox.exe
FirewallRules: [{DC0077D0-74CA-4A46-9DBB-0CF93D1DEA2D}] => (Allow) U:\Programme\EIZO EasyPIX\core\ep_eacore.exe
FirewallRules: [{47EE74CE-4F2C-403E-8912-02F3EDA06445}] => (Allow) U:\Programme\EIZO EasyPIX\core\ep_eacore.exe
FirewallRules: [TCP Query User{62E4B3F7-490D-40C1-9D69-264B4BA3663A}U:\programme\eizo easypix\core\ep_eacore.exe] => (Allow) U:\programme\eizo easypix\core\ep_eacore.exe
FirewallRules: [UDP Query User{14B2C29F-66F9-41E0-9C67-E06C02E571D8}U:\programme\eizo easypix\core\ep_eacore.exe] => (Allow) U:\programme\eizo easypix\core\ep_eacore.exe
FirewallRules: [{3A78560A-E13C-4CCF-8987-61254D871314}] => (Allow) V:\Games\Steam\Steam.exe
FirewallRules: [{A9494D7F-24D6-4709-B0E5-338CF4D7A148}] => (Allow) V:\Games\Steam\Steam.exe
FirewallRules: [{CC55FE32-2FFA-41E2-B8ED-BCD6BFA84909}] => (Allow) V:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{4977C292-E1CC-4307-85CD-549AA26F5883}] => (Allow) V:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{AB791484-6B18-42A2-B14D-BDF84AAC985C}] => (Allow) U:\Programme\iphone pc suite\iPhone\iPhone PC Suite.exe
FirewallRules: [TCP Query User{87FECFD0-0191-403F-A648-7EF2765D5495}U:\programme\iphone pc suite\iphone\iphone pc suite.exe] => (Allow) U:\programme\iphone pc suite\iphone\iphone pc suite.exe
FirewallRules: [UDP Query User{6C695153-DE49-4B58-8BE0-4F6C66BE1009}U:\programme\iphone pc suite\iphone\iphone pc suite.exe] => (Allow) U:\programme\iphone pc suite\iphone\iphone pc suite.exe
FirewallRules: [{A06D7E3D-B6AF-4CB0-96B1-41B54DDDB362}] => (Allow) U:\Programme\iphone pc suite\iPhone\iPhone\iPhone PC Suite.exe
FirewallRules: [{DE915347-418A-44E1-A56A-0064B625F92D}] => (Allow) U:\Programme\iphone pc suite\iPhone\iPhone\iPhone PC Suite.exe
FirewallRules: [TCP Query User{F642A195-58F5-4CDA-A796-F834ACF9FFBC}U:\programme\iphone pc suite\iphone\iphone\iphone pc suite.exe] => (Allow) U:\programme\iphone pc suite\iphone\iphone\iphone pc suite.exe
FirewallRules: [UDP Query User{D051B3AA-75C1-46D8-B1D7-5233D75672B7}U:\programme\iphone pc suite\iphone\iphone\iphone pc suite.exe] => (Allow) U:\programme\iphone pc suite\iphone\iphone\iphone pc suite.exe
FirewallRules: [{9BB768D3-5123-4686-B96D-A67532B0F347}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{AC05AB11-09AC-424D-8AA3-37C8E235D81D}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{F76CF876-4AF1-431B-9FD0-6E1E31EBCFC6}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe
FirewallRules: [{9F7B9210-7C6E-4E86-A6BB-E2AFBAA96A4A}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe
FirewallRules: [{A676E62A-69DB-4049-AB01-72AA27E74256}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe
FirewallRules: [{E3F63039-95D0-4C4B-A221-1203AC04B1A3}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe
FirewallRules: [TCP Query User{B14450C9-B9A1-40D0-8462-E0EE37E9C28D}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [UDP Query User{B3DB7308-AC2B-43CC-AB1E-0512227629B8}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [TCP Query User{49A3C609-6679-45C9-B20C-4A86742E308E}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{5B690F75-1D65-4966-8405-186E35639F0A}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [TCP Query User{B54EB4BA-EB64-41E6-930A-B8096358E758}U:\programme\myphoneexplorer\myphoneexplorer.exe] => (Allow) U:\programme\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{74D4CF25-1423-41A4-BA0E-174710ED8BA6}U:\programme\myphoneexplorer\myphoneexplorer.exe] => (Allow) U:\programme\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{68695E19-EBA8-485E-B384-7B66400BA4A3}V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{FAE2D181-35B4-4668-9F93-D883F699C5D1}V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{64D8830A-15B3-4F24-8B45-A99B2E7CF040}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{E8034F27-F8FB-48C7-A37A-736E34F1D58B}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [{F8CCA8D6-3FC2-4731-A0C4-AEA7BA4F01F8}] => (Allow) V:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{ADD94016-3FB9-47F5-9274-AAF1D6713CC0}] => (Allow) V:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{8ABC7E1E-2D4A-4879-B5EC-12C540681A67}C:\users\roland_home\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\roland_home\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [UDP Query User{0FF18F01-8EDE-44E1-B144-2385C4463417}C:\users\roland_home\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\roland_home\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [{1E4A9BD7-47F3-44AF-9865-EF6ECA515C5C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{2D74EF71-62CE-41D3-BD4C-560A378FE733}C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe] => (Allow) C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe
FirewallRules: [UDP Query User{3D32824E-466A-4867-AB0C-A79A38CF9579}C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe] => (Allow) C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe
FirewallRules: [TCP Query User{42605DE7-B3CA-4877-B884-8755D3AE1373}C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe] => (Block) C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe
FirewallRules: [UDP Query User{84C8C230-8637-4D7F-A6FD-7F0F72B17C99}C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe] => (Block) C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe
FirewallRules: [{6F8451F6-14AB-451D-AA08-F34B60DB0372}] => (Allow) V:\Games\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{20689770-B14F-42FE-A3ED-48EAAD833748}] => (Allow) V:\Games\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [TCP Query User{B517072F-1330-4715-9A2F-5E198FAB6154}V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{99316F35-4ED4-4BE8-8847-07EE9E8AED13}V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{BC694C79-1C03-470A-98B5-68935A05B5FE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{652A3B69-A09B-4FF2-9122-DFCD05A6094F}] => (Allow) LPort=2869
FirewallRules: [{F12CB7FA-1977-4056-BCCE-41D1EFB04132}] => (Allow) LPort=1900
FirewallRules: [{35554111-265F-4D57-B009-AB170C57338E}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\VideoEditor.exe
FirewallRules: [{0962888F-0C01-4E0A-A1E1-6412DE304BF5}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\VideoEditor.exe
FirewallRules: [{FD86386A-7E1A-4C95-842F-42FEC716FE9E}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\Activation.exe
FirewallRules: [{F65DA454-72B8-44C7-B829-0498D7D4495C}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\Activation.exe
FirewallRules: [{3E42F178-A9A6-4471-9D78-6EB20C6C1327}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\Updater.exe
FirewallRules: [{DB4BA784-D261-4E04-9F9B-B29D5B7CEFE3}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\Updater.exe
FirewallRules: [{0E579F88-3E12-49FD-88CB-915C425C059E}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{7A29CD6F-27F9-4BCB-821E-6A24918329B4}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{F0FDD74A-D56C-4E11-9EAE-303374EF4EA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{8A2B221D-B683-4F10-A3B8-F283C20C26CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{B40F491B-51B4-4ACA-8CE2-39C9D2FCEBFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FC4E6C28-E381-4AD7-A7AB-10A0FAD4E460}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{17D3F55F-23C9-4329-8EFE-22E431E7E71D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{445059C9-817B-49CA-BE78-1C6C91BDC05D}] => (Allow) V:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2CA44B9B-F1B5-4A76-AED0-76344CC8F44F}] => (Allow) V:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{4B62DB26-A2CF-4735-B7FC-890FCCBBC10D}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{9A5C39CD-C435-4126-BF06-2FBF98088970}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [{A8D112BD-9701-44D9-9A17-B514BFB19099}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: HID-konforme Maus
Description: HID-konforme Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/22/2017 02:49:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avcenter.exe, Version 15.0.24.143 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 9b0
Startzeit: 01d28d11b591e986
Endzeit: 60000
Anwendungspfad: c:\program files (x86)\avira\antivir desktop\avcenter.exe
Berichts-ID: 0bc122e0-f905-11e6-a6fa-14dae9ebd437
Error: (02/02/2017 05:07:50 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:50.702]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:49 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:49.201]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:47 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:47.701]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:46 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:46.201]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:44 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:44.701]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:43 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:43.201]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:41 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:41.701]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:40 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:40.201]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:38 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:38.701]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Systemfehler:
=============
Error: (02/22/2017 08:46:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (02/22/2017 08:46:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (02/22/2017 03:42:13 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Microsoft Antimalware Service konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (02/22/2017 03:32:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/22/2017 03:01:51 PM) (Source: Microsoft Antimalware) (EventID: 1119) (User: )
Description: Beim Anwenden von Aktionen auf Schadsoftware und potenziell unerwünschte Software wurde von Microsoft-Antischadsoftware ein schwerwiegender Fehler festgestellt.
Weitere Informationen finden Sie hier:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=Worm:VBS/Jenxcus!lnk&threatid=2147683827&enterprise=0
Name: Worm:VBS/Jenxcus!lnk
ID: 2147683827
Schweregrad: Schwerwiegend
Kategorie: Wurm
Pfad: file:_C:\ProgramData\Avira\Antivirus\TEMP\AVSCAN-20170222-111943-333DE0E0\AVSCAN-20170222-113309-D360995F;file:_C:\ProgramData\Avira\Antivirus\TEMP\AVSCAN-20170222-111943-333DE0E0\AVSCAN-20170222-113309-D36280D7;file:_C:\ProgramData\Avira\Antivirus\TEMP\AVSCAN-20170222-111943-333DE0E0\AVSCAN-20170222-113310-D3727F50;file:_C:\ProgramData\Avira\Antivirus\TEMP\AVSCAN-20170222-111943-333DE0E0\AVSCAN-20170222-113310-D373CFA4;file:_C:\ProgramData\Avira\Antivirus\TEMP\AVSCAN-20170222-145726-15B2205F\AVSCAN-20170222-145752-1AE7F95F
Ursprung der Erkennung: Lokaler Computer
Typ der Erkennung: Konkret
Quelle der Erkennung: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
Aktion: Quarantäne
Aktionsstatus: No additional actions required
Fehlercode: 0x80070490
Fehlerbeschreibung: Element nicht gefunden.
Signaturversion: AV: 1.235.3368.0, AS: 1.235.3368.0, NIS: 116.72.0.0
Modulversion: AM: 1.1.13407.0, NIS: 2.1.12706.0
Error: (02/22/2017 02:56:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (02/22/2017 02:56:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (02/22/2017 02:54:37 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Microsoft Antimalware Service konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (02/22/2017 02:53:15 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Gruppenrichtlinienclient konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (02/22/2017 02:52:42 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 20%
Installierter physikalischer RAM: 16365.23 MB
Verfügbarer physikalischer RAM: 13016.91 MB
Summe virtueller Speicher: 30107.92 MB
Verfügbarer virtueller Speicher: 26617.8 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:117.28 GB) (Free:11.84 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Media2_1) (Fixed) (Total:244.14 GB) (Free:177.91 GB) NTFS
Drive f: (Backup_1) (Fixed) (Total:247.91 GB) (Free:2.92 GB) NTFS
Drive g: (Downloads_1) (Fixed) (Total:195.21 GB) (Free:55.29 GB) NTFS
Drive h: (Media_1) (Fixed) (Total:244.14 GB) (Free:41.44 GB) NTFS
Drive j: (Lokaler Datenträger_2) (Fixed) (Total:244.14 GB) (Free:152.39 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive k: (Lokaler Datenträger_2) (Fixed) (Total:292.97 GB) (Free:284.74 GB) NTFS
Drive l: (Lokaler Datenträger_2) (Fixed) (Total:394.4 GB) (Free:309.91 GB) NTFS
Drive r: () (Removable) (Total:7.46 GB) (Free:7.21 GB) FAT32
Drive u: (Programme_3) (Fixed) (Total:292.97 GB) (Free:215.77 GB) NTFS
Drive v: (Photography_3) (Fixed) (Total:638.54 GB) (Free:433.67 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 117.4 GB) (Disk ID: 3CD8E5A4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=117.3 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9E955CC4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=492.1 GB) - (Type=OF Extended)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0E35453E)
Partition 1: (Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=394.4 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CE8596FF)
Partition 1: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=638.5 GB) - (Type=07 NTFS)
========================================================
Disk: 9 (Size: 7.5 GB) (Disk ID: 003008FF)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0B)
==================== Ende von Addition.txt ============================
Geändert von razor1982 (22.02.2017 um 21:20 Uhr) |
|
22.02.2017, 22:58
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USBZitat:
  Lesestoff:Illegale Software: Cracks, Keygens und Co Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ |
|
23.02.2017, 19:48
| #3 | |
| | Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USBZitat:
Absolut korrekt... auf mich...Hab's gelöscht und werde mir ein original besorgen. Zurück zum Thema: Hab die Log-Files nochmal neu erstellt. FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2017 01
durchgeführt von Roland_Home (Administrator) auf ROLAND_HOME-PC (23-02-2017 19:42:51)
Gestartet von C:\Users\Roland_Home\Desktop
Geladene Profile: Roland_Home (Verfügbare Profile: Roland_Home)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) V:\Games\Steam\Steam.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Sanford, L.P.) U:\Programme\DYMO Label Software\DymoQuickPrint.exe
(Cisco) C:\Users\Roland_Home\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
(Octoshape ApS) C:\Users\Roland_Home\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
() C:\Program Files (x86)\Launchy\Launchy.exe
() C:\Users\Roland_Home\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Fred's Software) U:\Programme\PrintKey2000\Printkey2000.exe
(EIZO Corporation) C:\Program Files (x86)\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
() U:\Programme\EIZO EasyPIX\EIZO EasyPIX.exe
(EIZO Corporation) C:\Program Files (x86)\EIZO\UniColor Pro\ucpro.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Sanford, L.P.) U:\Programme\DYMO Label Software\DymoPnpService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
() U:\Programme\Razer\Razer\Diamondback\razerhid.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHelper.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
() C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CheckNDISPort_df.exe
() C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CancelAutoPlay_df.exe
() U:\Programme\EIZO EasyPIX\core\ep_eacore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Razer Inc.) U:\Programme\Razer\Razer\Diamondback\razerofa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Valve Corporation) V:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Disc Soft Ltd) U:\Programme\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
ഊ⡗敮渠敩渠䕩湴牡朠楮楥⁆楸汩獴畦来湯浭敮⁷楲搬⁷楲搠摥爠剥杩獴特敩湴牡朠慵映摥渠却慮摡牤睥牴⁺畲쎼捫来獥瑺琠潤敲湴晥牮琮⁄楥⁄慴敩⁷楲搠湩捨琠癥牳捨潢敮⸩ഊഊ䡋䱍尮⸮屒畮㨠孁摯扥䅁䵕灤慴敲ⴱ⸰崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䍯浭潮⁆楬敳屁摯扥屏佂䕜偄䅰灜啗䅜啰摡瑥牓瑡牴異啴楬楴礮數攠嬴㐶㌹㈠㈰ㄲⴰ㐭〴崠⡁摯扥⁓祳瑥浳⁉湣潲灯牡瑥搩ഊ䡋䱍尮⸮屒畮㨠孌慵湣栠䱃潲敝‽㸠䌺屐牯杲慭⁆楬敳屌潧楴散栠䝡浩湧⁓潦瑷慲敜䱃潲攮數攠嬱㌳ㄸ㐲㐠㈰ㄵⴰ㌭ㄲ崠⡌潧楴散栠䥮挮⤍ੈ䭌䵜⸮⹜創渺⁛䵓䍝‽㸠䌺屐牯杲慭⁆楬敳屍楣牯獯晴⁓散畲楴礠䍬楥湴屭獳散敳硥⁛ㄳ㔳㘸〠㈰ㄶⴱㄭㄴ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭌䵜⸮⹜創渺⁛楔畮敳䡥汰敲崠㴾⁃㩜偲潧牡洠䙩汥獜楔畮敳屩呵湥獈敬灥爮數攠嬱㜰㈵㘠㈰ㄵⴱ㈭ㄷ崠⡁灰汥⁉湣⸩ഊ䡋䱍㌲尮⸮屒畮㨠孕湩䍯汯爠偲潝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩居䥚作啮楃潬潲⁐牯屵捰牯硥⁛㐴㈰㐱㘠㈰ㄴⴰ㔭〹崠⡅䥚传䍯牰潲慴楯温ഊ䡋䱍㌲尮⸮屒畮㨠孓睩瑣桂潡牤崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䍯浭潮⁆楬敳屁摯扥屓睩瑣桂潡牤屓睩瑣桂潡牤硥⁛㔱㜰㤶′〱〭〲ⴱ㥝
䅤潢攠卹獴敭猠䥮捯牰潲慴敤⤍ੈ䭌䴭砳㉜⸮⹜創渺⁛䅤潢敃匶卥牶楣敍慮慧敲崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䍯浭潮⁆楬敳屁摯扥屃匶卥牶楣敍慮慧敲屃匶卥牶楣敍慮慧敲硥⁛㜳㌱㈠㈰ㄲⴰ㌭〹崠⡁摯扥⁓祳瑥浳⁉湣潲灯牡瑥搩ഊ䡋䱍㌲尮⸮屒畮㨠孄楶塍敤楡卥牶敲崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䑩癘屄楶堠䵥摩愠卥牶敲屄楶塍敤楡卥牶敲硥⁛㐴㠵㈰′〱㔭〵ⴰ㕝
䑩癘Ⱐ䱌䌩ഊ䡋䱍㌲尮⸮屒畮㨠孄楶塕灤慴敝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屄楶塜䑩癘⁕灤慴敜䑩癘啰摡瑥硥⁛ㄸ㘱㤶㠠㈰ㄴⴰㄭ崠⠩ഊ䡋䱍㌲尮⸮屒畮㨠孂牍晣坮摝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩层牯瑨敲层牭晣浯湜䉲䵦捗湤硥⁛ㄱ㔹ㄶ㠠㈰〹ⴰ㔭㈶崠⡂牯瑨敲⁉湤畳瑲楥猬⁌瑤⸩ഊ䡋䱍㌲尮⸮屒畮㨠孃潮瑲潬䍥湴敲㍝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩层牯瑨敲屃潮瑲潬䍥湴敲㍜扲捴牣敮硥⁛ㄱ㐶㠸′〰㠭ㄲⴲ㑝
䉲潴桥爠䥮摵獴物敳Ⱐ䱴搮⤍ੈ䭌䴭砳㉜⸮⹜創渺⁛䑩慭潮摢慣歝‽㸠唺屐牯杲慭浥屒慺敲屒慺敲屄楡浯湤扡捫屲慺敲桩搮數攠嬲㈶㠱㘠㈰〹ⴱ〭〹崠⠩ഊ䡋䱍㌲尮⸮屒畮㨠孄䱓卥牶楣敝‽㸠≕㩜偲潧牡浭敜䑙䵏⁌慢敬⁓潦瑷慲敜䑌卓敲癩捥硥∍ੈ䭌䴭砳㉜⸮⹜創渺⁛偄䙐物湴崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜偄䘲㑜灤昲㐮數攠嬲㐳㈠㈰ㄶⴰ㜭〵崠⡇敥欠卯晴睡牥⁇浢䠩ഊ䡋䱍㌲尮⸮屒畮㨠孁獩潔桫㌲剥杝‽㸠剅䝓噒㌲⹅塅 匠䍔䅓䥏⹄䱌ഊ䡋䱍㌲尮⸮屒畮㨠孃呈敬灥牝‽㸠䍔䡅䱐䕒⹅塅
ੈ䭌䴭砳㉜⸮⹜創渺⁛䅖䵗污湃汩敮瑝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屡癭睬慮獴楣歜睬慮杵椮數攠嬲㔳㐴′〱〭ⴲ㉝
䅖䴠䉥牬楮⤍ੈ䭌䴭砳㉜⸮⹜創渺⁛慶杮瑝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屁癩牡屁湴楖楲⁄敳歴潰屡癧湴硥⁛㤱㜵㜶′〱㘭ㄲⴱ㕝
䅶楲愠佰敲慴楯湳⁇浢䠠☠䍯⸠䭇⤍ੈ䭌䴭砳㉜⸮⹜創渺⁛䅶楲愠卹獴牡祓瑡牴呲楧来牝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屁癩牡屌慵湣桥牜䅶楲愮卹獴牡祓瑡牴呲楧来爮數攠嬶ㄸ㤶′〱㘭ㄲⴲ㥝
䅶楲愠佰敲慴楯湳⁇浢䠠☠䍯⸠䭇⤍ੈ䭌䴭砳㉜⸮⹜創渺⁛䍨散歎䑉卐潲瑆ち捁㝝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屈潳瑬敳猠䵯摥浜漲⁓畲晳瑩捫屃桥捫乄䥓偯牴彤昮數攠嬴ㄹ〷㈠㈰ㄳⴰ㔭崠⠩ഊ䡋䱍㌲尮⸮屒畮㨠孃慮捥汁畴潐污祟摦崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䡯獴汥獳⁍潤敭屯㈠卵牦獴楣歜䍡湣敬䅵瑯偬慹彤昮數攠嬴㐶㜲〠㈰ㄳⴰ㔭崠⠩ഊ䡋䱍尮⸮屗楮汯杯渺⁛啳敲楮楴崠䌺屗楮摯睳屓祳瑥洳㉜啳敲楮楴硥Ⱐ嬳〷㈰′〱〭ㄱⴲそ
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋䱍㌲尮⸮屗楮汯杯渺⁛啳敲楮楴崠䌺屗楮摯睳屳祳坏圶㑜畳敲楮楴硥⁛㈶㘲㐠㈰ⴱㄭ㈰崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭌䵜⸮⹜坩湬潧潮㨠孓桥汬崠數灬潲敲硥⁛㌲㈹㘹㘠㈰ㄶⴰ㠭㈹崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭌䴭砳㉜⸮⹜坩湬潧潮㨠孓桥汬崠數灬潲敲硥⁛㈹㜲㘷㈠㈰ㄶⴰ㠭㈹崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭌䵜⸮⹜偯汩捩敳居硰汯牥爺⁛乯䅣瑩癥䑥獫瑯灝‱ഊ䡋䱍尮⸮屐潬楣楥獜䕸灬潲敲㨠孎潁捴楶敄敳歴潰䍨慮来獝‱ഊ䡋䱍尮⸮屐潬楣楥獜䕸灬潲敲㨠孆潲捥䅣瑩癥䑥獫瑯灏湝‰ഊ䡋啜匭ㄭ㔭ㄹ尮⸮屒畮㨠孓楤敢慲崠㴾⁃㩜偲潧牡洠䙩汥獜坩湤潷猠卩摥扡牜卩摥扡爮數攠嬱㐷㔵㠴′〱〭ㄱⴲそ
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋啜匭ㄭ㔭ㄹ尮⸮屒畮佮捥㨠孭捴慤浩湝‽㸠䌺屗楮摯睳屓祳瑥洳㉜浣瑡摭楮硥⁛㤷㈸〠㈰〹ⴰ㜭ㄴ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭕屓ⴱⴵⴲぜ⸮⹜創渺⁛卩摥扡牝‽㸠䌺屐牯杲慭⁆楬敳屗楮摯睳⁓楤敢慲屓楤敢慲硥⁛ㄴ㜵㔸㐠㈰ⴱㄭ㈰崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭕屓ⴱⴵⴲぜ⸮⹜創湏湣攺⁛浣瑡摭楮崠㴾⁃㩜坩湤潷獜卹獴敭㌲屭捴慤浩渮數攠嬹㜲㠰′〰㤭〷ⴱ㑝
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屒畮㨠孁摯扥䉲楤来崠㴾⁛塝ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屒畮㨠孄䅅䵏丠呯潬猠䱩瑥崠㴾⁕㩜偲潧牡浭敜䑁䕍低⁔潯汳⁌楴敜䑔䱩瑥硥⁛㔵㠳ㄲ〠㈰ㄵⴰ㈭㈶崠⡄楳挠卯晴⁌瑤⤍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛却敡浝‽㸠嘺屇慭敳屓瑥慭屳瑥慭硥⁛㈸㠱㠲㐠㈰ㄷⴰㄭㄹ崠⡖慬癥⁃潲灯牡瑩潮⤍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛楃汯畤卥牶楣敳崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䍯浭潮⁆楬敳屁灰汥屉湴敲湥琠卥牶楣敳屩䍬潵摓敲癩捥献數攍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛䅰灬敐桯瑯却牥慭獝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屃潭浯渠䙩汥獜䅰灬敜䥮瑥牮整⁓敲癩捥獜䅰灬敐桯瑯却牥慭献數攍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛楐桯湥⁐䌠卵楴敝‽㸠唺屐牯杲慭浥屩灨潮攠灣畩瑥屩偨潮敜楐桯湥屩偨潮攠偃⁓畩瑥硥 獴慲琍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛䑹浯兵楣歐物湴崠㴾⁕㩜偲潧牡浭敜䑙䵏⁌慢敬⁓潦瑷慲敜䑹浯兵楣歐物湴硥⁛ㄸ㘷〵㘠㈰ㄴⴰ㌭㈰崠⡓慮景牤Ⱐ䰮倮⤍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛偃卨潷卥牶敲崠㴾⁃㩜啳敲獜副污湤彈潭敜䅰灄慴慜䱯捡汜䑉剅䍔嘠偬慹敲屐䍓桯睓敲癥牐䵗牡灰敲硥⁛ㄶ㌲㜵㈠㈰ㄵⴰ㠭㈳崠⡃楳捯⤠㰽㴽㴽⁁䍈呕乇ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屒畮㨠孏捴潳桡灥⁓瑲敡浩湧⁓敲癩捥獝‽㸠䌺展獥牳屒潬慮摟䡯浥屁灰䑡瑡屒潡浩湧屏捴潳桡灥屏捴潳桡灥⁓瑲敡浩湧⁓敲癩捥獜佣瑯獨慰敃汩敮琮數攠嬵〰〱㘠㈰ㄴⴰ㠭〱崠⡏捴潳桡灥⁁灓⤍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜䵯畮瑐潩湴猲㨠删ⴠ刺屁畴潒畮硥ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屍潵湴偯楮瑳㈺⁻ㄸㄷ㝥㤷ⴸㄹ搭ㄱ收ⵢ挶㠭〰ㅣ㑡晢㤲㜴素ⴠ伺屁畴潒畮硥ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屍潵湴偯楮瑳㈺⁻ㄸㄷ㝥愱ⴸㄹ搭ㄱ收ⵢ挶㠭〰ㅣ㑡晢㤲㜴素ⴠ伺屁畴潒畮硥ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屍潵湴偯楮瑳㈺⁻㑤㉤慤㠴ⵤ戸〭ㄱ攴ⴹ㌴㠭ㄴ摡改敢搴㌷素ⴠ伺屓䕔啐⹅塅ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屍潵湴偯楮瑳㈺⁻愶挴摢搴ⵤ慢戭ㄱ攴ⴹ㈴㠭挲㔲愰㌷捣㤷素ⴠ刺屰畳桩湳琮數攍ੈ䭕屓ⴱⴵⴱ㡜⸮⹜創湏湣攺⁛卐剥癩敷崠㴾⁃㩜坩湤潷獜卹獴敭㌲屓偒敶楥睜卐剥癩敷硥⁛㌰ㄵ㘸′〱㔭〴ⴰ㙝
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋䱍尮⸮屐牯癩摥牳屉湴敲湥琠偲楮琠偲潶楤敲㨠䌺屗楮摯睳屳祳瑥洳㉜楮整灰汬⁛ㄶ㘴〰′〱㘭〶ⴲ㙝
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋䱍尮⸮屐牯癩摥牳屌慮䵡渠偲楮琠卥牶楣敳㨠䌺屗楮摯睳屳祳瑥洳㉜睩渳㉳灬汬⁛㜵㘷㌶′〱㘭〹ⴰ㥝
䵩捲潳潦琠䍯牰潲慴楯温ഊ䱳愺⁛䅵瑨敮瑩捡瑩潮⁐慣歡来獝獶ㅟ」ੌ獡㨠孎潴楦楣慴楯渠偡捫慧敳崠獣散汩ഊ卥捵物瑹偲潶楤敲猺牥摳獰汬ഊ卓佄䰺⁗敢䍨散欠ⴠ筅㙆䈵䔲〭䑅㌵ⴱㅃ䘭㥃㠷ⴰぁ䄰〵ㄲ㝅䑽*†䭥楮攠䑡瑥植协䑌㌲㨠坥扃桥捫*⁻䔶䙂㕅㈰ⵄ䔳㔭ㄱ䍆ⴹ䌸㜭〰䅁〰㔱㈷䕄素ⴠ⁋敩湥⁄慴敩ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛䕮桡湣敤却潲慧敓桥汬崠ⴾ⁻䐹ㄴ㑄䍄ⵅ㤹㠭㑅䍁ⵁ䈶䄭䑃䐸㍃䍂䄱㙄素㴾⁃㩜坩湤潷獜獹獴敭㌲居桓瑯牓桥汬汬⁛㈰〹ⴰ㜭ㄴ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍桥汬䥣潮佶敲污祉摥湴楦楥牳㨠孏晦汩湥⁆楬敳崠ⴾ⁻㑅㜷ㄳㅄⴳ㘲㤭㐳ㅣⴹ㠱㠭䌵㘷㥄䌸㍅㠱素㴾⁃㩜坩湤潷獜卹獴敭㌲屣獣畩汬⁛㈰ⴱㄭ㈰崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍桥汬䥣潮佶敲污祉摥湴楦楥牳㨠孓桡物湧偲楶慴敝*㸠笰㠲㐴䕅㘭㤲䘰ⴴ㝦㈭㥆䌹ⴹ㈹䉁䄲䔷㈳㕽‽㸠䌺屗楮摯睳屳祳瑥洳㉜湴獨牵椮摬氠嬲〱㈭〱ⴰ㑝
䵩捲潳潦琠䍯牰潲慴楯温ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猭砳㈺⁛䕮桡湣敤却潲慧敓桥汬崠ⴾ⁻䐹ㄴ㑄䍄ⵅ㤹㠭㑅䍁ⵁ䈶䄭䑃䐸㍃䍂䄱㙄素㴾⁃㩜坩湤潷獜卹獗佗㘴居桓瑯牓桥汬汬⁛㈰〹ⴰ㜭ㄴ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍桥汬䥣潮佶敲污祉摥湴楦楥牳㌲㨠孓桡物湧偲楶慴敝*㸠笰㠲㐴䕅㘭㤲䘰ⴴ㝦㈭㥆䌹ⴹ㈹䉁䄲䔷㈳㕽‽㸠䌺屗楮摯睳屓祳坏圶㑜湴獨牵椮摬氠嬲〱㈭〱ⴰ㑝
䵩捲潳潦琠䍯牰潲慴楯温ഊ却慲瑵瀺⁃㩜偲潧牡浄慴慜䵩捲潳潦瑜坩湤潷獜却慲琠䵥湵屐牯杲慭獜却慲瑵灜䱡畮捨礮汮欠嬲〱㔭〴ⴰ㕝ഊ卨潲瑣畴呡牧整㨠䱡畮捨礮汮欠ⴾ⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䱡畮捨祜䱡畮捨礮數攠⠩ഊ却慲瑵瀺⁃㩜偲潧牡浄慴慜䵩捲潳潦瑜坩湤潷獜却慲琠䵥湵屐牯杲慭獜却慲瑵灜偲楮瑫敹㈰〰湫⁛㈰ㄵⴰ㔭ㄷ崍桯牴捵瑔慲来琺⁐物湴步礲〰〮汮欠ⴾ⁕㩜偲潧牡浭敜偲楮瑋敹㈰〰屐物湴步礲〰〮數攠⡆牥搧猠卯晴睡牥⤍瑡牴異㨠䌺屐牯杲慭䑡瑡屍楣牯獯晴屗楮摯睳屓瑡牴⁍敮畜偲潧牡浳屓瑡牴異屓捲敥湍慮慧敲⁐牯潲⁌䍄⁖敲㌮㌮㌮汮欠嬲〱㔭〴ⴰ㑝ഊ卨潲瑣畴呡牧整㨠卣牥敮䵡湡来爠偲漠景爠䱃䐠噥爳⸳⸳湫*㸠䌺屐牯杲慭⁆楬敳
砸㘩居䥚作卣牥敮䵡湡来爠偲漠景爠䱃䑜䱣摣瑲氮數攠⡅䥚传䍯牰潲慴楯温ഊ却慲瑵瀺⁃㩜啳敲獜副污湤彈潭敜䅰灄慴慜副慭楮杜䵩捲潳潦瑜坩湤潷獜却慲琠䵥湵屐牯杲慭獜却慲瑵灜䕉婏⁅慳祐䥘湫⁛㈰ㄵⴰ㐭〴崍桯牴捵瑔慲来琺⁅䥚传䕡獹偉堮汮欠ⴾ⁕㩜偲潧牡浭敜䕉婏⁅慳祐䥘居䥚传䕡獹偉堮數攠⠩ഊ
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0E6504EB-8100-43F5-85E2-C051E8E74838}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0F2D20F3-211E-484D-8E20-E2E6ED003411}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{0F8AA8EC-B565-412C-88A4-28FBC08B8CC4}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9733a813
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9733a813
HKU\S-1-5-21-1586491574-1117352788-3011048425-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1586491574-1117352788-3011048425-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1586491574-1117352788-3011048425-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1586491574-1117352788-3011048425-1000 -> {38967B81-6133-4591-90EC-E3812C7D79C5} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1586491574-1117352788-3011048425-1000 -> {4B4E23CD-200D-4F20-820D-E80E56AB17AF} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1586491574-1117352788-3011048425-1000 -> {A87F2632-354F-487D-9140-82B953B5272C} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1586491574-1117352788-3011048425-1000 -> {C2E986AF-4EE0-4CBC-AED9-B838F64D1756} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://files.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
FireFox:
========
FF DefaultProfile: iprwapdk.default
FF ProfilePath: C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default [2017-02-12]
FF NewTab: Mozilla\Firefox\Profiles\iprwapdk.default -> about:newtab
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\iprwapdk.default -> Search Provided by Bing
FF Homepage: Mozilla\Firefox\Profiles\iprwapdk.default -> hxxp://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-9733a813
FF Extension: (All Downloader Professional) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\alldownloader@link64.xpi [2016-05-02]
FF Extension: (EPUBReader) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2017-01-18]
FF Extension: (Video DownloadHelper) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-01-12]
FF Extension: (Flash and Video Download) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-11-05]
FF Extension: (DownThemAll!) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-21]
FF Extension: (Greasemonkey) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-09-10]
FF Extension: (Copy All Links) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{e6a9a96e-4a08-4719-b9bd-0e91c35aaabc}.xpi [2016-05-05]
FF SearchPlugin: C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\searchplugins\Search Provided by Bing.xml [2016-02-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-22] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> U:\Programme\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-05-14] (DivX, LLC)
FF Plugin-x32: @dymo.com/DymoLabelFramework -> U:\Programme\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2014-03-20] ( Sanford L.P.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-1586491574-1117352788-3011048425-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Roland_Home\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1411300-0-npoctoshape.dll [2014-11-30] (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Roland_Home\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2016-03-19] (Octoshape ApS)
StartMenuInternet: FIREFOX.EXE - U:\Programme\mozilla Firefox\firefox.exe
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.bing.com/search?FORM=INCOH1&PC=IC03&PTAG=ICO-9733a813
CHR StartupUrls: Default -> "hxxp://www.bing.com/search?FORM=INCOH1&PC=IC03&PTAG=ICO-9733a813"
CHR Profile: C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default [2017-02-23]
CHR Extension: (Google Präsentationen) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-04]
CHR Extension: (Google Docs) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-04]
CHR Extension: (Google Drive) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (OneTab) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2017-02-22]
CHR Extension: (Google-Suche) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (ICE Quick Stream) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpioikmjnfipgphjldakcaocbbpnfabl [2016-08-01]
CHR Extension: (Google Tabellen) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-04]
CHR Extension: (Trusted Shops-Erweiterung für Google Chrome) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcpnemckonbbmnoakbjgjkgokkbaeo [2017-01-24]
CHR Extension: (Google Docs Offline) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Windscribe - Free VPN and Ad Block) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2016-11-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Google Mail) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-08-16] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-01-19] (Digital Wave Ltd.)
R3 Disc Soft Lite Bus Service; U:\Programme\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd)
R2 DymoPnpService; U:\Programme\DYMO Label Software\DymoPnpService.exe [33072 2014-03-20] (Sanford, L.P.)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [Datei ist nicht signiert]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [456640 2016-10-25] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [456640 2016-10-25] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-10-25] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files (x86)\PureVPN\bin\openvpnserv.exe [31872 2015-12-23] (The OpenVPN Project)
S3 Origin Client Service; V:\Games\Origin\OriginClientService.exe [2119688 2017-01-06] (Electronic Arts)
S2 Origin Web Helper Service; V:\Games\Origin\OriginWebHelperService.exe [2180624 2017-01-06] (Electronic Arts)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672024 2015-02-26] (Wacom Technology, Corp.)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176464 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148032 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-06-14] (Avira Operations GmbH & Co. KG)
S3 cpuz138; C:\Users\Roland_Home\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2016-10-28] (CPUID) <==== ACHTUNG
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-05] (Disc Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-10-25] (NVIDIA Corporation)
S1 qbqfdcxe; C:\Windows\system32\drivers\qbqfdcxe.sys [55168 2017-02-23] (Microsoft Corporation)
S3 Razerlow; C:\Windows\System32\drivers\Razerlow.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd)
S3 Spyder3; C:\Windows\System32\DRIVERS\Spyder3.sys [15360 2012-09-14] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [Datei ist nicht signiert]
S1 ayjzwrjw; \??\C:\Windows\system32\drivers\ayjzwrjw.sys [X]
S1 bofynfnn; \??\C:\Windows\system32\drivers\bofynfnn.sys [X]
S1 cgvnhzhf; \??\C:\Windows\system32\drivers\cgvnhzhf.sys [X]
S1 cscnwuhb; \??\C:\Windows\system32\drivers\cscnwuhb.sys [X]
S1 fiwrpoqx; \??\C:\Windows\system32\drivers\fiwrpoqx.sys [X]
S1 gfjcndos; \??\C:\Windows\system32\drivers\gfjcndos.sys [X]
S1 iolzhsti; \??\C:\Windows\system32\drivers\iolzhsti.sys [X]
S1 ipdlodvv; \??\C:\Windows\system32\drivers\ipdlodvv.sys [X]
S1 iyystmel; \??\C:\Windows\system32\drivers\iyystmel.sys [X]
S1 jbzjfygl; \??\C:\Windows\system32\drivers\jbzjfygl.sys [X]
S1 jcbyyxin; \??\C:\Windows\system32\drivers\jcbyyxin.sys [X]
S1 jhonxmzw; \??\C:\Windows\system32\drivers\jhonxmzw.sys [X]
S1 jiljbspe; \??\C:\Windows\system32\drivers\jiljbspe.sys [X]
S1 kcllgghf; \??\C:\Windows\system32\drivers\kcllgghf.sys [X]
S1 qxxcibpv; \??\C:\Windows\system32\drivers\qxxcibpv.sys [X]
S1 rlpxvgjd; \??\C:\Windows\system32\drivers\rlpxvgjd.sys [X]
S1 sbgyxvsi; \??\C:\Windows\system32\drivers\sbgyxvsi.sys [X]
S1 tbrqizme; \??\C:\Windows\system32\drivers\tbrqizme.sys [X]
S1 tdgdeuho; \??\C:\Windows\system32\drivers\tdgdeuho.sys [X]
S1 udgchqci; \??\C:\Windows\system32\drivers\udgchqci.sys [X]
S1 whqjjpsr; \??\C:\Windows\system32\drivers\whqjjpsr.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-23 19:41 - 2017-02-23 19:41 - 00000000 ____D C:\Users\Roland_Home\Desktop\FRST-OlderVersion
2017-02-23 17:50 - 2017-02-23 17:50 - 00055168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qbqfdcxe.sys
2017-02-23 12:58 - 2017-02-23 13:08 - 00000000 ____D C:\AdwCleaner
2017-02-22 20:48 - 2017-02-22 20:49 - 00048209 _____ C:\Users\Roland_Home\Desktop\Addition.txt
2017-02-22 20:47 - 2017-02-23 19:42 - 00036795 _____ C:\Users\Roland_Home\Desktop\FRST.txt
2017-02-22 20:47 - 2017-02-23 19:42 - 00000000 ____D C:\FRST
2017-02-22 20:47 - 2017-02-23 19:41 - 02423296 _____ (Farbar) C:\Users\Roland_Home\Desktop\FRST64.exe
2017-02-22 20:47 - 2017-02-22 16:44 - 04015056 _____ C:\Users\Roland_Home\Desktop\AdwCleaner_6.043.exe
2017-02-22 10:18 - 2017-02-22 14:45 - 00000000 ____D C:\Users\Roland_Home\Desktop\Fernando
2017-02-22 10:17 - 2017-02-22 10:17 - 20359768 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-02-07 20:45 - 2017-02-07 20:45 - 00500857 _____ C:\Users\Roland_Home\Downloads\BoardingPass.pdf
2017-02-05 17:19 - 2017-02-05 17:19 - 01795926 _____ C:\Users\Roland_Home\Downloads\Shell_EM_Gutschein_BRD_5ct.pdf
2017-01-31 19:48 - 2017-01-31 19:48 - 00001136 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-01-28 23:54 - 2017-01-28 23:54 - 00319429 _____ C:\Users\Roland_Home\Documents\Bosch Retrofit Ecall.pdf
2017-01-26 21:51 - 2017-01-26 21:51 - 00204257 _____ C:\Users\Roland_Home\Downloads\DHL_label_2017-1-26_21-51-29.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-23 19:17 - 2015-04-04 14:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-23 17:57 - 2009-07-14 05:45 - 00013776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-23 17:57 - 2009-07-14 05:45 - 00013776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-23 17:56 - 2009-07-14 18:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2017-02-23 17:56 - 2009-07-14 18:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2017-02-23 17:56 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-23 17:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-02-23 17:49 - 2016-02-28 17:13 - 00000372 _____ C:\Windows\Tasks\JTGQQGOOU1.job
2017-02-23 17:49 - 2015-04-04 12:50 - 00090912 _____ C:\Users\Roland_Home\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-23 17:49 - 2015-04-04 12:47 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-23 17:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-23 17:49 - 2009-07-14 05:45 - 04971480 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-23 15:41 - 2015-04-05 12:22 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2017-02-23 15:40 - 2009-07-14 19:18 - 00000000 ____D C:\Windows\ShellNew
2017-02-23 15:40 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-02-23 15:40 - 2009-07-14 03:34 - 00000387 _____ C:\Windows\win.ini
2017-02-23 15:37 - 2015-04-05 12:48 - 00000000 ____D C:\Users\Roland_Home\Documents\Outlook-Dateien
2017-02-23 15:24 - 2015-04-04 12:50 - 00000000 ____D C:\Users\Roland_Home\AppData\Local\Deployment
2017-02-23 13:52 - 2015-04-04 12:46 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 13:50 - 2015-04-04 12:46 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-23 13:27 - 2015-04-05 12:21 - 00000000 ____D C:\Users\Roland_Home\AppData\Local\Microsoft Help
2017-02-23 12:54 - 2016-11-20 13:36 - 00000000 ____D C:\Users\Roland_Home\Documents\Baby
2017-02-22 12:25 - 2016-02-28 17:13 - 00000000 ____D C:\ProgramData\BrowsingSecure
2017-02-22 12:24 - 2016-02-27 23:19 - 00000000 ____D C:\Users\Roland_Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-02-22 12:23 - 2016-02-27 23:17 - 00000000 ____D C:\Users\Roland_Home\AppData\Local\JDownloader v2.0
2017-02-22 10:23 - 2015-04-13 20:05 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 10:17 - 2015-04-04 14:07 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-22 10:17 - 2015-04-04 14:07 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-22 10:17 - 2015-04-04 14:07 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-22 10:17 - 2015-04-04 14:07 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-22 10:17 - 2015-04-04 14:07 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-12 23:20 - 2016-11-23 19:23 - 00000000 ____D C:\Users\Roland_Home\AppData\LocalLow\Mozilla
2017-02-07 20:32 - 2015-04-04 12:51 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 20:32 - 2015-04-04 12:51 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-05 17:56 - 2015-10-11 15:34 - 00000000 ____D C:\Users\Roland_Home\Documents\Urlaub
2017-01-31 19:48 - 2016-06-14 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-01-31 19:48 - 2015-05-02 19:31 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-30 22:49 - 2015-04-04 14:06 - 00000000 ____D C:\Users\Roland_Home\AppData\Roaming\vlc
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-05-17 12:11 - 2015-05-17 12:12 - 0035165 __RSH () C:\Program Files (x86)\DLS8Uninstall.log
2015-05-18 20:25 - 2016-08-30 19:41 - 0000132 _____ () C:\Users\Roland_Home\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-05-25 20:11 - 2015-05-25 20:12 - 0000093 _____ () C:\Users\Roland_Home\AppData\Roaming\ARCompanion.log
2016-03-01 21:05 - 2016-03-05 15:44 - 0067913 _____ () C:\Users\Roland_Home\AppData\Roaming\PS13_panel.log
2016-02-28 13:17 - 2016-02-28 13:17 - 0000046 _____ () C:\Users\Roland_Home\AppData\Roaming\WB.CFG
2016-01-30 18:39 - 2016-01-30 23:12 - 0001456 _____ () C:\Users\Roland_Home\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2015-08-16 16:11 - 2015-08-16 16:11 - 0000017 _____ () C:\Users\Roland_Home\AppData\Local\resmon.resmoncfg
2016-07-31 13:08 - 2016-07-31 13:08 - 0042788 _____ () C:\Users\Roland_Home\AppData\Local\Tempdivx5c22
2016-06-28 05:53 - 2016-06-28 05:53 - 0262304 _____ () C:\Users\Roland_Home\AppData\Local\Tempdivxeafd
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Roland_Home\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
Einige Dateien in TEMP:
====================
2016-06-14 18:54 - 2016-06-14 18:55 - 0000000 ____D () C:\Users\Roland_Home\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-02-22 12:47
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-02-2017 01
durchgeführt von Roland_Home (23-02-2017 19:43:30)
Gestartet von C:\Users\Roland_Home\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-04-02 23:35:42)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1586491574-1117352788-3011048425-500 - Administrator - Disabled)
Gast (S-1-5-21-1586491574-1117352788-3011048425-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1586491574-1117352788-3011048425-1002 - Limited - Enabled)
Roland_Home (S-1-5-21-1586491574-1117352788-3011048425-1000 - Administrator - Enabled) => C:\Users\Roland_Home
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.2.2.000 - Asmedia Technology)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Brother MFL-Pro Suite DCP-385C (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative-Audiokonsole (HKLM-x32\...\AudioCS) (Version: 1.33 - Creative Technology Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
DIRECTV Player (HKLM-x32\...\{04f0c8c0-e0c8-4292-8676-db9174655d7a}) (Version: 12.1 - DIRECTV)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.70 - DivX, LLC)
DYMO Label v.8 (HKLM-x32\...\DYMO Label v.8) (Version: 8.5.1.1816 - Sanford, L.P.)
DYMO LabelWriter Drivers (HKLM\...\{CE16D92B-50F3-4FC5-B29C-13FAFEE1A6C6}) (Version: 8.3.0.443 - Sanford L.P.)
EOSInfo (HKLM-x32\...\{CC23FF9A-989C-4DEB-8970-50E6E4862315}) (Version: 0.2.0 - astrojargon.net)
Epic Games Launcher (HKLM\...\{B42F7D9C-53DA-4A0D-B16C-A6F85A4B9C6E}) (Version: 1.1.26.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Infinite HD™ App (HKU\S-1-5-21-1586491574-1117352788-3011048425-1000\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
MakeMKV v1.9.5 (HKLM-x32\...\MakeMKV) (Version: v1.9.5 - GuinpinSoft inc)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{F7930EE9-0929-439D-A57B-D40C2C69C890}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Firefox 51.0.1 (x86 de) (HKU\S-1-5-21-1586491574-1117352788-3011048425-1000\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
o2 Surfstick (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.11.2855 - Electronic Arts, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PrintKey2000 (HKLM-x32\...\PrintKey2000) (Version: - )
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Razer Diamondback (HKLM-x32\...\{DE4CF159-4AD2-4754-BDA0-5FB088C8B58B}) (Version: 5.01 - Razer USA Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
ScreenManager Pro for LCD (HKLM-x32\...\{DAB265AD-27B2-4651-B8D8-F4F3A8ECC705}) (Version: 3.3.3.0 - EIZO Corporation)
SHIELD Streaming (Version: 7.1.0330 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 18.1 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11-4 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Datacolor (Spyder3) USB (09/10/2007 1.0.0.3) (HKLM\...\2F24D930929D08C29A697E2C2E0574EC1CCCAE1D) (Version: 09/10/2007 1.0.0.3 - Datacolor)
Windows-Treiberpaket - Datacolor (Spyder4) USB (06/01/2011 1.0.0.1) (HKLM\...\E5E9268B6D7B0E662E34736CC110C89D595E4222) (Version: 06/01/2011 1.0.0.1 - Datacolor)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B1AC505-A87C-4262-B935-E58541A426EC} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {24656705-2C3F-414D-AD23-1B3A86F257E8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {3950B57C-600D-48E7-908B-BC577CF38E68} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {3953D91E-EF09-40CE-8592-EB4E7364A740} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-25] (NVIDIA Corporation)
Task: {8450A7E6-C07B-4007-9D30-F9511F7399CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-04] (Google Inc.)
Task: {84E31CF2-5090-4CC0-91F7-3D67AB4160CE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {9640FFAC-7371-4CBB-A8FE-DE9BBE6D4EFD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-22] (Adobe Systems Incorporated)
Task: {9CE4A9F1-56C6-4834-96DF-8D6A623F5AAA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {9CFD57B9-96BB-4D90-A690-4AE5391B9893} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-10-25] (NVIDIA Corporation)
Task: {AA948A37-B283-4608-B65F-6CE5460C75ED} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {BC6B2DFB-E863-407E-9379-2651627D2B09} - System32\Tasks\JTGQQGOOU1 => C:\ProgramData\BrowsingSecure\BrowsingSecure.exe <==== ACHTUNG
Task: {DB344B31-42C6-447B-898D-9DC02B74A798} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-04] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\JTGQQGOOU1.job => C:\ProgramData\BrowsingSecure\BrowsingSecure.exe <==== ACHTUNG
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Public\Desktop\o2 Surfstick.lnk -> C:\Program Files (x86)\Hostless Modem\o2 Surfstick\LaunchWebUI.exe () -> hxxp://o2surf.stick
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-12-17 18:38 - 2015-12-17 18:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-12 19:23 - 2015-03-12 19:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-12 19:23 - 2015-03-12 19:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-04-05 19:42 - 2010-04-03 13:05 - 00380928 _____ () C:\Program Files (x86)\Launchy\Launchy.exe
2015-08-23 12:06 - 2015-08-23 12:06 - 01384416 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
2015-04-04 13:31 - 2013-07-26 08:33 - 00142336 _____ () U:\Programme\EIZO EasyPIX\EIZO EasyPIX.exe
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-04-21 12:13 - 2009-10-09 19:11 - 00226816 _____ () U:\Programme\Razer\Razer\Diamondback\razerhid.exe
2016-10-04 20:28 - 2013-05-10 12:03 - 00419072 _____ () C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CheckNDISPort_df.exe
2016-10-04 20:28 - 2013-05-10 12:03 - 00446720 _____ () C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CancelAutoPlay_df.exe
2015-04-04 13:31 - 2013-07-26 08:33 - 00074240 _____ () U:\Programme\EIZO EasyPIX\core\ep_eacore.exe
2016-10-28 19:37 - 2016-10-25 21:19 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-28 19:37 - 2016-10-25 21:19 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-28 19:37 - 2016-10-25 21:19 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2015-04-04 12:47 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-05 23:08 - 2015-02-26 23:16 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2015-04-05 21:08 - 2016-12-23 19:28 - 00657184 _____ () V:\Games\Steam\SDL2.dll
2015-04-05 21:08 - 2016-09-01 02:02 - 04969248 _____ () V:\Games\Steam\v8.dll
2015-04-05 21:08 - 2016-09-01 02:02 - 01563936 _____ () V:\Games\Steam\icui18n.dll
2015-04-05 21:08 - 2016-09-01 02:02 - 01195296 _____ () V:\Games\Steam\icuuc.dll
2015-04-05 21:08 - 2017-01-19 02:30 - 02327840 _____ () V:\Games\Steam\video.dll
2015-04-05 21:08 - 2016-01-27 08:49 - 02549760 _____ () V:\Games\Steam\libavcodec-56.dll
2015-04-05 21:08 - 2016-01-27 08:49 - 00442880 _____ () V:\Games\Steam\libavutil-54.dll
2015-04-05 21:08 - 2016-01-27 08:49 - 00491008 _____ () V:\Games\Steam\libavformat-56.dll
2015-04-05 21:08 - 2016-01-27 08:49 - 00332800 _____ () V:\Games\Steam\libavresample-2.dll
2015-04-05 21:08 - 2016-01-27 08:49 - 00485888 _____ () V:\Games\Steam\libswscale-3.dll
2015-04-05 21:08 - 2017-01-19 02:30 - 00838432 _____ () V:\Games\Steam\bin\chromehtml.DLL
2014-03-20 21:50 - 2014-03-20 21:50 - 00093696 _____ () U:\Programme\DYMO Label Software\DYMO.Common.dll
2015-04-05 19:42 - 2009-12-16 22:13 - 08314880 _____ () C:\Program Files (x86)\Launchy\QtGui4.dll
2015-04-05 19:42 - 2009-12-16 21:54 - 02236416 _____ () C:\Program Files (x86)\Launchy\QtCore4.dll
2015-04-05 19:42 - 2009-12-16 21:56 - 00712704 _____ () C:\Program Files (x86)\Launchy\QtNetwork4.dll
2015-04-05 19:42 - 2009-12-17 00:18 - 00233472 _____ () C:\Program Files (x86)\Launchy\imageformats\qmng4.dll
2015-04-05 19:42 - 2010-04-03 21:40 - 00081920 _____ () C:\Program Files (x86)\Launchy\plugins\calcy.dll
2015-04-05 19:42 - 2010-04-03 13:05 - 00090112 _____ () C:\Program Files (x86)\Launchy\plugins\controly.dll
2015-04-05 19:42 - 2010-04-03 13:06 - 00024064 _____ () C:\Program Files (x86)\Launchy\plugins\gcalc.dll
2015-04-05 19:42 - 2010-04-03 13:06 - 00094208 _____ () C:\Program Files (x86)\Launchy\plugins\runner.dll
2015-04-05 19:42 - 2010-04-03 13:05 - 00057344 _____ () C:\Program Files (x86)\Launchy\plugins\verby.dll
2015-04-05 19:42 - 2010-04-03 13:05 - 00122880 _____ () C:\Program Files (x86)\Launchy\plugins\weby.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 11424224 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\PCShowServer.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 03301344 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\DrmSingleton.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 00340440 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\ndsLogStore.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 02101224 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\DiscoveryManager.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 08347104 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\gsttspplugin.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 00690152 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 01404376 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\libxml2-2.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 00093128 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\z.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-04-20 08:58 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-04-04 13:31 - 2013-07-26 08:33 - 00155648 _____ () U:\Programme\EIZO EasyPIX\core\libcolour.dll
2015-04-04 13:31 - 2013-07-26 08:33 - 00299008 _____ () U:\Programme\EIZO EasyPIX\core\plugins\ep_Procs.dll
2016-10-28 19:37 - 2016-10-25 21:19 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-13 17:29 - 2017-01-05 04:12 - 68813088 _____ () V:\Games\Steam\bin\cef\cef.win7\libcef.dll
2015-04-05 21:08 - 2017-01-19 02:30 - 00383776 _____ () V:\Games\Steam\steam.dll
2016-10-28 19:37 - 2016-10-25 20:57 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-28 19:37 - 2016-10-25 20:57 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-28 19:37 - 2016-10-25 20:57 - 02808256 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-28 19:37 - 2016-10-25 21:19 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-28 19:37 - 2016-10-25 21:19 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-28 19:37 - 2016-10-25 20:57 - 00246840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-28 19:37 - 2016-10-25 20:57 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-28 19:37 - 2016-10-25 20:57 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-28 19:37 - 2016-10-25 20:57 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2017-02-07 20:32 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 20:32 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows\system32\Drivers\qbqfdcxe.sys:changelist [394]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1586491574-1117352788-3011048425-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Roland_Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{C3E40374-4844-4F49-85FA-A82A1CC5483C}] => (Allow) U:\Programme\mozilla Firefox\firefox.exe
FirewallRules: [{266DD0B7-3E3C-45D8-B7F7-D90173195D35}] => (Allow) U:\Programme\mozilla Firefox\firefox.exe
FirewallRules: [{DC0077D0-74CA-4A46-9DBB-0CF93D1DEA2D}] => (Allow) U:\Programme\EIZO EasyPIX\core\ep_eacore.exe
FirewallRules: [{47EE74CE-4F2C-403E-8912-02F3EDA06445}] => (Allow) U:\Programme\EIZO EasyPIX\core\ep_eacore.exe
FirewallRules: [TCP Query User{62E4B3F7-490D-40C1-9D69-264B4BA3663A}U:\programme\eizo easypix\core\ep_eacore.exe] => (Allow) U:\programme\eizo easypix\core\ep_eacore.exe
FirewallRules: [UDP Query User{14B2C29F-66F9-41E0-9C67-E06C02E571D8}U:\programme\eizo easypix\core\ep_eacore.exe] => (Allow) U:\programme\eizo easypix\core\ep_eacore.exe
FirewallRules: [{3A78560A-E13C-4CCF-8987-61254D871314}] => (Allow) V:\Games\Steam\Steam.exe
FirewallRules: [{A9494D7F-24D6-4709-B0E5-338CF4D7A148}] => (Allow) V:\Games\Steam\Steam.exe
FirewallRules: [{CC55FE32-2FFA-41E2-B8ED-BCD6BFA84909}] => (Allow) V:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{4977C292-E1CC-4307-85CD-549AA26F5883}] => (Allow) V:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{AB791484-6B18-42A2-B14D-BDF84AAC985C}] => (Allow) U:\Programme\iphone pc suite\iPhone\iPhone PC Suite.exe
FirewallRules: [TCP Query User{87FECFD0-0191-403F-A648-7EF2765D5495}U:\programme\iphone pc suite\iphone\iphone pc suite.exe] => (Allow) U:\programme\iphone pc suite\iphone\iphone pc suite.exe
FirewallRules: [UDP Query User{6C695153-DE49-4B58-8BE0-4F6C66BE1009}U:\programme\iphone pc suite\iphone\iphone pc suite.exe] => (Allow) U:\programme\iphone pc suite\iphone\iphone pc suite.exe
FirewallRules: [{A06D7E3D-B6AF-4CB0-96B1-41B54DDDB362}] => (Allow) U:\Programme\iphone pc suite\iPhone\iPhone\iPhone PC Suite.exe
FirewallRules: [{DE915347-418A-44E1-A56A-0064B625F92D}] => (Allow) U:\Programme\iphone pc suite\iPhone\iPhone\iPhone PC Suite.exe
FirewallRules: [TCP Query User{F642A195-58F5-4CDA-A796-F834ACF9FFBC}U:\programme\iphone pc suite\iphone\iphone\iphone pc suite.exe] => (Allow) U:\programme\iphone pc suite\iphone\iphone\iphone pc suite.exe
FirewallRules: [UDP Query User{D051B3AA-75C1-46D8-B1D7-5233D75672B7}U:\programme\iphone pc suite\iphone\iphone\iphone pc suite.exe] => (Allow) U:\programme\iphone pc suite\iphone\iphone\iphone pc suite.exe
FirewallRules: [{9BB768D3-5123-4686-B96D-A67532B0F347}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{AC05AB11-09AC-424D-8AA3-37C8E235D81D}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{F76CF876-4AF1-431B-9FD0-6E1E31EBCFC6}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe
FirewallRules: [{9F7B9210-7C6E-4E86-A6BB-E2AFBAA96A4A}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe
FirewallRules: [{A676E62A-69DB-4049-AB01-72AA27E74256}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe
FirewallRules: [{E3F63039-95D0-4C4B-A221-1203AC04B1A3}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe
FirewallRules: [TCP Query User{B14450C9-B9A1-40D0-8462-E0EE37E9C28D}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [UDP Query User{B3DB7308-AC2B-43CC-AB1E-0512227629B8}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [TCP Query User{49A3C609-6679-45C9-B20C-4A86742E308E}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{5B690F75-1D65-4966-8405-186E35639F0A}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [TCP Query User{B54EB4BA-EB64-41E6-930A-B8096358E758}U:\programme\myphoneexplorer\myphoneexplorer.exe] => (Allow) U:\programme\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{74D4CF25-1423-41A4-BA0E-174710ED8BA6}U:\programme\myphoneexplorer\myphoneexplorer.exe] => (Allow) U:\programme\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{68695E19-EBA8-485E-B384-7B66400BA4A3}V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{FAE2D181-35B4-4668-9F93-D883F699C5D1}V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{64D8830A-15B3-4F24-8B45-A99B2E7CF040}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{E8034F27-F8FB-48C7-A37A-736E34F1D58B}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [{F8CCA8D6-3FC2-4731-A0C4-AEA7BA4F01F8}] => (Allow) V:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{ADD94016-3FB9-47F5-9274-AAF1D6713CC0}] => (Allow) V:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{8ABC7E1E-2D4A-4879-B5EC-12C540681A67}C:\users\roland_home\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\roland_home\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [UDP Query User{0FF18F01-8EDE-44E1-B144-2385C4463417}C:\users\roland_home\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\roland_home\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [{1E4A9BD7-47F3-44AF-9865-EF6ECA515C5C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{2D74EF71-62CE-41D3-BD4C-560A378FE733}C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe] => (Allow) C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe
FirewallRules: [UDP Query User{3D32824E-466A-4867-AB0C-A79A38CF9579}C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe] => (Allow) C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe
FirewallRules: [TCP Query User{42605DE7-B3CA-4877-B884-8755D3AE1373}C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe] => (Block) C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe
FirewallRules: [UDP Query User{84C8C230-8637-4D7F-A6FD-7F0F72B17C99}C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe] => (Block) C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe
FirewallRules: [{6F8451F6-14AB-451D-AA08-F34B60DB0372}] => (Allow) V:\Games\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{20689770-B14F-42FE-A3ED-48EAAD833748}] => (Allow) V:\Games\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [TCP Query User{B517072F-1330-4715-9A2F-5E198FAB6154}V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{99316F35-4ED4-4BE8-8847-07EE9E8AED13}V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{BC694C79-1C03-470A-98B5-68935A05B5FE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{652A3B69-A09B-4FF2-9122-DFCD05A6094F}] => (Allow) LPort=2869
FirewallRules: [{F12CB7FA-1977-4056-BCCE-41D1EFB04132}] => (Allow) LPort=1900
FirewallRules: [{35554111-265F-4D57-B009-AB170C57338E}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\VideoEditor.exe
FirewallRules: [{0962888F-0C01-4E0A-A1E1-6412DE304BF5}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\VideoEditor.exe
FirewallRules: [{FD86386A-7E1A-4C95-842F-42FEC716FE9E}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\Activation.exe
FirewallRules: [{F65DA454-72B8-44C7-B829-0498D7D4495C}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\Activation.exe
FirewallRules: [{3E42F178-A9A6-4471-9D78-6EB20C6C1327}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\Updater.exe
FirewallRules: [{DB4BA784-D261-4E04-9F9B-B29D5B7CEFE3}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\Updater.exe
FirewallRules: [{0E579F88-3E12-49FD-88CB-915C425C059E}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{7A29CD6F-27F9-4BCB-821E-6A24918329B4}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{F0FDD74A-D56C-4E11-9EAE-303374EF4EA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{8A2B221D-B683-4F10-A3B8-F283C20C26CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{B40F491B-51B4-4ACA-8CE2-39C9D2FCEBFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FC4E6C28-E381-4AD7-A7AB-10A0FAD4E460}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{17D3F55F-23C9-4329-8EFE-22E431E7E71D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{445059C9-817B-49CA-BE78-1C6C91BDC05D}] => (Allow) V:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2CA44B9B-F1B5-4A76-AED0-76344CC8F44F}] => (Allow) V:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{4B62DB26-A2CF-4735-B7FC-890FCCBBC10D}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{9A5C39CD-C435-4126-BF06-2FBF98088970}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [{A8D112BD-9701-44D9-9A17-B514BFB19099}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: HID-konforme Maus
Description: HID-konforme Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/22/2017 02:49:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avcenter.exe, Version 15.0.24.143 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 9b0
Startzeit: 01d28d11b591e986
Endzeit: 60000
Anwendungspfad: c:\program files (x86)\avira\antivir desktop\avcenter.exe
Berichts-ID: 0bc122e0-f905-11e6-a6fa-14dae9ebd437
Error: (02/02/2017 05:07:50 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:50.702]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:49 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:49.201]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:47 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:47.701]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:46 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:46.201]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:44 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:44.701]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:43 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:43.201]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:41 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:41.701]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:40 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:40.201]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:38 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:38.701]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Systemfehler:
=============
Error: (02/23/2017 05:50:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (02/23/2017 05:50:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 16365.23 MB
Verfügbarer physikalischer RAM: 12768.06 MB
Summe virtueller Speicher: 32728.64 MB
Verfügbarer virtueller Speicher: 29017.32 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:117.28 GB) (Free:14.44 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Media2_1) (Fixed) (Total:244.14 GB) (Free:177.91 GB) NTFS
Drive f: (Backup_1) (Fixed) (Total:247.91 GB) (Free:1.9 GB) NTFS
Drive g: (Downloads_1) (Fixed) (Total:195.21 GB) (Free:55.29 GB) NTFS
Drive h: (Media_1) (Fixed) (Total:244.14 GB) (Free:41.44 GB) NTFS
Drive j: (Lokaler Datenträger_2) (Fixed) (Total:244.14 GB) (Free:153.09 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive k: (Lokaler Datenträger_2) (Fixed) (Total:292.97 GB) (Free:284.74 GB) NTFS
Drive l: (Lokaler Datenträger_2) (Fixed) (Total:394.4 GB) (Free:309.91 GB) NTFS
Drive u: (Programme_3) (Fixed) (Total:292.97 GB) (Free:215.77 GB) NTFS
Drive v: (Photography_3) (Fixed) (Total:638.54 GB) (Free:427.69 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 117.4 GB) (Disk ID: 3CD8E5A4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=117.3 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9E955CC4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=492.1 GB) - (Type=OF Extended)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0E35453E)
Partition 1: (Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=394.4 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CE8596FF)
Partition 1: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=638.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
24.02.2017, 09:13
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USB Bitte Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
24.02.2017, 13:56
| #5 | |
| | Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USBZitat:
|
|
24.02.2017, 14:15
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USB Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ --> Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USB |
|
24.02.2017, 15:21
| #7 |
| | Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USB Hab ich durchgeführt... Cleanup war nicht notwendig.. er hat nichts gefunden. Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.02.24.06
rootkit: v2017.02.15.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18537
Roland_Home :: ROLAND_HOME-PC [administrator]
24.02.2017 14:17:51
mbar-log-2017-02-24 (14-17-51).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 316272
Time elapsed: 10 minute(s), 14 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
24.02.2017, 15:41
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USB Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.02.2017, 16:49
| #9 |
| | Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USB Adw-Cleaner: Code:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 24/02/2017 um 16:45:49
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-23.4 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Roland_Home - ROLAND_HOME-PC
# Gestartet von : C:\Users\Roland_Home\Desktop\AdwCleaner_6.043.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Keine schädlichen Ordner gefunden.
***** [ Dateien ] *****
Keine schädlichen Dateien gefunden.
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Keine schädlichen Aufgaben gefunden.
***** [ Registrierungsdatenbank ] *****
Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2418 Bytes] - [23/02/2017 13:03:17]
C:\AdwCleaner\AdwCleaner[S0].txt - [2392 Bytes] - [23/02/2017 13:02:43]
C:\AdwCleaner\AdwCleaner[S1].txt - [1523 Bytes] - [23/02/2017 13:08:49]
C:\AdwCleaner\AdwCleaner[S2].txt - [1445 Bytes] - [24/02/2017 16:45:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1518 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Professional x64
Ran by Roland_Home (Administrator) on 24.02.2017 at 16:46:49,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 39
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Tempdivx5c22 (File)
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Tempdivxeafd (File)
Successfully deleted: C:\Users\Roland_Home\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\worldoftanks.lnk (Shortcut)
Successfully deleted: C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\extensions\staged (Folder)
Successfully deleted: C:\Users\Roland_Home\AppData\Roaming\worldoftanks (Folder)
Successfully deleted: C:\Windows\system32\Tasks\JTGQQGOOU1 (Task)
Successfully deleted: C:\Windows\Tasks\JTGQQGOOU1.job (Task)
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1PPTBL7Y (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\24RYVEV2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E4V5HSRE (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FAG65NSA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JW383JQG (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SN43NO16 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UN6Z2I8H (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VHKYTE2J (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VW62FPQW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VY4NAAJV (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHBS4W2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Roland_Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZN1UB0UD (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1PPTBL7Y (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\24RYVEV2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E4V5HSRE (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FAG65NSA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JW383JQG (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SN43NO16 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UN6Z2I8H (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VHKYTE2J (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VW62FPQW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VY4NAAJV (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHBS4W2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZN1UB0UD (Temporary Internet Files Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.02.2017 at 16:48:24,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
24.02.2017, 20:51
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USB Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.02.2017, 22:03
| #11 |
| | Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USB FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2017 01
durchgeführt von Roland_Home (Administrator) auf ROLAND_HOME-PC (24-02-2017 22:01:16)
Gestartet von C:\Users\Roland_Home\Desktop
Geladene Profile: Roland_Home (Verfügbare Profile: Roland_Home)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) V:\Games\Steam\Steam.exe
(Sanford, L.P.) U:\Programme\DYMO Label Software\DymoQuickPrint.exe
(Cisco) C:\Users\Roland_Home\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
(Octoshape ApS) C:\Users\Roland_Home\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
() C:\Program Files (x86)\Launchy\Launchy.exe
(Fred's Software) U:\Programme\PrintKey2000\Printkey2000.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(EIZO Corporation) C:\Program Files (x86)\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe
() U:\Programme\EIZO EasyPIX\EIZO EasyPIX.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
() C:\Users\Roland_Home\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
(EIZO Corporation) C:\Program Files (x86)\EIZO\UniColor Pro\ucpro.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Sanford, L.P.) U:\Programme\DYMO Label Software\DymoPnpService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
() U:\Programme\Razer\Razer\Diamondback\razerhid.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
() C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CheckNDISPort_df.exe
() C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CancelAutoPlay_df.exe
() U:\Programme\EIZO EasyPIX\core\ep_eacore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Razer Inc.) U:\Programme\Razer\Razer\Diamondback\razerofa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) V:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Disc Soft Ltd) U:\Programme\DAEMON Tools Lite\DiscSoftBusService.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
ഊ⡗敮渠敩渠䕩湴牡朠楮楥⁆楸汩獴畦来湯浭敮⁷楲搬⁷楲搠摥爠剥杩獴特敩湴牡朠慵映摥渠却慮摡牤睥牴⁺畲쎼捫来獥瑺琠潤敲湴晥牮琮⁄楥⁄慴敩⁷楲搠湩捨琠癥牳捨潢敮⸩ഊഊ䡋䱍尮⸮屒畮㨠孁摯扥䅁䵕灤慴敲ⴱ⸰崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䍯浭潮⁆楬敳屁摯扥屏佂䕜偄䅰灜啗䅜啰摡瑥牓瑡牴異啴楬楴礮數攠嬴㐶㌹㈠㈰ㄲⴰ㐭〴崠⡁摯扥⁓祳瑥浳⁉湣潲灯牡瑥搩ഊ䡋䱍尮⸮屒畮㨠孌慵湣栠䱃潲敝‽㸠䌺屐牯杲慭⁆楬敳屌潧楴散栠䝡浩湧⁓潦瑷慲敜䱃潲攮數攠嬱㌳ㄸ㐲㐠㈰ㄵⴰ㌭ㄲ崠⡌潧楴散栠䥮挮⤍ੈ䭌䵜⸮⹜創渺⁛䵓䍝‽㸠䌺屐牯杲慭⁆楬敳屍楣牯獯晴⁓散畲楴礠䍬楥湴屭獳散敳硥⁛ㄳ㔳㘸〠㈰ㄶⴱㄭㄴ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭌䵜⸮⹜創渺⁛楔畮敳䡥汰敲崠㴾⁃㩜偲潧牡洠䙩汥獜楔畮敳屩呵湥獈敬灥爮數攠嬱㜰㈵㘠㈰ㄵⴱ㈭ㄷ崠⡁灰汥⁉湣⸩ഊ䡋䱍㌲尮⸮屒畮㨠孕湩䍯汯爠偲潝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩居䥚作啮楃潬潲⁐牯屵捰牯硥⁛㐴㈰㐱㘠㈰ㄴⴰ㔭〹崠⡅䥚传䍯牰潲慴楯温ഊ䡋䱍㌲尮⸮屒畮㨠孓睩瑣桂潡牤崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䍯浭潮⁆楬敳屁摯扥屓睩瑣桂潡牤屓睩瑣桂潡牤硥⁛㔱㜰㤶′〱〭〲ⴱ㥝
䅤潢攠卹獴敭猠䥮捯牰潲慴敤⤍ੈ䭌䴭砳㉜⸮⹜創渺⁛䅤潢敃匶卥牶楣敍慮慧敲崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䍯浭潮⁆楬敳屁摯扥屃匶卥牶楣敍慮慧敲屃匶卥牶楣敍慮慧敲硥⁛㜳㌱㈠㈰ㄲⴰ㌭〹崠⡁摯扥⁓祳瑥浳⁉湣潲灯牡瑥搩ഊ䡋䱍㌲尮⸮屒畮㨠孄楶塍敤楡卥牶敲崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䑩癘屄楶堠䵥摩愠卥牶敲屄楶塍敤楡卥牶敲硥⁛㐴㠵㈰′〱㔭〵ⴰ㕝
䑩癘Ⱐ䱌䌩ഊ䡋䱍㌲尮⸮屒畮㨠孄楶塕灤慴敝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屄楶塜䑩癘⁕灤慴敜䑩癘啰摡瑥硥⁛ㄸ㘱㤶㠠㈰ㄴⴰㄭ崠⠩ഊ䡋䱍㌲尮⸮屒畮㨠孂牍晣坮摝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩层牯瑨敲层牭晣浯湜䉲䵦捗湤硥⁛ㄱ㔹ㄶ㠠㈰〹ⴰ㔭㈶崠⡂牯瑨敲⁉湤畳瑲楥猬⁌瑤⸩ഊ䡋䱍㌲尮⸮屒畮㨠孃潮瑲潬䍥湴敲㍝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩层牯瑨敲屃潮瑲潬䍥湴敲㍜扲捴牣敮硥⁛ㄱ㐶㠸′〰㠭ㄲⴲ㑝
䉲潴桥爠䥮摵獴物敳Ⱐ䱴搮⤍ੈ䭌䴭砳㉜⸮⹜創渺⁛䑩慭潮摢慣歝‽㸠唺屐牯杲慭浥屒慺敲屒慺敲屄楡浯湤扡捫屲慺敲桩搮數攠嬲㈶㠱㘠㈰〹ⴱ〭〹崠⠩ഊ䡋䱍㌲尮⸮屒畮㨠孄䱓卥牶楣敝‽㸠≕㩜偲潧牡浭敜䑙䵏⁌慢敬⁓潦瑷慲敜䑌卓敲癩捥硥∍ੈ䭌䴭砳㉜⸮⹜創渺⁛偄䙐物湴崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜偄䘲㑜灤昲㐮數攠嬲㐳㈠㈰ㄶⴰ㜭〵崠⡇敥欠卯晴睡牥⁇浢䠩ഊ䡋䱍㌲尮⸮屒畮㨠孁獩潔桫㌲剥杝‽㸠剅䝓噒㌲⹅塅 匠䍔䅓䥏⹄䱌ഊ䡋䱍㌲尮⸮屒畮㨠孃呈敬灥牝‽㸠䍔䡅䱐䕒⹅塅
ੈ䭌䴭砳㉜⸮⹜創渺⁛䅖䵗污湃汩敮瑝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屡癭睬慮獴楣歜睬慮杵椮數攠嬲㔳㐴′〱〭ⴲ㉝
䅖䴠䉥牬楮⤍ੈ䭌䴭砳㉜⸮⹜創渺⁛䍨散歎䑉卐潲瑆ち捁㝝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屈潳瑬敳猠䵯摥浜漲⁓畲晳瑩捫屃桥捫乄䥓偯牴彤昮數攠嬴ㄹ〷㈠㈰ㄳⴰ㔭崠⠩ഊ䡋䱍㌲尮⸮屒畮㨠孃慮捥汁畴潐污祟摦崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䡯獴汥獳⁍潤敭屯㈠卵牦獴楣歜䍡湣敬䅵瑯偬慹彤昮數攠嬴㐶㜲〠㈰ㄳⴰ㔭崠⠩ഊ䡋䱍尮⸮屗楮汯杯渺⁛啳敲楮楴崠䌺屗楮摯睳屓祳瑥洳㉜啳敲楮楴硥Ⱐ嬳〷㈰′〱〭ㄱⴲそ
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋䱍㌲尮⸮屗楮汯杯渺⁛啳敲楮楴崠䌺屗楮摯睳屳祳坏圶㑜畳敲楮楴硥⁛㈶㘲㐠㈰ⴱㄭ㈰崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭌䵜⸮⹜坩湬潧潮㨠孓桥汬崠數灬潲敲硥⁛㌲㈹㘹㘠㈰ㄶⴰ㠭㈹崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭌䴭砳㉜⸮⹜坩湬潧潮㨠孓桥汬崠數灬潲敲硥⁛㈹㜲㘷㈠㈰ㄶⴰ㠭㈹崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭌䵜⸮⹜偯汩捩敳居硰汯牥爺⁛乯䅣瑩癥䑥獫瑯灝‱ഊ䡋䱍尮⸮屐潬楣楥獜䕸灬潲敲㨠孎潁捴楶敄敳歴潰䍨慮来獝‱ഊ䡋䱍尮⸮屐潬楣楥獜䕸灬潲敲㨠孆潲捥䅣瑩癥䑥獫瑯灏湝‰ഊ䡋啜匭ㄭ㔭ㄹ尮⸮屒畮㨠孓楤敢慲崠㴾⁃㩜偲潧牡洠䙩汥獜坩湤潷猠卩摥扡牜卩摥扡爮數攠嬱㐷㔵㠴′〱〭ㄱⴲそ
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋啜匭ㄭ㔭ㄹ尮⸮屒畮佮捥㨠孭捴慤浩湝‽㸠䌺屗楮摯睳屓祳瑥洳㉜浣瑡摭楮硥⁛㤷㈸〠㈰〹ⴰ㜭ㄴ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭕屓ⴱⴵⴲぜ⸮⹜創渺⁛卩摥扡牝‽㸠䌺屐牯杲慭⁆楬敳屗楮摯睳⁓楤敢慲屓楤敢慲硥⁛ㄴ㜵㔸㐠㈰ⴱㄭ㈰崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭕屓ⴱⴵⴲぜ⸮⹜創湏湣攺⁛浣瑡摭楮崠㴾⁃㩜坩湤潷獜卹獴敭㌲屭捴慤浩渮數攠嬹㜲㠰′〰㤭〷ⴱ㑝
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屒畮㨠孁摯扥䉲楤来崠㴾⁛塝ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屒畮㨠孄䅅䵏丠呯潬猠䱩瑥崠㴾⁕㩜偲潧牡浭敜䑁䕍低⁔潯汳⁌楴敜䑔䱩瑥硥⁛㔵㠳ㄲ〠㈰ㄵⴰ㈭㈶崠⡄楳挠卯晴⁌瑤⤍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛却敡浝‽㸠嘺屇慭敳屓瑥慭屳瑥慭硥⁛㈸㠱㠲㐠㈰ㄷⴰㄭㄹ崠⡖慬癥⁃潲灯牡瑩潮⤍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛楃汯畤卥牶楣敳崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䍯浭潮⁆楬敳屁灰汥屉湴敲湥琠卥牶楣敳屩䍬潵摓敲癩捥献數攍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛䅰灬敐桯瑯却牥慭獝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屃潭浯渠䙩汥獜䅰灬敜䥮瑥牮整⁓敲癩捥獜䅰灬敐桯瑯却牥慭献數攍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛楐桯湥⁐䌠卵楴敝‽㸠唺屐牯杲慭浥屩灨潮攠灣畩瑥屩偨潮敜楐桯湥屩偨潮攠偃⁓畩瑥硥 獴慲琍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛䑹浯兵楣歐物湴崠㴾⁕㩜偲潧牡浭敜䑙䵏⁌慢敬⁓潦瑷慲敜䑹浯兵楣歐物湴硥⁛ㄸ㘷〵㘠㈰ㄴⴰ㌭㈰崠⡓慮景牤Ⱐ䰮倮⤍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜創渺⁛偃卨潷卥牶敲崠㴾⁃㩜啳敲獜副污湤彈潭敜䅰灄慴慜䱯捡汜䑉剅䍔嘠偬慹敲屐䍓桯睓敲癥牐䵗牡灰敲硥⁛ㄶ㌲㜵㈠㈰ㄵⴰ㠭㈳崠⡃楳捯⤠㰽㴽㴽⁁䍈呕乇ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屒畮㨠孏捴潳桡灥⁓瑲敡浩湧⁓敲癩捥獝‽㸠䌺展獥牳屒潬慮摟䡯浥屁灰䑡瑡屒潡浩湧屏捴潳桡灥屏捴潳桡灥⁓瑲敡浩湧⁓敲癩捥獜佣瑯獨慰敃汩敮琮數攠嬵〰〱㘠㈰ㄴⴰ㠭〱崠⡏捴潳桡灥⁁灓⤍ੈ䭕屓ⴱⴵⴲㄭㄵ㠶㐹ㄵ㜴ⴱㄱ㜳㔲㜸㠭㌰ㄱ〴㠴㈵ⴱ〰ぜ⸮⹜䵯畮瑐潩湴猲㨠删ⴠ刺屁畴潒畮硥ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屍潵湴偯楮瑳㈺⁻ㄸㄷ㝥㤷ⴸㄹ搭ㄱ收ⵢ挶㠭〰ㅣ㑡晢㤲㜴素ⴠ伺屁畴潒畮硥ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屍潵湴偯楮瑳㈺⁻ㄸㄷ㝥愱ⴸㄹ搭ㄱ收ⵢ挶㠭〰ㅣ㑡晢㤲㜴素ⴠ伺屁畴潒畮硥ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屍潵湴偯楮瑳㈺⁻㑤㉤慤㠴ⵤ戸〭ㄱ攴ⴹ㌴㠭ㄴ摡改敢搴㌷素ⴠ伺屓䕔啐⹅塅ഊ䡋啜匭ㄭ㔭㈱ⴱ㔸㘴㤱㔷㐭ㄱㄷ㌵㈷㠸ⴳ〱㐸㐲㔭〰尮⸮屍潵湴偯楮瑳㈺⁻愶挴摢搴ⵤ慢戭ㄱ攴ⴹ㈴㠭挲㔲愰㌷捣㤷素ⴠ刺屰畳桩湳琮數攍ੈ䭕屓ⴱⴵⴱ㡜⸮⹜創湏湣攺⁛卐剥癩敷崠㴾⁃㩜坩湤潷獜卹獴敭㌲屓偒敶楥睜卐剥癩敷硥⁛㌰ㄵ㘸′〱㔭〴ⴰ㙝
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋䱍尮⸮屐牯癩摥牳屉湴敲湥琠偲楮琠偲潶楤敲㨠䌺屗楮摯睳屳祳瑥洳㉜楮整灰汬⁛ㄶ㘴〰′〱㘭〶ⴲ㙝
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋䱍尮⸮屐牯癩摥牳屌慮䵡渠偲楮琠卥牶楣敳㨠䌺屗楮摯睳屳祳瑥洳㉜睩渳㉳灬汬⁛㜵㘷㌶′〱㘭〹ⴰ㥝
䵩捲潳潦琠䍯牰潲慴楯温ഊ䱳愺⁛䅵瑨敮瑩捡瑩潮⁐慣歡来獝獶ㅟ」ੌ獡㨠孎潴楦楣慴楯渠偡捫慧敳崠獣散汩ഊ卥捵物瑹偲潶楤敲猺牥摳獰汬ഊ卓佄䰺⁗敢䍨散欠ⴠ筅㙆䈵䔲〭䑅㌵ⴱㅃ䘭㥃㠷ⴰぁ䄰〵ㄲ㝅䑽*†䭥楮攠䑡瑥植协䑌㌲㨠坥扃桥捫*⁻䔶䙂㕅㈰ⵄ䔳㔭ㄱ䍆ⴹ䌸㜭〰䅁〰㔱㈷䕄素ⴠ⁋敩湥⁄慴敩ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛䕮桡湣敤却潲慧敓桥汬崠ⴾ⁻䐹ㄴ㑄䍄ⵅ㤹㠭㑅䍁ⵁ䈶䄭䑃䐸㍃䍂䄱㙄素㴾⁃㩜坩湤潷獜獹獴敭㌲居桓瑯牓桥汬汬⁛㈰〹ⴰ㜭ㄴ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍桥汬䥣潮佶敲污祉摥湴楦楥牳㨠孏晦汩湥⁆楬敳崠ⴾ⁻㑅㜷ㄳㅄⴳ㘲㤭㐳ㅣⴹ㠱㠭䌵㘷㥄䌸㍅㠱素㴾⁃㩜坩湤潷獜卹獴敭㌲屣獣畩汬⁛㈰ⴱㄭ㈰崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍桥汬䥣潮佶敲污祉摥湴楦楥牳㨠孓桡物湧偲楶慴敝*㸠笰㠲㐴䕅㘭㤲䘰ⴴ㝦㈭㥆䌹ⴹ㈹䉁䄲䔷㈳㕽‽㸠䌺屗楮摯睳屳祳瑥洳㉜湴獨牵椮摬氠嬲〱㈭〱ⴰ㑝
䵩捲潳潦琠䍯牰潲慴楯温ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猭砳㈺⁛䕮桡湣敤却潲慧敓桥汬崠ⴾ⁻䐹ㄴ㑄䍄ⵅ㤹㠭㑅䍁ⵁ䈶䄭䑃䐸㍃䍂䄱㙄素㴾⁃㩜坩湤潷獜卹獗佗㘴居桓瑯牓桥汬汬⁛㈰〹ⴰ㜭ㄴ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍桥汬䥣潮佶敲污祉摥湴楦楥牳㌲㨠孓桡物湧偲楶慴敝*㸠笰㠲㐴䕅㘭㤲䘰ⴴ㝦㈭㥆䌹ⴹ㈹䉁䄲䔷㈳㕽‽㸠䌺屗楮摯睳屓祳坏圶㑜湴獨牵椮摬氠嬲〱㈭〱ⴰ㑝
䵩捲潳潦琠䍯牰潲慴楯温ഊ却慲瑵瀺⁃㩜偲潧牡浄慴慜䵩捲潳潦瑜坩湤潷獜却慲琠䵥湵屐牯杲慭獜却慲瑵灜䱡畮捨礮汮欠嬲〱㔭〴ⴰ㕝ഊ卨潲瑣畴呡牧整㨠䱡畮捨礮汮欠ⴾ⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䱡畮捨祜䱡畮捨礮數攠⠩ഊ却慲瑵瀺⁃㩜偲潧牡浄慴慜䵩捲潳潦瑜坩湤潷獜却慲琠䵥湵屐牯杲慭獜却慲瑵灜偲楮瑫敹㈰〰湫⁛㈰ㄵⴰ㔭ㄷ崍桯牴捵瑔慲来琺⁐物湴步礲〰〮汮欠ⴾ⁕㩜偲潧牡浭敜偲楮瑋敹㈰〰屐物湴步礲〰〮數攠⡆牥搧猠卯晴睡牥⤍瑡牴異㨠䌺屐牯杲慭䑡瑡屍楣牯獯晴屗楮摯睳屓瑡牴⁍敮畜偲潧牡浳屓瑡牴異屓捲敥湍慮慧敲⁐牯潲⁌䍄⁖敲㌮㌮㌮汮欠嬲〱㔭〴ⴰ㑝ഊ卨潲瑣畴呡牧整㨠卣牥敮䵡湡来爠偲漠景爠䱃䐠噥爳⸳⸳湫*㸠䌺屐牯杲慭⁆楬敳
砸㘩居䥚作卣牥敮䵡湡来爠偲漠景爠䱃䑜䱣摣瑲氮數攠⡅䥚传䍯牰潲慴楯温ഊ却慲瑵瀺⁃㩜啳敲獜副污湤彈潭敜䅰灄慴慜副慭楮杜䵩捲潳潦瑜坩湤潷獜却慲琠䵥湵屐牯杲慭獜却慲瑵灜䕉婏⁅慳祐䥘湫⁛㈰ㄵⴰ㐭〴崍桯牴捵瑔慲来琺⁅䥚传䕡獹偉堮汮欠ⴾ⁕㩜偲潧牡浭敜䕉婏⁅慳祐䥘居䥚传䕡獹偉堮數攠⠩ഊ
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0E6504EB-8100-43F5-85E2-C051E8E74838}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0F2D20F3-211E-484D-8E20-E2E6ED003411}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{0F8AA8EC-B565-412C-88A4-28FBC08B8CC4}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9733a813
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9733a813
HKU\S-1-5-21-1586491574-1117352788-3011048425-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1586491574-1117352788-3011048425-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1586491574-1117352788-3011048425-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1586491574-1117352788-3011048425-1000 -> {38967B81-6133-4591-90EC-E3812C7D79C5} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1586491574-1117352788-3011048425-1000 -> {4B4E23CD-200D-4F20-820D-E80E56AB17AF} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1586491574-1117352788-3011048425-1000 -> {A87F2632-354F-487D-9140-82B953B5272C} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1586491574-1117352788-3011048425-1000 -> {C2E986AF-4EE0-4CBC-AED9-B838F64D1756} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://files.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
FireFox:
========
FF DefaultProfile: iprwapdk.default
FF ProfilePath: C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default [2017-02-12]
FF NewTab: Mozilla\Firefox\Profiles\iprwapdk.default -> about:newtab
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\iprwapdk.default -> Search Provided by Bing
FF Homepage: Mozilla\Firefox\Profiles\iprwapdk.default -> hxxp://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-9733a813
FF Extension: (All Downloader Professional) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\alldownloader@link64.xpi [2016-05-02]
FF Extension: (EPUBReader) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2017-01-18]
FF Extension: (Video DownloadHelper) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-01-12]
FF Extension: (Flash and Video Download) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-11-05]
FF Extension: (DownThemAll!) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-21]
FF Extension: (Greasemonkey) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-09-10]
FF Extension: (Copy All Links) - C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\Extensions\{e6a9a96e-4a08-4719-b9bd-0e91c35aaabc}.xpi [2016-05-05]
FF SearchPlugin: C:\Users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\searchplugins\Search Provided by Bing.xml [2016-02-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-22] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> U:\Programme\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-22] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-05-14] (DivX, LLC)
FF Plugin-x32: @dymo.com/DymoLabelFramework -> U:\Programme\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2014-03-20] ( Sanford L.P.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-1586491574-1117352788-3011048425-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Roland_Home\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1411300-0-npoctoshape.dll [2014-11-30] (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Roland_Home\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2016-03-19] (Octoshape ApS)
StartMenuInternet: FIREFOX.EXE - U:\Programme\mozilla Firefox\firefox.exe
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.bing.com/search?FORM=INCOH1&PC=IC03&PTAG=ICO-9733a813
CHR StartupUrls: Default -> "hxxp://www.bing.com/search?FORM=INCOH1&PC=IC03&PTAG=ICO-9733a813"
CHR Profile: C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default [2017-02-24]
CHR Extension: (Google Präsentationen) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-04]
CHR Extension: (Google Docs) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-04]
CHR Extension: (Google Drive) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (OneTab) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2017-02-22]
CHR Extension: (Google-Suche) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (ICE Quick Stream) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpioikmjnfipgphjldakcaocbbpnfabl [2016-08-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-23]
CHR Extension: (Google Tabellen) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-04]
CHR Extension: (Trusted Shops-Erweiterung für Google Chrome) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcpnemckonbbmnoakbjgjkgokkbaeo [2017-01-24]
CHR Extension: (Google Docs Offline) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Windscribe - Free VPN and Ad Block) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2016-11-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Google Mail) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Roland_Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR HKU\S-1-5-21-1586491574-1117352788-3011048425-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2015-08-16] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-01-19] (Digital Wave Ltd.)
R3 Disc Soft Lite Bus Service; U:\Programme\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd)
R2 DymoPnpService; U:\Programme\DYMO Label Software\DymoPnpService.exe [33072 2014-03-20] (Sanford, L.P.)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [Datei ist nicht signiert]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [456640 2016-10-25] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [456640 2016-10-25] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-10-25] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files (x86)\PureVPN\bin\openvpnserv.exe [31872 2015-12-23] (The OpenVPN Project)
S3 Origin Client Service; V:\Games\Origin\OriginClientService.exe [2119688 2017-01-06] (Electronic Arts)
S2 Origin Web Helper Service; V:\Games\Origin\OriginWebHelperService.exe [2180624 2017-01-06] (Electronic Arts)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672024 2015-02-26] (Wacom Technology, Corp.)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
S3 cpuz138; C:\Users\Roland_Home\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2016-10-28] (CPUID) <==== ACHTUNG
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-05] (Disc Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-10-25] (NVIDIA Corporation)
S3 Razerlow; C:\Windows\System32\drivers\Razerlow.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd)
S3 Spyder3; C:\Windows\System32\DRIVERS\Spyder3.sys [15360 2012-09-14] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [Datei ist nicht signiert]
S1 ayjzwrjw; \??\C:\Windows\system32\drivers\ayjzwrjw.sys [X]
S1 bofynfnn; \??\C:\Windows\system32\drivers\bofynfnn.sys [X]
S1 cgvnhzhf; \??\C:\Windows\system32\drivers\cgvnhzhf.sys [X]
S1 cscnwuhb; \??\C:\Windows\system32\drivers\cscnwuhb.sys [X]
S1 fiwrpoqx; \??\C:\Windows\system32\drivers\fiwrpoqx.sys [X]
S1 gfjcndos; \??\C:\Windows\system32\drivers\gfjcndos.sys [X]
S1 iolzhsti; \??\C:\Windows\system32\drivers\iolzhsti.sys [X]
S1 ipdlodvv; \??\C:\Windows\system32\drivers\ipdlodvv.sys [X]
S1 iyystmel; \??\C:\Windows\system32\drivers\iyystmel.sys [X]
S1 jbzjfygl; \??\C:\Windows\system32\drivers\jbzjfygl.sys [X]
S1 jcbyyxin; \??\C:\Windows\system32\drivers\jcbyyxin.sys [X]
S1 jhonxmzw; \??\C:\Windows\system32\drivers\jhonxmzw.sys [X]
S1 jiljbspe; \??\C:\Windows\system32\drivers\jiljbspe.sys [X]
S1 kcllgghf; \??\C:\Windows\system32\drivers\kcllgghf.sys [X]
S1 qxxcibpv; \??\C:\Windows\system32\drivers\qxxcibpv.sys [X]
S1 rlpxvgjd; \??\C:\Windows\system32\drivers\rlpxvgjd.sys [X]
S1 sbgyxvsi; \??\C:\Windows\system32\drivers\sbgyxvsi.sys [X]
S1 tbrqizme; \??\C:\Windows\system32\drivers\tbrqizme.sys [X]
S1 tdgdeuho; \??\C:\Windows\system32\drivers\tdgdeuho.sys [X]
S1 udgchqci; \??\C:\Windows\system32\drivers\udgchqci.sys [X]
S1 whqjjpsr; \??\C:\Windows\system32\drivers\whqjjpsr.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-24 16:48 - 2017-02-24 16:48 - 00006536 _____ C:\Users\Roland_Home\Desktop\JRT.txt
2017-02-24 16:44 - 2017-02-24 16:44 - 01663040 _____ (Malwarebytes) C:\Users\Roland_Home\Desktop\JRT.exe
2017-02-24 14:17 - 2017-02-24 15:20 - 00000000 ____D C:\Users\Roland_Home\Desktop\mbar
2017-02-24 14:17 - 2017-02-24 15:20 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-02-24 14:17 - 2017-02-24 14:17 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-24 14:17 - 2017-02-24 14:17 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-02-24 14:17 - 2017-02-24 14:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-24 14:16 - 2017-02-24 14:16 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Roland_Home\Desktop\mbar-1.09.3.1001.exe
2017-02-23 19:41 - 2017-02-23 19:41 - 00000000 ____D C:\Users\Roland_Home\Desktop\FRST-OlderVersion
2017-02-23 12:58 - 2017-02-24 16:45 - 00000000 ____D C:\AdwCleaner
2017-02-22 20:48 - 2017-02-23 19:46 - 00044359 _____ C:\Users\Roland_Home\Desktop\Addition.txt
2017-02-22 20:47 - 2017-02-24 22:01 - 00034943 _____ C:\Users\Roland_Home\Desktop\FRST.txt
2017-02-22 20:47 - 2017-02-24 22:01 - 00000000 ____D C:\FRST
2017-02-22 20:47 - 2017-02-23 19:41 - 02423296 _____ (Farbar) C:\Users\Roland_Home\Desktop\FRST64.exe
2017-02-22 20:47 - 2017-02-22 16:44 - 04015056 _____ C:\Users\Roland_Home\Desktop\AdwCleaner_6.043.exe
2017-02-22 10:18 - 2017-02-22 14:45 - 00000000 ____D C:\Users\Roland_Home\Desktop\Fernando
2017-02-22 10:17 - 2017-02-22 10:17 - 20359768 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-02-07 20:45 - 2017-02-07 20:45 - 00500857 _____ C:\Users\Roland_Home\Downloads\BoardingPass.pdf
2017-02-05 17:19 - 2017-02-05 17:19 - 01795926 _____ C:\Users\Roland_Home\Downloads\Shell_EM_Gutschein_BRD_5ct.pdf
2017-01-28 23:54 - 2017-01-28 23:54 - 00319429 _____ C:\Users\Roland_Home\Documents\Bosch Retrofit Ecall.pdf
2017-01-26 21:51 - 2017-01-26 21:51 - 00204257 _____ C:\Users\Roland_Home\Downloads\DHL_label_2017-1-26_21-51-29.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-24 22:00 - 2015-04-04 12:47 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-24 22:00 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-24 17:17 - 2015-04-04 14:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-24 14:03 - 2009-07-14 05:45 - 00013776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-24 14:03 - 2009-07-14 05:45 - 00013776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-24 14:01 - 2009-07-14 18:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2017-02-24 14:01 - 2009-07-14 18:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2017-02-24 14:01 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-24 14:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-02-24 13:54 - 2016-06-14 18:53 - 00000000 ____D C:\Program Files (x86)\Avira
2017-02-24 13:53 - 2016-06-14 18:53 - 00000000 ____D C:\ProgramData\Avira
2017-02-24 13:53 - 2015-05-02 19:31 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-24 13:52 - 2016-06-14 18:54 - 00000000 ____D C:\Users\Roland_Home\AppData\Roaming\Avira
2017-02-23 17:49 - 2015-04-04 12:50 - 00090912 _____ C:\Users\Roland_Home\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-23 17:49 - 2009-07-14 05:45 - 04971480 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-23 15:41 - 2015-04-05 12:22 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2017-02-23 15:40 - 2009-07-14 19:18 - 00000000 ____D C:\Windows\ShellNew
2017-02-23 15:40 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-02-23 15:40 - 2009-07-14 03:34 - 00000387 _____ C:\Windows\win.ini
2017-02-23 15:37 - 2015-04-05 12:48 - 00000000 ____D C:\Users\Roland_Home\Documents\Outlook-Dateien
2017-02-23 15:24 - 2015-04-04 12:50 - 00000000 ____D C:\Users\Roland_Home\AppData\Local\Deployment
2017-02-23 13:52 - 2015-04-04 12:46 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 13:50 - 2015-04-04 12:46 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-23 13:27 - 2015-04-05 12:21 - 00000000 ____D C:\Users\Roland_Home\AppData\Local\Microsoft Help
2017-02-23 12:54 - 2016-11-20 13:36 - 00000000 ____D C:\Users\Roland_Home\Documents\Baby
2017-02-22 12:25 - 2016-02-28 17:13 - 00000000 ____D C:\ProgramData\BrowsingSecure
2017-02-22 12:24 - 2016-02-27 23:19 - 00000000 ____D C:\Users\Roland_Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-02-22 12:23 - 2016-02-27 23:17 - 00000000 ____D C:\Users\Roland_Home\AppData\Local\JDownloader v2.0
2017-02-22 10:23 - 2015-04-13 20:05 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 10:17 - 2015-04-04 14:07 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-22 10:17 - 2015-04-04 14:07 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-22 10:17 - 2015-04-04 14:07 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-22 10:17 - 2015-04-04 14:07 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-22 10:17 - 2015-04-04 14:07 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-12 23:20 - 2016-11-23 19:23 - 00000000 ____D C:\Users\Roland_Home\AppData\LocalLow\Mozilla
2017-02-07 20:32 - 2015-04-04 12:51 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 20:32 - 2015-04-04 12:51 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-05 17:56 - 2015-10-11 15:34 - 00000000 ____D C:\Users\Roland_Home\Documents\Urlaub
2017-01-30 22:49 - 2015-04-04 14:06 - 00000000 ____D C:\Users\Roland_Home\AppData\Roaming\vlc
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-05-17 12:11 - 2015-05-17 12:12 - 0035165 __RSH () C:\Program Files (x86)\DLS8Uninstall.log
2015-05-18 20:25 - 2016-08-30 19:41 - 0000132 _____ () C:\Users\Roland_Home\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-05-25 20:11 - 2015-05-25 20:12 - 0000093 _____ () C:\Users\Roland_Home\AppData\Roaming\ARCompanion.log
2016-03-01 21:05 - 2016-03-05 15:44 - 0067913 _____ () C:\Users\Roland_Home\AppData\Roaming\PS13_panel.log
2016-02-28 13:17 - 2016-02-28 13:17 - 0000046 _____ () C:\Users\Roland_Home\AppData\Roaming\WB.CFG
2016-01-30 18:39 - 2016-01-30 23:12 - 0001456 _____ () C:\Users\Roland_Home\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2015-08-16 16:11 - 2015-08-16 16:11 - 0000017 _____ () C:\Users\Roland_Home\AppData\Local\resmon.resmoncfg
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Roland_Home\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
Einige Dateien in TEMP:
====================
2016-06-14 18:54 - 2016-06-14 18:55 - 0000000 ____D () C:\Users\Roland_Home\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-02-22 12:47
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-02-2017 01
durchgeführt von Roland_Home (24-02-2017 22:01:43)
Gestartet von C:\Users\Roland_Home\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-04-02 23:35:42)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1586491574-1117352788-3011048425-500 - Administrator - Disabled)
Gast (S-1-5-21-1586491574-1117352788-3011048425-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1586491574-1117352788-3011048425-1002 - Limited - Enabled)
Roland_Home (S-1-5-21-1586491574-1117352788-3011048425-1000 - Administrator - Enabled) => C:\Users\Roland_Home
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.2.2.000 - Asmedia Technology)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Brother MFL-Pro Suite DCP-385C (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative-Audiokonsole (HKLM-x32\...\AudioCS) (Version: 1.33 - Creative Technology Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
DIRECTV Player (HKLM-x32\...\{04f0c8c0-e0c8-4292-8676-db9174655d7a}) (Version: 12.1 - DIRECTV)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.70 - DivX, LLC)
DYMO Label v.8 (HKLM-x32\...\DYMO Label v.8) (Version: 8.5.1.1816 - Sanford, L.P.)
DYMO LabelWriter Drivers (HKLM\...\{CE16D92B-50F3-4FC5-B29C-13FAFEE1A6C6}) (Version: 8.3.0.443 - Sanford L.P.)
EOSInfo (HKLM-x32\...\{CC23FF9A-989C-4DEB-8970-50E6E4862315}) (Version: 0.2.0 - astrojargon.net)
Epic Games Launcher (HKLM\...\{B42F7D9C-53DA-4A0D-B16C-A6F85A4B9C6E}) (Version: 1.1.26.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Infinite HD™ App (HKU\S-1-5-21-1586491574-1117352788-3011048425-1000\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
MakeMKV v1.9.5 (HKLM-x32\...\MakeMKV) (Version: v1.9.5 - GuinpinSoft inc)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{F7930EE9-0929-439D-A57B-D40C2C69C890}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Firefox 51.0.1 (x86 de) (HKU\S-1-5-21-1586491574-1117352788-3011048425-1000\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
o2 Surfstick (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.11.2855 - Electronic Arts, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PrintKey2000 (HKLM-x32\...\PrintKey2000) (Version: - )
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Razer Diamondback (HKLM-x32\...\{DE4CF159-4AD2-4754-BDA0-5FB088C8B58B}) (Version: 5.01 - Razer USA Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
ScreenManager Pro for LCD (HKLM-x32\...\{DAB265AD-27B2-4651-B8D8-F4F3A8ECC705}) (Version: 3.3.3.0 - EIZO Corporation)
SHIELD Streaming (Version: 7.1.0330 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 18.1 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11-4 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Datacolor (Spyder3) USB (09/10/2007 1.0.0.3) (HKLM\...\2F24D930929D08C29A697E2C2E0574EC1CCCAE1D) (Version: 09/10/2007 1.0.0.3 - Datacolor)
Windows-Treiberpaket - Datacolor (Spyder4) USB (06/01/2011 1.0.0.1) (HKLM\...\E5E9268B6D7B0E662E34736CC110C89D595E4222) (Version: 06/01/2011 1.0.0.1 - Datacolor)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B1AC505-A87C-4262-B935-E58541A426EC} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {24656705-2C3F-414D-AD23-1B3A86F257E8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {3950B57C-600D-48E7-908B-BC577CF38E68} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {3953D91E-EF09-40CE-8592-EB4E7364A740} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-25] (NVIDIA Corporation)
Task: {8450A7E6-C07B-4007-9D30-F9511F7399CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-04] (Google Inc.)
Task: {84E31CF2-5090-4CC0-91F7-3D67AB4160CE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {9640FFAC-7371-4CBB-A8FE-DE9BBE6D4EFD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-22] (Adobe Systems Incorporated)
Task: {9CE4A9F1-56C6-4834-96DF-8D6A623F5AAA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {9CFD57B9-96BB-4D90-A690-4AE5391B9893} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-10-25] (NVIDIA Corporation)
Task: {AA948A37-B283-4608-B65F-6CE5460C75ED} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {DB344B31-42C6-447B-898D-9DC02B74A798} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-04] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Public\Desktop\o2 Surfstick.lnk -> C:\Program Files (x86)\Hostless Modem\o2 Surfstick\LaunchWebUI.exe () -> hxxp://o2surf.stick
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-12-17 18:38 - 2015-12-17 18:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-12 19:23 - 2015-03-12 19:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-12 19:23 - 2015-03-12 19:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-04-05 19:42 - 2010-04-03 13:05 - 00380928 _____ () C:\Program Files (x86)\Launchy\Launchy.exe
2015-04-04 13:31 - 2013-07-26 08:33 - 00142336 _____ () U:\Programme\EIZO EasyPIX\EIZO EasyPIX.exe
2015-08-23 12:06 - 2015-08-23 12:06 - 01384416 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-04-21 12:13 - 2009-10-09 19:11 - 00226816 _____ () U:\Programme\Razer\Razer\Diamondback\razerhid.exe
2016-10-04 20:28 - 2013-05-10 12:03 - 00419072 _____ () C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CheckNDISPort_df.exe
2016-10-04 20:28 - 2013-05-10 12:03 - 00446720 _____ () C:\Program Files (x86)\Hostless Modem\o2 Surfstick\CancelAutoPlay_df.exe
2015-04-04 13:31 - 2013-07-26 08:33 - 00074240 _____ () U:\Programme\EIZO EasyPIX\core\ep_eacore.exe
2016-10-28 19:37 - 2016-10-25 21:19 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-28 19:37 - 2016-10-25 21:19 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-28 19:37 - 2016-10-25 21:19 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2015-04-04 12:47 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-05 23:08 - 2015-02-26 23:16 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2015-04-05 21:08 - 2016-12-23 19:28 - 00657184 _____ () V:\Games\Steam\SDL2.dll
2015-04-05 21:08 - 2016-09-01 02:02 - 04969248 _____ () V:\Games\Steam\v8.dll
2015-04-05 21:08 - 2016-09-01 02:02 - 01563936 _____ () V:\Games\Steam\icui18n.dll
2015-04-05 21:08 - 2016-09-01 02:02 - 01195296 _____ () V:\Games\Steam\icuuc.dll
2015-04-05 21:08 - 2017-01-19 02:30 - 02327840 _____ () V:\Games\Steam\video.dll
2015-04-05 21:08 - 2016-01-27 08:49 - 02549760 _____ () V:\Games\Steam\libavcodec-56.dll
2015-04-05 21:08 - 2016-01-27 08:49 - 00442880 _____ () V:\Games\Steam\libavutil-54.dll
2015-04-05 21:08 - 2016-01-27 08:49 - 00491008 _____ () V:\Games\Steam\libavformat-56.dll
2015-04-05 21:08 - 2016-01-27 08:49 - 00332800 _____ () V:\Games\Steam\libavresample-2.dll
2015-04-05 21:08 - 2016-01-27 08:49 - 00485888 _____ () V:\Games\Steam\libswscale-3.dll
2015-04-05 21:08 - 2017-01-19 02:30 - 00838432 _____ () V:\Games\Steam\bin\chromehtml.DLL
2014-03-20 21:50 - 2014-03-20 21:50 - 00093696 _____ () U:\Programme\DYMO Label Software\DYMO.Common.dll
2015-04-05 19:42 - 2009-12-16 22:13 - 08314880 _____ () C:\Program Files (x86)\Launchy\QtGui4.dll
2015-04-05 19:42 - 2009-12-16 21:54 - 02236416 _____ () C:\Program Files (x86)\Launchy\QtCore4.dll
2015-04-05 19:42 - 2009-12-16 21:56 - 00712704 _____ () C:\Program Files (x86)\Launchy\QtNetwork4.dll
2015-04-05 19:42 - 2009-12-17 00:18 - 00233472 _____ () C:\Program Files (x86)\Launchy\imageformats\qmng4.dll
2015-04-05 19:42 - 2010-04-03 21:40 - 00081920 _____ () C:\Program Files (x86)\Launchy\plugins\calcy.dll
2015-04-05 19:42 - 2010-04-03 13:05 - 00090112 _____ () C:\Program Files (x86)\Launchy\plugins\controly.dll
2015-04-05 19:42 - 2010-04-03 13:06 - 00024064 _____ () C:\Program Files (x86)\Launchy\plugins\gcalc.dll
2015-04-05 19:42 - 2010-04-03 13:06 - 00094208 _____ () C:\Program Files (x86)\Launchy\plugins\runner.dll
2015-04-05 19:42 - 2010-04-03 13:05 - 00057344 _____ () C:\Program Files (x86)\Launchy\plugins\verby.dll
2015-04-05 19:42 - 2010-04-03 13:05 - 00122880 _____ () C:\Program Files (x86)\Launchy\plugins\weby.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-02-28 17:14 - 2016-01-19 04:02 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 11424224 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\PCShowServer.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 03301344 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\DrmSingleton.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 00340440 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\ndsLogStore.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 02101224 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\DiscoveryManager.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 08347104 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\gsttspplugin.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 00690152 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 01404376 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\libxml2-2.dll
2015-08-23 12:06 - 2015-08-23 12:06 - 00093128 _____ () C:\Users\Roland_Home\AppData\Local\DIRECTV Player\z.dll
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-04-20 08:58 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-04-04 13:31 - 2013-07-26 08:33 - 00155648 _____ () U:\Programme\EIZO EasyPIX\core\libcolour.dll
2015-04-04 13:31 - 2013-07-26 08:33 - 00299008 _____ () U:\Programme\EIZO EasyPIX\core\plugins\ep_Procs.dll
2016-10-28 19:37 - 2016-10-25 21:19 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-28 19:37 - 2016-10-25 20:57 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-28 19:37 - 2016-10-25 20:57 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-28 19:37 - 2016-10-25 20:57 - 02808256 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-28 19:37 - 2016-10-25 21:19 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-28 19:37 - 2016-10-25 21:19 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-28 19:37 - 2016-10-25 20:57 - 00246840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-28 19:37 - 2016-10-25 20:57 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-28 19:37 - 2016-10-25 20:57 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-28 19:37 - 2016-10-25 20:57 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2017-02-07 20:32 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 20:32 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2016-12-13 17:29 - 2017-01-05 04:12 - 68813088 _____ () V:\Games\Steam\bin\cef\cef.win7\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1586491574-1117352788-3011048425-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Roland_Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{C3E40374-4844-4F49-85FA-A82A1CC5483C}] => (Allow) U:\Programme\mozilla Firefox\firefox.exe
FirewallRules: [{266DD0B7-3E3C-45D8-B7F7-D90173195D35}] => (Allow) U:\Programme\mozilla Firefox\firefox.exe
FirewallRules: [{DC0077D0-74CA-4A46-9DBB-0CF93D1DEA2D}] => (Allow) U:\Programme\EIZO EasyPIX\core\ep_eacore.exe
FirewallRules: [{47EE74CE-4F2C-403E-8912-02F3EDA06445}] => (Allow) U:\Programme\EIZO EasyPIX\core\ep_eacore.exe
FirewallRules: [TCP Query User{62E4B3F7-490D-40C1-9D69-264B4BA3663A}U:\programme\eizo easypix\core\ep_eacore.exe] => (Allow) U:\programme\eizo easypix\core\ep_eacore.exe
FirewallRules: [UDP Query User{14B2C29F-66F9-41E0-9C67-E06C02E571D8}U:\programme\eizo easypix\core\ep_eacore.exe] => (Allow) U:\programme\eizo easypix\core\ep_eacore.exe
FirewallRules: [{3A78560A-E13C-4CCF-8987-61254D871314}] => (Allow) V:\Games\Steam\Steam.exe
FirewallRules: [{A9494D7F-24D6-4709-B0E5-338CF4D7A148}] => (Allow) V:\Games\Steam\Steam.exe
FirewallRules: [{CC55FE32-2FFA-41E2-B8ED-BCD6BFA84909}] => (Allow) V:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{4977C292-E1CC-4307-85CD-549AA26F5883}] => (Allow) V:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{AB791484-6B18-42A2-B14D-BDF84AAC985C}] => (Allow) U:\Programme\iphone pc suite\iPhone\iPhone PC Suite.exe
FirewallRules: [TCP Query User{87FECFD0-0191-403F-A648-7EF2765D5495}U:\programme\iphone pc suite\iphone\iphone pc suite.exe] => (Allow) U:\programme\iphone pc suite\iphone\iphone pc suite.exe
FirewallRules: [UDP Query User{6C695153-DE49-4B58-8BE0-4F6C66BE1009}U:\programme\iphone pc suite\iphone\iphone pc suite.exe] => (Allow) U:\programme\iphone pc suite\iphone\iphone pc suite.exe
FirewallRules: [{A06D7E3D-B6AF-4CB0-96B1-41B54DDDB362}] => (Allow) U:\Programme\iphone pc suite\iPhone\iPhone\iPhone PC Suite.exe
FirewallRules: [{DE915347-418A-44E1-A56A-0064B625F92D}] => (Allow) U:\Programme\iphone pc suite\iPhone\iPhone\iPhone PC Suite.exe
FirewallRules: [TCP Query User{F642A195-58F5-4CDA-A796-F834ACF9FFBC}U:\programme\iphone pc suite\iphone\iphone\iphone pc suite.exe] => (Allow) U:\programme\iphone pc suite\iphone\iphone\iphone pc suite.exe
FirewallRules: [UDP Query User{D051B3AA-75C1-46D8-B1D7-5233D75672B7}U:\programme\iphone pc suite\iphone\iphone\iphone pc suite.exe] => (Allow) U:\programme\iphone pc suite\iphone\iphone\iphone pc suite.exe
FirewallRules: [{9BB768D3-5123-4686-B96D-A67532B0F347}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{AC05AB11-09AC-424D-8AA3-37C8E235D81D}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{F76CF876-4AF1-431B-9FD0-6E1E31EBCFC6}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe
FirewallRules: [{9F7B9210-7C6E-4E86-A6BB-E2AFBAA96A4A}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe
FirewallRules: [{A676E62A-69DB-4049-AB01-72AA27E74256}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe
FirewallRules: [{E3F63039-95D0-4C4B-A221-1203AC04B1A3}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe
FirewallRules: [TCP Query User{B14450C9-B9A1-40D0-8462-E0EE37E9C28D}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [UDP Query User{B3DB7308-AC2B-43CC-AB1E-0512227629B8}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe
FirewallRules: [TCP Query User{49A3C609-6679-45C9-B20C-4A86742E308E}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{5B690F75-1D65-4966-8405-186E35639F0A}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [TCP Query User{B54EB4BA-EB64-41E6-930A-B8096358E758}U:\programme\myphoneexplorer\myphoneexplorer.exe] => (Allow) U:\programme\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{74D4CF25-1423-41A4-BA0E-174710ED8BA6}U:\programme\myphoneexplorer\myphoneexplorer.exe] => (Allow) U:\programme\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{68695E19-EBA8-485E-B384-7B66400BA4A3}V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{FAE2D181-35B4-4668-9F93-D883F699C5D1}V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{64D8830A-15B3-4F24-8B45-A99B2E7CF040}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{E8034F27-F8FB-48C7-A37A-736E34F1D58B}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [{F8CCA8D6-3FC2-4731-A0C4-AEA7BA4F01F8}] => (Allow) V:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{ADD94016-3FB9-47F5-9274-AAF1D6713CC0}] => (Allow) V:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{8ABC7E1E-2D4A-4879-B5EC-12C540681A67}C:\users\roland_home\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\roland_home\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [UDP Query User{0FF18F01-8EDE-44E1-B144-2385C4463417}C:\users\roland_home\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\roland_home\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [{1E4A9BD7-47F3-44AF-9865-EF6ECA515C5C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{2D74EF71-62CE-41D3-BD4C-560A378FE733}C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe] => (Allow) C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe
FirewallRules: [UDP Query User{3D32824E-466A-4867-AB0C-A79A38CF9579}C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe] => (Allow) C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe
FirewallRules: [TCP Query User{42605DE7-B3CA-4877-B884-8755D3AE1373}C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe] => (Block) C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe
FirewallRules: [UDP Query User{84C8C230-8637-4D7F-A6FD-7F0F72B17C99}C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe] => (Block) C:\users\roland_home\appdata\local\directv player\ndspcshowserver.exe
FirewallRules: [{6F8451F6-14AB-451D-AA08-F34B60DB0372}] => (Allow) V:\Games\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{20689770-B14F-42FE-A3ED-48EAAD833748}] => (Allow) V:\Games\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [TCP Query User{B517072F-1330-4715-9A2F-5E198FAB6154}V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{99316F35-4ED4-4BE8-8847-07EE9E8AED13}V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) V:\games\epic\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{BC694C79-1C03-470A-98B5-68935A05B5FE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{652A3B69-A09B-4FF2-9122-DFCD05A6094F}] => (Allow) LPort=2869
FirewallRules: [{F12CB7FA-1977-4056-BCCE-41D1EFB04132}] => (Allow) LPort=1900
FirewallRules: [{35554111-265F-4D57-B009-AB170C57338E}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\VideoEditor.exe
FirewallRules: [{0962888F-0C01-4E0A-A1E1-6412DE304BF5}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\VideoEditor.exe
FirewallRules: [{FD86386A-7E1A-4C95-842F-42FEC716FE9E}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\Activation.exe
FirewallRules: [{F65DA454-72B8-44C7-B829-0498D7D4495C}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\Activation.exe
FirewallRules: [{3E42F178-A9A6-4471-9D78-6EB20C6C1327}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\Updater.exe
FirewallRules: [{DB4BA784-D261-4E04-9F9B-B29D5B7CEFE3}] => (Allow) C:\Program Files (x86)\VSDC Free Video Editor\VideoEditor\Updater.exe
FirewallRules: [{0E579F88-3E12-49FD-88CB-915C425C059E}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{7A29CD6F-27F9-4BCB-821E-6A24918329B4}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{F0FDD74A-D56C-4E11-9EAE-303374EF4EA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{8A2B221D-B683-4F10-A3B8-F283C20C26CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{B40F491B-51B4-4ACA-8CE2-39C9D2FCEBFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FC4E6C28-E381-4AD7-A7AB-10A0FAD4E460}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{17D3F55F-23C9-4329-8EFE-22E431E7E71D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{445059C9-817B-49CA-BE78-1C6C91BDC05D}] => (Allow) V:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2CA44B9B-F1B5-4A76-AED0-76344CC8F44F}] => (Allow) V:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{4B62DB26-A2CF-4735-B7FC-890FCCBBC10D}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{9A5C39CD-C435-4126-BF06-2FBF98088970}V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) V:\games\epic\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [{A8D112BD-9701-44D9-9A17-B514BFB19099}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
23-02-2017 20:29:51 Geplanter Prüfpunkt
24-02-2017 16:46:50 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: HID-konforme Maus
Description: HID-konforme Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/23/2017 08:00:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsMpEng.exe, Version: 4.10.209.0, Zeitstempel: 0x582a94a1
Name des fehlerhaften Moduls: mpsvc.dll, Version: 4.10.209.0, Zeitstempel: 0x582a94bb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018fa9
ID des fehlerhaften Prozesses: 0x154
Startzeit der fehlerhaften Anwendung: 0x01d28df4c806ffe7
Pfad der fehlerhaften Anwendung: C:\Program Files\Microsoft Security Client\MsMpEng.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Microsoft Security Client\mpsvc.dll
Berichtskennung: 561a01b1-f9fa-11e6-84be-14dae9ebd437
Error: (02/22/2017 02:49:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avcenter.exe, Version 15.0.24.143 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 9b0
Startzeit: 01d28d11b591e986
Endzeit: 60000
Anwendungspfad: c:\program files (x86)\avira\antivir desktop\avcenter.exe
Berichts-ID: 0bc122e0-f905-11e6-a6fa-14dae9ebd437
Error: (02/02/2017 05:07:50 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:50.702]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:49 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:49.201]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:47 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:47.701]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:46 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:46.201]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:44 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:44.701]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:43 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:43.201]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:41 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:41.701]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Error: (02/02/2017 05:07:40 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: WDLMW BrtWDLMW: [2017/02/02 17:07:40.201]: [00003148]: lperrcode->api = 1 , lperrcode->code = 2
Systemfehler:
=============
Error: (02/24/2017 10:00:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (02/24/2017 10:00:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (02/24/2017 04:47:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/24/2017 02:00:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Antimalware Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Aufführung des konfigurierten Wiederherstellungsp.
Error: (02/24/2017 02:00:51 PM) (Source: Microsoft Antimalware) (EventID: 5008) (User: )
Description: Das Modul Microsoft-Antischadsoftware wurde aufgrund eines unerwarteten Fehlers beendet.
Fehlertyp: Hängen
Ausnahmecode:
Ressource:
Error: (02/24/2017 01:55:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (02/24/2017 01:55:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (02/24/2017 01:50:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (02/24/2017 01:50:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (02/23/2017 08:00:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Antimalware Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Aufführung des konfigurierten Wiederherstellungsp.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 16365.23 MB
Verfügbarer physikalischer RAM: 13355.15 MB
Summe virtueller Speicher: 30923.15 MB
Verfügbarer virtueller Speicher: 27549.75 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:117.28 GB) (Free:16.95 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Media2_1) (Fixed) (Total:244.14 GB) (Free:177.91 GB) NTFS
Drive f: (Backup_1) (Fixed) (Total:247.91 GB) (Free:1.9 GB) NTFS
Drive g: (Downloads_1) (Fixed) (Total:195.21 GB) (Free:55.29 GB) NTFS
Drive h: (Media_1) (Fixed) (Total:244.14 GB) (Free:41.44 GB) NTFS
Drive j: (Lokaler Datenträger_2) (Fixed) (Total:244.14 GB) (Free:153.09 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive k: (Lokaler Datenträger_2) (Fixed) (Total:292.97 GB) (Free:284.74 GB) NTFS
Drive l: (Lokaler Datenträger_2) (Fixed) (Total:394.4 GB) (Free:309.91 GB) NTFS
Drive u: (Programme_3) (Fixed) (Total:292.97 GB) (Free:215.77 GB) NTFS
Drive v: (Photography_3) (Fixed) (Total:638.54 GB) (Free:427.69 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 117.4 GB) (Disk ID: 3CD8E5A4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=117.3 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9E955CC4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=492.1 GB) - (Type=OF Extended)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0E35453E)
Partition 1: (Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=394.4 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CE8596FF)
Partition 1: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=638.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
24.02.2017, 22:28
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USB Wo kommt denn dieser ganze China-Krams her????   Bitte mal einen Lauf mit CF machen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.02.2017, 23:46
| #13 |
| | Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USB MS Security Essentials konnte ich nicht schließen... Echtzeitschutz war aus. Code:
ATTFilter ComboFix 17-02-24.01 - Roland_Home 24.02.2017 23:38:18.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.16365.13623 [GMT 1:00]
ausgeführt von:: c:\users\Roland_Home\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {71A27EC9-3DA6-45FC-60A7-004F623C6189}
SP: Microsoft Security Essentials *Enabled/Updated* {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Roland_Home\AppData\Local\assembly\tmp
u:\programme\EIZO EasyPIX\EIZO EasyPIX.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2017-01-24 bis 2017-02-24 ))))))))))))))))))))))))))))))
.
.
2017-02-24 22:41 . 2017-02-24 22:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-02-24 13:17 . 2017-02-24 13:17 -------- d-----w- c:\programdata\Malwarebytes
2017-02-24 13:17 . 2017-02-24 14:20 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2017-02-24 13:17 . 2017-02-24 13:17 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2017-02-24 13:17 . 2017-02-24 13:17 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2017-02-23 16:50 . 2017-02-23 16:50 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{32B3449A-88A4-4021-9F2F-673F925475CD}\offreg.340.dll
2017-02-23 12:17 . 2017-02-09 23:54 12654400 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{32B3449A-88A4-4021-9F2F-673F925475CD}\mpengine.dll
2017-02-23 11:58 . 2017-02-24 15:45 -------- d-----w- C:\AdwCleaner
2017-02-22 19:47 . 2017-02-24 21:03 -------- d-----w- C:\FRST
2017-02-22 09:17 . 2017-02-22 09:17 20359768 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2017-02-22 09:13 . 2016-12-30 22:43 12229912 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-02-23 12:50 . 2015-04-04 11:46 138020592 -c--a-w- c:\windows\system32\MRT.exe
2017-02-22 09:17 . 2015-04-04 13:07 802904 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-02-22 09:17 . 2015-04-04 13:07 144472 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-01-10 20:55 . 2012-07-17 12:37 24800 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2017-01-05 18:55 . 2017-01-11 20:05 95464 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2017-01-05 18:55 . 2017-01-11 20:05 154856 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2017-01-05 18:52 . 2017-01-11 20:05 210432 ----a-w- c:\windows\system32\wdigest.dll
2017-01-05 18:52 . 2017-01-11 20:05 86528 ----a-w- c:\windows\system32\TSpkg.dll
2017-01-05 18:52 . 2017-01-11 20:05 28672 ----a-w- c:\windows\system32\sspisrv.dll
2017-01-05 18:52 . 2017-01-11 20:05 135680 ----a-w- c:\windows\system32\sspicli.dll
2017-01-05 18:52 . 2017-01-11 20:05 345600 ----a-w- c:\windows\system32\schannel.dll
2017-01-05 18:52 . 2017-01-11 20:05 28160 ----a-w- c:\windows\system32\secur32.dll
2017-01-05 18:52 . 2017-01-11 20:05 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-01-05 18:52 . 2017-01-11 20:05 1212928 ----a-w- c:\windows\system32\rpcrt4.dll
2017-01-05 18:52 . 2017-01-11 20:05 312320 ----a-w- c:\windows\system32\ncrypt.dll
2017-01-05 18:52 . 2017-01-11 20:05 316928 ----a-w- c:\windows\system32\msv1_0.dll
2017-01-05 18:52 . 2017-01-11 20:05 60416 ----a-w- c:\windows\system32\msobjs.dll
2017-01-05 18:52 . 2017-01-11 20:05 146432 ----a-w- c:\windows\system32\msaudite.dll
2017-01-05 18:52 . 2017-01-11 20:05 730624 ----a-w- c:\windows\system32\kerberos.dll
2017-01-05 18:52 . 2017-01-11 20:05 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2017-01-05 18:52 . 2017-01-11 20:05 43520 ----a-w- c:\windows\system32\cryptbase.dll
2017-01-05 18:52 . 2017-01-11 20:05 22016 ----a-w- c:\windows\system32\credssp.dll
2017-01-05 18:52 . 2017-01-11 20:05 690688 ----a-w- c:\windows\system32\adtschema.dll
2017-01-05 18:52 . 2017-01-11 20:05 463872 ----a-w- c:\windows\system32\certcli.dll
2017-01-05 18:52 . 2017-01-11 20:05 123904 ----a-w- c:\windows\system32\bcrypt.dll
2017-01-05 17:43 . 2017-01-11 20:05 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2017-01-05 17:43 . 2017-01-11 20:05 82944 ----a-w- c:\windows\SysWow64\bcrypt.dll
2017-01-05 17:43 . 2017-01-11 20:05 666112 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2017-01-05 17:43 . 2017-01-11 20:05 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2017-01-05 17:43 . 2017-01-11 20:05 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2017-01-05 17:43 . 2017-01-11 20:05 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2017-01-05 17:43 . 2017-01-11 20:05 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2017-01-05 17:43 . 2017-01-11 20:05 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2017-01-05 17:43 . 2017-01-11 20:05 261120 ----a-w- c:\windows\SysWow64\msv1_0.dll
2017-01-05 17:43 . 2017-01-11 20:05 223232 ----a-w- c:\windows\SysWow64\ncrypt.dll
2017-01-05 17:43 . 2017-01-11 20:05 60416 ----a-w- c:\windows\SysWow64\msobjs.dll
2017-01-05 17:43 . 2017-01-11 20:05 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2017-01-05 17:43 . 2017-01-11 20:05 553472 ----a-w- c:\windows\SysWow64\kerberos.dll
2017-01-05 17:43 . 2017-01-11 20:05 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2017-01-05 17:43 . 2017-01-11 20:05 342528 ----a-w- c:\windows\SysWow64\certcli.dll
2017-01-05 17:42 . 2017-01-11 20:05 690688 ----a-w- c:\windows\SysWow64\adtschema.dll
2017-01-05 17:32 . 2017-01-11 20:05 64000 ----a-w- c:\windows\system32\auditpol.exe
2017-01-05 17:25 . 2017-01-11 20:05 159744 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2017-01-05 17:24 . 2017-01-11 20:05 291328 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2017-01-05 17:24 . 2017-01-11 20:05 129536 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2017-01-05 17:24 . 2017-01-11 20:05 30720 ----a-w- c:\windows\system32\lsass.exe
2017-01-05 17:23 . 2017-01-11 20:05 50176 ----a-w- c:\windows\SysWow64\auditpol.exe
2017-01-05 17:19 . 2017-01-11 20:05 36352 ----a-w- c:\windows\SysWow64\cryptbase.dll
2016-11-29 21:34 . 2016-11-29 21:34 28352 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2016-11-29 21:27 . 2016-11-29 21:27 30400 ----a-w- c:\windows\system32\aspnet_counters.dll
2016-11-29 21:27 . 2016-11-29 21:27 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2016-11-29 21:27 . 2016-11-29 21:27 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2016-11-29 21:27 . 2016-11-29 21:27 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="u:\programme\DAEMON Tools Lite\DTLite.exe" [2015-02-26 5583120]
"Steam"="v:\games\Steam\steam.exe" [2017-01-19 2881824]
"DymoQuickPrint"="u:\programme\DYMO Label Software\DymoQuickPrint.exe" [2014-03-20 1867056]
"PCShowServer"="c:\users\Roland_Home\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe" [2015-08-23 1632752]
"Octoshape Streaming Services"="c:\users\Roland_Home\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2014-08-01 500016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UniColor Pro"="c:\program files (x86)\EIZO\UniColor Pro\ucpro.exe" [2014-05-09 4420416]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2015-05-05 448520]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"Diamondback"="u:\programme\Razer\Razer\Diamondback\razerhid.exe" [2009-10-09 226816]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2016-07-05 210432]
"AsioThk32Reg"="CTASIO.DLL" [2010-03-18 47104]
"CTHelper"="CTHELPER.EXE" [2010-03-18 19456]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"CheckNDISPortF0acA7"="c:\program files (x86)\Hostless Modem\o2 Surfstick\CheckNDISPort_df.exe" [2013-05-10 419072]
"CancelAutoPlay_df"="c:\program files (x86)\Hostless Modem\o2 Surfstick\CancelAutoPlay_df.exe" [2013-05-10 446720]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Launchy.lnk - c:\program files (x86)\Launchy\Launchy.exe [2015-4-5 380928]
Printkey2000.lnk - u:\programme\PrintKey2000\Printkey2000.exe [2015-5-17 869376]
ScreenManager Pro for LCD Ver3.3.3.lnk - c:\program files (x86)\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe [2013-2-19 9046352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 ayjzwrjw;ayjzwrjw;c:\windows\system32\drivers\ayjzwrjw.sys;c:\windows\SYSNATIVE\drivers\ayjzwrjw.sys [x]
R1 bofynfnn;bofynfnn;c:\windows\system32\drivers\bofynfnn.sys;c:\windows\SYSNATIVE\drivers\bofynfnn.sys [x]
R1 cgvnhzhf;cgvnhzhf;c:\windows\system32\drivers\cgvnhzhf.sys;c:\windows\SYSNATIVE\drivers\cgvnhzhf.sys [x]
R1 cscnwuhb;cscnwuhb;c:\windows\system32\drivers\cscnwuhb.sys;c:\windows\SYSNATIVE\drivers\cscnwuhb.sys [x]
R1 fiwrpoqx;fiwrpoqx;c:\windows\system32\drivers\fiwrpoqx.sys;c:\windows\SYSNATIVE\drivers\fiwrpoqx.sys [x]
R1 gfjcndos;gfjcndos;c:\windows\system32\drivers\gfjcndos.sys;c:\windows\SYSNATIVE\drivers\gfjcndos.sys [x]
R1 iolzhsti;iolzhsti;c:\windows\system32\drivers\iolzhsti.sys;c:\windows\SYSNATIVE\drivers\iolzhsti.sys [x]
R1 ipdlodvv;ipdlodvv;c:\windows\system32\drivers\ipdlodvv.sys;c:\windows\SYSNATIVE\drivers\ipdlodvv.sys [x]
R1 iyystmel;iyystmel;c:\windows\system32\drivers\iyystmel.sys;c:\windows\SYSNATIVE\drivers\iyystmel.sys [x]
R1 jbzjfygl;jbzjfygl;c:\windows\system32\drivers\jbzjfygl.sys;c:\windows\SYSNATIVE\drivers\jbzjfygl.sys [x]
R1 jcbyyxin;jcbyyxin;c:\windows\system32\drivers\jcbyyxin.sys;c:\windows\SYSNATIVE\drivers\jcbyyxin.sys [x]
R1 jhonxmzw;jhonxmzw;c:\windows\system32\drivers\jhonxmzw.sys;c:\windows\SYSNATIVE\drivers\jhonxmzw.sys [x]
R1 jiljbspe;jiljbspe;c:\windows\system32\drivers\jiljbspe.sys;c:\windows\SYSNATIVE\drivers\jiljbspe.sys [x]
R1 kcllgghf;kcllgghf;c:\windows\system32\drivers\kcllgghf.sys;c:\windows\SYSNATIVE\drivers\kcllgghf.sys [x]
R1 qxxcibpv;qxxcibpv;c:\windows\system32\drivers\qxxcibpv.sys;c:\windows\SYSNATIVE\drivers\qxxcibpv.sys [x]
R1 rlpxvgjd;rlpxvgjd;c:\windows\system32\drivers\rlpxvgjd.sys;c:\windows\SYSNATIVE\drivers\rlpxvgjd.sys [x]
R1 sbgyxvsi;sbgyxvsi;c:\windows\system32\drivers\sbgyxvsi.sys;c:\windows\SYSNATIVE\drivers\sbgyxvsi.sys [x]
R1 tbrqizme;tbrqizme;c:\windows\system32\drivers\tbrqizme.sys;c:\windows\SYSNATIVE\drivers\tbrqizme.sys [x]
R1 tdgdeuho;tdgdeuho;c:\windows\system32\drivers\tdgdeuho.sys;c:\windows\SYSNATIVE\drivers\tdgdeuho.sys [x]
R1 udgchqci;udgchqci;c:\windows\system32\drivers\udgchqci.sys;c:\windows\SYSNATIVE\drivers\udgchqci.sys [x]
R1 whqjjpsr;whqjjpsr;c:\windows\system32\drivers\whqjjpsr.sys;c:\windows\SYSNATIVE\drivers\whqjjpsr.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
R2 Origin Web Helper Service;Origin Web Helper Service;v:\games\Origin\OriginWebHelperService.exe;v:\games\Origin\OriginWebHelperService.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\System32\drivers\COMMONFX.SYS;c:\windows\SYSNATIVE\drivers\COMMONFX.SYS [x]
R3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS;c:\windows\SYSNATIVE\drivers\COMMONFX.SYS [x]
R3 cpuz138;cpuz138;c:\users\ROLAND~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys;c:\users\ROLAND~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\System32\drivers\CTAUDFX.SYS;c:\windows\SYSNATIVE\drivers\CTAUDFX.SYS [x]
R3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS;c:\windows\SYSNATIVE\drivers\CTAUDFX.SYS [x]
R3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\System32\drivers\CTERFXFX.SYS;c:\windows\SYSNATIVE\drivers\CTERFXFX.SYS [x]
R3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS;c:\windows\SYSNATIVE\drivers\CTERFXFX.SYS [x]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\System32\drivers\CTSBLFX.SYS;c:\windows\SYSNATIVE\drivers\CTSBLFX.SYS [x]
R3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS;c:\windows\SYSNATIVE\drivers\CTSBLFX.SYS [x]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb.sys [x]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 Origin Client Service;Origin Client Service;v:\games\Origin\OriginClientService.exe;v:\games\Origin\OriginClientService.exe [x]
R3 Razerlow;Razer Pro|Solutions;c:\windows\system32\drivers\Razerlow.sys;c:\windows\SYSNATIVE\drivers\Razerlow.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Spyder3;Datacolor Spyder3;c:\windows\system32\DRIVERS\Spyder3.sys;c:\windows\SYSNATIVE\DRIVERS\Spyder3.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 DevoloNetworkService;devolo Network Service;c:\program files (x86)\devolo\dlan\devolonetsvc.exe;c:\program files (x86)\devolo\dlan\devolonetsvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DigitalWave.Update.Service;Digital Wave Update Service;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [x]
S2 DymoPnpService;DYMO PnP Service;u:\programme\DYMO Label Software\DymoPnpService.exe;u:\programme\DYMO Label Software\DymoPnpService.exe [x]
S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\sysWOW64\drivers\npf_devolo.sys;c:\windows\sysWOW64\drivers\npf_devolo.sys [x]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
S2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [x]
S2 WTabletServicePro;Wacom Professional Service;c:\program files\Tablet\Wacom\WTabletServicePro.exe;c:\program files\Tablet\Wacom\WTabletServicePro.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;u:\programme\DAEMON Tools Lite\DiscSoftBusService.exe;u:\programme\DAEMON Tools Lite\DiscSoftBusService.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2017-02-07 19:29 1368920 ----a-w- c:\program files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2017-02-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-04 09:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2015-03-12 13318424]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-11-14 1353680]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-12-17 170256]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-9733a813
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://files.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\Roland_Home\AppData\Roaming\Mozilla\Firefox\Profiles\iprwapdk.default\
FF - prefs.js: browser.search.selectedEngine - Search Provided by Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-9733a813
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-iCloudServices - c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
Wow6432Node-HKCU-Run-ApplePhotoStreams - c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
Wow6432Node-HKCU-Run-iPhone PC Suite - u:\programme\iphone pc suite\iPhone\iPhone\iPhone PC Suite.exe
Wow6432Node-HKLM-Run-DLSService - u:\programme\DYMO Label Software\DLSService.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
c:\users\Roland_Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EIZO EasyPIX.lnk - u:\programme\EIZO EasyPIX\EIZO EasyPIX.exe
AddRemove-{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD} - c:\windows\system32\SupportAppPBHostless Modem\Setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2017-02-24 23:42:54
ComboFix-quarantined-files.txt 2017-02-24 22:42
.
Vor Suchlauf: 11 Verzeichnis(se), 18.088.382.464 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 18.723.442.688 Bytes frei
.
- - End Of File - - A009C9B25B6A5D6421BB85EF14EE47D8
A36C5E4F47E84449FF07ED3517B43A31
|
|
25.02.2017, 13:24
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USB FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [Datei ist nicht signiert]
S1 ayjzwrjw; \??\C:\Windows\system32\drivers\ayjzwrjw.sys [X]
S1 bofynfnn; \??\C:\Windows\system32\drivers\bofynfnn.sys [X]
S1 cgvnhzhf; \??\C:\Windows\system32\drivers\cgvnhzhf.sys [X]
S1 cscnwuhb; \??\C:\Windows\system32\drivers\cscnwuhb.sys [X]
S1 fiwrpoqx; \??\C:\Windows\system32\drivers\fiwrpoqx.sys [X]
S1 gfjcndos; \??\C:\Windows\system32\drivers\gfjcndos.sys [X]
S1 iolzhsti; \??\C:\Windows\system32\drivers\iolzhsti.sys [X]
S1 ipdlodvv; \??\C:\Windows\system32\drivers\ipdlodvv.sys [X]
S1 iyystmel; \??\C:\Windows\system32\drivers\iyystmel.sys [X]
S1 jbzjfygl; \??\C:\Windows\system32\drivers\jbzjfygl.sys [X]
S1 jcbyyxin; \??\C:\Windows\system32\drivers\jcbyyxin.sys [X]
S1 jhonxmzw; \??\C:\Windows\system32\drivers\jhonxmzw.sys [X]
S1 jiljbspe; \??\C:\Windows\system32\drivers\jiljbspe.sys [X]
S1 kcllgghf; \??\C:\Windows\system32\drivers\kcllgghf.sys [X]
S1 qxxcibpv; \??\C:\Windows\system32\drivers\qxxcibpv.sys [X]
S1 rlpxvgjd; \??\C:\Windows\system32\drivers\rlpxvgjd.sys [X]
S1 sbgyxvsi; \??\C:\Windows\system32\drivers\sbgyxvsi.sys [X]
S1 tbrqizme; \??\C:\Windows\system32\drivers\tbrqizme.sys [X]
S1 tdgdeuho; \??\C:\Windows\system32\drivers\tdgdeuho.sys [X]
S1 udgchqci; \??\C:\Windows\system32\drivers\udgchqci.sys [X]
S1 whqjjpsr; \??\C:\Windows\system32\drivers\whqjjpsr.sys [X]
C:\Windows\SysWOW64\srvany.exe
C:\Windows\system32\drivers\ayjzwrjw.sys
C:\Windows\system32\drivers\bofynfnn.sys
C:\Windows\system32\drivers\cgvnhzhf.sys
C:\Windows\system32\drivers\cscnwuhb.sys
C:\Windows\system32\drivers\fiwrpoqx.sys
C:\Windows\system32\drivers\gfjcndos.sys
C:\Windows\system32\drivers\iolzhsti.sys
C:\Windows\system32\drivers\ipdlodvv.sys
C:\Windows\system32\drivers\iyystmel.sys
C:\Windows\system32\drivers\jbzjfygl.sys
C:\Windows\system32\drivers\jcbyyxin.sys
C:\Windows\system32\drivers\jhonxmzw.sys
C:\Windows\system32\drivers\jiljbspe.sys
C:\Windows\system32\drivers\kcllgghf.sys
C:\Windows\system32\drivers\qxxcibpv.sys
C:\Windows\system32\drivers\rlpxvgjd.sys
C:\Windows\system32\drivers\sbgyxvsi.sys
C:\Windows\system32\drivers\tbrqizme.sys
C:\Windows\system32\drivers\tdgdeuho.sys
C:\Windows\system32\drivers\udgchqci.sys
C:\Windows\system32\drivers\whqjjpsr.sys
C:\Program Files (x86)\Avira
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.02.2017, 16:11
| #15 |
| | Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USB Fixlog.txt Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-02-2017 01
durchgeführt von Roland_Home (25-02-2017 14:04:10) Run:1
Gestartet von C:\Users\Roland_Home\Desktop
Geladene Profile: Roland_Home (Verfügbare Profile: Roland_Home)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [Datei ist nicht signiert]
S1 ayjzwrjw; \??\C:\Windows\system32\drivers\ayjzwrjw.sys [X]
S1 bofynfnn; \??\C:\Windows\system32\drivers\bofynfnn.sys [X]
S1 cgvnhzhf; \??\C:\Windows\system32\drivers\cgvnhzhf.sys [X]
S1 cscnwuhb; \??\C:\Windows\system32\drivers\cscnwuhb.sys [X]
S1 fiwrpoqx; \??\C:\Windows\system32\drivers\fiwrpoqx.sys [X]
S1 gfjcndos; \??\C:\Windows\system32\drivers\gfjcndos.sys [X]
S1 iolzhsti; \??\C:\Windows\system32\drivers\iolzhsti.sys [X]
S1 ipdlodvv; \??\C:\Windows\system32\drivers\ipdlodvv.sys [X]
S1 iyystmel; \??\C:\Windows\system32\drivers\iyystmel.sys [X]
S1 jbzjfygl; \??\C:\Windows\system32\drivers\jbzjfygl.sys [X]
S1 jcbyyxin; \??\C:\Windows\system32\drivers\jcbyyxin.sys [X]
S1 jhonxmzw; \??\C:\Windows\system32\drivers\jhonxmzw.sys [X]
S1 jiljbspe; \??\C:\Windows\system32\drivers\jiljbspe.sys [X]
S1 kcllgghf; \??\C:\Windows\system32\drivers\kcllgghf.sys [X]
S1 qxxcibpv; \??\C:\Windows\system32\drivers\qxxcibpv.sys [X]
S1 rlpxvgjd; \??\C:\Windows\system32\drivers\rlpxvgjd.sys [X]
S1 sbgyxvsi; \??\C:\Windows\system32\drivers\sbgyxvsi.sys [X]
S1 tbrqizme; \??\C:\Windows\system32\drivers\tbrqizme.sys [X]
S1 tdgdeuho; \??\C:\Windows\system32\drivers\tdgdeuho.sys [X]
S1 udgchqci; \??\C:\Windows\system32\drivers\udgchqci.sys [X]
S1 whqjjpsr; \??\C:\Windows\system32\drivers\whqjjpsr.sys [X]
C:\Windows\SysWOW64\srvany.exe
C:\Windows\system32\drivers\ayjzwrjw.sys
C:\Windows\system32\drivers\bofynfnn.sys
C:\Windows\system32\drivers\cgvnhzhf.sys
C:\Windows\system32\drivers\cscnwuhb.sys
C:\Windows\system32\drivers\fiwrpoqx.sys
C:\Windows\system32\drivers\gfjcndos.sys
C:\Windows\system32\drivers\iolzhsti.sys
C:\Windows\system32\drivers\ipdlodvv.sys
C:\Windows\system32\drivers\iyystmel.sys
C:\Windows\system32\drivers\jbzjfygl.sys
C:\Windows\system32\drivers\jcbyyxin.sys
C:\Windows\system32\drivers\jhonxmzw.sys
C:\Windows\system32\drivers\jiljbspe.sys
C:\Windows\system32\drivers\kcllgghf.sys
C:\Windows\system32\drivers\qxxcibpv.sys
C:\Windows\system32\drivers\rlpxvgjd.sys
C:\Windows\system32\drivers\sbgyxvsi.sys
C:\Windows\system32\drivers\tbrqizme.sys
C:\Windows\system32\drivers\tdgdeuho.sys
C:\Windows\system32\drivers\udgchqci.sys
C:\Windows\system32\drivers\whqjjpsr.sys
C:\Program Files (x86)\Avira
emptytemp:
*****************
HKLM\System\CurrentControlSet\Services\KMService => Schlüssel erfolgreich entfernt
KMService => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\ayjzwrjw => Schlüssel erfolgreich entfernt
ayjzwrjw => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\bofynfnn => Schlüssel erfolgreich entfernt
bofynfnn => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\cgvnhzhf => Schlüssel erfolgreich entfernt
cgvnhzhf => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\cscnwuhb => Schlüssel erfolgreich entfernt
cscnwuhb => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\fiwrpoqx => Schlüssel erfolgreich entfernt
fiwrpoqx => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\gfjcndos => Schlüssel erfolgreich entfernt
gfjcndos => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\iolzhsti => Schlüssel erfolgreich entfernt
iolzhsti => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\ipdlodvv => Schlüssel erfolgreich entfernt
ipdlodvv => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\iyystmel => Schlüssel erfolgreich entfernt
iyystmel => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\jbzjfygl => Schlüssel erfolgreich entfernt
jbzjfygl => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\jcbyyxin => Schlüssel erfolgreich entfernt
jcbyyxin => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\jhonxmzw => Schlüssel erfolgreich entfernt
jhonxmzw => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\jiljbspe => Schlüssel erfolgreich entfernt
jiljbspe => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\kcllgghf => Schlüssel erfolgreich entfernt
kcllgghf => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\qxxcibpv => Schlüssel erfolgreich entfernt
qxxcibpv => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\rlpxvgjd => Schlüssel erfolgreich entfernt
rlpxvgjd => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\sbgyxvsi => Schlüssel erfolgreich entfernt
sbgyxvsi => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\tbrqizme => Schlüssel erfolgreich entfernt
tbrqizme => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\tdgdeuho => Schlüssel erfolgreich entfernt
tdgdeuho => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\udgchqci => Schlüssel erfolgreich entfernt
udgchqci => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\whqjjpsr => Schlüssel erfolgreich entfernt
whqjjpsr => Dienst erfolgreich entfernt
C:\Windows\SysWOW64\srvany.exe => erfolgreich verschoben
"C:\Windows\system32\drivers\ayjzwrjw.sys" => nicht gefunden.
"C:\Windows\system32\drivers\bofynfnn.sys" => nicht gefunden.
"C:\Windows\system32\drivers\cgvnhzhf.sys" => nicht gefunden.
"C:\Windows\system32\drivers\cscnwuhb.sys" => nicht gefunden.
"C:\Windows\system32\drivers\fiwrpoqx.sys" => nicht gefunden.
"C:\Windows\system32\drivers\gfjcndos.sys" => nicht gefunden.
"C:\Windows\system32\drivers\iolzhsti.sys" => nicht gefunden.
"C:\Windows\system32\drivers\ipdlodvv.sys" => nicht gefunden.
"C:\Windows\system32\drivers\iyystmel.sys" => nicht gefunden.
"C:\Windows\system32\drivers\jbzjfygl.sys" => nicht gefunden.
"C:\Windows\system32\drivers\jcbyyxin.sys" => nicht gefunden.
"C:\Windows\system32\drivers\jhonxmzw.sys" => nicht gefunden.
"C:\Windows\system32\drivers\jiljbspe.sys" => nicht gefunden.
"C:\Windows\system32\drivers\kcllgghf.sys" => nicht gefunden.
"C:\Windows\system32\drivers\qxxcibpv.sys" => nicht gefunden.
"C:\Windows\system32\drivers\rlpxvgjd.sys" => nicht gefunden.
"C:\Windows\system32\drivers\sbgyxvsi.sys" => nicht gefunden.
"C:\Windows\system32\drivers\tbrqizme.sys" => nicht gefunden.
"C:\Windows\system32\drivers\tdgdeuho.sys" => nicht gefunden.
"C:\Windows\system32\drivers\udgchqci.sys" => nicht gefunden.
"C:\Windows\system32\drivers\whqjjpsr.sys" => nicht gefunden.
C:\Program Files (x86)\Avira => erfolgreich verschoben
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 283530709 B
Java, Flash, Steam htmlcache => 213723489 B
Windows/system/drivers => 1 B
Edge => 0 B
Chrome => 643017203 B
Firefox => 384281138 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 33125 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58504039 B
systemprofile32 => 73452 B
LocalService => 66228 B
NetworkService => 25429045 B
Roland_Home => 63617844 B
RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 14:04:53 ====
|
|
| Themen zu Windows 7: VBS/LNK.Jenxcus.Gen von fremdem USB |
| antivir, antivirus, avira, defender, downloader, explorer, flash player, home, homepage, iexplore.exe, mozilla, node.js, nvcontainer, photoshop, prozesse, registry, scan, security, services.exe, software, stick, svchost.exe, system, temp, udp, usb, windows |
Linear-Darstellung
