| |
| |||||||
Log-Analyse und Auswertung: Phishing-Email: ZIP-Anhang heruntergeladen aber nicht geöfnetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
06.01.2017, 09:42
| #1 |
| |  Phishing-Email: ZIP-Anhang heruntergeladen aber nicht geöfnet Guten Morgen, ich habe leider gestern den ZIP-Anhang einer Phishing-Email heruntergeladen, aber nicht geöffnet. Mein Antivirussystem findet nichts, Auffälligkeiten habe ich noch nicht bemerkt. Ich habe die Analyse durchgeführt und ihr findet sie angehängt. Ich danke euch vielmals, dass es dieses Forum gibt. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
durchgeführt von Katharina (Administrator) auf KALE (06-01-2017 09:33:21)
Gestartet von C:\Users\Katharina\Downloads
Geladene Profile: Katharina (Verfügbare Profile: Katharina & SilvesterParty)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Egis Technology Inc.) C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
() C:\Program Files (x86)\Acer Proshield\bin\tcsd_x86.exe
(Wave Systems Corp.) C:\Program Files\Acer ProShield\Common\WvPCR.exe
(Egis Technology Inc. ) C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Wave Systems Corp.) C:\Program Files\Acer ProShield\Authentication Manager\WaveAMService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Corporation) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Egis Technology Inc. ) C:\Program Files\Acer ProShield\x86\EgisService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Egis Technology Inc. ) C:\Program Files\Acer ProShield\EgisTSR.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(STMicroelectronics) C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_Token.exe
(Google Inc.) C:\Users\Katharina\AppData\Local\Google\Update\GoogleUpdate.exe
(Dropbox, Inc.) C:\Users\Katharina\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\VUL\McVulCtr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\mcafee\VUL\McVulAlert.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13637848 2013-08-02] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [415128 2015-10-01] ()
HKLM\...\Run: [Acer MotionProtect Tray Application] => C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_Token.exe [211608 2012-05-29] (STMicroelectronics)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-04] (Synaptics Incorporated)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1123568 2016-09-19] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2115910866-1330733126-2312970329-1001\...\Run: [Google Update] => C:\Users\Katharina\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-17] (Google Inc.)
HKU\S-1-5-21-2115910866-1330733126-2312970329-1001\...\Run: [Dropbox Update] => C:\Users\Katharina\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-2115910866-1330733126-2312970329-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27230168 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-2115910866-1330733126-2312970329-1001\...\RunOnce: [Uninstall C:\Users\Katharina\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Katharina\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-2115910866-1330733126-2312970329-1001\...\RunOnce: [Uninstall C:\Users\Katharina\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Katharina\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
Lsa: [Authentication Packages] msv1_0 wvauth
Lsa: [Notification Packages] scecli C:\Program Files\Acer ProShield\EgisPwdFilter.dll
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
Startup: C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-12-22]
ShortcutTarget: Dropbox.lnk -> C:\Users\Katharina\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{e0a04db2-dd44-4e5e-a605-a8ba81cd9845}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-2115910866-1330733126-2312970329-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKU\S-1-5-21-2115910866-1330733126-2312970329-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001 -> DefaultScope {C0F1F874-012D-4FED-BBAC-3552069E9E97} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C015DE0D20141102&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001 -> {59578603-E890-4427-802B-AB1A4F10828D} URL =
SearchScopes: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001 -> {C0F1F874-012D-4FED-BBAC-3552069E9E97} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C015DE0D20141102&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-10] (Microsoft Corporation)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-12-12] (McAfee, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-10] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-09] (Microsoft Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-20] (Oracle Corporation)
BHO-x32: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files\Acer ProShield\x86\EgisPBIE.dll [2013-07-08] (Egis Technology Inc.)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-12-12] (McAfee, Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-09] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-20] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-12-12] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-12-12] (McAfee, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-09] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-12-12] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-12-12] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2016-09-19] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-09-19] (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\4aa4loo5.default [2017-01-06]
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\4aa4loo5.default -> Google
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\4aa4loo5.default -> Sichere Suche
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\4aa4loo5.default -> Sichere Suche
FF Homepage: Mozilla\Firefox\Profiles\4aa4loo5.default -> hxxp://web.de/
FF Session Restore: Mozilla\Firefox\Profiles\4aa4loo5.default -> ist aktiviert.
FF Keyword.URL: Mozilla\Firefox\Profiles\4aa4loo5.default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=B114DE662D20141102&p=
FF Extension: (German Dictionary) - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\4aa4loo5.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-12-03]
FF Extension: (Spanish (Spain) Dictionary) - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\4aa4loo5.default\Extensions\es-es@dictionaries.addons.mozilla.org [2016-04-07]
FF Extension: (Firefox Hotfix) - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\4aa4loo5.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\4aa4loo5.default\Extensions\firefox@zenmate.com.xpi [2016-09-30]
FF Extension: (Video DownloadHelper) - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\4aa4loo5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-30]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF SearchPlugin: C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\4aa4loo5.default\searchplugins\McSiteAdvisor.xml [2016-04-06]
FF SearchPlugin: C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\4aa4loo5.default\searchplugins\safesearch.xml [2014-12-12]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files\Acer ProShield\FFExt
FF Extension: ( Online Accounts Extension ) - C:\Program Files\Acer ProShield\FFExt [2014-05-07] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files\Acer ProShield\FFExt20
FF Extension: ( Online Accounts Extension ) - C:\Program Files\Acer ProShield\FFExt20 [2014-05-07] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-10-17] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-03-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-14] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-09-19] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-07-26] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-07-26] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-20] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-09-19] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-10] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2115910866-1330733126-2312970329-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Katharina\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2115910866-1330733126-2312970329-1001: @talk.google.com/O1DPlugin -> C:\Users\Katharina\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2115910866-1330733126-2312970329-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Katharina\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2115910866-1330733126-2312970329-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Katharina\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Katharina\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Katharina\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ladimmjldcgbeamniagencjbodhnmgen] - C:\Program Files\Acer ProShield\ChromeEx\EgisPBChromeExt.crx [2013-07-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [283296 2013-06-28] (Intel Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2946304 2016-12-09] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-05-01] (Acer Incorporated)
R3 EgisTec Service; C:\Program Files\Acer ProShield\x86\EgisService.exe [197608 2013-07-08] (Egis Technology Inc. )
R3 EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [222184 2013-07-08] (Egis Technology Inc. )
R3 eLockServ; C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe [24552 2013-07-05] (Egis Technology Inc.)
S2 EmbassyService; C:\Program Files\Acer Proshield\EMBASSY Client Core\EmbassyServer.exe [226232 2012-10-02] ()
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107792 2013-07-03] (Condusiv Technologies)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-06-29] (McAfee, Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370064 2015-10-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-07-01] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-07-26] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-02] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2016-12-12] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [998992 2016-09-19] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-06-29] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-06-29] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [596768 2016-06-29] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [596768 2016-06-29] (McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [242704 2016-09-08] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [384016 2016-09-08] (McAfee, Inc.)
R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [331280 2016-09-08] (McAfee, Inc.)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [232288 2012-03-12] ()
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-06-29] (McAfee, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
S3 SecureStorageService; C:\Program Files\Acer Proshield\Secure Storage Manager\SecureStorageService.exe [2213296 2012-09-13] (Wave Systems Corp.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-04] (Synaptics Incorporated)
R2 tcsd_x86; C:\Program Files (x86)\Acer Proshield\bin\tcsd_x86.exe [482304 2013-03-18] () [Datei ist nicht signiert]
R2 Wave Authentication Manager Service; C:\Program Files\Acer Proshield\Authentication Manager\WaveAMService.exe [1758720 2012-09-26] (Wave Systems Corp.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation)
R2 WvPCR; C:\Program Files\Acer Proshield\Common\WvPCR.exe [253872 2012-09-26] (Wave Systems Corp.)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88120 2016-09-09] (McAfee, Inc.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S1 eLock2BurnerLockDriver; C:\WINDOWS\system32\DRIVERS\eLock2BurnerLockDriver.sys [20072 2014-05-07] (Egis Technology Inc.)
R2 eLock2FSCTLDriver; C:\WINDOWS\System32\DRIVERS\eLock2FSCTLDriver.sys [26264 2014-05-07] (Egis Technology Inc.)
R1 excfs; C:\WINDOWS\System32\DRIVERS\excfs.sys [25872 2013-07-03] (Condusiv Technologies)
R0 excsd; C:\WINDOWS\System32\DRIVERS\excsd.sys [112912 2013-07-03] (Condusiv Technologies)
R0 FPWinIo; C:\WINDOWS\System32\drivers\FPWinIo.sys [84824 2012-08-07] (Egis Technology Inc.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [263952 2015-07-15] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21408 2013-07-22] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21920 2013-07-22] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-07-22] ()
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [477752 2016-09-09] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [364088 2016-09-09] (McAfee, Inc.)
U3 mfeavfk01; kein ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85656 2016-09-09] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [512056 2016-09-09] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [884792 2016-09-09] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110136 2016-09-09] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252984 2016-09-09] (McAfee, Inc.)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2015-10-30] (Intel Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [290520 2013-07-25] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-04] (Synaptics Incorporated)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [91360 2013-04-11] (STMicroelectronics)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 wmbclass; C:\WINDOWS\System32\drivers\wmbclass.sys [303104 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-06 09:33 - 2017-01-06 09:33 - 02418176 _____ (Farbar) C:\Users\Katharina\Downloads\FRST64.exe
2017-01-06 09:33 - 2017-01-06 09:33 - 00029075 _____ C:\Users\Katharina\Downloads\FRST.txt
2017-01-06 09:18 - 2017-01-06 09:33 - 00000000 ____D C:\FRST
2017-01-06 08:48 - 2017-01-06 08:48 - 00000000 ___SH C:\DkHyperbootSync
2017-01-06 08:44 - 2017-01-06 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-01-05 18:20 - 2017-01-06 09:12 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-01-05 18:20 - 2017-01-05 18:20 - 00004208 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-01-05 17:58 - 2017-01-05 17:59 - 00000000 ____D C:\Users\SilvesterParty\AppData\Local\Wave Systems Corp
2017-01-05 17:58 - 2017-01-05 17:58 - 00000000 ____D C:\Users\SilvesterParty\AppData\Roaming\Wave Systems Corp
2017-01-05 17:58 - 2017-01-05 17:58 - 00000000 ____D C:\Users\SilvesterParty\AppData\Local\EgisTec
2016-12-31 22:20 - 2016-12-31 22:20 - 00000000 ____D C:\Users\SilvesterParty\AppData\Local\NetworkTiles
2016-12-31 19:21 - 2016-12-31 19:21 - 00000000 ____D C:\Users\SilvesterParty\AppData\Roaming\Macromedia
2016-12-31 15:42 - 2016-12-31 15:42 - 00000000 ____D C:\Users\SilvesterParty\AppData\Local\Comms
2016-12-31 15:27 - 2016-12-31 15:27 - 00003286 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-31 15:26 - 2016-12-31 15:27 - 00002452 _____ C:\Users\SilvesterParty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-31 15:26 - 2016-12-31 15:27 - 00000000 ___RD C:\Users\SilvesterParty\OneDrive
2016-12-31 15:26 - 2016-12-31 15:26 - 00000000 ____D C:\Users\SilvesterParty\AppData\Roaming\Skype
2016-12-31 15:24 - 2016-12-31 15:24 - 00000000 ____D C:\Users\SilvesterParty\AppData\Local\MicrosoftEdge
2016-12-31 15:24 - 2016-12-31 15:24 - 00000000 ____D C:\Users\SilvesterParty\AppData\Local\ActiveSync
2016-12-31 15:23 - 2016-12-31 15:43 - 00000000 ____D C:\Users\SilvesterParty\AppData\Local\Packages
2016-12-31 15:23 - 2016-12-31 15:24 - 00000000 ___RD C:\Users\SilvesterParty\Searches
2016-12-31 15:23 - 2016-12-31 15:23 - 00000402 ___SH C:\Users\SilvesterParty\Documents\desktop.ini
2016-12-31 15:23 - 2016-12-31 15:23 - 00000282 ___SH C:\Users\SilvesterParty\Downloads\desktop.ini
2016-12-31 15:23 - 2016-12-31 15:23 - 00000282 ___SH C:\Users\SilvesterParty\Desktop\desktop.ini
2016-12-31 15:23 - 2016-12-31 15:23 - 00000174 ___SH C:\Users\SilvesterParty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-31 15:23 - 2016-12-31 15:23 - 00000174 ___SH C:\Users\SilvesterParty\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-31 15:23 - 2016-12-31 15:23 - 00000000 ___SD C:\Users\SilvesterParty\AppData\LocalLow\Microsoft
2016-12-31 15:23 - 2016-12-31 15:23 - 00000000 ___RD C:\Users\SilvesterParty\Contacts
2016-12-31 15:23 - 2016-12-31 15:23 - 00000000 ___RD C:\Users\SilvesterParty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-31 15:23 - 2016-12-31 15:23 - 00000000 ___RD C:\Users\SilvesterParty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-31 15:23 - 2016-12-31 15:23 - 00000000 ____D C:\Users\SilvesterParty\AppData\Roaming\Adobe
2016-12-31 15:23 - 2016-12-31 15:23 - 00000000 ____D C:\Users\SilvesterParty\AppData\Local\VirtualStore
2016-12-31 15:23 - 2016-12-31 15:23 - 00000000 ____D C:\Users\SilvesterParty\AppData\Local\TileDataLayer
2016-12-31 15:23 - 2016-12-31 15:23 - 00000000 ____D C:\Users\SilvesterParty\AppData\Local\Publishers
2016-12-31 15:22 - 2017-01-05 18:20 - 01048576 ___SH C:\Users\SilvesterParty\NTUSER.DAT
2016-12-31 15:22 - 2017-01-05 18:18 - 00000000 ____D C:\Users\SilvesterParty\AppData\Local\Temp
2016-12-31 15:22 - 2017-01-05 18:03 - 00000000 __SHD C:\Users\SilvesterParty\IntelGraphicsProfiles
2016-12-31 15:22 - 2017-01-05 18:02 - 00000000 ____D C:\Users\SilvesterParty\AppData\Local
2016-12-31 15:22 - 2017-01-05 18:02 - 00000000 ____D C:\Users\SilvesterParty
2016-12-31 15:22 - 2017-01-05 18:00 - 00000000 ____D C:\Users\SilvesterParty\AppData\Local\Microsoft
2016-12-31 15:22 - 2017-01-05 17:58 - 00000000 ____D C:\Users\SilvesterParty\AppData\Roaming
2016-12-31 15:22 - 2016-12-31 15:27 - 00000000 ___RD C:\Users\SilvesterParty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-31 15:22 - 2016-12-31 15:26 - 00000000 ___RD C:\Users\SilvesterParty\Pictures
2016-12-31 15:22 - 2016-12-31 15:25 - 00000000 ___SD C:\Users\SilvesterParty\AppData\Roaming\Microsoft
2016-12-31 15:22 - 2016-12-31 15:23 - 00000000 ___RD C:\Users\SilvesterParty\Videos
2016-12-31 15:22 - 2016-12-31 15:23 - 00000000 ___RD C:\Users\SilvesterParty\Saved Games
2016-12-31 15:22 - 2016-12-31 15:23 - 00000000 ___RD C:\Users\SilvesterParty\Music
2016-12-31 15:22 - 2016-12-31 15:23 - 00000000 ___RD C:\Users\SilvesterParty\Links
2016-12-31 15:22 - 2016-12-31 15:23 - 00000000 ___RD C:\Users\SilvesterParty\Favorites
2016-12-31 15:22 - 2016-12-31 15:23 - 00000000 ___RD C:\Users\SilvesterParty\Downloads
2016-12-31 15:22 - 2016-12-31 15:23 - 00000000 ___RD C:\Users\SilvesterParty\Documents
2016-12-31 15:22 - 2016-12-31 15:23 - 00000000 ___RD C:\Users\SilvesterParty\Desktop
2016-12-31 15:22 - 2016-12-31 15:23 - 00000000 ___RD C:\Users\SilvesterParty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-31 15:22 - 2016-12-31 15:23 - 00000000 ____D C:\Users\SilvesterParty\AppData\LocalLow
2016-12-31 15:22 - 2016-12-31 15:23 - 00000000 ____D C:\Users\SilvesterParty\AppData\Local\EgisTec IPS
2016-12-31 15:22 - 2016-12-31 15:22 - 00524288 ___SH C:\Users\SilvesterParty\NTUSER.DAT{975d6746-9c62-11e5-9859-998b94026108}.TMContainer00000000000000000002.regtrans-ms
2016-12-31 15:22 - 2016-12-31 15:22 - 00524288 ___SH C:\Users\SilvesterParty\NTUSER.DAT{975d6746-9c62-11e5-9859-998b94026108}.TMContainer00000000000000000001.regtrans-ms
2016-12-31 15:22 - 2016-12-31 15:22 - 00065536 ___SH C:\Users\SilvesterParty\NTUSER.DAT{975d6746-9c62-11e5-9859-998b94026108}.TM.blf
2016-12-31 15:22 - 2016-12-31 15:22 - 00000020 ___SH C:\Users\SilvesterParty\ntuser.ini
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 _SHDL C:\Users\SilvesterParty\Vorlagen
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 _SHDL C:\Users\SilvesterParty\Startmenü
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 _SHDL C:\Users\SilvesterParty\SendTo
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 _SHDL C:\Users\SilvesterParty\Recent
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 _SHDL C:\Users\SilvesterParty\Netzwerkumgebung
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 _SHDL C:\Users\SilvesterParty\Lokale Einstellungen
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 _SHDL C:\Users\SilvesterParty\Eigene Dateien
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 _SHDL C:\Users\SilvesterParty\Druckumgebung
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 _SHDL C:\Users\SilvesterParty\Documents\Eigene Videos
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 _SHDL C:\Users\SilvesterParty\Documents\Eigene Musik
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 _SHDL C:\Users\SilvesterParty\Documents\Eigene Bilder
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 _SHDL C:\Users\SilvesterParty\Cookies
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 _SHDL C:\Users\SilvesterParty\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 _SHDL C:\Users\SilvesterParty\AppData\Local\Verlauf
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 _SHDL C:\Users\SilvesterParty\AppData\Local\Temporary Internet Files
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 _SHDL C:\Users\SilvesterParty\AppData\Local\Anwendungsdaten
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 _SHDL C:\Users\SilvesterParty\Anwendungsdaten
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 ___SH C:\Users\SilvesterParty\ntuser.dat.LOG2
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 ___SH C:\Users\SilvesterParty\ntuser.dat.LOG1
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 ___HD C:\Users\SilvesterParty\AppData
2016-12-31 15:22 - 2016-12-31 15:22 - 00000000 ____D C:\Users\SilvesterParty\AppData\Roaming\Synaptics
2016-12-31 15:22 - 2016-06-18 22:32 - 00000000 ___RD C:\Users\SilvesterParty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-12-31 15:22 - 2015-12-06 23:03 - 00000000 __RSD C:\Users\SilvesterParty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-12-31 15:22 - 2015-12-06 23:03 - 00000000 ___RD C:\Users\SilvesterParty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-12-31 15:22 - 2015-12-06 23:03 - 00000000 ____D C:\Users\SilvesterParty\Roaming
2016-12-31 15:22 - 2015-10-30 08:24 - 00000000 ____D C:\Users\SilvesterParty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-12-22 08:23 - 2016-12-22 08:23 - 00000000 ____D C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-20 13:47 - 2016-12-20 15:01 - 00081353 _____ C:\Users\Katharina\Desktop\Jugend im NS.pptx
2016-12-20 08:51 - 2016-12-20 08:52 - 266400001 _____ C:\Users\Katharina\Desktop\Charles Dickens' A Christmas Carol 1971 Oscar Winner HD Rich.mp4
2016-12-19 10:56 - 2016-12-20 09:29 - 00663704 _____ C:\Users\Katharina\Desktop\Die Gesellschaft in Ägypten.pptx
2016-12-19 09:51 - 2016-12-19 10:31 - 00447044 _____ C:\Users\Katharina\Desktop\G9 Klassenarbeit Nr. 1.docx
2016-12-18 12:35 - 2016-12-22 11:07 - 01218360 _____ C:\Users\Katharina\Desktop\Biology exam 2 Grade 12.docx
2016-12-18 12:06 - 2016-12-19 07:57 - 00000000 ____D C:\Users\Katharina\Desktop\Bilinguales Abitur
2016-12-16 11:58 - 2016-12-16 11:59 - 137432819 _____ C:\Users\Katharina\Desktop\Europa im Mittelalter (Deutsche Doku).mp4
2016-12-16 11:13 - 2016-12-16 11:31 - 11688282 _____ C:\Users\Katharina\Desktop\Reflexes.pptx
2016-12-16 10:47 - 2016-12-16 10:47 - 11357759 _____ C:\Users\Katharina\Desktop\Normal Reflexes.mp4
2016-12-16 09:53 - 2016-12-16 09:53 - 00089229 _____ C:\Users\Katharina\Desktop\WS Reflexes.docx
2016-12-16 08:17 - 2017-01-06 09:33 - 00004876 _____ C:\WINDOWS\System32\Tasks\WSCEAA
2016-12-15 08:39 - 2016-12-15 08:39 - 00433284 ____T C:\Users\Katharina\Desktop\Energiererzeugung 2016.pdf
2016-12-14 14:37 - 2016-11-22 12:42 - 00384864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-14 14:37 - 2016-11-22 11:43 - 03692040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-12-14 14:37 - 2016-11-22 11:38 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-14 14:37 - 2016-11-22 11:38 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-14 14:37 - 2016-11-22 11:36 - 00159640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-14 14:37 - 2016-11-22 11:35 - 00609056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-14 14:37 - 2016-11-22 11:04 - 02549456 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-14 14:37 - 2016-11-22 11:03 - 01777280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-14 14:37 - 2016-11-22 11:02 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-12-14 14:37 - 2016-11-22 10:32 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-12-14 14:37 - 2016-11-22 10:24 - 02938408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-12-14 14:37 - 2016-11-22 10:17 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-14 14:37 - 2016-11-22 10:16 - 00064072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2016-12-14 14:37 - 2016-11-22 09:59 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-12-14 14:37 - 2016-11-22 09:55 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-14 14:37 - 2016-11-22 09:54 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-12-14 14:37 - 2016-11-22 09:50 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-12-14 14:37 - 2016-11-22 09:49 - 02195640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-14 14:37 - 2016-11-22 09:48 - 01522672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-14 14:37 - 2016-11-22 09:47 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-12-14 14:37 - 2016-11-22 09:47 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-14 14:37 - 2016-11-22 09:35 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-12-14 14:37 - 2016-11-22 09:32 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-14 14:37 - 2016-11-22 09:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-12-14 14:37 - 2016-11-22 09:20 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-14 14:37 - 2016-11-22 09:12 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-12-14 14:37 - 2016-11-22 09:04 - 03587584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-14 14:37 - 2016-11-22 08:57 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-14 14:37 - 2016-11-22 08:54 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-14 14:37 - 2016-11-22 08:53 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-14 14:37 - 2016-11-22 08:41 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-14 14:37 - 2016-11-22 08:38 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-12-14 14:37 - 2016-11-22 08:36 - 00766464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-14 14:37 - 2016-11-22 08:26 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-14 14:37 - 2016-11-22 08:26 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-12-14 14:37 - 2016-11-22 08:21 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-12-14 14:37 - 2016-11-22 08:15 - 22373376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-14 14:37 - 2016-11-22 08:14 - 04895744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-14 14:37 - 2016-11-22 08:02 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-14 14:37 - 2016-11-22 08:01 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-14 14:37 - 2016-11-22 07:59 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-14 14:37 - 2016-11-22 07:55 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-14 14:37 - 2016-11-22 07:49 - 07839232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-14 14:37 - 2016-11-22 07:35 - 19350016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-14 14:37 - 2016-11-22 07:34 - 18670080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-14 14:37 - 2016-11-22 07:34 - 12134400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-14 14:37 - 2016-11-22 07:32 - 03663872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-14 14:37 - 2016-11-22 07:17 - 05658624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-14 14:36 - 2016-11-22 11:35 - 00075448 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2016-12-14 14:36 - 2016-11-22 11:02 - 01399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-14 14:36 - 2016-11-22 10:21 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2016-12-14 14:36 - 2016-11-22 10:13 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2016-12-14 14:36 - 2016-11-22 10:00 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2016-12-14 08:23 - 2016-12-14 10:43 - 00115523 _____ C:\Users\Katharina\Desktop\G7 Klassenarbeit Nr. 1.docx
2016-12-14 08:09 - 2016-12-14 08:09 - 20364888 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-12-13 13:45 - 2016-12-13 13:45 - 00076568 _____ C:\Users\Katharina\Desktop\DaF 1 Schreiben üben.docx
2016-12-13 13:44 - 2016-12-18 12:03 - 00383898 _____ C:\Users\Katharina\Desktop\Geschichte 11 Klassenarbeit 2 Teil Leiß.docx
2016-12-12 10:55 - 2013-08-15 04:36 - 00693102 _____ C:\Users\Katharina\Desktop\History route 2 HLSL paper 1 Peacemaking peacekeeping - international relations 1918-36 [German] Ruhrkrise.pdf
2016-12-11 18:19 - 2016-12-12 10:31 - 00849920 _____ C:\Users\Katharina\Desktop\Klassenarbeit Nr. 1.doc
2016-12-09 14:10 - 2016-12-16 15:12 - 00012367 _____ C:\Users\Katharina\Desktop\DaF1 Entwicklungsstand.docx
2016-12-09 13:01 - 2016-12-09 13:01 - 00088947 _____ C:\Users\Katharina\Documents\AB Ständegesellschaft (Lösung).docx
2016-12-08 09:09 - 2016-12-08 09:09 - 01434704 _____ C:\Users\Katharina\Desktop\Hydro-Wind-Energy.pptx
2016-12-07 09:55 - 2016-12-07 09:55 - 00069019 _____ C:\Users\Katharina\Documents\AB Ständegesellschaft.docx
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-06 09:33 - 2015-06-16 13:23 - 00001250 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2115910866-1330733126-2312970329-1001UA.job
2017-01-06 09:10 - 2015-05-22 00:13 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2115910866-1330733126-2312970329-1001UA.job
2017-01-06 09:09 - 2014-11-02 10:03 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-06 08:46 - 2016-11-17 10:36 - 00000000 ____D C:\Users\Katharina\AppData\LocalLow\Mozilla
2017-01-05 18:21 - 2014-11-02 07:55 - 00000000 ___RD C:\Users\Katharina\Dropbox
2017-01-05 18:20 - 2015-12-06 22:51 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-05 18:20 - 2014-11-13 02:12 - 00000000 __SHD C:\Users\Katharina\IntelGraphicsProfiles
2017-01-05 18:07 - 2015-10-30 19:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2017-01-05 18:07 - 2015-10-30 19:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2017-01-05 18:07 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2017-01-05 18:07 - 2015-10-18 18:12 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-05 18:03 - 2015-12-06 23:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-05 18:03 - 2015-10-30 07:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2017-01-05 18:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-05 17:58 - 2014-05-07 03:46 - 00000000 ____D C:\ProgramData\Wave Systems Corp
2017-01-05 17:51 - 2015-12-06 22:55 - 00000000 ____D C:\Users\Katharina
2017-01-05 09:32 - 2014-11-02 07:36 - 00000000 ____D C:\Users\Katharina\AppData\Roaming\Skype
2017-01-05 08:03 - 2015-01-28 12:57 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{827B66A8-1ADA-43C9-991E-5592604D976C}
2017-01-04 08:13 - 2016-09-13 12:55 - 00000000 ____D C:\Users\Katharina\Desktop\NWT
2017-01-04 07:49 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-03 10:36 - 2014-11-02 07:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-01-03 10:36 - 2014-11-02 07:36 - 00000000 ____D C:\ProgramData\Skype
2017-01-02 12:10 - 2015-05-22 00:13 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2115910866-1330733126-2312970329-1001Core.job
2016-12-31 15:24 - 2013-08-22 16:36 - 00000000 __SHD C:\$Recycle.Bin
2016-12-31 15:23 - 2015-09-10 06:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-31 15:22 - 2015-10-30 07:28 - 00000000 ___RD C:\Users
2016-12-29 14:04 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\config\RegBack
2016-12-28 09:21 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-28 09:18 - 2014-05-07 03:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-28 08:49 - 2015-12-06 22:50 - 00039299 _____ C:\WINDOWS\setupact.log
2016-12-27 07:33 - 2015-06-16 13:23 - 00001198 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2115910866-1330733126-2312970329-1001Core.job
2016-12-22 18:55 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\config
2016-12-22 11:17 - 2014-11-02 07:26 - 00000000 ____D C:\Users\Katharina\AppData\Local\Packages
2016-12-22 11:07 - 2014-11-13 00:54 - 00000000 ___RD C:\Users\Katharina\Desktop
2016-12-22 08:23 - 2015-12-06 22:55 - 00000000 ___RD C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-22 08:23 - 2014-11-02 07:27 - 00000000 ___RD C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-22 08:22 - 2014-11-02 07:43 - 00000000 ____D C:\Users\Katharina\AppData\Roaming\Dropbox
2016-12-21 09:40 - 2015-12-06 22:54 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{5707c2a6-7f33-11e5-80f2-e41d2d7180e1}.TMContainer00000000000000000002.regtrans-ms
2016-12-21 09:40 - 2015-12-06 22:54 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{5707c2a6-7f33-11e5-80f2-e41d2d7180e1}.TM.blf
2016-12-21 09:40 - 2015-10-30 07:28 - 48758784 _____ C:\WINDOWS\system32\config\COMPONENTS
2016-12-20 11:28 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-19 14:59 - 2016-10-27 13:40 - 00002252 ____H C:\Users\Katharina\Documents\Default.rdp
2016-12-19 14:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-12-19 13:53 - 2016-12-01 14:54 - 00710603 _____ C:\Users\Katharina\Desktop\Geni@l B1.pptx
2016-12-19 12:36 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-12-18 14:41 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\WinSxS
2016-12-18 14:40 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\catroot2
2016-12-18 10:52 - 2015-10-30 07:28 - 00262144 ___SH C:\Users\Default\NTUSER.DAT
2016-12-18 10:50 - 2016-11-15 20:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-18 10:50 - 2016-10-17 16:57 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-12-18 10:50 - 2015-12-06 22:45 - 00405848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-18 10:50 - 2014-11-02 07:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-17 16:14 - 2015-12-06 22:45 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{5707c2c6-7f33-11e5-80f2-e41d2d7180e1}.TMContainer00000000000000000001.regtrans-ms
2016-12-17 16:14 - 2015-12-06 22:45 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{5707c2c6-7f33-11e5-80f2-e41d2d7180e1}.TM.blf
2016-12-17 16:13 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\de-DE
2016-12-17 16:13 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-17 16:13 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\de-DE
2016-12-17 16:13 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-17 16:13 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-17 16:13 - 2015-10-30 08:23 - 00000000 ____D C:\WINDOWS\system32\drivers
2016-12-17 16:13 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64
2016-12-17 16:13 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\DriverStore
2016-12-17 16:10 - 2016-11-22 14:04 - 03189613 _____ C:\Users\Katharina\Desktop\1.1. Geni@l A2.pptx
2016-12-17 16:10 - 2015-08-30 18:05 - 00003928 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2115910866-1330733126-2312970329-1001UA1d0e34618e19aa
2016-12-17 16:10 - 2015-08-30 18:05 - 00003660 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2115910866-1330733126-2312970329-1001Core1d0e3461635cc9
2016-12-17 16:10 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-15 08:24 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-14 19:32 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\SoftwareDistribution
2016-12-14 19:29 - 2014-11-03 16:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-14 19:28 - 2014-11-03 16:43 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-14 08:51 - 2016-09-13 12:54 - 00000000 ____D C:\Users\Katharina\Desktop\Geschichte
2016-12-14 08:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-14 08:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-14 07:52 - 2016-09-13 12:56 - 00000000 ____D C:\Users\Katharina\Desktop\Biology
2016-12-14 07:51 - 2016-10-03 16:27 - 00000000 ____D C:\Users\Katharina\Desktop\Klassenlehrerin
2016-12-12 00:03 - 2015-10-30 08:26 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:03 - 2015-10-30 08:26 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-09 13:01 - 2014-11-13 00:54 - 00000000 ___RD C:\Users\Katharina\Documents
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-12-06 22:52 - 2015-12-06 22:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Katharina\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpii8bpf.dll
C:\Users\Katharina\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Katharina\AppData\Local\Temp\jre-8u111-windows-au.exe
C:\Users\Katharina\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-29 14:03
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-01-2017
durchgeführt von Katharina (06-01-2017 09:34:00)
Gestartet von C:\Users\Katharina\Downloads
Windows 10 Pro Version 1511 (X64) (2015-12-06 22:16:58)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2115910866-1330733126-2312970329-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2115910866-1330733126-2312970329-503 - Limited - Disabled)
Gast (S-1-5-21-2115910866-1330733126-2312970329-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2115910866-1330733126-2312970329-1006 - Limited - Enabled)
Katharina (S-1-5-21-2115910866-1330733126-2312970329-1001 - Administrator - Enabled) => C:\Users\Katharina
SilvesterParty (S-1-5-21-2115910866-1330733126-2312970329-1007 - Limited - Enabled) => C:\Users\SilvesterParty
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3013 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3017 - Acer Incorporated)
Acer Registration (HKLM\...\{64E785C9-B1F9-4889-B199-5FFC69224C60}) (Version: 2.00.3006 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Custom (Version: 01.00.00.002 - Wave Systems Corp.) Hidden
Dropbox (HKU\S-1-5-21-2115910866-1330733126-2312970329-1001\...\Dropbox) (Version: 16.4.30 - Dropbox, Inc.)
EgisTec Fingerprint Driver (HKLM-x32\...\InstallShield_{AE4167B0-F589-4D2A-BF05-E181D543C49F}) (Version: 3.1.18.0 - Egis Technology Inc.)
EMBASSY Client Core (Version: 01.03.00.076 - Wave Systems Corp.) Hidden
Embassy Trust Suite - Acer Edition (Version: 01.05.00.055 - Wave Systems Corp) Hidden
ERAS Connector (Version: 02.09.05.0108 - Wave Systems Corp) Hidden
ExpressCache (HKLM\...\{6E55C9F8-138E-4128-8A9F-6464725BE98A}) (Version: 1.0.102.0 - Condusiv Technologies)
Fingerprint Driver (x32 Version: 3.1.18.0 - Egis Technology Inc.) Hidden
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
IB Questionbank Biology (HKLM-x32\...\IB Questionbank IB_BI) (Version: - )
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel Experience Center - Configuration (x32 Version: 1.9.0.8 - Intel) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.12.1688 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1327.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.7.0.1036 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{AA6C129D-52C1-48F8-BC8E-0C5E52ECE8FD}) (Version: 4.2.40.2384 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{24A36A7A-108C-4846-BE1F-2CD05497B998}) (Version: 4.2.15.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
LibreOffice 5.1.5.2 (HKLM-x32\...\{03E3A5F6-2B2C-4CF6-9C18-FBB28AFA512B}) (Version: 5.1.5.2 - The Document Foundation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 15.1.156 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.206 - McAfee, Inc.)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6965.2115 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.6965.2115 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Español (HKLM-x32\...\{90150000-001F-0C0A-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.14.00.03 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6965.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6965.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6965.2115 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
ProShield (HKLM-x32\...\InstallShield_{08CCD7B4-9EED-4926-805D-C4FFF869989A}) (Version: 1.4.1.12 - Egis Technology Inc.)
ProShield (Version: 1.4.1.12 - Egis Technology Inc.) Hidden
ProShield TPM (Version: 01.03.00.012 - Wave Systems Corp) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29069 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7010 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.06.0040 - ST Microelectronics)
Sweet Home 3D version 5.2 (HKLM\...\Sweet Home 3D_is1) (Version: 5.2 - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.4 - Synaptics Incorporated)
toolkit32for64bit (x32 Version: 7.68.85.0008 - Wave Systems Corp) Hidden
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wave Crypto Runtime 2.0.9.0 x64 (Version: 02.00.09.0000 - Wave Systems Corp) Hidden
Wave Crypto Runtime 2.0.9.0 x86 (x32 Version: 02.00.09.0000 - Wave Systems Corp) Hidden
Wave Infrastructure Installer (Version: 07.68.85.0008 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.15.00.005 - Wave Systems Corp) Hidden
Wave TSS (Version: 1.2.27.101 - Wave Systems Corp) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Katharina\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Katharina\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Katharina\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Katharina\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Katharina\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Katharina\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Katharina\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Katharina\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Katharina\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Katharina\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Katharina\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Katharina\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Katharina\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {018C78AB-781C-4B11-97B9-35DEB1928A15} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-09] (Microsoft Corporation)
Task: {04F33DD9-47A1-4FAE-8E49-2BE0F890339B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2115910866-1330733126-2312970329-1001Core => C:\Users\Katharina\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {07981D6F-A160-4A17-B832-F640BFA3EC5E} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-02] (Acer Incorporate)
Task: {0DAA5927-2184-45E0-8B86-544E9AD2D1E2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {0DB15A7E-C93E-46CA-99C8-877798C9A602} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {0E52E24B-B64C-49D5-9EB3-F58501555C31} - System32\Tasks\WSCEAA => C:\Program Files\Acer Proshield\RemoteManagement\WSCEAA.exe [2012-09-26] (Wave Systems Corp.)
Task: {153A881C-ED08-47D2-98C2-AC13BA774B04} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-14] (Adobe Systems Incorporated)
Task: {155BBC46-E4BB-410D-89AA-94225351E108} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {18E7E6A4-F0BE-4A17-8140-483680FC0A34} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {1AC959D5-0755-4217-A0CD-D6C0CB6FF6C0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2115910866-1330733126-2312970329-1001UA1d0e34618e19aa => C:\Users\Katharina\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {1D7B317A-14C5-41D0-860C-1976671E6DED} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {1F9BC2CC-C816-4D16-A384-87878CBCFAC8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {22EC5F2F-D7E1-484E-BDA9-FFAE6906F6D8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {2487028C-B13A-4F4B-8921-8B8109A8E8F7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2115910866-1330733126-2312970329-1001Core => C:\Users\Katharina\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {2897222D-0DD2-4E63-9666-6EE031551B23} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-12-14] (Microsoft Corporation)
Task: {28C2DCD5-2914-449B-8938-2720ACEE9997} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {2EF14950-F53B-411D-A898-A99AADC8D0CB} - System32\Tasks\EgisTSR => C:\Program Files\Acer ProShield\EgisTSR.exe [2013-07-08] (Egis Technology Inc. )
Task: {363795D7-5129-4EAF-823F-2FA0D7B4154D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {3EBD8F5B-B6F4-4C8B-9C43-E43A335DD66B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {3F034109-20BA-4F72-B0F8-9117035F5B8A} - System32\Tasks\GREGTask => C:\Program Files\Acer\Acer Registration\GREGLauncher.exe [2013-01-12] ()
Task: {4DF988EE-042C-49D4-BFA0-69AB612EABA9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-09] (Microsoft Corporation)
Task: {560C8A27-2D88-4EDE-BC0A-76A69583D7B2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-10] (Microsoft Corporation)
Task: {5BBA9D08-952C-4BB8-BFFF-B5F4C1422873} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-10-17] (McAfee, Inc.)
Task: {6FFD0464-FB57-46C3-A7A1-7E5577313752} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-09-13] (Egis Technology Inc.)
Task: {8C5E20F6-E4D3-4CDB-9091-B9490BAEDA94} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-10] (Microsoft Corporation)
Task: {97CBA218-DE88-4442-9DDE-CE18D699F857} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {AB645B90-E81E-4F01-B26E-64078D87D44B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2115910866-1330733126-2312970329-1001Core1d0e3461635cc9 => C:\Users\Katharina\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {B25BD6F1-D3B1-4234-9B45-65A03A87980C} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {B4AAAA96-B552-4F97-9D33-E9F3B3B1E4A6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-10] (Microsoft Corporation)
Task: {BC9EF126-7953-42DC-B029-312309607ACF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {BCCCFD33-0423-439F-BB7B-848D9635383F} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-09-13] (Egis Technology Inc.)
Task: {BF66E449-356A-4346-AF0A-AADBED8C4649} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {C5A73E35-4A1B-455B-B6D9-8F24B6370BC7} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe [2016-06-29] (McAfee, Inc.)
Task: {C93ECEC2-B03B-4F4B-B0BA-F557A824A6A5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C9480FEB-A26C-4732-BABB-F0AF251747DB} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-10-17] (McAfee, Inc.)
Task: {CC9A78C4-F2BD-441E-8720-C809FCE9BE74} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2115910866-1330733126-2312970329-1001UA => C:\Users\Katharina\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {CD09774E-C03A-421B-BD87-302F20D675FB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D47C0287-D272-441D-86B2-2F0E3EAEFC2C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {E742F03A-5E55-452B-BD9C-E4D735E493B2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {F39C9F8B-261F-4AEC-BD3A-0B0437FE397E} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Katharina\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {F508B5F2-E04B-425A-8DCF-06CA0C0B92A7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2115910866-1330733126-2312970329-1001UA => C:\Users\Katharina\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {F7F3E51D-2404-4BA4-BE57-649D8D997447} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2115910866-1330733126-2312970329-1001Core.job => C:\Users\Katharina\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2115910866-1330733126-2312970329-1001UA.job => C:\Users\Katharina\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2115910866-1330733126-2312970329-1001Core.job => C:\Users\Katharina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2115910866-1330733126-2312970329-1001UA.job => C:\Users\Katharina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Katharina\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-07-08 15:43 - 2013-07-08 15:43 - 01407976 _____ () C:\Program Files\Acer ProShield\LIBEAY32.dll
2014-11-07 17:28 - 2012-12-06 19:52 - 00136704 _____ () C:\WINDOWS\System32\zlhp2600.dll
2013-03-18 21:52 - 2013-03-18 21:52 - 00482304 _____ () C:\Program Files (x86)\Acer Proshield\bin\tcsd_x86.exe
2016-07-11 03:26 - 2012-03-12 10:05 - 00232288 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-11-09 10:40 - 2016-10-25 10:42 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-09 10:40 - 2016-10-25 10:42 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 02:39 - 2015-10-01 02:39 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-12-21 15:51 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 01:03 - 2016-07-01 04:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-11-09 10:41 - 2016-10-25 05:49 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 10:40 - 2016-10-25 05:44 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 10:41 - 2016-10-25 05:45 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 10:41 - 2016-10-25 05:48 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-05-07 03:35 - 2012-05-29 10:41 - 00250008 _____ () C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_DT.dll
2016-04-18 23:13 - 2016-04-18 23:14 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2014-05-07 03:26 - 2012-03-21 04:05 - 00051776 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2013-03-15 14:29 - 2013-03-15 14:29 - 00481280 _____ () C:\Program Files (x86)\Acer Proshield\bin\NTRUWavePSMove.dll
2014-05-07 03:21 - 2013-07-26 18:24 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-12-03 09:15 - 2016-11-11 21:36 - 00035792 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-12-03 09:15 - 2016-11-11 21:36 - 00100296 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-12-03 09:15 - 2016-11-11 21:36 - 00018888 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\select.pyd
2016-12-03 09:15 - 2016-12-21 19:26 - 00019760 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-12-03 09:15 - 2016-11-11 21:36 - 00694224 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 00020816 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-12-03 09:15 - 2016-11-11 21:37 - 00123856 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 01682760 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 00020808 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-12-22 08:22 - 2016-11-11 21:36 - 00145864 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-12-22 08:22 - 2016-11-11 21:37 - 00019408 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-12-22 08:22 - 2016-11-11 21:36 - 00116688 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-12-03 09:15 - 2016-11-11 21:38 - 00105928 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-12-03 09:15 - 2016-12-21 19:26 - 00021312 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 00052024 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 00038696 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-12-22 08:22 - 2016-11-11 21:36 - 00392144 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-12-22 08:22 - 2016-11-11 21:38 - 00020936 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-12-03 09:15 - 2016-11-11 21:38 - 00024528 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-12-03 09:15 - 2016-11-11 21:39 - 00116176 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-12-03 09:15 - 2016-12-21 19:26 - 00381752 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-12-03 09:15 - 2016-11-11 21:38 - 00124880 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-12-03 09:15 - 2016-12-21 19:26 - 00025424 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-12-03 09:15 - 2016-11-11 21:38 - 00024016 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-12-03 09:15 - 2016-11-11 21:38 - 00175560 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-12-03 09:15 - 2016-11-11 21:38 - 00030160 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-12-03 09:15 - 2016-11-11 21:39 - 00043472 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-12-03 09:15 - 2016-11-11 21:39 - 00048592 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-12-03 09:15 - 2016-11-11 21:38 - 00057808 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-12-03 09:15 - 2016-11-11 21:39 - 00024016 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 00246592 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 00026456 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-12-03 09:15 - 2016-11-11 21:37 - 00241104 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 00020280 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-12-03 09:15 - 2016-11-11 21:39 - 00028616 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-12-03 09:15 - 2016-12-21 19:26 - 00023376 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-12-03 09:15 - 2016-12-21 19:26 - 00020800 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-12-03 09:15 - 2016-12-21 19:26 - 00019776 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-12-03 09:15 - 2016-12-21 19:26 - 00020800 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-12-03 09:15 - 2016-11-11 21:39 - 00350152 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-12-03 09:15 - 2016-12-21 19:26 - 00022352 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 00024392 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-12-22 08:22 - 2016-11-11 21:35 - 00036296 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\librsync.dll
2016-12-22 08:22 - 2016-12-21 19:26 - 00031568 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2016-12-22 08:22 - 2016-12-03 09:13 - 00293392 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2016-12-22 08:22 - 2016-12-21 19:26 - 00084280 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-12-22 08:22 - 2016-12-21 19:26 - 01826096 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-12-03 09:15 - 2016-11-11 21:37 - 00083912 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\sip.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 00531248 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 03928880 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 01972528 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 00133424 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 00224056 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 00207672 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-12-03 09:15 - 2016-12-21 19:26 - 00020288 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-12-22 08:22 - 2016-11-11 21:42 - 00017864 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-12-22 08:22 - 2016-11-11 21:42 - 01631184 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-12-22 08:22 - 2016-12-21 19:26 - 00042808 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 00171320 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 00357680 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-12-03 09:15 - 2016-11-11 21:39 - 00060880 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-12-03 09:15 - 2016-12-21 19:26 - 00037192 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2016-12-03 09:15 - 2016-12-21 19:26 - 00024904 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-12-22 08:22 - 2016-12-21 19:26 - 00546096 _____ () C:\Users\Katharina\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-04-18 23:13 - 2016-04-18 23:14 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-18 23:13 - 2016-04-18 23:14 - 02941440 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll
2016-04-18 23:13 - 2016-04-18 23:14 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll
2016-04-18 23:13 - 2016-04-18 23:14 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-04-18 23:13 - 2016-04-18 23:14 - 01300992 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeBase.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2115910866-1330733126-2312970329-1001\...\sharepoint.com -> hxxps://dsbq.sharepoint.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2115910866-1330733126-2312970329-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Katharina\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{869f5457-d675-43a1-b9e6-0c19095f0e8d}.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKU\S-1-5-21-2115910866-1330733126-2312970329-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2115910866-1330733126-2312970329-1001\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{247081D3-EEE2-4F03-9DA5-794ED7C14592}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E995FC21-8475-4A6F-B6EE-07DBC9F86472}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F2DC4731-C8D7-428A-90E1-14EDF2BDDA3E}] => C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{F4C7DFFA-881F-4783-8F4D-1B81F493A210}] => C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{5B637F93-AB4C-4AC4-83F7-7AF1055CFBF2}] => C:\Users\Katharina\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{ED27D1AA-6E01-4B90-88C5-DCE8892F1307}] => C:\Users\Katharina\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4F1A7ABD-3BED-42F4-9E48-45DBD3C1B111}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{2B3F4577-9616-420E-B972-9240549BB4EA}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{90AFDB9F-2A2E-489E-9578-012EA7B13806}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{188D39FF-EE07-4296-9442-FE04C9289297}] => C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{A2CA264A-2651-4BB6-8339-823878A30A48}] => C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{F159E5A2-2849-47BD-B8D2-A72F4A3578C1}] => C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{1D6E76D6-AF50-4108-96A5-C18F8FDAD094}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9478C316-71C9-4E1C-9A1F-3A5AB8997850}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4979B2E9-C595-47E3-8ADA-189A892CE0C6}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C4541A95-66A4-496D-AD7B-533A164757E7}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{B01BA80B-72A1-4340-BCF1-BA8B38C39396}C:\users\katharina\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\katharina\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{5E53E46F-FE55-4960-8D79-1441026FC3AF}C:\users\katharina\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\katharina\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{67AA98F7-9ED5-4875-8EDA-ABE39FC48D71}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{D6C72CB9-3EEF-4214-B3DA-CB0C77C5E818}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6981F5E6-4B3B-46DF-973A-408EB7162A0D}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{DF7ABC90-4260-4412-B6AA-16C72B36835F}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{76D7D794-F5BE-4D37-975D-1007E9E69CA8}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
==================== Wiederherstellungspunkte =========================
25-12-2016 11:23:40 Geplanter Prüfpunkt
02-01-2017 11:11:08 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/06/2017 08:39:52 AM) (Source: AVLogEvent) (EventID: 5003) (User: NT-AUTORITÄT)
Description: McShield encountered error while stopping.
Error Code:a7f40610
Error: (01/05/2017 06:03:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EmbassyServer.exe, Version: 1.3.0.96, Zeitstempel: 0x506aeb95
Name des fehlerhaften Moduls: EmbassyServer.exe, Version: 1.3.0.96, Zeitstempel: 0x506aeb95
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0000000000016414
ID des fehlerhaften Prozesses: 0xa08
Startzeit der fehlerhaften Anwendung: 0x01d26775a23d36ea
Pfad der fehlerhaften Anwendung: C:\Program Files\Acer Proshield\EMBASSY Client Core\EmbassyServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Acer Proshield\EMBASSY Client Core\EmbassyServer.exe
Berichtskennung: 1399d556-c47e-4f25-a1d2-7b0445ed9b28
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/05/2017 05:51:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EmbassyServer.exe, Version: 1.3.0.96, Zeitstempel: 0x506aeb95
Name des fehlerhaften Moduls: EmbassyServer.exe, Version: 1.3.0.96, Zeitstempel: 0x506aeb95
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0000000000016414
ID des fehlerhaften Prozesses: 0x9a8
Startzeit der fehlerhaften Anwendung: 0x01d26774038cfedd
Pfad der fehlerhaften Anwendung: C:\Program Files\Acer Proshield\EMBASSY Client Core\EmbassyServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Acer Proshield\EMBASSY Client Core\EmbassyServer.exe
Berichtskennung: d69abd81-41c2-4fd6-9cf0-052eeb03ef3a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/05/2017 09:32:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KaLe)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/03/2017 12:54:19 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/02/2017 11:11:22 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/02/2017 09:39:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EmbassyServer.exe, Version: 1.3.0.96, Zeitstempel: 0x506aeb95
Name des fehlerhaften Moduls: EmbassyServer.exe, Version: 1.3.0.96, Zeitstempel: 0x506aeb95
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0000000000016414
ID des fehlerhaften Prozesses: 0x940
Startzeit der fehlerhaften Anwendung: 0x01d264d39eefce65
Pfad der fehlerhaften Anwendung: C:\Program Files\Acer Proshield\EMBASSY Client Core\EmbassyServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Acer Proshield\EMBASSY Client Core\EmbassyServer.exe
Berichtskennung: 9cac7732-c029-4b04-b3de-a010cfcbea0e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/01/2017 02:07:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KaLe)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147024891. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/01/2017 02:07:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KaLe)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147024891. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/01/2017 02:07:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KaLe)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023169. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (01/06/2017 08:44:11 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.
Error: (01/05/2017 06:23:50 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/05/2017 06:20:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_57ce2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/05/2017 06:06:51 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/05/2017 06:03:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "EmbassyService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/05/2017 06:02:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WWAN - automatische Konfiguration" wurde mit folgendem Fehler beendet:
Überlappender E/A-Vorgang wird verarbeitet.
Error: (01/05/2017 06:02:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_9203f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/05/2017 06:00:15 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/05/2017 05:52:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "EmbassyService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/05/2017 05:50:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WWAN - automatische Konfiguration" wurde mit folgendem Fehler beendet:
Überlappender E/A-Vorgang wird verarbeitet.
CodeIntegrity:
===================================
Date: 2017-01-06 09:09:19.679
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-05 18:02:14.410
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-04 16:48:38.364
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-04 08:16:04.502
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-03 10:02:36.147
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-03 09:58:27.828
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-03 09:57:36.702
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-03 09:53:08.358
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-03 09:39:06.601
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-02 10:02:45.421
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 75%
Installierter physikalischer RAM: 3988.27 MB
Verfügbarer physikalischer RAM: 991.4 MB
Summe virtueller Speicher: 6420.27 MB
Verfügbarer virtueller Speicher: 3123.21 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:436.5 GB) (Free:64.18 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A048E235)
Partition: GPT.
========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 6A5293DF)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
06.01.2017, 11:16
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Phishing-Email: ZIP-Anhang heruntergeladen aber nicht geöfnetZitat:
__________________ |
|
06.01.2017, 17:51
| #3 |
| | Phishing-Email: ZIP-Anhang heruntergeladen aber nicht geöfnet Vielen Dank!
__________________ |
|
| Themen zu Phishing-Email: ZIP-Anhang heruntergeladen aber nicht geöfnet |
| administrator, cpu, defender, device driver, dll, explorer, firefox, firewall, flash player, google, homepage, launch, mozilla, neustart, office 365, prozesse, realtek, registry, rundll, scan, services.exe, siteadvisor, software, svchost.exe, udp, usb, webadvisor, windows, windowsapps, winlogon.exe |
Linear-Darstellung
