Browser Hijacker yeabests.cc lässt sich nicht entfernen FRST:
Code:
Alles auswählen Aufklappen ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-09-2016
durchgeführt von Jan (Administrator) auf JAN-PC (22-09-2016 21:36:20)
Gestartet von C:\Users\Jan\Desktop
Geladene Profile: Jan (Verfügbare Profile: Jan)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Users\Jan\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Dropbox, Inc.) C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Dropbox, Inc.) C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [830064 2016-08-25] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1348181896-3747889425-2865563460-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-1348181896-3747889425-2865563460-1001\...\Run: [Dropbox Update] => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-1348181896-3747889425-2865563460-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-1348181896-3747889425-2865563460-1001\...\MountPoints2: {26acd5ef-d248-11e5-8287-acd1b84e3cc8} - "F:\Startme.exe"
HKU\S-1-5-21-1348181896-3747889425-2865563460-1001\...\MountPoints2: {8169ce7e-306d-11e5-826c-3065ec6bfdda} - "E:\RunGame.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation)
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-09-21]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60
Tcpip\..\Interfaces\{45D0C78A-AAD8-4217-B3EA-3D13FDD4D534}: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60
Tcpip\..\Interfaces\{F09B6985-452D-45B8-A15A-D4530E182B5E}: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131189344340531374&GUID=3A817CE5-0832-474F-A81A-09AB145FCE28
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131189344340538859&GUID=3A817CE5-0832-474F-A81A-09AB145FCE28
HKU\S-1-5-21-1348181896-3747889425-2865563460-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.ch/?hl=de&gws_rd=ssl
HKU\S-1-5-21-1348181896-3747889425-2865563460-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> DefaultScope {653031FC-8B77-499A-AA9E-CCEFDE3C8526} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {653031FC-8B77-499A-AA9E-CCEFDE3C8526} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {653031FC-8B77-499A-AA9E-CCEFDE3C8526} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {653031FC-8B77-499A-AA9E-CCEFDE3C8526} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-08-16] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-07-26] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-21] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-21] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\nsacVWpz.default
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-15] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2016-01-09] ()
FF Extension: (Avira Browser Safety) - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\nsacVWpz.default\Extensions\abs@avira.com [2016-09-21]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-08-25] (Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [470600 2016-08-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [470600 2016-08-25] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1454720 2016-08-25] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [346928 2016-08-24] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [26760 2016-09-12] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3192560 2016-07-26] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-02-01] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-31] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-10-17] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-10-17] (Acer Incorporate)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-08-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-08-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-08-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-08-25] (Avira Operations GmbH & Co. KG)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2016-09-22] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-20] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [19616 2014-09-06] (Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 Qcamain; C:\Windows\system32\DRIVERS\Qcamainx64.sys [2220544 2014-08-26] (Qualcomm Atheros, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-22 20:15 - 2016-09-22 20:15 - 00000000 ____D C:\ProgramData\Avira
2016-09-22 20:14 - 2016-09-22 21:33 - 00003983 _____ C:\Users\Jan\Desktop\Fixlog.txt
2016-09-22 14:37 - 2016-09-22 14:37 - 00029981 _____ C:\Users\Jan\Desktop\AdwCleaner[S0].txt
2016-09-22 14:32 - 2016-09-22 14:32 - 00003142 _____ C:\Users\Jan\Desktop\mbam log 1.txt
2016-09-22 14:04 - 2016-09-22 14:04 - 00004023 _____ C:\Users\Jan\Desktop\AdwCleaner[S25].txt
2016-09-22 12:53 - 2016-09-22 21:36 - 00019866 _____ C:\Users\Jan\Desktop\FRST.txt
2016-09-22 12:53 - 2016-09-22 20:27 - 00064713 _____ C:\Users\Jan\Desktop\Addition.txt
2016-09-22 12:52 - 2016-09-22 21:36 - 00000000 ____D C:\FRST
2016-09-22 12:52 - 2016-09-22 12:52 - 02402816 _____ (Farbar) C:\Users\Jan\Desktop\FRST64.exe
2016-09-22 03:27 - 2016-09-22 03:27 - 00000000 ____D C:\Users\Jan\AppData\Local\Google
2016-09-22 01:54 - 2016-09-22 01:54 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2016-09-22 01:54 - 2016-09-22 01:54 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2016-09-22 01:32 - 2016-09-22 12:15 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-09-22 01:29 - 2016-09-22 01:36 - 00000000 ____D C:\Users\Jan\Desktop\mbar
2016-09-22 00:55 - 2016-09-22 00:55 - 00000773 _____ C:\Users\Jan\Desktop\JRT.txt
2016-09-22 00:44 - 2016-09-22 00:45 - 00001812 _____ C:\Users\Jan\Desktop\sc-cleaner.txt
2016-09-21 23:41 - 2016-09-21 23:41 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Avira
2016-09-21 22:48 - 2016-09-21 22:48 - 00002098 _____ C:\Users\Public\Desktop\Avira Software Updater.lnk
2016-09-21 22:47 - 2016-09-21 22:47 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Mozilla
2016-09-21 22:46 - 2016-09-21 22:46 - 00002782 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-09-21 22:46 - 2016-09-21 22:46 - 00000838 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-21 22:46 - 2016-09-21 22:46 - 00000000 ____D C:\Program Files\CCleaner
2016-09-21 22:46 - 2016-08-25 16:12 - 00154392 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-09-21 22:46 - 2016-08-25 16:12 - 00144664 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-09-21 22:46 - 2016-08-25 16:12 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-09-21 22:46 - 2016-08-25 16:12 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2016-09-21 22:41 - 2016-09-21 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-21 22:41 - 2016-09-21 22:48 - 00000000 ____D C:\Program Files (x86)\Avira
2016-09-21 22:41 - 2016-09-21 22:41 - 00001234 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-09-21 16:55 - 2016-09-21 16:55 - 00000000 ____D C:\Windows\pss
2016-09-21 15:20 - 2016-09-21 15:20 - 03861056 _____ C:\Users\Jan\Desktop\AdwCleaner_6.020.exe
2016-09-21 15:09 - 2016-09-22 20:49 - 00000000 ____D C:\AdwCleaner
2016-09-21 01:29 - 2016-09-21 01:29 - 00000000 ____D C:\Users\Jan\Downloads\Lacie James - Big 3172 1212 Sitter 1917 from 1850 31722191s
2016-09-21 01:29 - 2016-09-21 01:29 - 00000000 ____D C:\Users\Jan\Downloads\Chihiros Reise ins Zauberland-kinox to(1252)-bySGexx
2016-09-20 22:52 - 2016-09-20 22:52 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud
2016-09-20 19:14 - 2016-09-20 19:14 - 00122019 _____ C:\Windows\64b60ff7848445acb976e8f3e6760591.exe
2016-09-20 11:00 - 2016-09-20 11:00 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-09-19 23:06 - 2016-09-20 11:21 - 00000000 ____D C:\Users\Jan\Documents\Universität
2016-09-18 17:23 - 2016-09-18 17:23 - 00000000 ____D C:\Users\Jan\.QtWebEngineProcess
2016-09-18 17:23 - 2016-09-18 17:23 - 00000000 ____D C:\Users\Jan\.Origin
2016-09-18 16:43 - 2016-09-18 16:43 - 01247624 _____ (Mojang) C:\Users\Jan\Downloads\Minecraft.exe
2016-09-15 21:34 - 2016-01-12 06:40 - 00112032 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-09-15 21:34 - 2015-12-18 08:11 - 00047760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-09-15 21:34 - 2015-12-18 08:10 - 00090768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-09-14 13:39 - 2016-07-09 18:10 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2016-09-14 13:39 - 2016-07-09 00:35 - 00101208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-09-14 13:39 - 2016-07-08 16:17 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2016-09-14 13:39 - 2016-07-08 16:17 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2016-09-14 13:39 - 2016-07-08 00:32 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2016-09-14 13:39 - 2016-07-08 00:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2016-09-14 13:39 - 2016-07-08 00:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2016-09-14 13:39 - 2016-07-08 00:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2016-09-14 13:39 - 2016-07-07 23:04 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2016-09-14 13:39 - 2016-07-07 22:59 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-09-14 13:39 - 2016-07-07 22:44 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-09-14 13:39 - 2016-07-07 22:41 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2016-09-14 13:39 - 2016-07-07 22:34 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2016-09-14 13:39 - 2016-07-07 22:29 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-09-14 13:39 - 2016-07-07 22:29 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2016-09-14 13:39 - 2016-07-07 22:23 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2016-09-14 13:39 - 2016-07-07 22:18 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2016-09-14 13:39 - 2016-07-07 22:11 - 01661064 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-09-14 13:39 - 2016-07-07 22:11 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-09-14 13:39 - 2016-07-07 22:11 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll
2016-09-14 13:39 - 2016-07-07 21:35 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll
2016-09-14 13:39 - 2016-07-07 21:14 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2016-09-14 13:39 - 2016-07-04 07:09 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-09-14 13:39 - 2016-07-04 05:45 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2016-09-14 13:39 - 2016-07-04 05:37 - 02897920 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-09-14 13:39 - 2016-07-04 05:33 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-09-14 13:39 - 2016-07-04 05:04 - 02539008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-09-14 13:39 - 2016-07-04 05:02 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-09-14 13:39 - 2016-07-04 04:19 - 03547136 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-09-14 13:39 - 2016-07-01 22:39 - 00197352 _____ (Microsoft Corporation) C:\Windows\system32\dssenh.dll
2016-09-14 13:39 - 2016-07-01 22:39 - 00157016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dssenh.dll
2016-09-14 13:39 - 2016-01-10 19:08 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2016-09-14 11:29 - 2016-08-21 01:45 - 07076864 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-09-14 11:29 - 2016-08-21 01:22 - 00435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-14 11:29 - 2016-08-21 01:05 - 05273600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-09-14 11:29 - 2016-08-21 00:50 - 00360448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-14 11:29 - 2016-08-21 00:42 - 07795712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-09-14 11:29 - 2016-08-21 00:27 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-09-14 11:29 - 2016-08-10 00:47 - 00803176 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-14 11:29 - 2016-08-10 00:47 - 00611576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-14 11:29 - 2016-08-04 16:17 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-14 11:29 - 2016-08-03 20:06 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-14 11:29 - 2016-08-03 20:05 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-14 11:28 - 2016-09-08 23:51 - 00443224 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-14 11:28 - 2016-09-08 23:51 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-09-14 11:28 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-09-14 11:28 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-09-14 11:28 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-09-14 11:28 - 2016-09-01 03:39 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-09-14 11:28 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-09-14 11:28 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-09-14 11:28 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-09-14 11:28 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-14 11:28 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-09-14 11:28 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-09-14 11:28 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-09-14 11:28 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-09-14 11:28 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-09-14 11:28 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-09-14 11:28 - 2016-09-01 01:38 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-09-14 11:28 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-09-14 11:28 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-14 11:28 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-14 11:28 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-14 11:28 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-09-14 11:28 - 2016-08-26 07:51 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-14 11:28 - 2016-08-26 06:44 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-09-14 11:28 - 2016-08-26 06:41 - 02881536 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-09-14 11:28 - 2016-08-26 06:00 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-09-14 11:28 - 2016-08-22 18:06 - 00179248 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-09-14 11:28 - 2016-08-22 18:06 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-09-14 11:28 - 2016-08-21 03:03 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-09-14 11:28 - 2016-08-21 03:01 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-09-14 11:28 - 2016-08-21 03:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-09-14 11:28 - 2016-08-21 02:17 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-09-14 11:28 - 2016-08-21 01:27 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-09-14 11:28 - 2016-08-21 01:26 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-09-14 11:28 - 2016-08-21 00:55 - 00104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-09-14 11:28 - 2016-08-14 21:34 - 01541248 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-14 11:28 - 2016-08-14 20:25 - 04171264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-14 11:28 - 2016-08-14 18:14 - 01376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-14 11:28 - 2016-08-13 09:41 - 07445848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-14 11:28 - 2016-08-13 09:40 - 01737080 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-14 11:28 - 2016-08-13 09:40 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-09-14 11:28 - 2016-08-13 09:40 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-09-14 11:28 - 2016-08-13 09:40 - 01490120 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-09-14 11:28 - 2016-08-13 09:40 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-09-14 11:28 - 2016-08-13 02:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-14 11:28 - 2016-08-11 18:26 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2016-09-14 11:28 - 2016-08-11 18:17 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2016-09-14 11:28 - 2016-08-11 18:16 - 00455680 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2016-09-11 22:53 - 2016-09-11 22:53 - 00000000 __RHD C:\Users\Jan\AppData\Roaming\SecuROM
2016-09-11 22:53 - 2016-09-11 22:53 - 00000000 ____D C:\Users\Jan\Documents\EA Games
2016-09-11 00:31 - 2016-09-11 00:31 - 00000000 ____D C:\Users\Jan\Documents\Mirrors Edge Catalyst
2016-08-29 23:10 - 2016-08-29 23:12 - 00000000 ____D C:\Users\Jan\AppData\Local\chromium
2016-08-29 23:09 - 2016-09-21 16:44 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-08-29 23:09 - 2016-08-29 23:09 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 6
2016-08-29 22:27 - 2016-08-29 22:27 - 00000000 ____D C:\Users\Jan\AppData\Roaming\XMedia Recode
2016-08-28 23:40 - 2016-08-28 23:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2016-08-28 23:39 - 2016-08-28 23:40 - 00000000 ____D C:\Program Files (x86)\XMedia Recode
2016-08-25 02:34 - 2016-08-25 02:34 - 00003218 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task
2016-08-25 02:34 - 2016-08-25 02:34 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Skype
2016-08-23 02:09 - 2016-08-23 02:09 - 00000000 ____D C:\Users\Jan\AppData\Roaming\HandBrake Team
2016-08-23 02:09 - 2016-08-23 02:09 - 00000000 ____D C:\Users\Jan\AppData\Roaming\HandBrake
2016-08-23 02:08 - 2016-09-21 17:52 - 00000686 _____ C:\Users\Jan\Desktop\Handbrake.lnk
2016-08-23 02:08 - 2016-08-23 02:08 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2016-08-23 02:08 - 2016-08-23 02:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2016-08-23 02:05 - 2016-08-23 02:06 - 16520117 _____ C:\Users\Jan\Downloads\HandBrake-0.10.5-x86_64-Win_GUI.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-22 21:35 - 2015-05-27 20:57 - 00000000 ___RD C:\Users\Jan\Dropbox
2016-09-22 21:35 - 2015-05-13 16:23 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-22 21:35 - 2015-05-13 16:14 - 00000000 ___RD C:\Users\Jan\OneDrive
2016-09-22 21:35 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-22 20:54 - 2015-12-12 18:38 - 02737336 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-22 20:54 - 2015-02-13 21:13 - 00801394 _____ C:\Windows\system32\perfh00C.dat
2016-09-22 20:54 - 2015-02-13 21:13 - 00158846 _____ C:\Windows\system32\perfc00C.dat
2016-09-22 20:54 - 2015-02-13 21:11 - 00765582 _____ C:\Windows\system32\perfh007.dat
2016-09-22 20:54 - 2015-02-13 21:11 - 00159366 _____ C:\Windows\system32\perfc007.dat
2016-09-22 20:54 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-09-22 20:25 - 2015-05-13 16:13 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1348181896-3747889425-2865563460-1001
2016-09-22 20:14 - 2015-05-13 16:08 - 00001194 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-09-22 17:43 - 2015-05-18 00:53 - 00133632 _____ C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-09-22 14:30 - 2016-04-06 19:46 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-22 13:53 - 2015-07-19 13:48 - 00001178 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1348181896-3747889425-2865563460-1001Core1d0c218da01ac4c.job
2016-09-22 12:12 - 2015-05-19 22:29 - 00000000 ____D C:\Users\Jan\.frostwire5
2016-09-22 08:22 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-09-22 01:36 - 2015-05-14 10:51 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2016-09-22 01:34 - 2016-04-06 19:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-22 01:29 - 2016-04-06 19:46 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-09-21 23:39 - 2016-02-15 19:41 - 00000000 ____D C:\Users\Jan\Downloads\NFSUG2 Display Editor 1.2
2016-09-21 22:41 - 2015-01-06 12:25 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-21 17:52 - 2016-08-19 01:03 - 00001963 _____ C:\Users\Public\Desktop\abDocs.lnk
2016-09-21 17:52 - 2016-07-28 23:55 - 00000929 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-09-21 17:52 - 2016-05-10 21:17 - 00002024 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2016-09-21 17:52 - 2016-04-28 22:05 - 00001995 _____ C:\Users\Public\Desktop\abMusic.lnk
2016-09-21 17:52 - 2016-04-27 21:39 - 00001999 _____ C:\Users\Public\Desktop\abPhoto.lnk
2016-09-21 17:52 - 2016-04-25 22:20 - 00002356 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-09-21 17:52 - 2016-04-06 19:46 - 00001116 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-09-21 17:52 - 2016-02-12 21:41 - 00000607 _____ C:\Users\Public\Desktop\Need for Speed Underground 2.lnk
2016-09-21 17:52 - 2016-01-09 00:36 - 00002544 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - wildgames.lnk
2016-09-21 17:52 - 2016-01-09 00:36 - 00002522 _____ C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
2016-09-21 17:52 - 2015-10-19 12:12 - 00001398 _____ C:\Users\Jan\Desktop\Origin - Verknüpfung.lnk
2016-09-21 17:52 - 2015-10-13 13:48 - 00002152 _____ C:\Users\Jan\Desktop\JDownloader 2.lnk
2016-09-21 17:52 - 2015-09-16 23:08 - 00001225 _____ C:\Users\Jan\Desktop\Uplay.lnk
2016-09-21 17:52 - 2015-09-05 14:21 - 00001763 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-09-21 17:52 - 2015-07-05 22:53 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-09-21 17:52 - 2015-06-21 20:34 - 00002343 _____ C:\Users\Jan\Desktop\Minecontrol for Minecraft.lnk
2016-09-21 17:52 - 2015-05-27 20:57 - 00001171 _____ C:\Users\Jan\Desktop\Dropbox.lnk
2016-09-21 17:52 - 2015-05-19 22:28 - 00001227 _____ C:\Users\Jan\Desktop\FrostWire 6.lnk
2016-09-21 17:52 - 2015-05-13 16:23 - 00000977 _____ C:\Users\Public\Desktop\Steam.lnk
2016-09-21 17:52 - 2015-05-13 16:08 - 00002372 _____ C:\Users\Public\Desktop\UltraHD Demo Video.lnk
2016-09-21 17:52 - 2015-05-13 16:08 - 00001280 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2016-09-21 17:52 - 2015-05-13 16:07 - 00000469 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-09-21 17:52 - 2015-05-13 16:07 - 00000467 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-09-21 17:52 - 2015-02-13 22:13 - 00001245 _____ C:\Users\Public\Desktop\Help and Support.lnk
2016-09-21 17:52 - 2015-02-13 22:10 - 00001951 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-09-21 17:52 - 2015-02-13 22:08 - 00001828 _____ C:\Users\Public\Desktop\Dropbox.lnk
2016-09-21 17:52 - 2015-01-06 12:35 - 00002123 _____ C:\Users\Public\Desktop\abFiles.lnk
2016-09-21 17:52 - 2015-01-06 12:34 - 00002181 _____ C:\Users\Public\Desktop\Acer Video Player.lnk
2016-09-21 17:52 - 2015-01-06 12:32 - 00000968 _____ C:\Users\Public\Desktop\Foxit PhantomPDF.lnk
2016-09-21 17:52 - 2015-01-06 12:31 - 00000878 _____ C:\Users\Public\Desktop\Acer Care Center.lnk
2016-09-21 17:52 - 2015-01-06 12:30 - 00002550 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
2016-09-21 17:51 - 2014-03-18 11:45 - 00000000 ____D C:\Windows\SKB
2016-09-21 17:18 - 2015-09-08 16:37 - 00113152 ___SH C:\Users\Jan\Desktop\Thumbs.db
2016-09-21 16:45 - 2015-05-13 16:07 - 00000000 ____D C:\Users\Jan
2016-09-21 15:06 - 2015-09-15 17:56 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-09-21 15:06 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-21 14:45 - 2013-08-22 17:36 - 00000000 __RSD C:\Windows\Media
2016-09-21 14:44 - 2015-07-11 18:42 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Origin
2016-09-21 14:34 - 2015-10-13 13:47 - 00000000 ____D C:\Users\Jan\AppData\Local\JDownloader v2.0
2016-09-21 01:19 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2016-09-20 22:52 - 2015-07-20 14:06 - 00003442 _____ C:\Windows\System32\Tasks\BacKGroundAgent
2016-09-20 22:52 - 2015-01-06 12:28 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-09-20 22:52 - 2015-01-06 12:28 - 00000000 ____D C:\Program Files (x86)\Acer
2016-09-20 22:52 - 2015-01-06 11:40 - 00000000 ___HD C:\OEM
2016-09-20 22:51 - 2015-05-13 16:08 - 00000000 ____D C:\Users\Jan\AppData\Local\clear.fi
2016-09-20 11:00 - 2015-05-27 20:53 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Dropbox
2016-09-18 22:31 - 2015-05-27 20:35 - 00001052 _____ C:\Users\Jan\Downloads\nativelog.txt
2016-09-18 17:23 - 2015-07-11 18:39 - 00000000 ____D C:\Program Files (x86)\Origin
2016-09-18 17:23 - 2015-07-11 18:34 - 00000000 ____D C:\ProgramData\Origin
2016-09-18 17:22 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-09-18 16:43 - 2015-08-06 15:35 - 00000000 ____D C:\Users\Jan\Downloads\game
2016-09-18 14:30 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-09-17 19:34 - 2013-08-22 16:44 - 00493752 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-17 19:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\setup
2016-09-17 19:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\setup
2016-09-15 21:34 - 2015-05-13 16:08 - 00000000 ____D C:\Users\Jan\AppData\Local\NVIDIA
2016-09-15 21:34 - 2015-02-13 22:01 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-09-14 14:07 - 2015-05-14 00:55 - 00000000 ____D C:\Windows\system32\MRT
2016-09-14 14:05 - 2015-05-14 00:55 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-14 14:05 - 2014-03-18 11:45 - 00000000 ____D C:\Windows\ShellNew
2016-09-13 15:22 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-13 15:22 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-09-11 22:36 - 2015-07-11 18:50 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-09-09 23:24 - 2016-07-28 23:56 - 00000000 ____D C:\Users\Jan\AppData\Roaming\vlc
2016-09-07 03:11 - 2015-01-06 12:24 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:11 - 2015-01-06 12:24 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-30 23:59 - 2015-08-02 16:23 - 00000000 ____D C:\Users\Jan\Documents\ManiaPlanet
2016-08-30 23:57 - 2015-08-02 16:23 - 00000000 ____D C:\ProgramData\ManiaPlanet
2016-08-30 16:25 - 2015-05-13 16:52 - 00000000 ____D C:\Users\Jan\AppData\Local\Ubisoft Game Launcher
2016-08-29 23:55 - 2015-05-19 22:28 - 00000000 ____D C:\Program Files (x86)\FrostWire 6
2016-08-28 17:19 - 2015-11-10 20:01 - 00000000 ____D C:\Users\Jan\Documents\ANNO 2070
2016-08-26 22:27 - 2015-11-27 23:44 - 00000000 ____D C:\Users\Jan\AppData\Roaming\SpinTires
2016-08-25 02:34 - 2015-09-15 18:03 - 00003172 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1348181896-3747889425-2865563460-1001
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-05-18 00:53 - 2016-09-22 17:43 - 0133632 _____ () C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-13 22:04 - 2015-02-13 22:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Jan\AppData\Local\Temp\avgnt.exe
C:\Users\Jan\AppData\Local\Temp\libeay32.dll
C:\Users\Jan\AppData\Local\Temp\msvcr120.dll
C:\Users\Jan\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-09-16 15:53
==================== Ende von FRST.txt ============================
Addition:
Code:
Alles auswählen Aufklappen ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-09-2016
durchgeführt von Jan (22-09-2016 21:36:40)
Gestartet von C:\Users\Jan\Desktop
Windows 8.1 (Update) (X64) (2015-05-13 14:08:18)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1348181896-3747889425-2865563460-500 - Administrator - Disabled)
Gast (S-1-5-21-1348181896-3747889425-2865563460-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1348181896-3747889425-2865563460-1003 - Limited - Enabled)
Jan (S-1-5-21-1348181896-3747889425-2865563460-1001 - Administrator - Enabled) => C:\Users\Jan
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3009 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3012 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3018 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2011.1 - Acer Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Anno 2070 (HKLM-x32\...\Uplay Install 22) (Version: - Ubisoft)
Antichamber (HKLM\...\Steam App 219890) (Version: - Alexander Bruce)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{af1966e2-5e60-4d93-8a48-c21462a87e3c}) (Version: 1.2.71.9779 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.71.9779 - Avira Operations GmbH & Co. KG) Hidden
Avira Software Updater (HKLM-x32\...\{F2396C9D-4724-4BB9-87A0-A137C4C69524}) (Version: 1.2.3.14696 - Avira Operations GmbH & Co. KG)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version: - Rocksteady Studios)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-1348181896-3747889425-2865563460-1001\...\Dropbox) (Version: 10.4.26 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
eComic (HKLM-x32\...\{6641AAF6-1979-48AF-A372-376AEBA3AD45}) (Version: 1.0.01 - Stephen Wrighton)
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.44.20513.9 - Electronic Arts)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
FrostWire 6.3.5 (HKLM-x32\...\FrostWire 6) (Version: 6.3.5.198 - FrostWire LLC)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
Hitman: Absolution (HKLM\...\Steam App 203140) (Version: - IO Interactive)
Intel(R) Chipset Device Software (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mad Max (HKLM-x32\...\Steam App 234140) (Version: - Avalanche Studios)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Duels (HKLM-x32\...\Steam App 316010) (Version: - Stainless Games Ltd.)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4859.1002 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4859.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1348181896-3747889425-2865563460-1001\...\OneDriveSetup.exe) (Version: 17.3.6517.0809 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.1.0 - Electronic Arts)
My Game Long Name (HKLM\...\UDK-68304059-9bba-4944-a396-f9f24d4c8257) (Version: - Epic Games, Inc.)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
Next Car Game: Wreckfest (HKLM-x32\...\Steam App 228380) (Version: - Bugbear)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Portal (HKLM\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.619A - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Spintires (HKLM-x32\...\Steam App 263280) (Version: - Oovee® Game Studios)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
TrackMania² Canyon (HKLM-x32\...\Steam App 228760) (Version: - Nadeo)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 18.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VLC Updater (HKLM-x32\...\VLC Updater) (Version: 1.0 - VLC Updater)
Wargame: Red Dragon (HKLM\...\Steam App 251060) (Version: - Eugen Systems)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
WildTangent Games App (x32 Version: 4.0.11.14 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1348181896-3747889425-2865563460-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1348181896-3747889425-2865563460-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Jan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-1348181896-3747889425-2865563460-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Jan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1348181896-3747889425-2865563460-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1348181896-3747889425-2865563460-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1348181896-3747889425-2865563460-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1348181896-3747889425-2865563460-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1348181896-3747889425-2865563460-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1348181896-3747889425-2865563460-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1348181896-3747889425-2865563460-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1348181896-3747889425-2865563460-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1348181896-3747889425-2865563460-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1348181896-3747889425-2865563460-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1348181896-3747889425-2865563460-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1348181896-3747889425-2865563460-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.43.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1467CC47-8AE9-43D2-8183-A98F417A7FE4} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-30] (Acer Incorporated)
Task: {1A5376D3-22C5-4EE5-9C71-9E6AD0882FE3} - System32\Tasks\{FE30CD06-0F78-4170-85E6-681C6E0551C3} => pcalua.exe -a C:\Users\Jan\Downloads\SPEED2.EXE -d C:\Users\Jan\Downloads
Task: {27C145B4-5B90-4B39-A8A9-0F82E4FD155B} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Jan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-25] (Microsoft Corporation)
Task: {2B3EA2E9-6A26-438A-B75D-1A3819FE87D2} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-10-17] (Acer Incorporate)
Task: {2E99B8E6-11B8-4667-8632-592D97EE43AB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {301A15B2-88CD-454B-82A7-E1668BBF83A0} - System32\Tasks\{26B0A8CC-D9B5-49CC-A784-E5DF4BC601C6} => pcalua.exe -a E:\speed2.exe -d E:\
Task: {53B5CF5B-B108-40DB-BB17-AAE21A5B6E42} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {59E81A33-0B08-4953-B434-CC3167523831} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-07-26] (Microsoft Corporation)
Task: {75241318-3E05-4226-80A0-F4F49579EA0B} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-30] ()
Task: {75250A5A-C832-4DAE-9472-0CA2C8B6509E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1348181896-3747889425-2865563460-1001Core => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {842221E5-5E38-4B85-BF61-B372A1C05566} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {886F8128-3C66-4F35-93F8-9930864B8EF2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-01-23] (Microsoft Corporation)
Task: {937EFEAC-B5C7-4BE1-BDE8-E0D7AFD6AAAE} - System32\Tasks\{069CA7A7-F99E-4B2D-8363-76B04B443B4F} => pcalua.exe -a E:\speed2.exe -d E:\
Task: {9FDBB253-E24D-4918-8DB8-68C9CDD1CFE6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-26] (Microsoft Corporation)
Task: {A24AE696-4EA5-41CC-8999-3C58D6C1A144} - System32\Tasks\{87C9380D-33FD-42AC-B02D-D27266EC2BBF} => pcalua.exe -a C:\Users\Jan\AppData\Local\Microsoft\Windows\INetCache\IE\C9CJD1A8\forge-1.8-11.14.3.1450-installer-win.exe -d C:\Users\Jan\Desktop
Task: {B4AEC2B7-0DE7-43ED-AC6E-5CB885FC72AA} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-12-31] (Acer Incorporate)
Task: {B7B002E9-D0FB-42A7-9EB5-1242EB1AE4A8} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-10-17] (Acer Incorporate)
Task: {B8CFA188-BF96-4223-9469-ADDABDFEAF9F} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2016-08-15] ()
Task: {BB1D1523-BF2D-4D78-8774-3E0656236572} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1348181896-3747889425-2865563460-1001UA => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {BCE03461-BC8D-47CC-9581-159EB496BA8C} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {BDBF742A-7037-42BC-8409-3189C69D18EE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-26] (Microsoft Corporation)
Task: {D81E5102-FCEF-40D2-8A8A-D893EBCE3D47} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-01-23] (Microsoft Corporation)
Task: {DCF9C6A1-1CDD-469C-A1E7-8F923CEC7778} - System32\Tasks\{9911C1F8-91F0-48F4-BA66-019E50360B34} => pcalua.exe -a C:\Users\Jan\Desktop\speed2.exe -d C:\Users\Jan\Desktop
Task: {E78B0408-4862-4948-9FB0-8A231C689EF1} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-08] (Dolby Laboratories Inc.)
Task: {E9AA8847-7DA9-4620-B8AD-B3D85DF7D844} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1348181896-3747889425-2865563460-1001Core1d0c218da01ac4c => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {EB06A2B2-C18B-4C29-8F74-5F91B39D3955} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {F0CD9C6E-78DD-4C92-BF6A-16A4AB5D2036} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-09-09] (Acer)
Task: {F66CFF70-B12C-4F6A-B08C-D4DB58A88E6F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-09-14] (Microsoft Corporation)
Task: {FD1AA22A-E626-45C5-9072-E0A52A00A5FE} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1348181896-3747889425-2865563460-1001 => C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-08-25] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1348181896-3747889425-2865563460-1001Core1d0c218da01ac4c.job => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1348181896-3747889425-2865563460-1001UA.job => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 6\FrostWire 6.3.5-SafeMode.lnk -> C:\Program Files (x86)\FrostWire 6\frostwire.bat ()
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-18 12:43 - 2015-10-03 04:49 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-15 17:56 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-01-06 12:35 - 2014-08-23 04:21 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-07-03 18:24 - 2015-07-03 18:24 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-04-08 02:13 - 2014-04-08 02:13 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2016-08-26 20:25 - 2016-08-26 20:25 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-02-13 22:04 - 2013-10-01 11:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2015-10-18 12:43 - 2016-01-12 06:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-13 16:30 - 2016-08-09 01:27 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-05-13 16:30 - 2015-07-02 00:06 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-05-13 16:30 - 2016-08-23 21:33 - 02321184 _____ () C:\Program Files (x86)\Steam\video.dll
2015-05-13 16:30 - 2015-07-02 00:06 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-05-13 16:30 - 2015-07-02 00:06 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-05-13 16:30 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-05-13 16:30 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-05-13 16:30 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-05-13 16:30 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-05-13 16:30 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-05-13 16:30 - 2016-08-23 21:33 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-17 18:36 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-12-12 01:47 - 2016-08-24 06:43 - 00035792 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-09-20 11:00 - 2016-08-24 06:43 - 00145864 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-09-20 11:00 - 2016-08-24 06:43 - 00019408 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-09-20 11:00 - 2016-08-24 06:43 - 00116688 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-12 01:47 - 2016-08-24 06:43 - 00100296 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-12 01:47 - 2016-08-24 06:43 - 00018888 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-12 01:47 - 2016-09-20 03:15 - 00019760 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-12 01:47 - 2016-08-24 06:43 - 00694224 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 00020816 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 01:47 - 2016-08-24 06:43 - 00123856 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 01682760 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 00020808 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-12 01:47 - 2016-08-24 06:45 - 00105928 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-05 20:54 - 2016-09-20 03:15 - 00021312 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 00052024 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 00038696 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-09-20 11:00 - 2016-08-24 06:43 - 00392144 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-09-20 11:00 - 2016-08-24 06:45 - 00020936 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-12 01:47 - 2016-08-24 06:45 - 00024528 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-12 01:47 - 2016-08-24 06:45 - 00116176 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-12 01:47 - 2016-09-20 03:15 - 00381752 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-12 01:47 - 2016-08-24 06:45 - 00124880 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-05 20:54 - 2016-09-20 03:15 - 00025424 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-12 01:47 - 2016-08-24 06:45 - 00024016 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-12 01:47 - 2016-08-24 06:45 - 00175560 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-12 01:47 - 2016-08-24 06:45 - 00030160 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-12 01:47 - 2016-08-24 06:45 - 00043472 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-12 01:47 - 2016-08-24 06:45 - 00048592 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-12 01:47 - 2016-08-24 06:45 - 00057808 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-12 01:47 - 2016-08-24 06:45 - 00024016 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 00246592 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 00026456 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-12 01:47 - 2016-08-24 06:45 - 00028616 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-12 01:47 - 2016-08-24 06:43 - 00144848 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-08-05 20:54 - 2016-08-24 06:44 - 00241104 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2015-12-12 01:47 - 2016-09-20 03:15 - 00023376 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-20 01:53 - 2016-09-20 03:15 - 00020800 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-20 01:53 - 2016-09-20 03:15 - 00019776 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-20 01:53 - 2016-09-20 03:15 - 00020800 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 00020280 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-12 01:47 - 2016-08-24 06:45 - 00350152 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-20 01:53 - 2016-09-20 03:15 - 00022352 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 00024392 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-09-20 11:00 - 2016-08-24 06:41 - 00036296 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\librsync.dll
2016-09-20 11:00 - 2016-09-20 03:15 - 00084280 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-09-20 11:00 - 2016-09-20 03:15 - 01826096 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-12 01:47 - 2016-08-24 06:43 - 00083912 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\sip.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 00531248 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 03928880 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 01972528 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 00133424 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 00224056 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 00207672 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-08-05 20:54 - 2016-09-20 03:15 - 00020288 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2015-12-12 01:47 - 2016-08-24 06:45 - 00060880 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-05 20:54 - 2016-09-20 03:15 - 00024904 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 00546096 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 00357680 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 00042808 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-09-20 11:00 - 2016-09-20 03:15 - 00168760 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2015-05-13 16:30 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2016-09-21 14:27 - 00001188 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1348181896-3747889425-2865563460-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\Pictures\dsotm.jpg
DNS Servers: 62.2.24.162 - 62.2.17.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{67C89A56-E2BD-4A77-82D9-52C2D80B9AC8}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{4018067A-3471-47D6-82D7-24DCEF5A7FB8}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{26095D08-08FE-4B37-B89D-49F1554BA5A3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{65E4818C-116B-4A6B-A065-5FBB2C52DE41}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{69B1A9C3-6FE4-4E05-B569-AD10D90FA4CB}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B2FC22CD-E247-482C-9CE0-533A57C73AD1}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{82AC963B-4EC6-4E98-ADDD-52D7BEFC355F}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{E914BA3E-8D51-4764-A384-4583BA6CD957}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{53C213C3-59E8-489E-B616-1D8777139C18}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{EE963038-1544-4956-A5B4-5EE7DB8222A2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{FA354C47-1BF6-429D-84CB-76C83665CBB3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{2448DAA7-3EFA-4F4B-BBAB-4D993F27099F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{DFC10D5C-11D3-46BC-B4E6-A023032D0F33}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AAFBC2F1-75FE-4D7C-9489-6437037C7331}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B909A487-B8D6-4B0A-A3BA-22562EF08B1F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4CBC980D-9E0C-4BE8-ADDC-88738D9B54C0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{33EFD04C-195A-4064-AC0B-9DAA4EFD23AC}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe
FirewallRules: [{9A0D7321-B92C-4C79-962A-A1FA2BCB72F2}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe
FirewallRules: [{30D3F668-6AB2-48A1-840F-9E386C399CBD}] => (Allow) C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{70F52D32-C5DE-46BC-B838-13C4010D39E4}] => (Allow) C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7CAF468B-0A79-4AE3-AB75-BA23E66FE208}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{1CD5A42B-4F50-48DD-87F2-1491CE8F4E89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{F1C524A4-354C-4376-A225-58D2424FB564}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4B88D564-A9CD-4724-83CB-E9FA8B3CE8C6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3D97F27F-904F-4601-8BBC-2BE298875159}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8932D021-2F6C-4FB3-811B-07322D239226}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{042AB92B-9AE3-47DC-BE7B-86C06FB854BE}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{92E2EA2D-A4F0-4DB0-8009-BB69D5ABE87F}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{3DDFED33-49C4-4A09-9EDC-48C11C3AEA89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe
FirewallRules: [{E87F3826-0AA7-4C79-ABD7-3749AA757B07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ManiaPlanet_TMCanyon\ManiaPlanetLauncher.exe
FirewallRules: [{6B71E72B-7658-4896-A221-704B29334547}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [{315046D5-0903-4B3E-A82B-218EE339DC07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ManiaPlanet_TMCanyon\ManiaPlanet.exe
FirewallRules: [TCP Query User{806FB872-FD35-4D0B-993B-6CE8A004228D}C:\program files (x86)\frostwire 6\frostwire.exe] => (Block) C:\program files (x86)\frostwire 6\frostwire.exe
FirewallRules: [UDP Query User{B3327C7C-23A4-4621-AACF-07905AD81D9A}C:\program files (x86)\frostwire 6\frostwire.exe] => (Block) C:\program files (x86)\frostwire 6\frostwire.exe
FirewallRules: [{5D5B49EE-7EEE-4CD7-8D4A-87696050203F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{82A9DC93-4FDB-4DA4-B9F7-AD202F972D06}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{22EDF422-2E86-41DA-A539-873AA222F9B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{6B2ED16E-BC05-4BD6-B890-4D2B319A19CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{8881DE33-74E9-46F4-A9EC-C0E08393A1E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{104F14E0-62DC-46CC-8F4E-D684C985C95C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [TCP Query User{571D4D38-E03F-4D60-83C9-D148EC3FEA7C}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{DB6CE30D-FC4D-4C43-9373-CDFBC4FDFD46}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{7AFD95AD-4EA1-46AA-BA0C-9FA3F3264BA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C9CD3A5D-0DA9-47C7-9F7B-C615869CC884}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7C2CD7A0-A848-46D1-9BCF-E6B299BEFECA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E3E1924A-82CD-4BA4-B0E8-50067F94CF0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C0E6EDF8-755F-469F-810A-7A8B82FC2813}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C3321C8E-1AB0-4AA4-A908-CC37F2B3A58A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 2070\Anno5.exe
FirewallRules: [{D7888309-1392-48C4-9BD6-426FF05A2632}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 2070\Anno5.exe
FirewallRules: [{2721D5C1-9EB8-4F64-BA3A-543E6872D868}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{F37DB94F-27DA-4C98-B0A4-B4727756957B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{EE64D483-4782-4572-95FE-5E273DFD46E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bugbear Entertainment\Wreckfest_x64.exe
FirewallRules: [{43C3EB98-4093-4955-BCE7-D48F3D9E5EC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bugbear Entertainment\Wreckfest_x64.exe
FirewallRules: [{2B141085-2CFA-42D8-8FBB-D1A8D7C60338}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bugbear Entertainment\Wreckfest.exe
FirewallRules: [{E3CF012C-9D43-41B1-BB5A-AB005FDA925D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bugbear Entertainment\Wreckfest.exe
FirewallRules: [{10384133-54E1-4302-AE65-AA4F59881820}] => (Allow) D:\SteamLibrary\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{B774447C-B638-4F22-9118-5F84AEA18FB9}] => (Allow) D:\SteamLibrary\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{08833812-E4E6-4CE1-A8E6-3CCEC1B1C881}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{66CA3827-DA4E-4080-9722-CB9FFFA58367}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{3ECD4BC8-FCB1-4479-9190-6B97000B451D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{93957C2F-D69A-4EC5-BE2E-9D19E8C681F8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{F10EBE82-D383-4275-A3F4-ADB928F4DA3F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 2070\Anno5.exe
FirewallRules: [{A45C887F-4431-4CEF-B001-C3F8003E4B92}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 2070\Anno5.exe
FirewallRules: [TCP Query User{52A6B481-8E24-444A-BBA9-BFB245843E5C}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{2114AEED-F8BB-4C83-8974-436B72D7EC2A}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{E17E59B1-34E2-4475-9E2D-9B3DAAB5C460}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{FA2D419B-E2A3-4FAB-B71C-7263A53E4D5B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{E376F8EB-1DD2-4432-9F49-2FC74565B0D9}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{CCF55DF3-6DBD-4573-8009-7E0D4AD1868A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{03102B83-73DA-4A20-9912-1FCA7A3A53EE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{65BFBC13-9C77-4096-906E-D4D871EC16BF}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{8D97E6D2-011E-4633-9F34-413531F2B74D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{ED4B6773-C91B-41A0-AA5E-9F6935006564}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{FE8D3586-6F99-4851-A1C3-E47F84A2F80C}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{99F57EBE-222E-4775-B223-0EFE313DD0B4}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{35ECD2E8-9996-4421-AC19-7D4DA38E382C}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{B150886B-6BED-4BA4-9952-304FEE2807B7}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{1FAD9A00-1E21-4B63-B946-D355A76D9994}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{8E3C06EB-4EBA-4E28-A941-213B82DD05DF}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{2D9A82B5-E8B3-4654-923A-01300EFFEA0B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{F2B43CFB-89D6-4405-94A5-7FD60D5AEE1E}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{BE845D74-6B3C-435F-9ABF-DED40C587939}] => (Allow) D:\SteamLibrary\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{27A79A36-DB09-40F7-A3D6-E87F1A24D7B6}] => (Allow) D:\SteamLibrary\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{5F6F36F0-CEB0-4015-975B-6C72DCE7D62D}] => (Allow) D:\SteamLibrary\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{120AAAEF-0159-4EFD-9F3E-0EBC3ADDC0E0}] => (Allow) D:\SteamLibrary\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{E582914C-075D-4E7B-9083-411983A9BC70}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{7F25B581-2F10-4B29-B3AA-BEB627FB2E5F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{53FD9947-ABB7-4BEF-BA3C-1C6C5A8E53F9}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{36F2A43E-18A9-4330-BDBD-8AC3C2DCDC98}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{843DBC49-393E-43F3-B867-D8B1F95915FA}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{D75066E9-B283-4F3E-B524-C8C4688B79F3}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{8A4AB527-F1E5-450E-BB9A-A977964B94F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{105D7A8B-4F47-493E-9E5B-1C24DD199ABA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [TCP Query User{F0251116-18BA-4F7C-9BBC-14802CAC3AFF}D:\steamlibrary\steamapps\common\antichamber\binaries\win32\udk.exe] => (Allow) D:\steamlibrary\steamapps\common\antichamber\binaries\win32\udk.exe
FirewallRules: [UDP Query User{0A6722F4-F6A3-4800-8F74-DDDAD0A780EB}D:\steamlibrary\steamapps\common\antichamber\binaries\win32\udk.exe] => (Allow) D:\steamlibrary\steamapps\common\antichamber\binaries\win32\udk.exe
FirewallRules: [TCP Query User{3518C4A2-896E-48BA-AF98-FFD8ED77D530}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{702B883B-E3A6-46EC-8A57-71C202A30053}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{E8A3B94E-7B2C-4757-B503-C9B41B5527B3}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{6A559710-3888-41B4-8994-036F42776708}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{75E0E881-940D-420B-8309-D8CA004B434B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{6E67EDF2-B4D1-4B9E-9A35-02C55982DEBA}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{98654851-2274-4061-80C2-F931642E0D77}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{B072F5D1-129E-4255-91D6-FAAAF0F55279}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{D70F8716-32EC-499D-9C78-D6D0EED34912}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{B7749AAC-DD94-4FF5-8438-03A75C99B460}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{D3E17D24-CDFA-42AC-9D94-D4EC9F2EAE02}] => (Allow) LPort=9570
FirewallRules: [{6D6FE15F-6356-42A6-85AC-0139F7EA869A}] => (Allow) LPort=42124
FirewallRules: [{6DC70790-ABA1-4F83-8B64-1D2B049DC5F1}] => (Allow) D:\SteamLibrary\steamapps\common\Portal\hl2.exe
FirewallRules: [{9C9FE4F4-AC9B-415D-8507-C51EE0CD3085}] => (Allow) D:\SteamLibrary\steamapps\common\Portal\hl2.exe
FirewallRules: [{2DBC6A54-C12F-45D3-BDFA-1A6173680E08}] => (Allow) D:\SteamLibrary\steamapps\common\Wargame Red Dragon\WarGame3.exe
FirewallRules: [{70A8B8B4-52A1-4AFC-950E-4B2BAEDB5A65}] => (Allow) D:\SteamLibrary\steamapps\common\Wargame Red Dragon\WarGame3.exe
FirewallRules: [{F789F617-0E38-4BB7-A8A6-8D318F5ABA7C}] => (Allow) C:\Program Files (x86)\Origin Games\Mirrors Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{1F35BE58-7BE4-494F-97D8-FBA17F8D16E9}] => (Allow) C:\Program Files (x86)\Origin Games\Mirrors Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{A09A2E6F-1F32-4F10-B2F4-830953FA9AED}] => (Allow) C:\Users\Jan\AppData\Local\BrowserAir\Application\BrowserairExec.exe
==================== Wiederherstellungspunkte =========================
21-09-2016 22:49:01 Removed Online.io Application
22-09-2016 00:54:55 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/22/2016 09:36:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.ServiceHost.exe, Version: 1.2.71.9779, Zeitstempel: 0x57bda90c
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x5736541b
Ausnahmecode: 0xe0434352
Fehleroffset: 0x00014878
ID des fehlerhaften Prozesses: 0x1558
Startzeit der fehlerhaften Anwendung: 0x01d2150890cf47f2
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\KERNELBASE.dll
Berichtskennung: cef0a6b5-80fb-11e6-82c5-acd1b84e3cc8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/22/2016 09:36:08 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValueCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.ComponentModel.Composition.Primitives.ImportCardinality)
bei Avira.OE.ServiceHost.ServiceHost.Initialize()
bei Avira.OE.ServiceHost.Program+<>c__DisplayClass1.<OnServiceStart>b__0(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (09/22/2016 09:35:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.ServiceHost.exe, Version: 1.2.71.9779, Zeitstempel: 0x57bda90c
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x5736541b
Ausnahmecode: 0xe0434352
Fehleroffset: 0x00014878
ID des fehlerhaften Prozesses: 0x1a10
Startzeit der fehlerhaften Anwendung: 0x01d215088653aa47
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\KERNELBASE.dll
Berichtskennung: c47c2f0b-80fb-11e6-82c5-acd1b84e3cc8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/22/2016 09:35:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValueCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.ComponentModel.Composition.Primitives.ImportCardinality)
bei Avira.OE.ServiceHost.ServiceHost.Initialize()
bei Avira.OE.ServiceHost.Program+<>c__DisplayClass1.<OnServiceStart>b__0(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (09/22/2016 09:35:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.ServiceHost.exe, Version: 1.2.71.9779, Zeitstempel: 0x57bda90c
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x5736541b
Ausnahmecode: 0xe0434352
Fehleroffset: 0x00014878
ID des fehlerhaften Prozesses: 0x7dc
Startzeit der fehlerhaften Anwendung: 0x01d215086924af13
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\KERNELBASE.dll
Berichtskennung: ad9635e7-80fb-11e6-82c5-acd1b84e3cc8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/22/2016 09:35:11 PM) (Source: Avira Antivirus) (EventID: 4122) (User: NT-AUTORITÄT)
Description: Die Datei LogOpen konnte nicht geladen werden.
Fehlercode: 0x5
Error: (09/22/2016 09:35:10 PM) (Source: Avira Antivirus) (EventID: 4122) (User: NT-AUTORITÄT)
Description: Die Datei LogOpen konnte nicht geladen werden.
Fehlercode: 0x5
Error: (09/22/2016 09:35:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValueCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.ComponentModel.Composition.Primitives.ImportCardinality)
bei Avira.OE.ServiceHost.ServiceHost.Initialize()
bei Avira.OE.ServiceHost.Program+<>c__DisplayClass1.<OnServiceStart>b__0(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (09/22/2016 08:50:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Jan\AppData\Local\chromium\Application\chrome.exe".
Die abhängige Assemblierung "51.0.2683.0,language="*",type="win32",version="51.0.2683.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/22/2016 08:50:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.ServiceHost.exe, Version: 1.2.71.9779, Zeitstempel: 0x57bda90c
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x5736541b
Ausnahmecode: 0xe0434352
Fehleroffset: 0x00014878
ID des fehlerhaften Prozesses: 0x124c
Startzeit der fehlerhaften Anwendung: 0x01d215022dc3e062
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\KERNELBASE.dll
Berichtskennung: 6bfab35c-80f5-11e6-82c4-acd1b84e3cc8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (09/22/2016 09:36:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (09/22/2016 09:35:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/22/2016 09:35:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/22/2016 09:35:01 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Avira Planer" wurde mit dem folgenden dienstspezifischen Fehler beendet:
Kurznamen sind auf diesem Volume nicht aktiviert.
Error: (09/22/2016 09:33:31 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (09/22/2016 09:33:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/22/2016 09:33:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/22/2016 09:33:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Quick Access RadioMgr Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/22/2016 09:33:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ePower Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/22/2016 09:33:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Quick Access Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2016-09-20 11:36:59.401
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-20 11:36:58.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-12 16:58:50.151
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-12 16:58:49.804
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-12 16:58:49.474
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-12 16:58:49.117
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-28 23:39:39.784
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-28 23:39:39.450
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-28 23:36:55.178
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-08-28 23:36:54.845
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4720HQ CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 16307.27 MB
Verfügbarer physikalischer RAM: 13562.91 MB
Summe virtueller Speicher: 33715.27 MB
Verfügbarer virtueller Speicher: 30905.71 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:237.67 GB) (Free:27.56 GB) NTFS
Drive d: (DATA) (Fixed) (Total:914.19 GB) (Free:499.47 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: A868B433)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: A868B4C0)
Partition: GPT.
==================== Ende von Addition.txt ============================
Hinweis:
bekommst.
und drücke auf Untersuchen. 
+ R Taste und schreibe notepad in das 
auf Deinen Desktop:
und 
und speichere die Logdatei auf Deinem Desktop.
