| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Open Office Hilfefenster öffnet sich nach OO- Start selbsständig mehrfachWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
26.07.2017, 15:23
| #1 |
| |  Open Office Hilfefenster öffnet sich nach OO- Start selbsständig mehrfach Hallo ihr Hilfsbereiten, immer wenn ich OpenOffice öffne, öffnet sich auch das Hilfefenster. Dann bin ich erstmal schachmatt- meist kann ich den Mauszeiger dann nicht mehr bewegen, und wenn, dann muss ich ca. 10mal auf das Schließen- Symbol klicken, bis sich das Hilfefenster wirklich schliesst. Es öffnet sich immer wieder. Dass der Mauszeiger "erstarrt" passiert in letzter Zeit auch öfter bei anderen Programmen. Er bewegt sich erst wieder, wenn ich auf EINGABE drücke. Nervig. Könnte ein Virus sein oder? Mein AVAST- Antivirus Programm hat nix gefunden.... PS: auf meinem inzwischen 7J. alten Laptop läuft Windows Vista. DANKE Anbei die Ergebnisse des Farbar Recovery Scans (nach eurer Anleitung) FRST Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-07-2017 durchgeführt von Katha (Administrator) auf KATHA-HP (26-07-2017 15:51:37) Gestartet von C:\Users\Katha\Downloads Geladene Profile: Katha (Verfügbare Profile: Katha & Gast) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (AMD) C:\windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\windows\System32\hpservice.exe (Validity Sensors, Inc.) C:\windows\System32\vcsFPService.exe (AMD) C:\windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\windows\System32\wlanext.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (ArcSoft, Inc.) C:\windows\SysWOW64\ArcVCapRender\uArcCapture.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Intel Corporation) C:\windows\System32\igfxtray.exe (Intel Corporation) C:\windows\System32\hkcmd.exe (Intel Corporation) C:\windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Spotify Ltd) C:\Users\Katha\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (HP) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe (Microsoft Corporation) C:\windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (HP) C:\Program Files (x86)\Hp\Shared\hpqwmiex.exe (Intel Corporation) C:\windows\System32\igfxext.exe (Intel Corporation) C:\windows\System32\igfxsrvc.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1016992 2012-01-19] (Atheros Communications) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-01-19] (Atheros Commnucations) HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2014-11-30] (Synaptics Incorporated) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-11-12] (IDT, Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-07-23] (AVAST Software) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-03-01] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-30] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [517456 2010-11-24] (ArcSoft Inc.) HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12310616 2012-03-22] (Hewlett-Packard) HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [184736 2012-09-05] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-10-16] (Hewlett-Packard Company) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1193728 2017-02-15] (PDF Complete Inc) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\DeviceNP: C:\Windows\SysWOW64\DeviceNP.dll [2012-01-31] (Hewlett-Packard Company) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\...\Run: [Spotify Web Helper] => C:\Users\Katha\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-06-23] (Spotify Ltd) HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation) Lsa: [Notification Packages] DPPassFilter scecli ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{30AC0758-288C-4444-89FC-911BE5E00395}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{86C15E94-1BFF-41A1-974C-C49470869275}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1436209576&z=f9114177951d34bfd682f74g7z5cdq2o5eft8w0m2w&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX91A14R6358R6358&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1436209576&z=f9114177951d34bfd682f74g7z5cdq2o5eft8w0m2w&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX91A14R6358R6358&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKLM -> DefaultScope {648E240F-CFCF-43DF-BCD8-535289D759B6} URL = hxxp://www.startseite24.net/?q={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF SearchScopes: HKLM -> {648E240F-CFCF-43DF-BCD8-535289D759B6} URL = hxxp://www.startseite24.net/?q={searchTerms} SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-4204173192-2022547415-2650888639-1002 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = SearchScopes: HKU\S-1-5-21-4204173192-2022547415-2650888639-1002 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX91A14R6358R6358&ts=1436209617&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-4204173192-2022547415-2650888639-1002 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX91A14R6358R6358&ts=1436209617&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-4204173192-2022547415-2650888639-1002 -> {648E240F-CFCF-43DF-BCD8-535289D759B6} URL = hxxp://www.startseite24.net/?q={searchTerms} SearchScopes: HKU\S-1-5-21-4204173192-2022547415-2650888639-1002 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX91A14R6358R6358&ts=1436209617&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-4204173192-2022547415-2650888639-1002 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX91A14R6358R6358&ts=1436209617&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-4204173192-2022547415-2650888639-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-07-07] (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-08-12] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-08-12] (Microsoft Corporation) BHO: Kein Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Keine Datei BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22] (Hewlett-Packard) BHO-x32: Kein Name -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> Keine Datei BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-12] (Oracle Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-01-19] (Atheros Commnucations) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-07-07] (AVAST Software) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-08-12] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-12] (Oracle Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-07-22] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\bx4z1xu0.default-1478203814895 [2017-07-26] FF Extension: (Avast SafePrice) - C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\bx4z1xu0.default-1478203814895\Extensions\sp@avast.com.xpi [2017-05-31] FF Extension: (uBlock Origin) - C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\bx4z1xu0.default-1478203814895\Extensions\uBlock0@raymondhill.net.xpi [2017-07-23] FF Extension: (Avast Online Security) - C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\bx4z1xu0.default-1478203814895\Extensions\wrc@avast.com.xpi [2017-05-31] FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\bx4z1xu0.default-1478203814895\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2017-04-01] FF Extension: (Adblock Plus) - C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\bx4z1xu0.default-1478203814895\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-10] FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt => nicht gefunden FF HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-22] [ist nicht signiert] FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-12] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-12] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-12] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-12] (Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-07-22] (Microsoft Corporation) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-07-23] (AVAST Software s.r.o.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-01-19] (Atheros Commnucations) [Datei ist nicht signiert] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-07-23] (AVAST Software) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2768472 2015-08-11] (Microsoft Corporation) R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [493904 2012-04-28] (DigitalPersona, Inc.) S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-01-31] (Hewlett-Packard Company) R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-10-16] (Hewlett-Packard Company) R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP) R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1102560 2015-10-19] (HP) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-28] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-28] (Intel Corporation) R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2013-03-27] () [Datei ist nicht signiert] R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1719552 2017-02-15] (PDF Complete Inc) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-11-12] (IDT, Inc.) [Datei ist nicht signiert] R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-02-03] (ArcSoft, Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-19] (Atheros) [Datei ist nicht signiert] ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 amdkmpfd; C:\windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-20] (Advanced Micro Devices, Inc.) R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.) R1 aswbidsdriver; C:\windows\system32\drivers\aswbidsdrivera.sys [320008 2017-07-23] (AVAST Software s.r.o.) R0 aswbidsh; C:\windows\system32\drivers\aswbidsha.sys [198976 2017-07-23] (AVAST Software s.r.o.) R0 aswblog; C:\windows\system32\drivers\aswbloga.sys [343288 2017-07-23] (AVAST Software s.r.o.) R0 aswbuniv; C:\windows\system32\drivers\aswbuniva.sys [57728 2017-07-23] (AVAST Software s.r.o.) S3 aswHdsKe; C:\windows\system32\drivers\aswHdsKe.sys [82936 2017-01-27] (AVAST Software) S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [46984 2017-07-07] (AVAST Software) R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [41800 2017-07-07] (AVAST Software) R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [146696 2017-07-23] (AVAST Software) R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [110352 2017-07-07] (AVAST Software) R0 aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [84392 2017-07-07] (AVAST Software) R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1015848 2017-07-07] (AVAST Software) R1 aswSP; C:\windows\system32\drivers\aswSP.sys [585608 2017-07-07] (AVAST Software) R2 aswStm; C:\windows\system32\drivers\aswStm.sys [198768 2017-07-07] (AVAST Software) R0 aswVmm; C:\windows\system32\drivers\aswVmm.sys [361336 2017-07-07] (AVAST Software) S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [64312 2012-01-31] (Hewlett-Packard Company) R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [91432 2013-03-27] (McAfee, Inc.) R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158760 2013-03-27] (McAfee, Inc.) R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation) R1 MpKsl0354d601; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AC02DD1A-E110-4DCD-925B-C6BFB37241D0}\MpKsl0354d601.sys [44928 2017-07-26] (Microsoft Corporation) R3 NisDrv; C:\windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation) R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1864328 2012-10-03] () ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-07-26 15:51 - 2017-07-26 15:53 - 00025198 _____ C:\Users\Katha\Downloads\FRST.txt 2017-07-26 15:51 - 2017-07-26 15:51 - 00000000 ____D C:\FRST 2017-07-26 15:50 - 2017-07-26 15:50 - 02382336 _____ (Farbar) C:\Users\Katha\Downloads\FRST64.exe 2017-07-26 15:48 - 2017-07-26 15:48 - 01778176 _____ (Farbar) C:\Users\Katha\Downloads\FRST.exe 2017-07-25 20:32 - 2017-07-25 20:32 - 00000000 ____D C:\ProgramData\SWCUTemp 2017-07-23 23:38 - 2017-07-23 23:38 - 00000000 _____ C:\windows\SysWOW64\sho6CFD.tmp 2017-07-23 23:32 - 2017-07-23 23:32 - 00400464 _____ (AVAST Software) C:\windows\system32\aswBoot.exe 2017-07-13 22:15 - 2017-07-06 06:56 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthpan.sys 2017-07-13 22:15 - 2017-06-30 06:15 - 00394448 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2017-07-13 22:15 - 2017-06-30 05:32 - 00346312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2017-07-13 22:15 - 2017-06-30 04:57 - 02319872 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll 2017-07-13 22:15 - 2017-06-30 04:57 - 02058240 _____ (Microsoft Corporation) C:\windows\system32\Query.dll 2017-07-13 22:15 - 2017-06-30 04:39 - 01549312 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll 2017-07-13 22:15 - 2017-06-30 04:38 - 01363968 _____ (Microsoft Corporation) C:\windows\SysWOW64\Query.dll 2017-07-13 22:15 - 2017-06-29 08:27 - 25734656 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2017-07-13 22:15 - 2017-06-29 08:02 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2017-07-13 22:15 - 2017-06-29 07:50 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2017-07-13 22:15 - 2017-06-29 07:44 - 05975552 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2017-07-13 22:15 - 2017-06-29 07:43 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2017-07-13 22:15 - 2017-06-29 07:39 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2017-07-13 22:15 - 2017-06-29 07:23 - 20270592 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2017-07-13 22:15 - 2017-06-29 07:23 - 00499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2017-07-13 22:15 - 2017-06-29 07:07 - 02132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2017-07-13 22:15 - 2017-06-29 06:58 - 15253504 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2017-07-13 22:15 - 2017-06-29 06:53 - 03240960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2017-07-13 22:15 - 2017-06-29 06:52 - 04549632 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2017-07-13 22:15 - 2017-06-29 06:43 - 13663744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2017-07-13 22:15 - 2017-06-29 06:41 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2017-07-13 22:15 - 2017-06-29 06:28 - 02767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2017-07-13 22:15 - 2017-06-29 06:24 - 01314816 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2017-07-13 22:15 - 2017-06-22 16:58 - 03223040 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2017-07-13 22:15 - 2017-06-15 22:23 - 00753664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys 2017-07-13 22:15 - 2017-06-13 00:54 - 00370920 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys 2017-07-13 22:15 - 2017-06-13 00:54 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2017-07-13 22:15 - 2017-06-13 00:54 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2017-07-13 22:15 - 2017-06-13 00:49 - 01363456 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll 2017-07-13 22:15 - 2017-06-13 00:49 - 00731648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2017-07-13 22:15 - 2017-06-13 00:49 - 00594432 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll 2017-07-13 22:15 - 2017-06-13 00:49 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\sysmon.ocx 2017-07-13 22:15 - 2017-06-13 00:49 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\pdhui.dll 2017-07-13 22:15 - 2017-06-13 00:29 - 01227264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdc.dll 2017-07-13 22:15 - 2017-06-13 00:29 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysmon.ocx 2017-07-13 22:15 - 2017-06-13 00:28 - 00554496 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2017-07-13 22:15 - 2017-06-13 00:28 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\pdhui.dll 2017-07-13 22:15 - 2017-06-13 00:14 - 00379392 _____ (Microsoft Corporation) C:\windows\system32\msinfo32.exe 2017-07-13 22:15 - 2017-06-13 00:06 - 00303616 _____ (Microsoft Corporation) C:\windows\SysWOW64\msinfo32.exe 2017-07-13 22:15 - 2017-06-10 17:59 - 00313856 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll 2017-07-13 22:15 - 2017-06-10 17:39 - 00271360 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wldap32.dll 2017-07-13 22:15 - 2017-06-09 17:33 - 01680616 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys 2017-07-13 22:15 - 2017-06-06 17:30 - 01867264 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll 2017-07-13 22:15 - 2017-06-06 17:12 - 01499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll 2017-07-13 22:15 - 2017-05-30 06:56 - 01895656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2017-07-13 22:15 - 2017-05-30 06:56 - 00377576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys 2017-07-13 22:15 - 2017-05-30 06:56 - 00287976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS 2017-07-13 22:15 - 2017-05-16 17:35 - 00986856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys 2017-07-13 22:15 - 2017-05-16 17:35 - 00265448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys 2017-07-13 22:14 - 2017-06-30 04:57 - 02222080 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll 2017-07-13 22:14 - 2017-06-30 04:57 - 00778240 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll 2017-07-13 22:14 - 2017-06-30 04:57 - 00491520 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll 2017-07-13 22:14 - 2017-06-30 04:57 - 00288256 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll 2017-07-13 22:14 - 2017-06-30 04:57 - 00115200 _____ (Microsoft Corporation) C:\windows\system32\mssitlb.dll 2017-07-13 22:14 - 2017-06-30 04:57 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll 2017-07-13 22:14 - 2017-06-30 04:57 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll 2017-07-13 22:14 - 2017-06-30 04:57 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\msshooks.dll 2017-07-13 22:14 - 2017-06-30 04:40 - 00591872 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe 2017-07-13 22:14 - 2017-06-30 04:40 - 00249856 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe 2017-07-13 22:14 - 2017-06-30 04:39 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe 2017-07-13 22:14 - 2017-06-30 04:38 - 01400320 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll 2017-07-13 22:14 - 2017-06-30 04:38 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll 2017-07-13 22:14 - 2017-06-30 04:38 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll 2017-07-13 22:14 - 2017-06-30 04:38 - 00197120 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssphtb.dll 2017-07-13 22:14 - 2017-06-30 04:38 - 00104448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssitlb.dll 2017-07-13 22:14 - 2017-06-30 04:38 - 00059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscntrs.dll 2017-07-13 22:14 - 2017-06-30 04:38 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssprxy.dll 2017-07-13 22:14 - 2017-06-30 04:27 - 00427520 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe 2017-07-13 22:14 - 2017-06-30 04:27 - 00164352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe 2017-07-13 22:14 - 2017-06-30 04:26 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe 2017-07-13 22:14 - 2017-06-30 04:26 - 00009728 _____ (Microsoft Corporation) C:\windows\SysWOW64\msshooks.dll 2017-07-13 22:14 - 2017-06-29 08:19 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2017-07-13 22:14 - 2017-06-29 08:18 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2017-07-13 22:14 - 2017-06-29 08:04 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2017-07-13 22:14 - 2017-06-29 08:03 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec 2017-07-13 22:14 - 2017-06-29 08:03 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2017-07-13 22:14 - 2017-06-29 08:02 - 02899456 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2017-07-13 22:14 - 2017-06-29 08:02 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2017-07-13 22:14 - 2017-06-29 07:55 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2017-07-13 22:14 - 2017-06-29 07:54 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2017-07-13 22:14 - 2017-06-29 07:51 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2017-07-13 22:14 - 2017-06-29 07:50 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2017-07-13 22:14 - 2017-06-29 07:50 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2017-07-13 22:14 - 2017-06-29 07:50 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2017-07-13 22:14 - 2017-06-29 07:35 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2017-07-13 22:14 - 2017-06-29 07:31 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx 2017-07-13 22:14 - 2017-06-29 07:31 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2017-07-13 22:14 - 2017-06-29 07:30 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll 2017-07-13 22:14 - 2017-06-29 07:27 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2017-07-13 22:14 - 2017-06-29 07:26 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2017-07-13 22:14 - 2017-06-29 07:23 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2017-07-13 22:14 - 2017-06-29 07:23 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2017-07-13 22:14 - 2017-06-29 07:23 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2017-07-13 22:14 - 2017-06-29 07:22 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec 2017-07-13 22:14 - 2017-06-29 07:22 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll 2017-07-13 22:14 - 2017-06-29 07:22 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll 2017-07-13 22:14 - 2017-06-29 07:19 - 02290176 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2017-07-13 22:14 - 2017-06-29 07:17 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2017-07-13 22:14 - 2017-06-29 07:16 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2017-07-13 22:14 - 2017-06-29 07:14 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2017-07-13 22:14 - 2017-06-29 07:13 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2017-07-13 22:14 - 2017-06-29 07:13 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2017-07-13 22:14 - 2017-06-29 07:13 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2017-07-13 22:14 - 2017-06-29 07:11 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll 2017-07-13 22:14 - 2017-06-29 07:09 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2017-07-13 22:14 - 2017-06-29 07:09 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2017-07-13 22:14 - 2017-06-29 07:08 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2017-07-13 22:14 - 2017-06-29 07:05 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2017-07-13 22:14 - 2017-06-29 07:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2017-07-13 22:14 - 2017-06-29 07:00 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll 2017-07-13 22:14 - 2017-06-29 07:00 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx 2017-07-13 22:14 - 2017-06-29 06:58 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2017-07-13 22:14 - 2017-06-29 06:56 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2017-07-13 22:14 - 2017-06-29 06:56 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2017-07-13 22:14 - 2017-06-29 06:54 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll 2017-07-13 22:14 - 2017-06-29 06:48 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll 2017-07-13 22:14 - 2017-06-29 06:47 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2017-07-13 22:14 - 2017-06-29 06:46 - 02057216 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2017-07-13 22:14 - 2017-06-29 06:46 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2017-07-13 22:14 - 2017-06-29 06:29 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2017-07-13 22:14 - 2017-06-29 06:23 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2017-07-13 22:14 - 2017-06-13 00:49 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2017-07-13 22:14 - 2017-06-13 00:29 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll 2017-07-13 22:14 - 2017-06-13 00:29 - 00444928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wvc.dll 2017-07-13 22:14 - 2017-06-13 00:29 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll 2017-07-13 22:14 - 2017-06-13 00:29 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll 2017-07-13 22:14 - 2017-06-13 00:29 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll 2017-07-13 22:14 - 2017-06-13 00:29 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll 2017-07-13 22:14 - 2017-06-13 00:28 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll 2017-07-13 22:14 - 2017-06-13 00:28 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll 2017-07-13 22:14 - 2017-06-13 00:28 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll 2017-07-13 22:14 - 2017-06-13 00:28 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll 2017-07-13 22:14 - 2017-06-13 00:28 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll 2017-07-13 22:14 - 2017-06-13 00:28 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll 2017-07-13 22:14 - 2017-06-13 00:28 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll 2017-07-13 22:14 - 2017-06-13 00:28 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll 2017-07-13 22:14 - 2017-06-13 00:28 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll 2017-07-13 22:14 - 2017-06-13 00:28 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll 2017-07-13 22:14 - 2017-06-13 00:19 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe 2017-07-13 22:14 - 2017-06-13 00:14 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\perfmon.exe 2017-07-13 22:14 - 2017-06-13 00:14 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\resmon.exe 2017-07-13 22:14 - 2017-06-13 00:12 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys 2017-07-13 22:14 - 2017-06-13 00:12 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys 2017-07-13 22:14 - 2017-06-13 00:12 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys 2017-07-13 22:14 - 2017-06-13 00:11 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2017-07-13 22:14 - 2017-06-13 00:09 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe 2017-07-13 22:14 - 2017-06-13 00:06 - 00157184 _____ (Microsoft Corporation) C:\windows\SysWOW64\perfmon.exe 2017-07-13 22:14 - 2017-06-13 00:06 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\resmon.exe 2017-07-13 22:14 - 2017-06-13 00:05 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll 2017-07-13 22:14 - 2017-05-21 06:24 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll 2017-07-13 22:14 - 2017-05-21 06:06 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll 2017-07-13 22:14 - 2017-05-16 17:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll 2017-07-13 22:07 - 2017-05-03 17:29 - 01206272 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2017-07-13 22:07 - 2017-05-03 15:05 - 01555968 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2017-07-13 22:07 - 2017-05-03 15:05 - 00535552 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll 2017-07-13 22:07 - 2017-05-03 15:05 - 00217088 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll 2017-07-13 22:07 - 2017-03-23 04:06 - 01691136 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe 2017-07-13 22:06 - 2017-05-03 17:34 - 00094952 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe 2017-07-13 22:06 - 2017-05-03 15:05 - 00620544 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2017-07-13 22:06 - 2017-05-03 15:05 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll 2017-07-13 22:06 - 2017-05-03 15:05 - 00311296 _____ (Microsoft Corporation) C:\windows\system32\centel.dll 2017-07-13 22:06 - 2017-05-03 15:05 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll 2017-07-04 22:06 - 2017-07-04 22:06 - 00009781 _____ C:\Users\Katha\Desktop\Rafeld_V060376.pdf 2017-06-28 17:09 - 2017-06-28 17:09 - 00025282 _____ C:\Users\Katha\Desktop\neu psyprax.odt 2017-06-27 16:48 - 2017-06-27 16:48 - 00344777 _____ C:\Users\Katha\AppData\Local\census.cache 2017-06-27 16:47 - 2017-06-27 16:47 - 00105658 _____ C:\Users\Katha\AppData\Local\ars.cache 2017-06-26 14:04 - 2017-06-26 14:04 - 00000000 _____ C:\windows\SysWOW64\sho4C9A.tmp ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-07-26 15:36 - 2016-11-20 22:20 - 00000000 ____D C:\Users\Katha\AppData\LocalLow\Mozilla 2017-07-26 15:36 - 2014-11-25 19:47 - 00000000 ____D C:\Users\Katha\Desktop\ZAP 2017-07-26 15:17 - 2012-04-16 05:16 - 00000000 ____D C:\ProgramData\PDFC 2017-07-26 09:37 - 2009-07-14 06:45 - 00028352 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-07-26 09:37 - 2009-07-14 06:45 - 00028352 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-07-26 09:25 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT 2017-07-23 23:35 - 2016-03-22 22:13 - 00003914 _____ C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1458677615 2017-07-23 23:34 - 2017-03-19 16:54 - 00003914 _____ C:\windows\System32\Tasks\Avast Emergency Update 2017-07-23 23:34 - 2014-12-26 19:55 - 00146696 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys 2017-07-23 23:32 - 2014-12-26 19:55 - 00146664 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys.150084565791103 2017-07-23 23:30 - 2017-03-19 16:54 - 00343288 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbloga.sys 2017-07-23 23:30 - 2017-03-19 16:54 - 00320008 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsdrivera.sys 2017-07-23 23:30 - 2017-03-19 16:54 - 00198976 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsha.sys 2017-07-23 23:30 - 2017-03-19 16:54 - 00057728 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbuniva.sys 2017-07-23 19:55 - 2014-11-30 19:47 - 00003186 _____ C:\windows\System32\Tasks\HPCeeScheduleForKatha 2017-07-23 19:55 - 2014-11-30 19:47 - 00000332 _____ C:\windows\Tasks\HPCeeScheduleForKatha.job 2017-07-20 12:44 - 2016-12-11 22:39 - 00000000 ____D C:\Users\Gast\AppData\LocalLow\Mozilla 2017-07-20 09:17 - 2009-07-14 06:45 - 00465248 _____ C:\windows\system32\FNTCACHE.DAT 2017-07-20 09:03 - 2014-12-12 19:13 - 00000000 ____D C:\windows\system32\appraiser 2017-07-18 12:27 - 2014-11-24 22:53 - 00000000 ____D C:\windows\system32\MRT 2017-07-18 12:22 - 2014-11-24 22:53 - 135225752 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe 2017-07-13 21:38 - 2014-12-19 18:44 - 00000000 ____D C:\Users\Katha\AppData\Local\CrashDumps 2017-07-11 15:01 - 2017-05-01 20:34 - 00000000 ____D C:\Users\Katha\Desktop\Parshipficker 2017-07-10 12:16 - 2014-11-25 19:38 - 00000000 ____D C:\Users\Katha\Desktop\Lebenslauf etc 2017-07-07 13:41 - 2014-12-26 19:55 - 00361336 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys 2017-07-07 13:39 - 2014-12-26 19:55 - 00585608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys 2017-07-07 13:39 - 2014-12-26 19:55 - 00360792 _____ (AVAST Software) C:\windows\system32\Drivers\aswvmm.sys.149942766401606 2017-07-07 13:39 - 2014-12-26 19:55 - 00198768 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys 2017-07-07 13:39 - 2014-12-26 19:55 - 00110352 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys 2017-07-07 13:39 - 2014-12-26 19:55 - 00084392 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys 2017-07-07 13:39 - 2014-12-26 19:55 - 00046984 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys 2017-07-07 13:39 - 2014-11-24 21:29 - 00000000 ____D C:\ProgramData\AVAST Software 2017-07-07 13:38 - 2016-03-22 22:13 - 00041800 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys 2017-07-07 13:38 - 2014-12-26 19:55 - 01015848 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys 2017-07-04 14:10 - 2012-04-16 03:50 - 00700118 _____ C:\windows\system32\perfh007.dat 2017-07-04 14:10 - 2012-04-16 03:50 - 00149968 _____ C:\windows\system32\perfc007.dat 2017-07-04 14:10 - 2009-07-14 07:13 - 01622228 _____ C:\windows\system32\PerfStringBackup.INI 2017-07-04 14:10 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf 2017-07-03 16:02 - 2012-05-23 01:54 - 00000000 ____D C:\ProgramData\Skype 2017-07-03 13:38 - 2016-11-19 21:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-06-29 14:24 - 2014-11-25 17:49 - 00000000 ____D C:\Program Files (x86)\Psyprax32 2017-06-28 17:07 - 2014-11-25 17:54 - 00000000 ____D C:\ProgramData\PSYPRCFG 2017-06-28 17:05 - 2014-11-25 17:49 - 00000000 ____D C:\ProgramData\Psyprax32 2017-06-28 16:46 - 2012-05-23 01:32 - 00004096 _____ (Hewlett-Packard Company) C:\windows\SysWOW64\sigfile.exe 2017-06-28 16:46 - 2011-07-29 01:51 - 00000000 ____D C:\swsetup 2017-06-28 00:04 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2017-06-27 16:47 - 2017-06-27 16:47 - 0105658 _____ () C:\Users\Katha\AppData\Local\ars.cache 2017-06-27 16:48 - 2017-06-27 16:48 - 0344777 _____ () C:\Users\Katha\AppData\Local\census.cache 2017-06-23 18:54 - 2017-06-23 18:54 - 0000036 _____ () C:\Users\Katha\AppData\Local\housecall.guid.cache Einige Dateien in TEMP: ==================== 2016-01-27 18:17 - 2016-01-27 18:17 - 0000000 _____ () C:\Users\Gast\AppData\Local\Temp\pelor7sf.dll 2016-11-06 20:22 - 2016-11-06 20:22 - 0059392 _____ (Intel Corporation) C:\Users\Katha\AppData\Local\Temp\AtpTimerInfo.dll 2016-09-27 16:38 - 2016-09-27 16:38 - 0011776 _____ () C:\Users\Katha\AppData\Local\Temp\bbymmwm9.dll 2016-11-06 20:22 - 2016-11-06 20:22 - 1911808 _____ (Hewlett-Packard Company) C:\Users\Katha\AppData\Local\Temp\FlashDLL.dll 2017-04-03 13:31 - 2017-03-29 15:52 - 4172248 _____ (Fastviewer.com) C:\Users\Katha\AppData\Local\Temp\helpdesk.exe 2016-07-21 15:04 - 2016-07-21 15:04 - 0741440 _____ (Oracle Corporation) C:\Users\Katha\AppData\Local\Temp\jre-8u101-windows-au.exe 2017-01-31 10:44 - 2017-01-31 10:44 - 0739904 _____ (Oracle Corporation) C:\Users\Katha\AppData\Local\Temp\jre-8u121-windows-au.exe 2017-05-05 20:38 - 2017-05-05 20:38 - 0739904 _____ (Oracle Corporation) C:\Users\Katha\AppData\Local\Temp\jre-8u131-windows-au.exe 2015-09-30 13:17 - 2015-09-30 13:17 - 0585824 _____ (Oracle Corporation) C:\Users\Katha\AppData\Local\Temp\jre-8u60-windows-au.exe 2015-10-28 01:03 - 2015-10-28 01:03 - 0585824 _____ (Oracle Corporation) C:\Users\Katha\AppData\Local\Temp\jre-8u65-windows-au.exe 2015-11-24 15:37 - 2015-11-24 15:37 - 0585824 _____ (Oracle Corporation) C:\Users\Katha\AppData\Local\Temp\jre-8u66-windows-au.exe 2016-01-27 18:35 - 2016-01-27 18:35 - 0644704 _____ (Oracle Corporation) C:\Users\Katha\AppData\Local\Temp\jre-8u71-windows-au.exe 2016-02-09 16:18 - 2016-02-09 16:18 - 0736352 _____ (Oracle Corporation) C:\Users\Katha\AppData\Local\Temp\jre-8u73-windows-au.exe 2016-03-25 13:30 - 2016-03-25 13:30 - 0736320 _____ (Oracle Corporation) C:\Users\Katha\AppData\Local\Temp\jre-8u77-windows-au.exe 2016-04-20 21:48 - 2016-04-20 21:48 - 0739904 _____ (Oracle Corporation) C:\Users\Katha\AppData\Local\Temp\jre-8u91-windows-au.exe 2015-10-29 11:28 - 2015-10-29 11:28 - 164803434 _____ () C:\Users\Katha\AppData\Local\Temp\OpenOffice_4.1.2_Win_x86_install_de.exe 2016-11-06 19:52 - 2016-08-23 09:31 - 0167456 _____ (HP Inc.) C:\Users\Katha\AppData\Local\Temp\UninstallHPSA.exe 2017-03-15 20:02 - 2017-03-15 20:02 - 14456872 _____ (Microsoft Corporation) C:\Users\Katha\AppData\Local\Temp\vc_redist.x86.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\windows\system32\winlogon.exe => Datei ist digital signiert C:\windows\system32\wininit.exe => Datei ist digital signiert C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\windows\explorer.exe => Datei ist digital signiert C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\windows\system32\svchost.exe => Datei ist digital signiert C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\windows\system32\services.exe => Datei ist digital signiert C:\windows\system32\User32.dll => Datei ist digital signiert C:\windows\SysWOW64\User32.dll => Datei ist digital signiert C:\windows\system32\userinit.exe => Datei ist digital signiert C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\windows\system32\rpcss.dll => Datei ist digital signiert C:\windows\system32\dnsapi.dll => Datei ist digital signiert C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-07-03 12:55 ==================== Ende von FRST.txt ============================ Addition Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-07-2017 durchgeführt von Katha (26-07-2017 15:55:24) Gestartet von C:\Users\Katha\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2014-11-24 19:02:13) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-4204173192-2022547415-2650888639-500 - Administrator - Disabled) Gast (S-1-5-21-4204173192-2022547415-2650888639-501 - Limited - Enabled) => C:\Users\Gast HomeGroupUser$ (S-1-5-21-4204173192-2022547415-2650888639-1003 - Limited - Enabled) Katha (S-1-5-21-4204173192-2022547415-2650888639-1002 - Administrator - Enabled) => C:\Users\Katha ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189} AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 16.04 (HKLM-x32\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated) Amazon Music (HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\...\Amazon Amazon Music) (Version: 5.1.0.1590 - Amazon Services LLC) AMD Catalyst Install Manager (HKLM\...\{8642397F-CF08-6B30-A477-A039BBAA511E}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.) ArcSoft TotalMedia (HKLM-x32\...\{B3B67519-2201-4C38-8002-D54473D651F9}) (Version: 1.0.61.25 - ArcSoft) Hidden ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.42 - ArcSoft) ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.38 - ArcSoft) Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.120 - Atheros) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.0.0.4 - Hewlett-Packard Company) Drive Encryption For HP ProtectTools (HKLM\...\{27F1E086-5691-4EB8-8BA1-5CBA87D67EB5}) (Version: 7.0.41.36204 - Hewlett-Packard Company) Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard) Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.) Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP 3D DriveGuard (HKLM\...\{5B4F3B85-83F0-4BBF-9052-7A38B6B09634}) (Version: 5.0.8.0 - Hewlett-Packard Company) HP Connection Manager (HKLM-x32\...\{5DCA44EB-03F6-44A3-A294-F3E5DE98D7F6}) (Version: 4.4.10.1 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{A351CC1B-C92C-4F37-8109-9F6D33ACF5EF}) (Version: 1.1.1.0 - Hewlett-Packard) HP ESU for Microsoft Windows 7 (HKLM-x32\...\{240B2BF7-E7E6-425C-A2A4-A3149189BF7F}) (Version: 2.3.1 - Hewlett-Packard Company) HP File Sanitizer (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 8.1.1.1 - Hewlett-Packard Company) HP HD Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1112.2_WHQL - Sonix) HP Hotkey Support (HKLM-x32\...\{7F7E2060-7212-4A53-9875-55173E4BA3F0}) (Version: 5.0.21.1 - Hewlett-Packard Company) HP Power Assistant (HKLM\...\{84642787-58C0-44AE-8B26-E2F544E380A1}) (Version: 2.5.0.16 - Hewlett-Packard Company) HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.1.1199 - Hewlett-Packard Company) HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company) HP SoftPaq Download Manager (HKLM-x32\...\{92db00b4-c4ee-4893-bc4e-8be6548b2742}) (Version: 4.3.4.0 - HP) HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company) HP Software Setup (HKLM-x32\...\{658A8756-7B1E-44FD-A434-D777DD906232}) (Version: 8.5.2.1 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{56D27851-B9A6-430F-875A-E2D7A3802C7B}) (Version: 8.4.19.3 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{D549B5E2-DBE8-4190-ABA5-71106264398C}) (Version: 12.7.27.15 - HP Inc.) HP System Default Settings (HKLM-x32\...\{3A61A282-4F08-4D43-920C-DC30ECE528E8}) (Version: 2.6.1 - Hewlett-Packard Company) HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 3.0.0.1 - Hewlett-Packard Company) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT) Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3090 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.76.1 - JMicron Technology Corp.) Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm) Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4745.1002 - Microsoft Corporation) Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 53.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla) Mozilla Firefox 54.0.1 (x86 de) (HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla) Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4753.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4753.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0407-0000-0000000FF1CE}) (Version: 15.0.4753.1002 - Microsoft Corporation) Hidden OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation) opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.2.11 - PDF Complete, Inc) Privacy Manager for HP ProtectTools (HKLM\...\{CA2F6FAD-D8CD-42C1-B04D-6E5B1B1CFDCC}) (Version: 7.0.0.865 - Hewlett-Packard Company) Psyprax (HKLM-x32\...\{A981A9BA-8670-4419-8B2F-F3E6C0514531}_is1) (Version: - Psyprax GmbH) PX Profile Update (HKLM-x32\...\{89FC4558-3689-C109-772E-3A6D5B96F019}) (Version: 1.00.1. - AMD) Hidden Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek) SafeZone Stable 3.55.2393.609 (HKLM-x32\...\SafeZone 3.55.2393.609) (Version: 3.55.2393.609 - Avast Software) Hidden SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.30.042 - Portrait Displays, Inc.) Hidden Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\...\Spotify) (Version: 1.0.56.451.gb2f539fc - Spotify AB) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated) Theft Recovery for HP ProtectTools (HKLM-x32\...\{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.0.10 - Hewlett-Packard Company) Hidden Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.0.10 - Hewlett-Packard Company) Treiber für Ihr VML-GK (HKLM-x32\...\ZEMO VML-GK - Treiber und Tools V2.7_is1) (Version: 2.7 - ZEMO GmbH) Validity Fingerprint Sensor Driver (HKLM\...\{93581599-ECF1-4DCD-BE36-BD969A6C8DB5}) (Version: 4.4.213.0 - Validity Sensors, Inc.) Websuche (HKLM-x32\...\Websuche) (Version: - Websuche) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-23] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-23] (AVAST Software) ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Keine Datei ContextMenuHandlers01: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2012-01-19] (Atheros Commnucations) ContextMenuHandlers01: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-23] (AVAST Software) ContextMenuHandlers01: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers01: [ShredContextMenu] -> {85EFA470-665A-4322-AB1E-1EB9C70F61C8} => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll [2013-03-06] () ContextMenuHandlers02: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers03: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-23] (AVAST Software) ContextMenuHandlers03: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2012-01-19] (Atheros Commnucations) ContextMenuHandlers04: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Keine Datei ContextMenuHandlers04: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers04: [ShredContextMenu] -> {85EFA470-665A-4322-AB1E-1EB9C70F61C8} => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll [2013-03-06] () ContextMenuHandlers05: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-03-30] (Advanced Micro Devices, Inc.) ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2012-03-26] (Intel Corporation) ContextMenuHandlers06: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Keine Datei ContextMenuHandlers06: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-23] (AVAST Software) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {14352A83-1B9D-4A74-B5AD-D7D21A36C757} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-08-11] (Microsoft Corporation) Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Keine Datei <==== ACHTUNG Task: {36BF324A-BC25-4295-B2A6-0300760D7369} - System32\Tasks\{6CF2326D-F2FC-4D65-BD9E-21E22F84B7DC} => C:\windows\system32\pcalua.exe -a C:\Users\Katha\Downloads\jxpiinstall.exe -d C:\Users\Katha\Downloads Task: {3DE3D7B6-CFDA-4E71-8B10-2005CBFDF256} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-08-11] (Microsoft Corporation) Task: {49BBE749-4439-43B3-8C4A-DAFF9F04A25F} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2012-03-21] () Task: {52F65E7C-E4AC-44D8-8D2C-E54DAEAB83F0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.) Task: {5E6E1D11-C6A2-450F-B5BF-0F73B4E858D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.) Task: {6CB01785-5B46-4039-8773-E18A93B2FBB2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-07-23] (AVAST Software) Task: {708BDA6D-6837-4012-9AE5-C3A54126C57F} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation) Task: {91A639A2-1609-4FFF-8C4B-462600B77B84} - System32\Tasks\HPCeeScheduleForKatha => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.) Task: {970938ED-268D-4482-924B-608EC0182CD0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-07-18] (AVAST Software) Task: {9B64AEC2-653F-46CF-8BB3-142833FBF49F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.) Task: {A11780FD-BE02-4812-8F0A-F57A7863B1EA} - System32\Tasks\avastBCLRestartS-1-5-21-4204173192-2022547415-2650888639-1002 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe Task: {A2FF2366-862D-4765-9080-434C374E7954} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.) Task: {A6C3B905-8643-4D40-B4FE-D563DFEE51AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-05-25] (HP Inc.) Task: {AB84D595-CBFC-4116-854E-89C4F1F9F884} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.) Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG Task: {C6911282-74C6-4E55-9C41-F513E26C05D3} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-12] (Adobe Systems Incorporated) Task: {C7A4A2FA-25FC-4018-9B44-1BF86F87C463} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-08-12] (Microsoft Corporation) Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Keine Datei <==== ACHTUNG Task: {D49EF6CB-746F-4CA9-8B29-B4287626137F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.) Task: {D76CEDC2-800C-4193-9F95-601796766209} - System32\Tasks\SafeZone scheduled Autoupdate 1458677615 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-06-13] (Avast Software) Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Keine Datei <==== ACHTUNG (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\windows\Tasks\HPCeeScheduleForKatha.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2012-01-17 17:57 - 2012-01-17 17:57 - 00298368 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll 2013-03-27 13:11 - 2013-03-27 13:11 - 03346432 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll 2013-03-27 12:26 - 2013-03-27 12:26 - 00141824 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll 2015-07-09 20:28 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-03-27 12:28 - 2013-03-27 12:28 - 01327104 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe 2012-03-26 14:33 - 2012-03-26 14:33 - 00094208 _____ () C:\windows\System32\IccLibDll_x64.dll 2011-12-26 22:20 - 2011-12-26 22:20 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2012-03-30 08:07 - 2012-03-30 08:07 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2017-07-23 23:30 - 2017-07-23 23:30 - 00162032 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll 2017-07-23 23:31 - 2017-07-23 23:31 - 00831664 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll 2017-07-23 23:31 - 2017-07-23 23:31 - 00276808 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll 2012-02-10 23:26 - 2012-02-10 23:26 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll 2012-05-23 01:29 - 2012-03-28 19:38 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 2017-07-23 23:31 - 2017-07-23 23:31 - 00170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-07-23 23:31 - 2017-07-23 23:31 - 00192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-07-23 23:31 - 2017-07-23 23:31 - 00224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-07-25 19:27 - 2017-07-25 19:27 - 05886720 _____ () C:\Program Files\AVAST Software\Avast\defs\17072502\algo.dll 2017-07-23 23:31 - 2017-07-23 23:31 - 00689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-07-23 23:31 - 2017-07-23 23:31 - 00231664 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2017-07-26 15:18 - 2017-07-26 15:18 - 05886720 _____ () C:\Program Files\AVAST Software\Avast\defs\17072602\algo.dll 2013-03-27 12:54 - 2013-03-27 12:54 - 02854912 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll 2013-03-27 12:26 - 2013-03-27 12:26 - 00126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll 2013-03-27 12:52 - 2013-03-27 12:52 - 03035136 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll 2013-03-27 12:57 - 2013-03-27 12:57 - 02867200 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll 2013-03-27 12:55 - 2013-03-27 12:55 - 00053248 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll 2013-03-27 12:30 - 2013-03-27 12:30 - 02043904 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll 2013-03-27 12:31 - 2013-03-27 12:31 - 01949696 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll 2017-07-23 23:32 - 2017-07-23 23:32 - 01065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll 2017-07-07 13:39 - 2017-07-07 13:39 - 67109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-07-23 23:30 - 2017-07-23 23:30 - 00292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2011-04-27 18:05 - 2011-04-27 18:05 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll 2017-05-12 21:30 - 2017-05-12 21:30 - 00172032 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\823fb789f2ad94c2ce33a6a11f82d7ea\IsdiInterop.ni.dll 2012-04-16 05:09 - 2012-02-02 03:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-05-23 01:29 - 2012-03-28 19:18 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\...\amazon.de -> hxxps://amazon.de ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\windows\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == MSCONFIG\Services: Amazon 1Button App Service => 2 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: IEEtwCollectorService => 3 MSCONFIG\startupreg: Amazon Music => "C:\Users\Katha\AppData\Local\Amazon Music\Amazon Music Helper.exe" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{DF2109DA-D1E7-49AA-BE51-369CD1216F18}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{7E9F767D-D18E-4507-971E-D65FFCCD2B1F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{D84BE5F7-EFB6-4484-B706-E71D387736B4}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{F623A690-D90D-4524-BC90-694304407D8C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{D17A08A3-2E3B-49BC-B835-64AAA374B853}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{EF3F1E88-6B94-41A4-8454-A2031A16DE73}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [TCP Query User{43BB0F60-4C34-433C-BDF4-776FA8F776CB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{B453A14D-33E1-4227-AA86-73C6E0B60491}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{67BB8246-3C1D-440D-BA1E-652BE232337E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{8A4F43E1-CFAD-4647-8025-9D5D1DE45D1A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A6E8CE9D-052F-46F6-87DC-FF5CF1FDF96D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{C2DAEC23-6551-446B-97AE-EC01583A0DFD}C:\users\katha\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\katha\appdata\local\amazon music\amazon music helper.exe FirewallRules: [UDP Query User{709039E8-B5BC-4200-AE77-3B68A2DB285E}C:\users\katha\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\katha\appdata\local\amazon music\amazon music helper.exe FirewallRules: [{E526092E-894B-42AA-B83C-B04C8FEEB397}] => (Block) C:\users\katha\appdata\local\amazon music\amazon music helper.exe FirewallRules: [{AC23D569-DDA7-47D6-BC0C-99E70AEB7CF7}] => (Block) C:\users\katha\appdata\local\amazon music\amazon music helper.exe FirewallRules: [TCP Query User{E71621CC-AADE-41E6-AA53-0BAFF80E0A4B}C:\users\katha\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\katha\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{B59DFD4F-0F92-4707-AE0E-ED025E79ACFF}C:\users\katha\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\katha\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{3FF861B1-428D-48AB-962A-665DD58EED60}C:\users\katha\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\katha\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{B822911B-35BC-41D4-8E86-1A11EAFBA561}C:\users\katha\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\katha\appdata\roaming\spotify\spotify.exe FirewallRules: [{DDC3B887-D2C6-4554-B5C2-FA58DB359387}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe FirewallRules: [{C96618C0-40A0-41ED-AD25-FFBDAA24D006}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_0\SZBrowser.exe ==================== Wiederherstellungspunkte ========================= 28-06-2017 16:33:48 Windows Update 28-06-2017 16:44:27 HPSF Applying updates 28-06-2017 16:47:05 Installed HP HD Webcam Driver 03-07-2017 11:32:40 Windows Update 07-07-2017 13:49:22 Windows Update 11-07-2017 14:05:43 Windows Update 18-07-2017 12:12:05 Windows Update 23-07-2017 16:10:49 Windows Update ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Atheros Bluetooth Bus Description: Atheros Bluetooth Bus Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Atheros Communications Service: BTATH_BUS Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (07/26/2017 09:36:15 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt. Error: (07/26/2017 09:26:31 AM) (Source: ATIeRecord) (EventID: 16386) (User: ) Description: ATI EEU Client has failed to start Error: (07/26/2017 09:26:24 AM) (Source: ATIeRecord) (EventID: 16386) (User: ) Description: ATI EEU Client has failed to start Error: (07/26/2017 09:26:24 AM) (Source: ATIeRecord) (EventID: 16386) (User: ) Description: ATI EEU Client has failed to start Error: (07/26/2017 09:26:24 AM) (Source: ATIeRecord) (EventID: 16386) (User: ) Description: ATI EEU Client has failed to start Error: (07/26/2017 09:26:24 AM) (Source: ATIeRecord) (EventID: 16386) (User: ) Description: ATI EEU Client has failed to start Error: (07/26/2017 09:26:24 AM) (Source: ATIeRecord) (EventID: 16386) (User: ) Description: ATI EEU Client has failed to start Error: (07/26/2017 09:26:21 AM) (Source: ATIeRecord) (EventID: 16386) (User: ) Description: ATI EEU Client has failed to start Error: (07/26/2017 09:26:06 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist. Error: (07/26/2017 09:26:03 AM) (Source: ATIeRecord) (EventID: 16386) (User: ) Description: ATI EEU Client has failed to start Systemfehler: ============= Error: (07/26/2017 03:17:17 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen. Error: (07/25/2017 11:02:31 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Der Server "{995C996E-D918-4A8C-A302-45719A6F4EA7}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (07/25/2017 10:39:20 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen. Error: (07/25/2017 08:44:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Microsoft Security Essentials – KB2310138 (Definition 1.249.215.0) Error: (07/25/2017 08:43:44 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.249.211.0 Aktualisierungsquelle: Microsoft Update Server Aktualisierungsphase: Installieren Quellpfad: hxxp://www.microsoft.com Signaturtyp: AntiVirus Aktualisierungstyp: Vollständig Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.14003.0 Fehlercode: 0x80070643 Fehlerbeschreibung: Schwerwiegender Fehler bei der Installation. Error: (07/23/2017 11:37:14 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Der Server "{995C996E-D918-4A8C-A302-45719A6F4EA7}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (07/23/2017 11:36:44 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Der Server "{078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (07/23/2017 09:43:37 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ZAtheros Bt&Wlan Coex Agent erreicht. Error: (07/20/2017 10:09:23 AM) (Source: DCOM) (EventID: 10016) (User: Katha-HP) Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-21-4204173192-2022547415-2650888639-501) für Benutzer Katha-HP\Gast von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Aktivierung (Lokal) für die COM-Serveranwendung mit CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} und APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden. Error: (07/18/2017 12:27:11 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt. Neue Signaturversion: Vorherige Signaturversion: 1.247.865.0 Aktualisierungsquelle: Microsoft Update Server Aktualisierungsphase: Herunterladen Quellpfad: hxxp://www.microsoft.com Signaturtyp: AntiVirus Aktualisierungstyp: Vollständig Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.13903.0 Fehlercode: 0x8024001e Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz Prozentuale Nutzung des RAM: 65% Installierter physikalischer RAM: 3979.6 MB Verfügbarer physikalischer RAM: 1360.37 MB Summe virtueller Speicher: 7957.38 MB Verfügbarer virtueller Speicher: 4809.57 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:440.41 GB) (Free:330.9 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (HP_RECOVERY) (Fixed) (Total:21.05 GB) (Free:3.21 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32 ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BC1A6D6E) Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=440.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=2 GB) - (Type=0C) Partition 4: (Not Active) - (Size=21.1 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
|
26.07.2017, 20:34
| #2 |
| /// TB-Ausbilder   | Open Office Hilfefenster öffnet sich nach OO- Start selbsständig mehrfach Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware 3 (Bebilderte Anleitung)
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
27.07.2017, 22:46
| #3 |
| | Log Adw cleaner Lieber Matthias,
__________________anbei ADW Cleaner Log Malwarebyte Log und die beiden FRST Log. es öffnen sich immer mehr hilfe-programme...nun auch die explorer-hilfe, chrome oder avast-hilfe... [oh und ich habe windows 7 und nicht windows vista, wie man sieht] 1000dank. Karatta # AdwCleaner 7.0.0.0 - Logfile created on Thu Jul 27 21:30:21 2017 # Updated on 2017/17/07 by Malwarebytes # Database: 07-24-2017.1 # Running on Windows 7 Home Premium (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Optional.PCSpeedMaximizer, C:\Program Files (x86)\PC Speed Maximizer PUP.Optional.Linkury.ACMB1, C:\Users\Katha\Desktop\zap PUP.Optional.IHProtectUpDate, C:\ProgramData\IHProtectUpDate PUP.Optional.IHProtectUpDate, C:\ProgramData\Application Data\IHProtectUpDate PUP.Optional.IHProtectUpDate, C:\Users\All Users\IHProtectUpDate PUP.Optional.AmazonBrowserSettings, C:\Users\Default\AppData\Local\Amazon Browser Settings PUP.Optional.AmazonBrowserSettings, C:\Users\Default User\AppData\Local\Amazon Browser Settings ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Default_Search_URL [hxxp://www.istartsurf.com/web/?type=ds&ts=1436209576&z=f9114177951d34bfd682f74g7z5cdq2o5eft8w0m2w&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX91A14R6358R6358&q={searchTerms}] PUP.Optional.Legacy, [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main | Search Page [hxxp://www.istartsurf.com/web/?type=ds&ts=1436209576&z=f9114177951d34bfd682f74g7z5cdq2o5eft8w0m2w&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX91A14R6358R6358&q={searchTerms}] PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\distromatic PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\Software\distromatic PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\distromatic PUP.Optional.Legacy, [Key] - HKCU\Software\distromatic PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\SUPDP PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\SupDp PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} PUP.Optional.Amazon1Button, [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services Adware.IStartSurf, [Key] - HKLM\SOFTWARE\istartsurfSoftware PUP.Optional.SupTab, [Key] - HKLM\SOFTWARE\SupTab PUP.Optional.LuckyTab.A, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88} PUP.Optional.IHProtect, [Key] - HKLM\SOFTWARE\IHProtect ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ########## MBAM: Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 27.07.17 Scan-Zeit: 23:46 Protokolldatei: malwarebytes log.txt Administrator: Ja -Softwaredaten- Version: 3.1.2.1733 Komponentenversion: 1.0.160 Version des Aktualisierungspakets: 1.0.2450 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Katha-HP\Katha -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Ergebnis: Abgeschlossen Gescannte Objekte: 367257 Erkannte Bedrohungen: 31 In die Quarantäne verschobene Bedrohungen: 31 Abgelaufene Zeit: 13 Min., 3 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 18 PUP.Optional.LuckyTab, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, In Quarantäne, [9904], [168173],1.0.2450 PUP.Optional.LuckyTab, HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, In Quarantäne, [9904], [168173],1.0.2450 PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, In Quarantäne, [39], [160141],1.0.2450 PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, In Quarantäne, [39], [160141],1.0.2450 PUP.Optional.ASK, HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2FA28606-DE77-4029-AF96-B231E3B8F827}, In Quarantäne, [502], [184157],1.0.2450 PUP.Optional.ASK, HKU\S-1-5-21-4204173192-2022547415-2650888639-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2FA28606-DE77-4029-AF96-B231E3B8F827}, In Quarantäne, [502], [184157],1.0.2450 PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2FA28606-DE77-4029-AF96-B231E3B8F827}, In Quarantäne, [502], [184157],1.0.2450 PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}, In Quarantäne, [502], [184157],1.0.2450 PUP.Optional.Distromatic, HKU\S-1-5-18\SOFTWARE\Distromatic, In Quarantäne, [2367], [359638],1.0.2450 PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}, In Quarantäne, [10711], [233272],1.0.2450 PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-4204173192-2022547415-2650888639-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}, In Quarantäne, [10711], [233272],1.0.2450 PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}, In Quarantäne, [10711], [233272],1.0.2450 PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}, In Quarantäne, [10711], [233272],1.0.2450 PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}, In Quarantäne, [10711], [233272],1.0.2450 PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}, In Quarantäne, [10711], [233272],1.0.2450 PUP.Optional.SupTab, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [3335], [243702],1.0.2450 PUP.Optional.Distromatic, HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\SOFTWARE\Distromatic, In Quarantäne, [2367], [359638],1.0.2450 PUP.Optional.MiuiTab, HKLM\SOFTWARE\WOW6432NODE\SUPDP, In Quarantäne, [8635], [240843],1.0.2450 Registrierungswert: 11 PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}|URL, In Quarantäne, [502], [184157],1.0.2450 PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}|URL, In Quarantäne, [502], [184157],1.0.2450 PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, In Quarantäne, [10711], [233272],1.0.2450 PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FAVICONURL, In Quarantäne, [10711], [233272],1.0.2450 PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}|URL, In Quarantäne, [10711], [233272],1.0.2450 PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}|URL, In Quarantäne, [10711], [233272],1.0.2450 PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, In Quarantäne, [10711], [233272],1.0.2450 PUP.Optional.SupTab, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|PTID, In Quarantäne, [3335], [243702],1.0.2450 PUP.Optional.ASK, HKU\S-1-5-21-4204173192-2022547415-2650888639-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}|URL, In Quarantäne, [502], [184156],1.0.2450 PUP.Optional.ASK, HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}|TOPRESULTURL, In Quarantäne, [502], [184156],1.0.2450 PUP.Optional.MiuiTab, HKLM\SOFTWARE\WOW6432NODE\SUPDP|DIR, In Quarantäne, [8635], [240843],1.0.2450 Registrierungsdaten: 2 PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|DEFAULT_SEARCH_URL, Ersetzt, [10711], [291148],1.0.2450 PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Ersetzt, [10711], [291148],1.0.2450 Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 0 (keine bösartigen Elemente erkannt) Physischer Sektor: 0 (keine bösartigen Elemente erkannt) (end) FRST: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2017
durchgeführt von Katha (Administrator) auf KATHA-HP (28-07-2017 00:15:08)
Gestartet von C:\Users\Katha\Desktop
Geladene Profile: Katha (Verfügbare Profile: Katha & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\windows\System32\hpservice.exe
(AMD) C:\windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\windows\System32\vcsFPService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\windows\System32\wlanext.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ArcSoft, Inc.) C:\windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Spotify Ltd) C:\Users\Katha\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(HP) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\windows\System32\igfxext.exe
(Intel Corporation) C:\windows\System32\igfxsrvc.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1016992 2012-01-19] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-01-19] (Atheros Commnucations)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2014-11-30] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-07-23] (AVAST Software)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-03-01] (Intel Corporation)
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [517456 2010-11-24] (ArcSoft Inc.)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12310616 2012-03-22] (Hewlett-Packard)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP: C:\Windows\SysWOW64\DeviceNP.dll [2012-01-31] (Hewlett-Packard Company)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\...\Run: [Spotify Web Helper] => C:\Users\Katha\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-06-23] (Spotify Ltd)
HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{30AC0758-288C-4444-89FC-911BE5E00395}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{86C15E94-1BFF-41A1-974C-C49470869275}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {648E240F-CFCF-43DF-BCD8-535289D759B6} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {648E240F-CFCF-43DF-BCD8-535289D759B6} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4204173192-2022547415-2650888639-1002 -> {648E240F-CFCF-43DF-BCD8-535289D759B6} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4204173192-2022547415-2650888639-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-07-07] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-08-12] (Microsoft Corporation)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-07-07] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-08-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-26] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-07-22] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\bx4z1xu0.default-1478203814895 [2017-07-28]
FF Extension: (Avast SafePrice) - C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\bx4z1xu0.default-1478203814895\Extensions\sp@avast.com.xpi [2017-05-31]
FF Extension: (uBlock Origin) - C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\bx4z1xu0.default-1478203814895\Extensions\uBlock0@raymondhill.net.xpi [2017-07-23]
FF Extension: (Avast Online Security) - C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\bx4z1xu0.default-1478203814895\Extensions\wrc@avast.com.xpi [2017-05-31]
FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\bx4z1xu0.default-1478203814895\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2017-04-01]
FF Extension: (Adblock Plus) - C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\bx4z1xu0.default-1478203814895\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-10]
FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt => nicht gefunden
FF HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-22] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-26] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-26] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-07-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-26] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Katha\AppData\Local\Google\Chrome\User Data\Default [2017-07-27]
CHR Extension: (Google Präsentationen) - C:\Users\Katha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-26]
CHR Extension: (Google Docs) - C:\Users\Katha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-26]
CHR Extension: (Google Drive) - C:\Users\Katha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-26]
CHR Extension: (YouTube) - C:\Users\Katha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-26]
CHR Extension: (Avast SafePrice) - C:\Users\Katha\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-07-26]
CHR Extension: (Google Tabellen) - C:\Users\Katha\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-26]
CHR Extension: (Google Docs Offline) - C:\Users\Katha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-27]
CHR Extension: (Avast Online Security) - C:\Users\Katha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-07-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Katha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-26]
CHR Extension: (Google Mail) - C:\Users\Katha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-26]
CHR Extension: (Chrome Media Router) - C:\Users\Katha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-07-23] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-01-19] (Atheros Commnucations) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-07-23] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2768472 2015-08-11] (Microsoft Corporation)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [493904 2012-04-28] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-01-31] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-10-16] (Hewlett-Packard Company)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1102560 2015-10-19] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-28] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2013-03-27] () [Datei ist nicht signiert]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1719552 2017-02-15] (PDF Complete Inc)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-11-12] (IDT, Inc.) [Datei ist nicht signiert]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-02-03] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-19] (Atheros) [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdkmpfd; C:\windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-20] (Advanced Micro Devices, Inc.)
R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.)
R1 aswbidsdriver; C:\windows\system32\drivers\aswbidsdrivera.sys [320008 2017-07-23] (AVAST Software s.r.o.)
R0 aswbidsh; C:\windows\system32\drivers\aswbidsha.sys [198976 2017-07-23] (AVAST Software s.r.o.)
R0 aswblog; C:\windows\system32\drivers\aswbloga.sys [343288 2017-07-23] (AVAST Software s.r.o.)
R0 aswbuniv; C:\windows\system32\drivers\aswbuniva.sys [57728 2017-07-23] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\windows\system32\drivers\aswHdsKe.sys [82936 2017-01-27] (AVAST Software)
S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [46984 2017-07-07] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [146696 2017-07-26] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [110352 2017-07-07] (AVAST Software)
R0 aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [84392 2017-07-07] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1015848 2017-07-07] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [585608 2017-07-07] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [198768 2017-07-07] (AVAST Software)
R0 aswVmm; C:\windows\system32\drivers\aswVmm.sys [361336 2017-07-07] (AVAST Software)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [64312 2012-01-31] (Hewlett-Packard Company)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [77376 2017-06-27] ()
R2 MBAMChameleon; C:\windows\system32\drivers\MBAMChameleon.sys [188352 2017-07-27] (Malwarebytes)
R3 MBAMFarflt; C:\windows\system32\drivers\farflt.sys [101784 2017-07-28] (Malwarebytes)
R3 MBAMProtection; C:\windows\system32\drivers\mbam.sys [45472 2017-07-28] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-28] (Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\drivers\mwac.sys [84256 2017-07-28] (Malwarebytes)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [91432 2013-03-27] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158760 2013-03-27] (McAfee, Inc.)
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1864328 2012-10-03] ()
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-28 00:15 - 2017-07-28 00:18 - 00023539 _____ C:\Users\Katha\Desktop\FRST.txt
2017-07-28 00:14 - 2017-07-28 00:14 - 00000000 ____D C:\Users\Katha\Desktop\FRST-OlderVersion
2017-07-28 00:13 - 2017-07-28 00:13 - 00006642 _____ C:\Users\Katha\Desktop\mbam.txt
2017-07-28 00:10 - 2017-07-28 00:10 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-07-27 23:43 - 2017-07-28 00:17 - 00084256 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2017-07-27 23:43 - 2017-07-28 00:09 - 00253856 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-27 23:43 - 2017-07-28 00:09 - 00101784 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2017-07-27 23:43 - 2017-07-28 00:09 - 00045472 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2017-07-27 23:43 - 2017-07-27 23:43 - 00188352 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMChameleon.sys
2017-07-27 23:43 - 2017-07-27 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-27 23:43 - 2017-06-27 12:06 - 00077376 _____ C:\windows\system32\Drivers\mbae64.sys
2017-07-27 23:42 - 2017-07-27 23:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-27 23:42 - 2017-07-27 23:42 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-27 23:33 - 2017-07-27 23:34 - 00465248 _____ C:\windows\system32\FNTCACHE.DAT
2017-07-27 23:25 - 2017-07-27 23:38 - 00000000 ____D C:\AdwCleaner
2017-07-27 23:22 - 2017-07-27 23:22 - 65033984 _____ (Malwarebytes ) C:\Users\Katha\Desktop\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-27 23:20 - 2017-07-27 23:21 - 08162248 _____ (Malwarebytes) C:\Users\Katha\Desktop\adwcleaner_7.0.0.0.exe
2017-07-26 19:20 - 2017-07-26 19:20 - 00002263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-26 19:20 - 2017-07-26 19:20 - 00002251 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-07-26 19:20 - 2017-07-26 19:20 - 00002251 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2017-07-26 19:19 - 2017-07-26 19:56 - 00000000 ____D C:\Users\Katha\AppData\Local\Google
2017-07-26 19:19 - 2017-07-26 19:25 - 00003542 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-26 19:19 - 2017-07-26 19:25 - 00003414 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-26 19:19 - 2017-07-26 19:20 - 00000000 ____D C:\Program Files (x86)\Google
2017-07-26 19:17 - 2017-07-23 23:32 - 00400464 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2017-07-26 19:13 - 2017-07-26 19:13 - 06654960 _____ (AVAST Software) C:\Users\Katha\Downloads\avast_free_antivirus_setup_online.exe
2017-07-26 15:55 - 2017-07-26 15:57 - 00039129 _____ C:\Users\Katha\Downloads\Addition.txt
2017-07-26 15:51 - 2017-07-28 00:15 - 00000000 ____D C:\FRST
2017-07-26 15:51 - 2017-07-26 15:57 - 00055106 _____ C:\Users\Katha\Downloads\FRST.txt
2017-07-26 15:50 - 2017-07-28 00:14 - 02381824 _____ (Farbar) C:\Users\Katha\Desktop\FRST64.exe
2017-07-23 23:38 - 2017-07-23 23:38 - 00000000 _____ C:\windows\SysWOW64\sho6CFD.tmp
2017-07-13 22:15 - 2017-07-06 06:56 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthpan.sys
2017-07-13 22:15 - 2017-06-30 06:15 - 00394448 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2017-07-13 22:15 - 2017-06-30 05:32 - 00346312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2017-07-13 22:15 - 2017-06-30 04:57 - 02319872 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2017-07-13 22:15 - 2017-06-30 04:57 - 02058240 _____ (Microsoft Corporation) C:\windows\system32\Query.dll
2017-07-13 22:15 - 2017-06-30 04:39 - 01549312 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2017-07-13 22:15 - 2017-06-30 04:38 - 01363968 _____ (Microsoft Corporation) C:\windows\SysWOW64\Query.dll
2017-07-13 22:15 - 2017-06-29 08:27 - 25734656 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-07-13 22:15 - 2017-06-29 08:02 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-07-13 22:15 - 2017-06-29 07:50 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-07-13 22:15 - 2017-06-29 07:44 - 05975552 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-07-13 22:15 - 2017-06-29 07:43 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2017-07-13 22:15 - 2017-06-29 07:39 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2017-07-13 22:15 - 2017-06-29 07:23 - 20270592 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-07-13 22:15 - 2017-06-29 07:23 - 00499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-07-13 22:15 - 2017-06-29 07:07 - 02132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2017-07-13 22:15 - 2017-06-29 06:58 - 15253504 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-07-13 22:15 - 2017-06-29 06:53 - 03240960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-07-13 22:15 - 2017-06-29 06:52 - 04549632 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-07-13 22:15 - 2017-06-29 06:43 - 13663744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-07-13 22:15 - 2017-06-29 06:41 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-07-13 22:15 - 2017-06-29 06:28 - 02767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-07-13 22:15 - 2017-06-29 06:24 - 01314816 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-07-13 22:15 - 2017-06-22 16:58 - 03223040 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-07-13 22:15 - 2017-06-15 22:23 - 00753664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2017-07-13 22:15 - 2017-06-13 00:54 - 00370920 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2017-07-13 22:15 - 2017-06-13 00:54 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2017-07-13 22:15 - 2017-06-13 00:54 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2017-07-13 22:15 - 2017-06-13 00:49 - 01363456 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll
2017-07-13 22:15 - 2017-06-13 00:49 - 00731648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2017-07-13 22:15 - 2017-06-13 00:49 - 00594432 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll
2017-07-13 22:15 - 2017-06-13 00:49 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\sysmon.ocx
2017-07-13 22:15 - 2017-06-13 00:49 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\pdhui.dll
2017-07-13 22:15 - 2017-06-13 00:29 - 01227264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdc.dll
2017-07-13 22:15 - 2017-06-13 00:29 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysmon.ocx
2017-07-13 22:15 - 2017-06-13 00:28 - 00554496 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2017-07-13 22:15 - 2017-06-13 00:28 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\pdhui.dll
2017-07-13 22:15 - 2017-06-13 00:14 - 00379392 _____ (Microsoft Corporation) C:\windows\system32\msinfo32.exe
2017-07-13 22:15 - 2017-06-13 00:06 - 00303616 _____ (Microsoft Corporation) C:\windows\SysWOW64\msinfo32.exe
2017-07-13 22:15 - 2017-06-10 17:59 - 00313856 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll
2017-07-13 22:15 - 2017-06-10 17:39 - 00271360 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wldap32.dll
2017-07-13 22:15 - 2017-06-09 17:33 - 01680616 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2017-07-13 22:15 - 2017-06-06 17:30 - 01867264 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2017-07-13 22:15 - 2017-06-06 17:12 - 01499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2017-07-13 22:15 - 2017-05-30 06:56 - 01895656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2017-07-13 22:15 - 2017-05-30 06:56 - 00377576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2017-07-13 22:15 - 2017-05-30 06:56 - 00287976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2017-07-13 22:15 - 2017-05-16 17:35 - 00986856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2017-07-13 22:15 - 2017-05-16 17:35 - 00265448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2017-07-13 22:14 - 2017-06-30 04:57 - 02222080 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2017-07-13 22:14 - 2017-06-30 04:57 - 00778240 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2017-07-13 22:14 - 2017-06-30 04:57 - 00491520 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2017-07-13 22:14 - 2017-06-30 04:57 - 00288256 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
2017-07-13 22:14 - 2017-06-30 04:57 - 00115200 _____ (Microsoft Corporation) C:\windows\system32\mssitlb.dll
2017-07-13 22:14 - 2017-06-30 04:57 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2017-07-13 22:14 - 2017-06-30 04:57 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2017-07-13 22:14 - 2017-06-30 04:57 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\msshooks.dll
2017-07-13 22:14 - 2017-06-30 04:40 - 00591872 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2017-07-13 22:14 - 2017-06-30 04:40 - 00249856 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2017-07-13 22:14 - 2017-06-30 04:39 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2017-07-13 22:14 - 2017-06-30 04:38 - 01400320 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2017-07-13 22:14 - 2017-06-30 04:38 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2017-07-13 22:14 - 2017-06-30 04:38 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2017-07-13 22:14 - 2017-06-30 04:38 - 00197120 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssphtb.dll
2017-07-13 22:14 - 2017-06-30 04:38 - 00104448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssitlb.dll
2017-07-13 22:14 - 2017-06-30 04:38 - 00059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscntrs.dll
2017-07-13 22:14 - 2017-06-30 04:38 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssprxy.dll
2017-07-13 22:14 - 2017-06-30 04:27 - 00427520 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2017-07-13 22:14 - 2017-06-30 04:27 - 00164352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2017-07-13 22:14 - 2017-06-30 04:26 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
2017-07-13 22:14 - 2017-06-30 04:26 - 00009728 _____ (Microsoft Corporation) C:\windows\SysWOW64\msshooks.dll
2017-07-13 22:14 - 2017-06-29 08:19 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2017-07-13 22:14 - 2017-06-29 08:18 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2017-07-13 22:14 - 2017-06-29 08:04 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2017-07-13 22:14 - 2017-06-29 08:03 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2017-07-13 22:14 - 2017-06-29 08:03 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2017-07-13 22:14 - 2017-06-29 08:02 - 02899456 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2017-07-13 22:14 - 2017-06-29 08:02 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2017-07-13 22:14 - 2017-06-29 07:55 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2017-07-13 22:14 - 2017-06-29 07:54 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2017-07-13 22:14 - 2017-06-29 07:51 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2017-07-13 22:14 - 2017-06-29 07:50 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2017-07-13 22:14 - 2017-06-29 07:50 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2017-07-13 22:14 - 2017-06-29 07:50 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2017-07-13 22:14 - 2017-06-29 07:35 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2017-07-13 22:14 - 2017-06-29 07:31 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2017-07-13 22:14 - 2017-06-29 07:31 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2017-07-13 22:14 - 2017-06-29 07:30 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2017-07-13 22:14 - 2017-06-29 07:27 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2017-07-13 22:14 - 2017-06-29 07:26 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2017-07-13 22:14 - 2017-06-29 07:23 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2017-07-13 22:14 - 2017-06-29 07:23 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2017-07-13 22:14 - 2017-06-29 07:23 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2017-07-13 22:14 - 2017-06-29 07:22 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2017-07-13 22:14 - 2017-06-29 07:22 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2017-07-13 22:14 - 2017-06-29 07:22 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2017-07-13 22:14 - 2017-06-29 07:19 - 02290176 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2017-07-13 22:14 - 2017-06-29 07:17 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2017-07-13 22:14 - 2017-06-29 07:16 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2017-07-13 22:14 - 2017-06-29 07:14 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2017-07-13 22:14 - 2017-06-29 07:13 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-07-13 22:14 - 2017-06-29 07:13 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2017-07-13 22:14 - 2017-06-29 07:13 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2017-07-13 22:14 - 2017-06-29 07:11 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2017-07-13 22:14 - 2017-06-29 07:09 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-07-13 22:14 - 2017-06-29 07:09 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2017-07-13 22:14 - 2017-06-29 07:08 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2017-07-13 22:14 - 2017-06-29 07:05 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2017-07-13 22:14 - 2017-06-29 07:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-07-13 22:14 - 2017-06-29 07:00 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2017-07-13 22:14 - 2017-06-29 07:00 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2017-07-13 22:14 - 2017-06-29 06:58 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2017-07-13 22:14 - 2017-06-29 06:56 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2017-07-13 22:14 - 2017-06-29 06:56 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2017-07-13 22:14 - 2017-06-29 06:54 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2017-07-13 22:14 - 2017-06-29 06:48 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2017-07-13 22:14 - 2017-06-29 06:47 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-07-13 22:14 - 2017-06-29 06:46 - 02057216 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2017-07-13 22:14 - 2017-06-29 06:46 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2017-07-13 22:14 - 2017-06-29 06:29 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-07-13 22:14 - 2017-06-29 06:23 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2017-07-13 22:14 - 2017-06-13 00:49 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2017-07-13 22:14 - 2017-06-13 00:29 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2017-07-13 22:14 - 2017-06-13 00:29 - 00444928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wvc.dll
2017-07-13 22:14 - 2017-06-13 00:29 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2017-07-13 22:14 - 2017-06-13 00:29 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2017-07-13 22:14 - 2017-06-13 00:29 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2017-07-13 22:14 - 2017-06-13 00:29 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2017-07-13 22:14 - 2017-06-13 00:28 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2017-07-13 22:14 - 2017-06-13 00:28 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-07-13 22:14 - 2017-06-13 00:28 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2017-07-13 22:14 - 2017-06-13 00:28 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2017-07-13 22:14 - 2017-06-13 00:28 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2017-07-13 22:14 - 2017-06-13 00:28 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2017-07-13 22:14 - 2017-06-13 00:28 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2017-07-13 22:14 - 2017-06-13 00:28 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2017-07-13 22:14 - 2017-06-13 00:28 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2017-07-13 22:14 - 2017-06-13 00:28 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2017-07-13 22:14 - 2017-06-13 00:19 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2017-07-13 22:14 - 2017-06-13 00:14 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\perfmon.exe
2017-07-13 22:14 - 2017-06-13 00:14 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\resmon.exe
2017-07-13 22:14 - 2017-06-13 00:12 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2017-07-13 22:14 - 2017-06-13 00:12 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2017-07-13 22:14 - 2017-06-13 00:12 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2017-07-13 22:14 - 2017-06-13 00:11 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2017-07-13 22:14 - 2017-06-13 00:09 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2017-07-13 22:14 - 2017-06-13 00:06 - 00157184 _____ (Microsoft Corporation) C:\windows\SysWOW64\perfmon.exe
2017-07-13 22:14 - 2017-06-13 00:06 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\resmon.exe
2017-07-13 22:14 - 2017-06-13 00:05 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2017-07-13 22:14 - 2017-05-21 06:24 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2017-07-13 22:14 - 2017-05-21 06:06 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2017-07-13 22:14 - 2017-05-16 17:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2017-07-13 22:07 - 2017-05-03 17:29 - 01206272 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2017-07-13 22:07 - 2017-05-03 15:05 - 01555968 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2017-07-13 22:07 - 2017-05-03 15:05 - 00535552 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2017-07-13 22:07 - 2017-05-03 15:05 - 00217088 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2017-07-13 22:07 - 2017-03-23 04:06 - 01691136 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2017-07-13 22:06 - 2017-05-03 17:34 - 00094952 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2017-07-13 22:06 - 2017-05-03 15:05 - 00620544 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2017-07-13 22:06 - 2017-05-03 15:05 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2017-07-13 22:06 - 2017-05-03 15:05 - 00311296 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2017-07-13 22:06 - 2017-05-03 15:05 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2017-07-04 22:06 - 2017-07-04 22:06 - 00009781 _____ C:\Users\Katha\Desktop\Rafeld_V060376.pdf
2017-06-28 17:09 - 2017-06-28 17:09 - 00025282 _____ C:\Users\Katha\Desktop\neu psyprax.odt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-28 00:17 - 2009-07-14 06:45 - 00028352 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-28 00:17 - 2009-07-14 06:45 - 00028352 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-28 00:08 - 2012-04-16 05:16 - 00000000 ____D C:\ProgramData\PDFC
2017-07-28 00:07 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-07-27 23:41 - 2016-11-20 22:20 - 00000000 ____D C:\Users\Katha\AppData\LocalLow\Mozilla
2017-07-27 23:38 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2017-07-27 23:34 - 2014-11-24 21:02 - 00000000 ____D C:\Users\Katha
2017-07-26 20:08 - 2017-03-19 18:11 - 00004378 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-07-26 20:08 - 2012-04-16 05:17 - 00803328 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-07-26 20:08 - 2012-04-16 05:17 - 00144896 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-26 20:07 - 2014-11-25 00:29 - 00000000 ____D C:\windows\system32\Macromed
2017-07-26 20:07 - 2012-04-16 05:17 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-07-26 20:06 - 2014-12-19 18:44 - 00000000 ____D C:\Users\Katha\AppData\Local\CrashDumps
2017-07-26 19:41 - 2014-11-30 19:47 - 00000332 _____ C:\windows\Tasks\HPCeeScheduleForKatha.job
2017-07-26 19:41 - 2014-11-24 21:29 - 00000000 ____D C:\ProgramData\AVAST Software
2017-07-26 19:21 - 2017-03-19 16:54 - 00003914 _____ C:\windows\System32\Tasks\Avast Emergency Update
2017-07-26 19:21 - 2017-01-14 12:10 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-07-26 19:21 - 2017-01-14 12:10 - 00001922 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2017-07-26 19:21 - 2014-12-26 19:55 - 00146696 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys
2017-07-26 19:17 - 2014-12-26 19:55 - 00146664 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys.150108966471803
2017-07-26 18:47 - 2014-11-25 17:49 - 00000000 ____D C:\ProgramData\Oracle
2017-07-26 18:41 - 2016-12-27 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-07-26 18:41 - 2014-11-25 17:44 - 00000000 ____D C:\Program Files (x86)\Java
2017-07-26 18:40 - 2014-11-30 19:47 - 00003186 _____ C:\windows\System32\Tasks\HPCeeScheduleForKatha
2017-07-26 16:42 - 2016-12-27 17:51 - 00097856 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2017-07-26 16:30 - 2012-04-16 03:50 - 00700118 _____ C:\windows\system32\perfh007.dat
2017-07-26 16:30 - 2012-04-16 03:50 - 00149968 _____ C:\windows\system32\perfc007.dat
2017-07-26 16:30 - 2009-07-14 07:13 - 01622228 _____ C:\windows\system32\PerfStringBackup.INI
2017-07-23 23:32 - 2014-12-26 19:55 - 00146664 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys.150084565791103
2017-07-23 23:30 - 2017-03-19 16:54 - 00343288 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbloga.sys
2017-07-23 23:30 - 2017-03-19 16:54 - 00320008 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsdrivera.sys
2017-07-23 23:30 - 2017-03-19 16:54 - 00198976 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsha.sys
2017-07-23 23:30 - 2017-03-19 16:54 - 00057728 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbuniva.sys
2017-07-20 12:44 - 2016-12-11 22:39 - 00000000 ____D C:\Users\Gast\AppData\LocalLow\Mozilla
2017-07-20 09:03 - 2014-12-12 19:13 - 00000000 ____D C:\windows\system32\appraiser
2017-07-18 12:27 - 2014-11-24 22:53 - 00000000 ____D C:\windows\system32\MRT
2017-07-18 12:22 - 2014-11-24 22:53 - 135225752 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-07-11 15:01 - 2017-05-01 20:34 - 00000000 ____D C:\Users\Katha\Desktop\Parshipficker
2017-07-10 12:16 - 2014-11-25 19:38 - 00000000 ____D C:\Users\Katha\Desktop\Lebenslauf etc
2017-07-07 13:41 - 2014-12-26 19:55 - 00361336 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2017-07-07 13:39 - 2014-12-26 19:55 - 00585608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2017-07-07 13:39 - 2014-12-26 19:55 - 00360792 _____ (AVAST Software) C:\windows\system32\Drivers\aswvmm.sys.149942766401606
2017-07-07 13:39 - 2014-12-26 19:55 - 00198768 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2017-07-07 13:39 - 2014-12-26 19:55 - 00110352 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2017-07-07 13:39 - 2014-12-26 19:55 - 00084392 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2017-07-07 13:39 - 2014-12-26 19:55 - 00046984 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2017-07-07 13:38 - 2014-12-26 19:55 - 01015848 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2017-07-03 16:02 - 2012-05-23 01:54 - 00000000 ____D C:\ProgramData\Skype
2017-07-03 13:38 - 2016-11-19 21:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-29 14:24 - 2014-11-25 17:49 - 00000000 ____D C:\Program Files (x86)\Psyprax32
2017-06-28 17:07 - 2014-11-25 17:54 - 00000000 ____D C:\ProgramData\PSYPRCFG
2017-06-28 17:05 - 2014-11-25 17:49 - 00000000 ____D C:\ProgramData\Psyprax32
2017-06-28 16:46 - 2012-05-23 01:32 - 00004096 _____ (Hewlett-Packard Company) C:\windows\SysWOW64\sigfile.exe
2017-06-28 16:46 - 2011-07-29 01:51 - 00000000 ____D C:\swsetup
2017-06-28 00:04 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-06-27 16:47 - 2017-06-27 16:47 - 0105658 _____ () C:\Users\Katha\AppData\Local\ars.cache
2017-06-27 16:48 - 2017-06-27 16:48 - 0344777 _____ () C:\Users\Katha\AppData\Local\census.cache
2017-06-23 18:54 - 2017-06-23 18:54 - 0000036 _____ () C:\Users\Katha\AppData\Local\housecall.guid.cache
Einige Dateien in TEMP:
====================
2016-01-27 18:17 - 2016-01-27 18:17 - 0000000 _____ () C:\Users\Gast\AppData\Local\Temp\pelor7sf.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-07-03 12:55
==================== Ende von FRST.txt ============================
FRST ADDITIONFRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-07-2017
durchgeführt von Katha (28-07-2017 00:20:03)
Gestartet von C:\Users\Katha\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-11-24 19:02:13)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4204173192-2022547415-2650888639-500 - Administrator - Disabled)
Gast (S-1-5-21-4204173192-2022547415-2650888639-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-4204173192-2022547415-2650888639-1003 - Limited - Enabled)
Katha (S-1-5-21-4204173192-2022547415-2650888639-1002 - Administrator - Enabled) => C:\Users\Katha
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.04 (HKLM-x32\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\...\Amazon Amazon Music) (Version: 5.1.0.1590 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{8642397F-CF08-6B30-A477-A039BBAA511E}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
ArcSoft TotalMedia (HKLM-x32\...\{B3B67519-2201-4C38-8002-D54473D651F9}) (Version: 1.0.61.25 - ArcSoft) Hidden
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.42 - ArcSoft)
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.38 - ArcSoft)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.120 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.0.0.4 - Hewlett-Packard Company)
Drive Encryption For HP ProtectTools (HKLM\...\{27F1E086-5691-4EB8-8BA1-5CBA87D67EB5}) (Version: 7.0.41.36204 - Hewlett-Packard Company)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.78 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{5B4F3B85-83F0-4BBF-9052-7A38B6B09634}) (Version: 5.0.8.0 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{5DCA44EB-03F6-44A3-A294-F3E5DE98D7F6}) (Version: 4.4.10.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{A351CC1B-C92C-4F37-8109-9F6D33ACF5EF}) (Version: 1.1.1.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{240B2BF7-E7E6-425C-A2A4-A3149189BF7F}) (Version: 2.3.1 - Hewlett-Packard Company)
HP File Sanitizer (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 8.1.1.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1112.2_WHQL - Sonix)
HP Hotkey Support (HKLM-x32\...\{7F7E2060-7212-4A53-9875-55173E4BA3F0}) (Version: 5.0.21.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{84642787-58C0-44AE-8B26-E2F544E380A1}) (Version: 2.5.0.16 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.1.1199 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{92db00b4-c4ee-4893-bc4e-8be6548b2742}) (Version: 4.3.4.0 - HP)
HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{658A8756-7B1E-44FD-A434-D777DD906232}) (Version: 8.5.2.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{56D27851-B9A6-430F-875A-E2D7A3802C7B}) (Version: 8.4.19.3 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{D549B5E2-DBE8-4190-ABA5-71106264398C}) (Version: 12.7.27.15 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{3A61A282-4F08-4D43-920C-DC30ECE528E8}) (Version: 2.6.1 - Hewlett-Packard Company)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 3.0.0.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3090 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.76.1 - JMicron Technology Corp.)
Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 53.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla)
Mozilla Firefox 54.0.1 (x86 de) (HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4753.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4753.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0407-0000-0000000FF1CE}) (Version: 15.0.4753.1002 - Microsoft Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.2.11 - PDF Complete, Inc)
Privacy Manager for HP ProtectTools (HKLM\...\{CA2F6FAD-D8CD-42C1-B04D-6E5B1B1CFDCC}) (Version: 7.0.0.865 - Hewlett-Packard Company)
Psyprax (HKLM-x32\...\{A981A9BA-8670-4419-8B2F-F3E6C0514531}_is1) (Version: - Psyprax GmbH)
PX Profile Update (HKLM-x32\...\{89FC4558-3689-C109-772E-3A6D5B96F019}) (Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek)
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.30.042 - Portrait Displays, Inc.) Hidden
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\...\Spotify) (Version: 1.0.56.451.gb2f539fc - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
Theft Recovery for HP ProtectTools (HKLM-x32\...\{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.0.10 - Hewlett-Packard Company) Hidden
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.0.10 - Hewlett-Packard Company)
Treiber für Ihr VML-GK (HKLM-x32\...\ZEMO VML-GK - Treiber und Tools V2.7_is1) (Version: 2.7 - ZEMO GmbH)
Validity Fingerprint Sensor Driver (HKLM\...\{93581599-ECF1-4DCD-BE36-BD969A6C8DB5}) (Version: 4.4.213.0 - Validity Sensors, Inc.)
Websuche (HKLM-x32\...\Websuche) (Version: - Websuche)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-23] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-23] (AVAST Software)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1-x32: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2012-01-19] (Atheros Commnucations)
ContextMenuHandlers1-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-23] (AVAST Software)
ContextMenuHandlers1-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1-x32: [ShredContextMenu] -> {85EFA470-665A-4322-AB1E-1EB9C70F61C8} => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll [2013-03-06] ()
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-23] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2012-01-19] (Atheros Commnucations)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4-x32: [ShredContextMenu] -> {85EFA470-665A-4322-AB1E-1EB9C70F61C8} => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll [2013-03-06] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-03-30] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2012-03-26] (Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-23] (AVAST Software)
ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {14352A83-1B9D-4A74-B5AD-D7D21A36C757} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-08-11] (Microsoft Corporation)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Keine Datei <==== ACHTUNG
Task: {36BF324A-BC25-4295-B2A6-0300760D7369} - System32\Tasks\{6CF2326D-F2FC-4D65-BD9E-21E22F84B7DC} => C:\windows\system32\pcalua.exe -a C:\Users\Katha\Downloads\jxpiinstall.exe -d C:\Users\Katha\Downloads
Task: {3DE3D7B6-CFDA-4E71-8B10-2005CBFDF256} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-08-11] (Microsoft Corporation)
Task: {45B1174B-6A59-430A-8346-8B1567BD2CE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-26] (Google Inc.)
Task: {49BBE749-4439-43B3-8C4A-DAFF9F04A25F} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2012-03-21] ()
Task: {52F65E7C-E4AC-44D8-8D2C-E54DAEAB83F0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {5E6E1D11-C6A2-450F-B5BF-0F73B4E858D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {6D7AD873-D7C2-44E9-94AC-57D23058E821} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-26] (Google Inc.)
Task: {7E6D2458-7DAC-481E-8E77-57D29FB64776} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {970938ED-268D-4482-924B-608EC0182CD0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-07-18] (AVAST Software)
Task: {9B64AEC2-653F-46CF-8BB3-142833FBF49F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {A11780FD-BE02-4812-8F0A-F57A7863B1EA} - System32\Tasks\avastBCLRestartS-1-5-21-4204173192-2022547415-2650888639-1002 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {A2FF2366-862D-4765-9080-434C374E7954} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {A6C3B905-8643-4D40-B4FE-D563DFEE51AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-06-28] (HP Inc.)
Task: {AB84D595-CBFC-4116-854E-89C4F1F9F884} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG
Task: {BEFE9F7F-BBB8-40D6-BFAE-36101AFC4DD5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-07-23] (AVAST Software)
Task: {C6911282-74C6-4E55-9C41-F513E26C05D3} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-26] (Adobe Systems Incorporated)
Task: {C7A4A2FA-25FC-4018-9B44-1BF86F87C463} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-08-12] (Microsoft Corporation)
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Keine Datei <==== ACHTUNG
Task: {D49EF6CB-746F-4CA9-8B29-B4287626137F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {F7470BA2-9EEC-4A4F-8CD9-16EBBCC2DFC0} - System32\Tasks\HPCeeScheduleForKatha => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\HPCeeScheduleForKatha.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-01-17 17:57 - 2012-01-17 17:57 - 00298368 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2013-03-27 13:11 - 2013-03-27 13:11 - 03346432 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2013-03-27 12:26 - 2013-03-27 12:26 - 00141824 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2015-07-09 20:28 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-03-27 12:28 - 2013-03-27 12:28 - 01327104 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
2017-07-27 23:43 - 2017-06-27 12:06 - 02260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2013-03-06 15:38 - 2013-03-06 15:38 - 03020504 _____ () c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll
2017-07-23 23:30 - 2017-07-23 23:30 - 00162032 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-07-23 23:31 - 2017-07-23 23:31 - 00831664 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-07-23 23:31 - 2017-07-23 23:31 - 00276808 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2012-02-10 23:26 - 2012-02-10 23:26 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2012-05-23 01:29 - 2012-03-28 19:38 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2017-07-23 23:31 - 2017-07-23 23:31 - 00170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-07-23 23:31 - 2017-07-23 23:31 - 00192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-07-23 23:31 - 2017-07-23 23:31 - 00224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-07-27 22:21 - 2017-07-27 22:21 - 05887288 _____ () C:\Program Files\AVAST Software\Avast\defs\17072704\algo.dll
2017-07-23 23:31 - 2017-07-23 23:31 - 00689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-07-23 23:31 - 2017-07-23 23:31 - 00231664 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2013-03-27 12:54 - 2013-03-27 12:54 - 02854912 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2013-03-27 12:26 - 2013-03-27 12:26 - 00126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2013-03-27 12:52 - 2013-03-27 12:52 - 03035136 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2013-03-27 12:57 - 2013-03-27 12:57 - 02867200 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2013-03-27 12:55 - 2013-03-27 12:55 - 00053248 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2013-03-27 12:30 - 2013-03-27 12:30 - 02043904 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2013-03-27 12:31 - 2013-03-27 12:31 - 01949696 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2017-07-23 23:32 - 2017-07-23 23:32 - 01065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-07-07 13:39 - 2017-07-07 13:39 - 67109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-07-23 23:30 - 2017-07-23 23:30 - 00292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-05-12 21:30 - 2017-05-12 21:30 - 00172032 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\823fb789f2ad94c2ce33a6a11f82d7ea\IsdiInterop.ni.dll
2012-04-16 05:09 - 2012-02-02 03:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-05-23 01:29 - 2012-03-28 19:18 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\...\amazon.de -> hxxps://amazon.de
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: Amazon 1Button App Service => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\startupreg: Amazon Music => "C:\Users\Katha\AppData\Local\Amazon Music\Amazon Music Helper.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{DF2109DA-D1E7-49AA-BE51-369CD1216F18}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7E9F767D-D18E-4507-971E-D65FFCCD2B1F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D84BE5F7-EFB6-4484-B706-E71D387736B4}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{F623A690-D90D-4524-BC90-694304407D8C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D17A08A3-2E3B-49BC-B835-64AAA374B853}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{EF3F1E88-6B94-41A4-8454-A2031A16DE73}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{43BB0F60-4C34-433C-BDF4-776FA8F776CB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B453A14D-33E1-4227-AA86-73C6E0B60491}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{67BB8246-3C1D-440D-BA1E-652BE232337E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{8A4F43E1-CFAD-4647-8025-9D5D1DE45D1A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A6E8CE9D-052F-46F6-87DC-FF5CF1FDF96D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C2DAEC23-6551-446B-97AE-EC01583A0DFD}C:\users\katha\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\katha\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [UDP Query User{709039E8-B5BC-4200-AE77-3B68A2DB285E}C:\users\katha\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\katha\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{E526092E-894B-42AA-B83C-B04C8FEEB397}] => (Block) C:\users\katha\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{AC23D569-DDA7-47D6-BC0C-99E70AEB7CF7}] => (Block) C:\users\katha\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [TCP Query User{E71621CC-AADE-41E6-AA53-0BAFF80E0A4B}C:\users\katha\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\katha\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B59DFD4F-0F92-4707-AE0E-ED025E79ACFF}C:\users\katha\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\katha\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{3FF861B1-428D-48AB-962A-665DD58EED60}C:\users\katha\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\katha\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B822911B-35BC-41D4-8E86-1A11EAFBA561}C:\users\katha\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\katha\appdata\roaming\spotify\spotify.exe
FirewallRules: [{73206375-BF01-467F-AD2B-C51C816C3F40}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
07-07-2017 13:49:22 Windows Update
11-07-2017 14:05:43 Windows Update
18-07-2017 12:12:05 Windows Update
23-07-2017 16:10:49 Windows Update
26-07-2017 20:06:09 Avast Cleanup
27-07-2017 22:30:49 Windows Update
27-07-2017 23:04:59 Removed Windows Phone app for desktop
27-07-2017 23:13:36 Avast Cleanup
27-07-2017 23:14:01 Avast Cleanup
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: MpKsl4bfc1e5f
Description: MpKsl4bfc1e5f
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsl4bfc1e5f
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Atheros Bluetooth Bus
Description: Atheros Bluetooth Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications
Service: BTATH_BUS
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/28/2017 12:18:28 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
Error: (07/28/2017 12:09:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm helppane.exe, Version 6.1.7601.23834 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 514
Startzeit: 01d30724e1c435da
Endzeit: 47
Anwendungspfad: C:\windows\helppane.exe
Berichts-ID: 3f530f47-7318-11e7-a76f-441ea179065e
Error: (07/28/2017 12:08:44 AM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start
Error: (07/28/2017 12:07:59 AM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start
Error: (07/28/2017 12:07:59 AM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start
Error: (07/28/2017 12:07:55 AM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start
Error: (07/28/2017 12:07:52 AM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start
Error: (07/28/2017 12:07:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (07/28/2017 12:06:52 AM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start
Error: (07/27/2017 11:46:33 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
Systemfehler:
=============
Error: (07/28/2017 12:03:54 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{8CEC58AE-07A1-11D9-B15E-000D56BFE6EE}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (07/27/2017 11:56:07 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolume2" den Befehl "chkdsk" aus.
Error: (07/27/2017 11:56:07 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "C:" den Befehl "chkdsk" aus.
Error: (07/27/2017 11:38:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "aswbIDSAgent" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (07/27/2017 11:38:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst aswbIDSAgent erreicht.
Error: (07/27/2017 11:35:23 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolume2" den Befehl "chkdsk" aus.
Error: (07/27/2017 11:32:52 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\system32\athihvs.dll
Error: (07/27/2017 11:32:52 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\system32\athihvs.dll
Error: (07/27/2017 11:32:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\windows\system32\athihvs.dll
Error: (07/27/2017 11:31:20 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 3979.6 MB
Verfügbarer physikalischer RAM: 1809.64 MB
Summe virtueller Speicher: 7957.38 MB
Verfügbarer virtueller Speicher: 5353.68 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:440.41 GB) (Free:332.64 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (HP_RECOVERY) (Fixed) (Total:21.05 GB) (Free:3.21 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BC1A6D6E)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=440.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=2 GB) - (Type=0C)
Partition 4: (Not Active) - (Size=21.1 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Geändert von karatta (27.07.2017 um 23:36 Uhr) |
|
28.07.2017, 20:43
| #4 |
| /// TB-Ausbilder | Open Office Hilfefenster öffnet sich nach OO- Start selbsständig mehrfach Servus, du hast die falsche Logdatei gepostet. Hast du die Funde mit AdwCleaner auch entfernen lassen? Ich möchte von dir gerne die Logdatei des Löschvorgangs sehen. |
|
28.07.2017, 23:00
| #5 |
| | Open Office Hilfefenster öffnet sich nach OO- Start selbsständig mehrfach Ah, du meinst hoffe ich dies hier? : # AdwCleaner 7.0.0.0 - Logfile created on Thu Jul 27 21:32:29 2017 # Updated on 2017/17/07 by Malwarebytes # Running on Windows 7 Home Premium (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\Program Files (x86)\PC Speed Maximizer Deleted: C:\Users\Katha\Desktop\zap Deleted: C:\ProgramData\IHProtectUpDate Deleted: C:\ProgramData\Application Data\IHProtectUpDate Deleted: C:\Users\All Users\IHProtectUpDate Deleted: C:\Users\Default\AppData\Local\Amazon Browser Settings Deleted: C:\Users\Default User\AppData\Local\Amazon Browser Settings ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL [hxxp://www.istartsurf.com/web/?type=ds&ts=1436209576&z=f9114177951d34bfd682f74g7z5cdq2o5eft8w0m2w&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX91A14R6358R6358&q={searchTerms}] Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page [hxxp://www.istartsurf.com/web/?type=ds&ts=1436209576&z=f9114177951d34bfd682f74g7z5cdq2o5eft8w0m2w&from=cor&uid=WDCXWD5000LPVX-22V0TT0_WD-WX91A14R6358R6358&q={searchTerms}] Deleted: [Key] - HKU\.DEFAULT\Software\distromatic Deleted: [Key] - HKU\S-1-5-21-4204173192-2022547415-2650888639-1002\Software\distromatic Deleted: [Key] - HKU\S-1-5-18\Software\distromatic Deleted: [Key] - HKCU\Software\distromatic Deleted: [Key] - HKLM\SOFTWARE\SUPDP Deleted: [Key] - HKLM\SOFTWARE\SupDp Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services Deleted: [Key] - HKLM\SOFTWARE\istartsurfSoftware Deleted: [Key] - HKLM\SOFTWARE\SupTab Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88} Deleted: [Key] - HKLM\SOFTWARE\IHProtect ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Image File Execution Options%s keys deleted ::Prefetch files deleted ::Proxy settings cleared ::Firewall rules cleared ::IE policies deleted ::Chrome policies deleted ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [3750 B] - [2017/7/27 21:30:21] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ########## |
|
29.07.2017, 13:00
| #6 |
| /// TB-Ausbilder | Open Office Hilfefenster öffnet sich nach OO- Start selbsständig mehrfach Servus, Schritt 1
Schritt 2
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
| Themen zu Open Office Hilfefenster öffnet sich nach OO- Start selbsständig mehrfach |
| antivirus, converter, cpu, defender, desktop, device driver, explorer, failed, firefox, flash player, google analytics, home, installation, mozilla, mp3, office 365, problem gelöst, prozesse, registry, security, services.exe, software, svchost.exe, system, ublock origin, udp, usb, virus, windows, öffnet |
Hybrid-Darstellung
