| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Auf dubiosen link in PM auf Facebook geklicktWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
30.05.2018, 18:20
| #1 |
 |  WindowsPhone war am Rechner Hallo Matthias, bevor ich loslege eine Frage, die vielleicht auch andere Besucher wichtig finden. Mein WindowsPhone war per USB am PC angeschlossen. Ich nehme an, dass das sich auch hat infizieren können. Was mache ich da? Mit an den Rechner hängen, wenn ich deinen Anweisungen folge? Oder ist das ein separates Problem? Grüße, Johannes |
|
31.05.2018, 09:51
| #2 | |
| /// TB-Ausbilder   | Auf dubiosen link in PM auf Facebook geklicktZitat:
|
|
02.06.2018, 15:22
| #3 |
| | Hier ist FRSTCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
durchgeführt von johan_000 (Administrator) auf JO (02-06-2018 16:11:47)
Gestartet von C:\Users\johan_000\Desktop
Geladene Profile: johan_000 (Verfügbare Profile: johan_000)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_8\mcapexe.exe
(CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Windows\System32\igfxTray.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(© 2015 Microsoft Corporation) C:\Users\johan_000\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13763800 2014-10-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-01] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (CANON INC.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-08-27] (Atheros Communications)
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\Run: [Pokki] => C:\Users\johan_000\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe [10777600 2015-05-29] (Pokki)
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [4411488 2014-03-16] ()
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\Run: [BingSvc] => C:\Users\johan_000\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1393744 2018-05-14] (CyberGhost S.A.)
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\MountPoints2: {686f99f2-d23d-11e4-825e-806e6f6e6963} - "D:\.\setup.exe"
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\MountPoints2: {ab6f5072-6cf6-11e5-8277-1008b1a6508e} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5D225C14-7FBD-4101-9A54-722F99002927}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AFCF6C45-3D37-4927-9D40-48A8A3022F5C}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=de-de
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005 -> DefaultScope {AB08804A-4B5E-11E5-8273-1008B1A6508E} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005 -> {70F4535E-E3A0-45D2-815B-340CBA3EF4AB} URL =
SearchScopes: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005 -> {AB08804A-4B5E-11E5-8273-1008B1A6508E} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005 -> {DECF2A63-EEAD-46BF-98E7-7FAADBFD1AF8} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-01-19] (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-15] (Oracle Corporation)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-01-19] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-15] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-01-19] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-01-19] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2018-04-11] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2018-04-11] (McAfee, Inc.)
FireFox:
========
FF DefaultProfile: mc0bv80i.default
FF ProfilePath: C:\Users\johan_000\AppData\Roaming\Mozilla\Firefox\Profiles\mc0bv80i.default [2018-06-02]
FF Homepage: Mozilla\Firefox\Profiles\mc0bv80i.default -> hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=de-de
hxxps://www.google.de/
FF Extension: (Google Scholar-Schaltfläche) - C:\Users\johan_000\AppData\Roaming\Mozilla\Firefox\Profiles\mc0bv80i.default\Extensions\button@scholar.google.com.xpi [2017-10-10]
FF Extension: (Suchen und neue Registerkarte von Yahoo) - C:\Users\johan_000\AppData\Roaming\Mozilla\Firefox\Profiles\mc0bv80i.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2017-11-10]
FF Extension: (TLS 1.3 gradual roll-out fallback-limit) - C:\Users\johan_000\AppData\Roaming\Mozilla\Firefox\Profiles\mc0bv80i.default\features\{56ce5523-9d80-4510-abe9-875ab8b05ebe}\tls13-version-fallback-rollout-bug1462099@mozilla.org.xpi [2018-06-02] [Legacy]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-05-06]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-09] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2018-04-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-09] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-15] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2018-04-11] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1963366536-3467600762-1340127474-1005: SkypePlugin -> C:\Users\johan_000\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi.dll [2017-04-18] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-1963366536-3467600762-1340127474-1005: SkypePlugin64 -> C:\Users\johan_000\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi-x64.dll [2017-04-18] (Skype Technologies S.A.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [322176 2014-08-27] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [451288 2018-05-22] (Avira Operations GmbH & Co. KG)
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [239184 2018-05-14] (CyberGhost S.A.)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-09-21] (McAfee, Inc.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-10-24] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604312 2018-01-19] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_8\McApExe.exe [728808 2018-04-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\\McCSPServiceHost.exe [2141912 2018-04-06] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [359888 2018-02-23] (McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [512976 2018-02-23] (McAfee, LLC)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [473040 2018-02-23] (McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1669328 2018-04-02] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38240 2016-02-01] (The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2134848 2017-12-09] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3014472 2017-12-09] (Electronic Arts)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1061528 2018-03-06] (McAfee, Inc.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [873968 2017-06-30] (Tunngle.net GmbH) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3905536 2014-08-11] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-08-27] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77216 2018-02-28] (McAfee, LLC)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [218336 2017-10-09] (McAfee, Inc.)
S3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-11] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-11] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-11] (Intel Corporation)
S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-11] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [497568 2018-02-28] (McAfee, LLC)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [360352 2018-02-28] (McAfee, LLC)
U3 mfeavfk01; kein ImagePath
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83952 2018-02-28] (McAfee, LLC)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [529312 2018-02-28] (McAfee, LLC)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [953248 2018-02-28] (McAfee, LLC)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [543632 2018-01-22] (McAfee LLC.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [108432 2018-01-22] (McAfee LLC.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [115616 2018-02-28] (McAfee, LLC)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252832 2018-02-28] (McAfee, LLC)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [19616 2014-09-06] (Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [39464 2016-04-27] (Tunngle.net GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-06-02 16:08 - 2018-06-02 16:11 - 000025329 _____ C:\Users\johan_000\Desktop\FRST.txt
2018-06-02 16:08 - 2018-06-02 16:08 - 002413056 _____ (Farbar) C:\Users\johan_000\Desktop\FRST64.exe
2018-06-02 16:08 - 2018-06-02 16:08 - 000050243 _____ C:\Users\johan_000\Desktop\Addition.txt
2018-06-02 16:02 - 2018-06-02 16:11 - 000000000 ____D C:\FRST
2018-06-02 15:56 - 2018-06-02 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2018-06-02 15:55 - 2018-06-02 16:05 - 000003522 _____ C:\Windows\System32\Tasks\McAfee DAT Built in test
2018-06-02 10:23 - 2018-06-02 10:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-05-23 19:56 - 2018-05-23 19:56 - 000000022 _____ C:\Users\johan_000\Desktop\WinRAR-ZIP-Archiv (neu).zip
2018-05-11 09:06 - 2018-05-15 19:15 - 000009141 _____ C:\Users\johan_000\Documents\Kita Klärung 400.xlsx
2018-05-09 18:09 - 2018-04-22 11:02 - 000803696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-05-09 18:09 - 2018-04-22 10:06 - 000612600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-05-09 18:09 - 2018-04-22 10:04 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-05-09 18:09 - 2018-04-22 09:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-05-09 18:09 - 2018-04-22 09:38 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-05-09 18:09 - 2018-04-22 09:32 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-05-09 18:09 - 2018-04-22 09:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-05-09 18:09 - 2018-04-22 09:26 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-05-09 18:09 - 2018-04-22 09:24 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-05-09 18:09 - 2018-04-22 09:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-05-09 18:09 - 2018-04-22 09:00 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-05-09 18:09 - 2018-04-22 08:57 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-05-09 18:09 - 2018-04-22 08:54 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-05-09 18:09 - 2018-04-22 08:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-05-09 18:09 - 2018-04-22 08:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-05-09 18:09 - 2018-04-22 08:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-05-09 18:09 - 2018-04-22 08:48 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-05-09 18:09 - 2018-04-22 08:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-05-09 18:09 - 2018-04-22 08:33 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-05-09 18:09 - 2018-04-22 08:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-05-09 18:09 - 2018-04-22 08:31 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-05-09 18:09 - 2018-04-22 08:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-05-09 18:09 - 2018-04-22 08:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-05-09 18:09 - 2018-04-22 08:27 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-05-09 18:09 - 2018-04-22 08:26 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-05-09 18:09 - 2018-04-22 08:26 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-05-09 18:09 - 2018-04-22 08:22 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-05-09 18:09 - 2018-04-22 08:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-05-09 18:09 - 2018-04-22 08:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-05-09 18:09 - 2018-04-22 08:04 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-05-09 18:09 - 2018-04-22 08:03 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-05-09 18:09 - 2018-04-15 18:55 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-05-09 18:09 - 2018-04-15 18:16 - 000536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-05-09 18:09 - 2018-04-11 03:03 - 007406936 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-05-09 18:09 - 2018-04-11 03:02 - 001676056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-05-09 18:09 - 2018-04-11 03:02 - 001536112 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-05-09 18:09 - 2018-04-10 20:51 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-05-09 18:09 - 2018-04-10 20:27 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-05-09 18:09 - 2018-04-10 20:13 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-05-09 18:09 - 2018-04-10 19:01 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-05-09 18:09 - 2018-04-10 18:50 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-05-09 18:09 - 2018-04-07 18:17 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-05-09 18:09 - 2018-04-07 17:49 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-05-09 18:09 - 2018-04-07 17:41 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-05-09 18:09 - 2018-04-07 17:23 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-05-09 18:09 - 2018-04-07 17:20 - 001707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-05-09 18:09 - 2018-04-07 17:10 - 001344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-05-09 18:09 - 2018-04-07 17:06 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-05-09 18:09 - 2018-04-07 17:01 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-05-09 18:09 - 2018-04-06 23:27 - 000376656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2018-05-09 18:09 - 2018-03-24 17:57 - 001101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2018-05-09 18:09 - 2018-03-24 17:40 - 001171456 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2018-05-09 18:09 - 2018-03-24 17:34 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2018-05-09 18:09 - 2018-03-24 17:22 - 001086976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2018-05-09 18:09 - 2018-03-24 16:56 - 007033344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-05-09 18:09 - 2018-03-24 16:54 - 006214144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-05-09 18:09 - 2018-03-16 00:29 - 000136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-05-09 18:09 - 2018-03-10 22:55 - 000137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-05-09 18:09 - 2018-03-10 21:04 - 000120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-05-09 18:09 - 2018-03-10 19:51 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-05-09 18:09 - 2018-03-10 19:47 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-05-09 18:09 - 2018-03-10 19:47 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-05-09 18:09 - 2018-03-10 19:43 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-05-09 18:09 - 2018-03-10 18:46 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2018-05-09 18:09 - 2018-03-10 18:44 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-05-09 18:09 - 2018-03-10 18:35 - 000696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2018-05-09 18:09 - 2018-03-10 18:35 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-05-09 18:09 - 2018-03-10 18:33 - 003717632 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-05-09 18:09 - 2018-03-10 18:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-05-09 18:09 - 2018-03-10 18:21 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-05-09 18:09 - 2018-03-10 18:21 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-05-09 18:09 - 2018-03-10 18:20 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-05-09 18:09 - 2018-03-10 18:18 - 000726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-05-09 18:09 - 2018-03-10 18:18 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2018-05-09 18:09 - 2018-03-10 18:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-05-09 18:09 - 2018-03-10 18:18 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-05-09 18:09 - 2018-03-10 18:17 - 002240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-05-09 18:09 - 2018-03-10 18:17 - 000897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-05-09 18:09 - 2018-03-09 20:57 - 000276816 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-05-09 18:09 - 2018-03-03 18:24 - 001725952 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2018-05-09 18:09 - 2018-03-03 18:18 - 000894976 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2018-05-09 18:09 - 2018-03-03 18:18 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll
2018-05-09 18:09 - 2018-03-03 18:15 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2018-05-09 18:09 - 2018-03-03 18:04 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2018-05-09 18:09 - 2018-03-03 18:04 - 000265728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcuiu.dll
2018-05-09 18:09 - 2018-02-14 23:45 - 001308336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-05-09 18:09 - 2018-02-14 16:47 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-06-02 16:00 - 2015-03-25 00:47 - 000759378 _____ C:\Windows\system32\perfh007.dat
2018-06-02 16:00 - 2015-03-25 00:47 - 000156604 _____ C:\Windows\system32\perfc007.dat
2018-06-02 16:00 - 2014-03-18 12:03 - 001769264 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-02 16:00 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-06-02 15:58 - 2015-05-02 15:14 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1963366536-3467600762-1340127474-1005
2018-06-02 15:57 - 2016-11-20 01:15 - 000000000 ____D C:\Users\johan_000\AppData\LocalLow\Mozilla
2018-06-02 15:54 - 2015-05-06 16:23 - 000000000 ____D C:\Users\johan_000\.rainlendar2
2018-06-02 15:54 - 2015-05-02 15:09 - 000000000 ____D C:\Users\johan_000\OneDrive
2018-06-02 15:53 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-02 10:33 - 2016-06-20 21:56 - 000000000 ____D C:\Users\johan_000\Documents\Telefon
2018-06-02 10:23 - 2015-02-19 18:48 - 000000000 ____D C:\ProgramData\Package Cache
2018-06-02 10:22 - 2015-05-02 15:06 - 000000000 ____D C:\Users\johan_000
2018-05-30 08:27 - 2016-03-27 22:29 - 000000000 ____D C:\Users\johan_000\Documents\F
2018-05-28 23:17 - 2015-05-02 20:44 - 000000000 ____D C:\Users\johan_000\AppData\Roaming\vlc
2018-05-28 21:32 - 2018-03-06 13:28 - 000000000 ____D C:\Program Files\CyberGhost 6
2018-05-28 19:29 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2018-05-28 19:28 - 2018-03-23 20:14 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-05-28 19:27 - 2017-05-21 11:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-28 19:27 - 2015-08-17 12:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-22 21:51 - 2016-01-28 12:51 - 000000000 ____D C:\Users\johan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-05-22 21:51 - 2016-01-28 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-05-22 21:51 - 2016-01-28 12:50 - 000000000 ____D C:\Program Files\WinRAR
2018-05-21 19:33 - 2018-03-23 20:14 - 000003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2018-05-21 19:33 - 2018-03-23 20:08 - 000000000 ____D C:\Program Files\Common Files\McAfee
2018-05-21 19:32 - 2018-03-23 20:14 - 000000000 ____D C:\Windows\System32\Tasks\McAfee
2018-05-21 19:32 - 2013-08-22 17:36 - 000000000 ___HD C:\Windows\ELAMBKUP
2018-05-19 11:50 - 2015-05-10 20:39 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-05-19 11:49 - 2015-05-10 20:38 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-19 11:39 - 2015-08-17 12:15 - 000001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-19 09:39 - 2015-05-06 08:49 - 000000000 ____D C:\Users\johan_000\Documents\ING DiBa
2018-05-11 09:18 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-05-10 00:02 - 2013-08-22 16:44 - 000508008 _____ C:\Windows\system32\FNTCACHE.DAT
2018-05-09 22:47 - 2013-08-22 15:25 - 000524288 ___SH C:\Windows\system32\config\BBI
2018-05-09 19:08 - 2015-05-06 08:50 - 000000000 ____D C:\Users\johan_000\Documents\Steuern
2018-05-09 18:52 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-05-09 18:47 - 2015-05-05 03:28 - 000000000 ____D C:\Windows\system32\MRT
2018-05-09 18:44 - 2017-10-15 12:49 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-05-09 18:44 - 2015-05-05 03:28 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-05-09 13:55 - 2018-03-13 16:03 - 000004512 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-05-09 13:55 - 2015-11-05 15:25 - 000004342 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-05-09 13:55 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-05-09 13:55 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2018-05-06 11:34 - 2015-05-11 20:17 - 000000000 ____D C:\Users\johan_000\AppData\Local\ElevatedDiagnostics
2018-05-06 11:07 - 2015-05-06 08:50 - 000000000 ____D C:\Users\johan_000\Documents\Various Docs
Einige Dateien in TEMP:
====================
2015-05-02 15:09 - 2015-05-02 15:09 - 000000000 ____D () C:\Users\johan_000\AppData\Local\Temp\avgnt.exe
2015-11-12 21:31 - 2015-11-12 21:31 - 000144008 _____ (© 2015 Microsoft Corporation) C:\Users\johan_000\AppData\Local\Temp\BingSvc.exe
2015-09-30 19:30 - 2015-11-12 21:31 - 001118360 _____ (© 2015 Microsoft Corporation) C:\Users\johan_000\AppData\Local\Temp\BSvcProcessor.exe
2015-09-30 19:30 - 2015-11-12 21:31 - 000170128 _____ (© 2015 Microsoft Corporation) C:\Users\johan_000\AppData\Local\Temp\BSvcUpdater.exe
2017-11-26 22:32 - 2017-11-26 22:32 - 003239696 _____ (Microsoft) C:\Users\johan_000\AppData\Local\Temp\CNC4LauncherUpdate.exe
2015-09-30 19:20 - 2015-09-30 19:20 - 002308240 _____ (Microsoft Corporation) C:\Users\johan_000\AppData\Local\Temp\DefaultPack.EXE
2015-11-28 19:51 - 2015-11-28 19:51 - 000065536 _____ (Sony DADC Austria AG) C:\Users\johan_000\AppData\Local\Temp\drm_dialogs.dll
2015-11-28 18:56 - 2015-12-09 18:23 - 000204800 _____ (Sony DADC Austria AG) C:\Users\johan_000\AppData\Local\Temp\drm_dyndata_7380006.dll
2015-11-28 19:51 - 2015-12-09 18:24 - 000204800 _____ (Sony DADC Austria AG) C:\Users\johan_000\AppData\Local\Temp\drm_dyndata_7380014.dll
2016-04-15 17:56 - 2015-01-19 20:48 - 001126480 ____N (CANON INC.) C:\Users\johan_000\AppData\Local\Temp\MSETUP4.EXE
2015-08-27 00:15 - 2016-07-11 23:21 - 016826944 ____T (Geek Software GmbH ) C:\Users\johan_000\AppData\Local\Temp\pdf24-creator-update.exe
2016-02-10 10:20 - 2016-02-10 10:20 - 000117288 _____ (Microsoft Corporation) C:\Users\johan_000\AppData\Local\Temp\ShFolder.Exe
2016-04-15 18:00 - 2014-01-20 11:38 - 000354392 ____R (CANON INC.) C:\Users\johan_000\AppData\Local\Temp\uninstall.exe
2017-05-23 19:29 - 2017-05-23 19:29 - 014456872 _____ (Microsoft Corporation) C:\Users\johan_000\AppData\Local\Temp\vc_redist.x86.exe
2016-06-28 21:43 - 2016-06-28 21:43 - 031717016 _____ () C:\Users\johan_000\AppData\Local\Temp\vlc-2.2.4-win64.exe
2017-09-16 14:14 - 2017-09-16 14:15 - 032100680 _____ () C:\Users\johan_000\AppData\Local\Temp\vlc-2.2.6-win64.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2018-05-30 07:49
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
durchgeführt von johan_000 (02-06-2018 16:12:11)
Gestartet von C:\Users\johan_000\Desktop
Windows 8.1 (Update) (X64) (2015-04-30 22:33:35)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1963366536-3467600762-1340127474-500 - Administrator - Disabled)
Gast (S-1-5-21-1963366536-3467600762-1340127474-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1963366536-3467600762-1340127474-1003 - Limited - Enabled)
johan_000 (S-1-5-21-1963366536-3467600762-1340127474-1005 - Administrator - Enabled) => C:\Users\johan_000
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Avira (HKLM-x32\...\{B9E9546C-BAD0-43AB-8812-4FC3F8A9547C}) (Version: 1.2.113.25350 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{d2c9315d-82be-4e7a-8d9f-ccbe716c2552}) (Version: 1.2.113.25350 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon MG2900 series Benutzerregistrierung (HKLM-x32\...\Canon MG2900 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.00 - Canon Inc.)
Canon MG2900 series On-screen Manual (HKLM-x32\...\Canon MG2900 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5000 series Benutzerregistrierung (HKLM-x32\...\Canon TS5000 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon TS5000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5000_series) (Version: 1.02 - Canon Inc.)
Canon TS5000 series On-Screen-Handbuch (HKLM-x32\...\Canon TS5000 series On-Screen-Handbuch) (Version: 1.1.0 - Canon Inc.)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ and The Covert Operations™ (HKLM-x32\...\{050E298D-C9B8-4582-A332-26201268A297}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{1A882F29-BC18-4AC2-A71E-0FC30FA32568}) (Version: 1.0.0.0 - Electronic Arts)
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.A.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.2.19144 - Landesfinanzdirektion Thüringen)
EPSON SX430 Series Printer Uninstall (HKLM\...\EPSON SX430 Series) (Version: - SEIKO EPSON Corporation)
EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fragen-Lern-CD International Klassen B+A (HKLM-x32\...\Fragen-Lern-CD International Klassen B+A) (Version: 1.0 - Wendel-Verlag)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3977 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
iTunes (HKLM\...\{69D24652-4A1D-49C6-AA0C-573A38083F6C}) (Version: 12.7.3.46 - Apple Inc.)
Janitos Offline-Tarifrechner 3.4.7.4 (HKLM-x32\...\Janitos Offline-Tarifrechner 3_is1) (Version: - Fairware24)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.163 - McAfee, Inc.)
McAfee® Internet Security (HKLM-x32\...\MSC) (Version: 16.0 R11 - McAfee, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 60.0.1 (x64 de) (HKLM\...\Mozilla Firefox 60.0.1 (x64 de)) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.1.6710 - Mozilla)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
OpenVPN 2.3.10-I602 (HKLM\...\OpenVPN) (Version: 2.3.10-I602 - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.8.11002 - Electronic Arts, Inc.)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Pokki (HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\Pokki) (Version: 0.269.7.660 - Pokki)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.330 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.43 - Qualcomm Atheros)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7358 - Realtek Semiconductor Corp.)
Scientific Viewer 5.5 (HKLM-x32\...\{CE644673-D8DA-4C22-A958-CBE3A06C4A8B}) (Version: 5.50 - MacKichan Software)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype Version 8.18 (HKLM-x32\...\Skype_is1) (Version: 8.18 - Skype Technologies S.A.)
Skype Web Plugin (HKLM-x32\...\{EB96DF8B-65A7-4E72-BFB1-38DB36870D16}) (Version: 7.32.6.278 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
test und FINANZtest Archiv CD-Rom 2017 (HKLM-x32\...\test und FINANZtest Archiv CD-Rom 2017) (Version: 1.0.0.0 - )
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.9 - Tunngle.net GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WISO steuer:Sparbuch 2017 (HKLM-x32\...\{4B58E20F-F052-4C6F-993B-7E62C7240E2A}) (Version: 24.00.1375 - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2018 (HKLM-x32\...\{26D074D9-1133-499E-9C98-5E3A863D2E93}) (Version: 25.02.1498 - Buhl Data Service GmbH)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005_Classes\CLSID\{41052F6E-3662-4584-BCD3-77BCCAAE8470}\InprocServer32 -> C:\Users\johan_000\AppData\Local\SkypePlugin\7.32.6.278\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005_Classes\CLSID\{60813F68-E9F7-4B3C-80B4-A76A66211660}\localserver32 -> C:\Users\johan_000\AppData\Local\SkypePlugin\7.32.6.278\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\johan_000\AppData\Local\SkypePlugin\7.32.6.278\EdgeCalling.exe (Skype Technologies S.A.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2014-08-27] (Qualcomm®Atheros®)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-04-11] (McAfee, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2014-08-27] (Qualcomm®Atheros®)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-10-24] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-04-08] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-04-11] (McAfee, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0649AE8F-211C-4642-B17C-6C3EE47ECC1A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {25F13F12-0F14-42F2-ABE2-27D3DF22E4D1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {2DFA2FC7-2CF0-4B07-B366-CC05A7BB863F} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {3CE9E8BE-062E-421A-8788-C0C439D369DA} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [2018-03-27] (McAfee, Inc.)
Task: {449099CA-5FFD-4E4E-B62F-FCF59C0EB791} - System32\Tasks\{2FAAADA7-FDDE-43C7-A19D-3B3EF3812755} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Acer\abDocs\AcerDocsSetup.exe" -c -uninstall
Task: {4BFF405C-5370-433F-B95B-EA4430A55737} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {4D2DD3EC-FFC3-474D-B4CA-E01CCAA05BBC} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {4F5381B1-EDD3-4A1C-BCA3-CAF472F0D398} - System32\Tasks\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.5.243\mcdatrep.exe [2018-03-23] (McAfee, LLC.)
Task: {51691614-C001-43AF-B816-071B82612145} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {67915EAC-59AE-4AF3-AD89-506E4F0BD9B4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {7DD5F2EF-5FD8-4F87-BD80-FF4447E7A298} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-12-30] (Acer Incorporate)
Task: {90520175-8688-4612-93F2-4DC37A4FE955} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-09] (Acer Incorporated)
Task: {BA6B51F0-8B3B-4C70-9159-5E9FAADBC7E6} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {BD793353-7AF8-4B6B-82B2-AFDD7280FE63} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-09] (Adobe Systems Incorporated)
Task: {C6DCF76E-6BC0-4ED5-8B18-A3F719875488} - System32\Tasks\FUB => C:\Program Files (x86)\Acer\Care Center\FUB.bat <==== ACHTUNG
Task: {C9A4BC17-95EC-41CF-B7E7-36A2718D50B8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-09] (Adobe Systems Incorporated)
Task: {C9D38617-9F27-4F2D-B9D5-2ABEF00074C4} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {E46CA6B0-9876-4594-8365-299CE24443C2} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {FCFA6CD1-5DB8-47DB-9657-1B54B46E9A78} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2018-02-28] (McAfee, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-05-02 12:27 - 2015-04-08 23:30 - 000116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-01-05 01:14 - 2018-01-05 01:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-05 01:13 - 2018-01-05 01:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-04-06 13:05 - 2018-04-06 13:05 - 000896136 _____ () C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPMsgBusDLL.dll
2015-02-19 17:23 - 2014-10-24 05:39 - 000456808 _____ () C:\Windows\system32\igfxTray.exe
2014-08-27 20:45 - 2014-08-27 20:45 - 000011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-08-27 20:41 - 2014-08-27 20:41 - 000086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-08-27 20:47 - 2014-08-27 20:47 - 000012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2018-01-22 04:15 - 2018-01-22 04:15 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-01-22 04:15 - 2018-01-22 04:15 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2014-03-16 19:42 - 2014-03-16 19:42 - 004411488 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2012-05-16 21:12 - 2012-05-16 21:12 - 000179200 _____ () C:\Program Files\Rainlendar2\lua52.dll
2014-03-14 12:24 - 2014-03-14 12:24 - 000324608 _____ () C:\Program Files\Rainlendar2\libical.dll
2014-03-16 19:42 - 2014-03-16 19:42 - 000082528 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2014-03-14 12:24 - 2014-03-14 12:24 - 000080384 _____ () C:\Program Files\Rainlendar2\libicalss.dll
2012-06-17 15:21 - 2012-06-17 15:21 - 000015360 _____ () C:\Program Files\Rainlendar2\lfs.dll
2015-03-24 17:28 - 2013-10-01 11:09 - 000078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2015-05-02 12:16 - 2015-05-23 03:48 - 000011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-10-10 10:37 - 2014-10-10 10:37 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Application Data:BDSDRMHK [64]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\johan_000\OneDrive\Pictures\Eigene Aufnahmen\WP_20150426_12_14_11_Pro.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\StartupApproved\Run: => "Steam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{F8B35D48-3C7D-4C6A-BDDA-09548A83D7CE}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{CD538265-83B0-4300-9758-2D18C3DF8FE8}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{292D208F-8F61-4BBF-9AC6-5A10EFE6CDFB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{093BB5B6-CA26-41E0-8F95-C99ED24CD0ED}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4B721A9F-B014-42DD-AAEF-644C6F42C474}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{24402A7F-65D8-4506-B7FF-1D418A6F66E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0B9110A1-CDD9-444F-877C-867488DBB079}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8B4681B6-9C78-404D-AB0F-311647B52736}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FF0E0438-1E08-47F6-8DEA-3889B495BE0A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4A908F3A-BB33-4098-BEB2-06328B7FCB4B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{DCA90C3E-3800-4317-8F30-ADDE3509A4B6}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{9032880C-31D5-406A-BEA3-24D3554524C5}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{835EA096-00A4-4398-9EFA-3C149BEEA15A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{48D61D4D-9A5D-485A-8E61-6A24C29E828B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{FEA0769E-0CCA-44F5-B690-F9FCD944F643}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6AD8E723-CB17-4604-98F1-31478AD1C46A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A8F52802-6EF1-4E8D-9306-8BE27A217A6F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{81C34AE6-6796-4B1F-AAC5-FEBE11CBF7AF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{CB3ABB6D-A88A-4DFC-9CC2-7D567DEE1D66}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{91D5DB8D-4FB6-41A2-8DA5-987129BAC6CA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4B7F462C-9C15-4EE9-9CA3-58E59977715D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B84EE29B-2003-44EA-9695-7184654A7AE8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{5BB720FD-9668-4D22-888A-DDA432BCA3A0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{6A64665E-09E9-4588-BB89-4BE3D1173DE2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{1395C35E-6AD0-4D55-8CE7-3EACC4B8B392}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{238BBABD-FEB5-40BF-880D-A1D61AC582E5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{5DD86093-3FD0-4474-802F-211C8B8125B8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F3FA8213-1A14-4DBC-A308-5C33CA573021}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{C767D3E4-1521-4402-8670-504AF0B4236A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{C49122BC-868C-4748-8EC4-A6461468934C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{13FB51BB-9AFA-4EAD-8027-28C32A8B3F14}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{E3DFA4ED-4624-4D76-9A6B-23DBFAC07784}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{208B09A5-A303-4472-BD71-54B347300131}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{C869129C-C61D-47FD-B76D-B58E88C67AB7}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{61FF2E81-4C4B-4072-96E5-06926FF2398E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{BCF46940-66C8-4F60-A1F2-11EA2B0BED72}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{CF968175-774E-4C1D-93A2-A12B14EBC6FD}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{25BAA30D-4639-4C1C-A09A-B7E8C4B5A9B4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{09D3AD0D-8FCC-4131-AF08-430D31AE08CC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EE69293A-CE31-4DE4-BE57-4C978D7B3D37}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A8AF188E-A296-4299-B5BE-C6453F0F2D4C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1E59A9D9-C68B-4F48-A6F6-98360E6A30A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{41520518-BC13-4852-8078-BA3F11CA3297}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A371968E-57C1-47AC-9C87-653531037FC8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{6A18096B-617B-4FD8-A8E1-205608E1488D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9BDB11D8-9BB1-4D61-A09D-1AC378E79391}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C067CC91-022F-4805-811E-BC7F8DAA00A3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8446B1A2-F5D1-4F94-A313-B64798E79182}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{80D9CACB-18A9-415D-BBB0-E85CBE64C53C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6ABE84ED-5EFB-44E1-B05C-FB56A5356E1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{605986F1-8624-43FB-9DA3-EA50FA9CEE3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{E9171FC4-3BD5-46FF-BB6F-FA0D02046DA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{7472605A-F1D0-483D-8DC3-1680E1D0F81E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{E351AF82-EC4A-4E21-9193-8DB37DEA9EB8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3C1A1570-C9E3-4CD7-90B0-B681348D5A3D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{460F4C76-22C1-438F-8254-7B3714C772EA}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BB7B9BAF-CC51-4EF1-BE74-91B0E7EEA69E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E3AD27A4-214D-4C8A-806D-5A15D90D38E6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{51324EE0-E354-4405-B9EC-990B78269E7F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{44BCA715-6AB9-4F91-8524-6106B18C44C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{3EA8321D-5909-41E1-9F79-1BA2D7B7FB8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [TCP Query User{C45BFD94-EC44-42B5-8C36-46462EE62308}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{39A0CC7D-CBBC-4938-B985-F2DE33401D0D}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{141EAB74-24F2-431F-BBC4-EE7C9916D024}C:\program files\openvpn\bin\openvpn.exe] => (Block) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{ACF6AE44-A953-4653-8FE5-A46EF65FB32B}C:\program files\openvpn\bin\openvpn.exe] => (Block) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{F0277A66-36D1-443A-85EF-BD9A43EADF61}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{AE2C8A86-385A-47AC-83A7-0A5419F453A5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B24A5433-9566-4FCA-B1BF-CEDF0CDE05FE}C:\program files (x86)\fairware24\janitostarifrechner\zebedee.exe] => (Allow) C:\program files (x86)\fairware24\janitostarifrechner\zebedee.exe
FirewallRules: [UDP Query User{090D9668-9EE6-469A-A191-C98EEAF573E4}C:\program files (x86)\fairware24\janitostarifrechner\zebedee.exe] => (Allow) C:\program files (x86)\fairware24\janitostarifrechner\zebedee.exe
FirewallRules: [{41F01875-6592-4361-A0EB-4F9A82CF1A1E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6AE51FE8-46B0-4A44-949A-4C740DD7225E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F8A5F74C-4600-4DE9-B2E4-3F129E6E321F}] => (Allow) C:\Spiele\C&C 1\CNC and The Covert Operations\CNC95Launcher.exe
FirewallRules: [{52644705-6D94-47A6-9295-3370710C77FA}] => (Allow) C:\Spiele\C&C 1\CNC and The Covert Operations\CNC95Launcher.exe
FirewallRules: [{A1CA101D-BA8F-4414-BC79-C5DB7CE4C998}] => (Allow) C:\Spiele\C&C Red Alert 2\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{2138C0CA-58D1-4B31-A539-55D5DAE1EE08}] => (Allow) C:\Spiele\C&C Red Alert 2\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{D4F854C6-4FB2-4EBA-B132-8FF6304DF3EF}] => (Allow) C:\Spiele\C&C 4 Teberium Twilight\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [{564EF35A-D694-4E8D-8818-73B9380FC276}] => (Allow) C:\Spiele\C&C 4 Teberium Twilight\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [TCP Query User{866A756C-413B-43B4-AB81-4134B7238B7A}C:\spiele\c&c 4 teberium twilight\command conquer 4 tiberian twilight\data\cnc4.game] => (Block) C:\spiele\c&c 4 teberium twilight\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [UDP Query User{2BFDBAFC-D95B-4531-967F-A6392624873A}C:\spiele\c&c 4 teberium twilight\command conquer 4 tiberian twilight\data\cnc4.game] => (Block) C:\spiele\c&c 4 teberium twilight\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [{294C3271-2990-46E8-9734-0531882F29B1}] => (Allow) C:\Spiele\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{FA1AB558-D6F3-46A0-840B-59F7904BF773}] => (Allow) C:\Spiele\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{E8149216-5F9A-463E-9E60-4B07C2F7EB45}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{6CDC80B0-2650-474B-9C72-C56B6789FA11}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{4EF70DAE-FE20-4736-9117-F21981EB758C}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{11A9161B-3C4B-45DA-AB42-68A54394F32E}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{365E8E32-0A4A-438B-94B8-A38A009AABF7}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{A2185D3A-6F24-447A-9618-CD3B1AC8D9C9}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [TCP Query User{8AB303D0-6F96-44E2-BB30-2CADFA3E67B1}C:\program files (x86)\origin games\command and conquer red alert ii\game.exe] => (Block) C:\program files (x86)\origin games\command and conquer red alert ii\game.exe
FirewallRules: [UDP Query User{9DBEF367-4419-4FD8-829B-2EE218E19DA7}C:\program files (x86)\origin games\command and conquer red alert ii\game.exe] => (Block) C:\program files (x86)\origin games\command and conquer red alert ii\game.exe
FirewallRules: [TCP Query User{42A58ACB-7C4C-4B42-9319-4F3FC79A3C21}C:\users\johan_000\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\johan_000\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [UDP Query User{B42E830C-6D18-490C-930E-36EDA7FBD0BF}C:\users\johan_000\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\johan_000\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [{49AE227F-D2A1-4983-9B04-C157AA45ED90}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{C91AD725-7A6F-4AE7-BBE2-CFE0267C4D00}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4DEA3856-948F-4BD1-9A82-305C207F02EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8E2B7ADA-EEC9-482D-8B31-F5381D4E0D25}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{15494353-0268-4F21-914D-58221230940D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B63FFEDD-72F7-4F33-9101-930217A3A805}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{EB770392-485C-4FFA-9914-37F9D36B7A5D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{7704A801-AC77-42F9-9DA6-1809AB51D4B5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{0E13601C-ABE6-4804-90BA-0B3633E509E1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{A4FA0856-916B-4036-BFAB-C5DCFF07BCCF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{1BE8D93A-E861-49FA-9E3F-BF05E9542BF5}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{109C09C9-1E39-4220-9470-DA8F6937AB0D}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
==================== Wiederherstellungspunkte =========================
09-05-2018 18:42:32 Windows Update
19-05-2018 11:46:31 Geplanter Prüfpunkt
22-05-2018 21:50:11 McAfee Vulnerability Scanner
29-05-2018 21:53:35 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/02/2018 03:59:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1204
Startzeit: 01d3fa7927610c7d
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 2c772941-666d-11e8-8302-1008b1a6508e
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/28/2018 08:42:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2641
Error: (05/28/2018 08:42:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2641
Error: (05/28/2018 08:42:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/28/2018 08:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1328
Error: (05/28/2018 08:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1328
Error: (05/28/2018 08:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/23/2018 09:20:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13890
Systemfehler:
=============
Error: (06/02/2018 03:53:06 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 02.06.2018 um 10:21:33 unerwartet heruntergefahren.
Error: (06/02/2018 03:52:46 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841173776
Error: (06/02/2018 10:27:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.
Error: (06/02/2018 10:21:33 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 30.05.2018 um 08:32:53 unerwartet heruntergefahren.
Error: (06/02/2018 10:21:15 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841173776
Error: (05/29/2018 09:17:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 28.05.2018 um 23:14:31 unerwartet heruntergefahren.
Error: (05/29/2018 09:17:01 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841173648
Error: (05/28/2018 07:28:22 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 26.05.2018 um 08:27:06 unerwartet heruntergefahren.
Windows Defender:
===================================
Date: 2017-04-27 11:33:10.977
Description:
Fehler von Windows Defender beim Laden von Signaturen. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen.
Betroffene Signaturen: Aktuell
Fehlercode: 0x80073aba
Fehlerbeschreibung: Die Ressource ist zu alt und daher nicht mehr kompatibel.
Signaturversion: 1.187.322.0;1.187.322.0
Modulversion: 1.1.11104.0
Date: 2015-05-01 00:32:58.468
Description:
Fehler von Windows Defender beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.187.322.0
Updatequelle: Microsoft Update-Server
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.11104.0
Fehlercode: 0x8024001e
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
CodeIntegrity:
===================================
Date: 2016-01-17 21:15:54.712
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-17 21:15:54.620
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 21:40:07.682
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 21:40:07.606
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 19:34:23.346
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 19:34:23.262
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 19:29:13.587
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 19:29:13.509
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 5170.82 MB
Summe virtueller Speicher: 9395.27 MB
Verfügbarer virtueller Speicher: 6208.54 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:913.05 GB) (Free:734.47 GB) NTFS
\\?\Volume{a5010966-2a02-4dfa-a782-1d2bcb70dcdf}\ (RECOVERY) (Fixed) (Total:0.59 GB) (Free:0.32 GB) NTFS
\\?\Volume{d1de73af-164e-4c0c-a76f-a31c1da6fbd6}\ (Push Button Reset) (Fixed) (Total:17.45 GB) (Free:2.03 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DF566A8F)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
02.06.2018, 21:06
| #4 |
| /// TB-Ausbilder | Auf dubiosen link in PM auf Facebook geklickt Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware 3 (Bebilderte Anleitung)
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
03.06.2018, 08:41
| #5 |
| | Hier das AdwCleaner LogCode:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-06-01.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-03-2018
# Duration: 00:00:06
# OS: Windows 8.1
# Cleaned: 20
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files\Booking.com
Deleted C:\Users\johan_000\AppData\Local\Temp\DMR
Deleted C:\ProgramData\Pokki
Deleted C:\Users\Public\Pokki
Deleted C:\Users\johan_000\AppData\Local\Pokki
Deleted C:\Program Files (x86)\Yahoo!\yset
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
Deleted C:\Users\johan_000\AppData\Local\YSearchUtil
***** [ Files ] *****
Deleted C:\Users\johan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Pokki
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Pokki
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Deleted HKCU\Software\Pokki
Deleted HKCU\Software\Classes\lnkfile\shell\pokki
Deleted HKCU\Software\Classes\Drive\shell\pokki
Deleted HKCU\Software\Classes\Directory\shell\pokki
Deleted HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Deleted HKCU\Software\Classes\pokki
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
Deleted __MSG_newtab_chrome_extension_name__
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock
*************************
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 03.06.18
Scan-Zeit: 09:25
Protokolldatei: 3ee04e06-66ff-11e8-b3e3-00ff0107e5ac.json
Administrator: Ja
-Softwaredaten-
Version: 3.5.1.2522
Komponentenversion: 1.0.365
Version des Aktualisierungspakets: 1.0.5340
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: JO\johan_000
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 282614
Erkannte Bedrohungen: 5
In die Quarantäne verschobene Bedrohungen: 5
Abgelaufene Zeit: 5 Min., 2 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 1
PUP.Optional.HomePageHelper, HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AB08804A-4B5E-11E5-8273-1008B1A6508E}, In Quarantäne, [4022], [239111],1.0.5340
Registrierungswert: 4
PUP.Optional.HomePageHelper, HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AB08804A-4B5E-11E5-8273-1008B1A6508E}|FAVICONURL, In Quarantäne, [4022], [239111],1.0.5340
PUP.Optional.HomePageHelper, HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AB08804A-4B5E-11E5-8273-1008B1A6508E}|FAVICONURLFALLBACK, In Quarantäne, [4022], [239111],1.0.5340
PUP.Optional.HomePageHelper, HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AB08804A-4B5E-11E5-8273-1008B1A6508E}|TOPRESULTURL, In Quarantäne, [4022], [239111],1.0.5340
PUP.Optional.HomePageHelper, HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AB08804A-4B5E-11E5-8273-1008B1A6508E}|URL, In Quarantäne, [4022], [239111],1.0.5340
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02.06.2018
durchgeführt von johan_000 (Administrator) auf JO (03-06-2018 09:35:56)
Gestartet von C:\Users\johan_000\Desktop
Geladene Profile: johan_000 (Verfügbare Profile: johan_000)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_8\mcapexe.exe
(McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPServiceHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(© 2015 Microsoft Corporation) C:\Users\johan_000\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13763800 2014-10-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-01] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (CANON INC.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-08-27] (Atheros Communications)
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [4411488 2014-03-16] ()
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\Run: [BingSvc] => C:\Users\johan_000\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1393744 2018-05-14] (CyberGhost S.A.)
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\MountPoints2: {686f99f2-d23d-11e4-825e-806e6f6e6963} - "D:\.\setup.exe"
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\MountPoints2: {ab6f5072-6cf6-11e5-8277-1008b1a6508e} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5D225C14-7FBD-4101-9A54-722F99002927}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AFCF6C45-3D37-4927-9D40-48A8A3022F5C}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=de-de
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005 -> DefaultScope {AB08804A-4B5E-11E5-8273-1008B1A6508E} URL =
SearchScopes: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005 -> {70F4535E-E3A0-45D2-815B-340CBA3EF4AB} URL =
SearchScopes: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005 -> {DECF2A63-EEAD-46BF-98E7-7FAADBFD1AF8} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-01-19] (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-15] (Oracle Corporation)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-01-19] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-15] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-01-19] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-01-19] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2018-04-11] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2018-04-11] (McAfee, Inc.)
FireFox:
========
FF DefaultProfile: mc0bv80i.default
FF ProfilePath: C:\Users\johan_000\AppData\Roaming\Mozilla\Firefox\Profiles\mc0bv80i.default [2018-06-03]
FF Homepage: Mozilla\Firefox\Profiles\mc0bv80i.default -> hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=de-de
hxxps://www.google.de/
FF Extension: (Google Scholar-Schaltfläche) - C:\Users\johan_000\AppData\Roaming\Mozilla\Firefox\Profiles\mc0bv80i.default\Extensions\button@scholar.google.com.xpi [2017-10-10]
FF Extension: (TLS 1.3 gradual roll-out fallback-limit) - C:\Users\johan_000\AppData\Roaming\Mozilla\Firefox\Profiles\mc0bv80i.default\features\{56ce5523-9d80-4510-abe9-875ab8b05ebe}\tls13-version-fallback-rollout-bug1462099@mozilla.org.xpi [2018-06-02] [Legacy]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-05-06]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-09] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2018-04-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-09] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-15] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2018-04-11] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1963366536-3467600762-1340127474-1005: SkypePlugin -> C:\Users\johan_000\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi.dll [2017-04-18] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-1963366536-3467600762-1340127474-1005: SkypePlugin64 -> C:\Users\johan_000\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi-x64.dll [2017-04-18] (Skype Technologies S.A.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [322176 2014-08-27] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [451288 2018-05-22] (Avira Operations GmbH & Co. KG)
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [239184 2018-05-14] (CyberGhost S.A.)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-09-21] (McAfee, Inc.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-10-24] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604312 2018-01-19] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_8\McApExe.exe [728808 2018-04-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\\McCSPServiceHost.exe [2141912 2018-04-06] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [359888 2018-02-23] (McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [512976 2018-02-23] (McAfee, LLC)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [473040 2018-02-23] (McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1669328 2018-04-02] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38240 2016-02-01] (The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2134848 2017-12-09] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3014472 2017-12-09] (Electronic Arts)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1061528 2018-03-06] (McAfee, Inc.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [873968 2017-06-30] (Tunngle.net GmbH) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3905536 2014-08-11] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-08-27] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77216 2018-02-28] (McAfee, LLC)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [218336 2017-10-09] (McAfee, Inc.)
S3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-11] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-11] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-11] (Intel Corporation)
S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-11] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [190696 2018-06-03] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112864 2018-06-03] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [44768 2018-06-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-06-03] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [103648 2018-06-03] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [497568 2018-02-28] (McAfee, LLC)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [360352 2018-02-28] (McAfee, LLC)
U3 mfeavfk01; kein ImagePath
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83952 2018-02-28] (McAfee, LLC)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [529312 2018-02-28] (McAfee, LLC)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [953248 2018-02-28] (McAfee, LLC)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [543632 2018-01-22] (McAfee LLC.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [108432 2018-01-22] (McAfee LLC.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [115616 2018-02-28] (McAfee, LLC)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252832 2018-02-28] (McAfee, LLC)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [19616 2014-09-06] (Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [39464 2016-04-27] (Tunngle.net GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-06-03 09:35 - 2018-06-03 09:35 - 000000000 ____D C:\Users\johan_000\Desktop\FRST-OlderVersion
2018-06-03 09:32 - 2018-06-03 09:32 - 000002451 _____ C:\Users\johan_000\Desktop\malwarebytes.txt
2018-06-03 09:24 - 2018-06-03 09:25 - 000103648 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-06-03 09:24 - 2018-06-03 09:24 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-06-03 09:24 - 2018-06-03 09:24 - 000190696 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-06-03 09:24 - 2018-06-03 09:24 - 000112864 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-06-03 09:24 - 2018-06-03 09:24 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-06-03 09:23 - 2018-06-03 09:23 - 076918432 _____ (Malwarebytes ) C:\Users\johan_000\Desktop\mb3-setup-consumer-3.5.1.2522-1.0.365-1.0.5330.exe
2018-06-03 09:23 - 2018-06-03 09:23 - 000001887 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-06-03 09:23 - 2018-06-03 09:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-06-03 09:23 - 2018-06-03 09:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-06-03 09:23 - 2018-06-03 09:23 - 000000000 ____D C:\Program Files\Malwarebytes
2018-06-03 09:23 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-06-03 09:20 - 2018-06-03 09:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2018-06-03 09:12 - 2018-06-03 09:16 - 000000000 ____D C:\AdwCleaner
2018-06-03 09:04 - 2018-06-03 09:04 - 007271632 _____ (Malwarebytes) C:\Users\johan_000\Desktop\adwcleaner_7.1.1.exe
2018-06-02 16:08 - 2018-06-03 09:36 - 000025376 _____ C:\Users\johan_000\Desktop\FRST.txt
2018-06-02 16:08 - 2018-06-03 09:35 - 002413056 _____ (Farbar) C:\Users\johan_000\Desktop\FRST64.exe
2018-06-02 16:08 - 2018-06-02 16:12 - 000050243 _____ C:\Users\johan_000\Desktop\Addition.txt
2018-06-02 16:02 - 2018-06-03 09:35 - 000000000 ____D C:\FRST
2018-06-02 10:23 - 2018-06-02 10:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-05-23 19:56 - 2018-05-23 19:56 - 000000022 _____ C:\Users\johan_000\Desktop\WinRAR-ZIP-Archiv (neu).zip
2018-05-11 09:06 - 2018-05-15 19:15 - 000009141 _____ C:\Users\johan_000\Documents\Kita Klärung 400.xlsx
2018-05-09 18:09 - 2018-04-22 11:02 - 000803696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-05-09 18:09 - 2018-04-22 10:06 - 000612600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-05-09 18:09 - 2018-04-22 10:04 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-05-09 18:09 - 2018-04-22 09:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-05-09 18:09 - 2018-04-22 09:38 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-05-09 18:09 - 2018-04-22 09:32 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-05-09 18:09 - 2018-04-22 09:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-05-09 18:09 - 2018-04-22 09:26 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-05-09 18:09 - 2018-04-22 09:24 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-05-09 18:09 - 2018-04-22 09:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-05-09 18:09 - 2018-04-22 09:00 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-05-09 18:09 - 2018-04-22 08:57 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-05-09 18:09 - 2018-04-22 08:54 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-05-09 18:09 - 2018-04-22 08:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-05-09 18:09 - 2018-04-22 08:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-05-09 18:09 - 2018-04-22 08:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-05-09 18:09 - 2018-04-22 08:48 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-05-09 18:09 - 2018-04-22 08:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-05-09 18:09 - 2018-04-22 08:33 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-05-09 18:09 - 2018-04-22 08:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-05-09 18:09 - 2018-04-22 08:31 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-05-09 18:09 - 2018-04-22 08:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-05-09 18:09 - 2018-04-22 08:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-05-09 18:09 - 2018-04-22 08:27 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-05-09 18:09 - 2018-04-22 08:26 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-05-09 18:09 - 2018-04-22 08:26 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-05-09 18:09 - 2018-04-22 08:22 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-05-09 18:09 - 2018-04-22 08:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-05-09 18:09 - 2018-04-22 08:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-05-09 18:09 - 2018-04-22 08:04 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-05-09 18:09 - 2018-04-22 08:03 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-05-09 18:09 - 2018-04-15 18:55 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-05-09 18:09 - 2018-04-15 18:16 - 000536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-05-09 18:09 - 2018-04-11 03:03 - 007406936 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-05-09 18:09 - 2018-04-11 03:02 - 001676056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-05-09 18:09 - 2018-04-11 03:02 - 001536112 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-05-09 18:09 - 2018-04-10 20:51 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-05-09 18:09 - 2018-04-10 20:27 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-05-09 18:09 - 2018-04-10 20:13 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-05-09 18:09 - 2018-04-10 19:01 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-05-09 18:09 - 2018-04-10 18:50 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-05-09 18:09 - 2018-04-07 18:17 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-05-09 18:09 - 2018-04-07 17:49 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-05-09 18:09 - 2018-04-07 17:41 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-05-09 18:09 - 2018-04-07 17:23 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-05-09 18:09 - 2018-04-07 17:20 - 001707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-05-09 18:09 - 2018-04-07 17:10 - 001344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-05-09 18:09 - 2018-04-07 17:06 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-05-09 18:09 - 2018-04-07 17:01 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-05-09 18:09 - 2018-04-06 23:27 - 000376656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2018-05-09 18:09 - 2018-03-24 17:57 - 001101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2018-05-09 18:09 - 2018-03-24 17:40 - 001171456 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2018-05-09 18:09 - 2018-03-24 17:34 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2018-05-09 18:09 - 2018-03-24 17:22 - 001086976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2018-05-09 18:09 - 2018-03-24 16:56 - 007033344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-05-09 18:09 - 2018-03-24 16:54 - 006214144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-05-09 18:09 - 2018-03-16 00:29 - 000136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-05-09 18:09 - 2018-03-10 22:55 - 000137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-05-09 18:09 - 2018-03-10 21:04 - 000120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-05-09 18:09 - 2018-03-10 19:51 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-05-09 18:09 - 2018-03-10 19:47 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-05-09 18:09 - 2018-03-10 19:47 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-05-09 18:09 - 2018-03-10 19:43 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-05-09 18:09 - 2018-03-10 18:46 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2018-05-09 18:09 - 2018-03-10 18:44 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-05-09 18:09 - 2018-03-10 18:35 - 000696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2018-05-09 18:09 - 2018-03-10 18:35 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-05-09 18:09 - 2018-03-10 18:33 - 003717632 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-05-09 18:09 - 2018-03-10 18:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-05-09 18:09 - 2018-03-10 18:21 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-05-09 18:09 - 2018-03-10 18:21 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-05-09 18:09 - 2018-03-10 18:20 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-05-09 18:09 - 2018-03-10 18:18 - 000726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-05-09 18:09 - 2018-03-10 18:18 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2018-05-09 18:09 - 2018-03-10 18:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-05-09 18:09 - 2018-03-10 18:18 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-05-09 18:09 - 2018-03-10 18:17 - 002240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-05-09 18:09 - 2018-03-10 18:17 - 000897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-05-09 18:09 - 2018-03-09 20:57 - 000276816 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-05-09 18:09 - 2018-03-03 18:24 - 001725952 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2018-05-09 18:09 - 2018-03-03 18:18 - 000894976 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2018-05-09 18:09 - 2018-03-03 18:18 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll
2018-05-09 18:09 - 2018-03-03 18:15 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2018-05-09 18:09 - 2018-03-03 18:04 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2018-05-09 18:09 - 2018-03-03 18:04 - 000265728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcuiu.dll
2018-05-09 18:09 - 2018-02-14 23:45 - 001308336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-05-09 18:09 - 2018-02-14 16:47 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-06-03 09:24 - 2015-03-25 00:47 - 000759378 _____ C:\Windows\system32\perfh007.dat
2018-06-03 09:24 - 2015-03-25 00:47 - 000156604 _____ C:\Windows\system32\perfc007.dat
2018-06-03 09:24 - 2014-03-18 12:03 - 001769264 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-03 09:24 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-06-03 09:23 - 2015-05-02 15:14 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1963366536-3467600762-1340127474-1005
2018-06-03 09:22 - 2015-05-02 15:09 - 000000000 ___RD C:\Users\johan_000\OneDrive
2018-06-03 09:19 - 2016-11-20 01:15 - 000000000 ____D C:\Users\johan_000\AppData\LocalLow\Mozilla
2018-06-03 09:18 - 2015-05-06 16:23 - 000000000 ____D C:\Users\johan_000\.rainlendar2
2018-06-03 09:17 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-03 09:17 - 2013-08-22 15:25 - 000524288 ___SH C:\Windows\system32\config\BBI
2018-06-03 09:16 - 2017-08-15 22:46 - 000000000 ____D C:\Program Files (x86)\Yahoo!
2018-06-02 10:33 - 2016-06-20 21:56 - 000000000 ____D C:\Users\johan_000\Documents\Telefon
2018-06-02 10:23 - 2015-02-19 18:48 - 000000000 ____D C:\ProgramData\Package Cache
2018-06-02 10:22 - 2015-05-02 15:06 - 000000000 ____D C:\Users\johan_000
2018-05-30 08:27 - 2016-03-27 22:29 - 000000000 ____D C:\Users\johan_000\Documents\F
2018-05-28 23:17 - 2015-05-02 20:44 - 000000000 ____D C:\Users\johan_000\AppData\Roaming\vlc
2018-05-28 21:32 - 2018-03-06 13:28 - 000000000 ____D C:\Program Files\CyberGhost 6
2018-05-28 19:29 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2018-05-28 19:28 - 2018-03-23 20:14 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-05-28 19:27 - 2017-05-21 11:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-28 19:27 - 2015-08-17 12:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-22 21:51 - 2016-01-28 12:51 - 000000000 ____D C:\Users\johan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-05-22 21:51 - 2016-01-28 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-05-22 21:51 - 2016-01-28 12:50 - 000000000 ____D C:\Program Files\WinRAR
2018-05-21 19:33 - 2018-03-23 20:14 - 000003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2018-05-21 19:33 - 2018-03-23 20:08 - 000000000 ____D C:\Program Files\Common Files\McAfee
2018-05-21 19:32 - 2018-03-23 20:14 - 000000000 ____D C:\Windows\System32\Tasks\McAfee
2018-05-21 19:32 - 2013-08-22 17:36 - 000000000 ___HD C:\Windows\ELAMBKUP
2018-05-19 11:50 - 2015-05-10 20:39 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-05-19 11:49 - 2015-05-10 20:38 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-19 11:39 - 2015-08-17 12:15 - 000001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-19 09:39 - 2015-05-06 08:49 - 000000000 ____D C:\Users\johan_000\Documents\ING DiBa
2018-05-11 09:18 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-05-10 00:02 - 2013-08-22 16:44 - 000508008 _____ C:\Windows\system32\FNTCACHE.DAT
2018-05-09 19:08 - 2015-05-06 08:50 - 000000000 ____D C:\Users\johan_000\Documents\Steuern
2018-05-09 18:52 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-05-09 18:47 - 2015-05-05 03:28 - 000000000 ____D C:\Windows\system32\MRT
2018-05-09 18:44 - 2017-10-15 12:49 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-05-09 18:44 - 2015-05-05 03:28 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-05-09 13:55 - 2018-03-13 16:03 - 000004512 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-05-09 13:55 - 2015-11-05 15:25 - 000004342 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-05-09 13:55 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-05-09 13:55 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2018-05-06 11:34 - 2015-05-11 20:17 - 000000000 ____D C:\Users\johan_000\AppData\Local\ElevatedDiagnostics
2018-05-06 11:07 - 2015-05-06 08:50 - 000000000 ____D C:\Users\johan_000\Documents\Various Docs
Einige Dateien in TEMP:
====================
2015-05-02 15:09 - 2015-05-02 15:09 - 000000000 ____D () C:\Users\johan_000\AppData\Local\Temp\avgnt.exe
2015-11-12 21:31 - 2015-11-12 21:31 - 000144008 _____ (© 2015 Microsoft Corporation) C:\Users\johan_000\AppData\Local\Temp\BingSvc.exe
2015-09-30 19:30 - 2015-11-12 21:31 - 001118360 _____ (© 2015 Microsoft Corporation) C:\Users\johan_000\AppData\Local\Temp\BSvcProcessor.exe
2015-09-30 19:30 - 2015-11-12 21:31 - 000170128 _____ (© 2015 Microsoft Corporation) C:\Users\johan_000\AppData\Local\Temp\BSvcUpdater.exe
2017-11-26 22:32 - 2017-11-26 22:32 - 003239696 _____ (Microsoft) C:\Users\johan_000\AppData\Local\Temp\CNC4LauncherUpdate.exe
2015-09-30 19:20 - 2015-09-30 19:20 - 002308240 _____ (Microsoft Corporation) C:\Users\johan_000\AppData\Local\Temp\DefaultPack.EXE
2015-11-28 19:51 - 2015-11-28 19:51 - 000065536 _____ (Sony DADC Austria AG) C:\Users\johan_000\AppData\Local\Temp\drm_dialogs.dll
2015-11-28 18:56 - 2015-12-09 18:23 - 000204800 _____ (Sony DADC Austria AG) C:\Users\johan_000\AppData\Local\Temp\drm_dyndata_7380006.dll
2015-11-28 19:51 - 2015-12-09 18:24 - 000204800 _____ (Sony DADC Austria AG) C:\Users\johan_000\AppData\Local\Temp\drm_dyndata_7380014.dll
2016-04-15 17:56 - 2015-01-19 20:48 - 001126480 ____N (CANON INC.) C:\Users\johan_000\AppData\Local\Temp\MSETUP4.EXE
2015-08-27 00:15 - 2016-07-11 23:21 - 016826944 ____T (Geek Software GmbH ) C:\Users\johan_000\AppData\Local\Temp\pdf24-creator-update.exe
2016-02-10 10:20 - 2016-02-10 10:20 - 000117288 _____ (Microsoft Corporation) C:\Users\johan_000\AppData\Local\Temp\ShFolder.Exe
2016-04-15 18:00 - 2014-01-20 11:38 - 000354392 ____R (CANON INC.) C:\Users\johan_000\AppData\Local\Temp\uninstall.exe
2017-05-23 19:29 - 2017-05-23 19:29 - 014456872 _____ (Microsoft Corporation) C:\Users\johan_000\AppData\Local\Temp\vc_redist.x86.exe
2016-06-28 21:43 - 2016-06-28 21:43 - 031717016 _____ () C:\Users\johan_000\AppData\Local\Temp\vlc-2.2.4-win64.exe
2017-09-16 14:14 - 2017-09-16 14:15 - 032100680 _____ () C:\Users\johan_000\AppData\Local\Temp\vlc-2.2.6-win64.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2018-05-30 07:49
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02.06.2018
durchgeführt von johan_000 (03-06-2018 09:36:44)
Gestartet von C:\Users\johan_000\Desktop
Windows 8.1 (Update) (X64) (2015-04-30 22:33:35)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1963366536-3467600762-1340127474-500 - Administrator - Disabled)
Gast (S-1-5-21-1963366536-3467600762-1340127474-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1963366536-3467600762-1340127474-1003 - Limited - Enabled)
johan_000 (S-1-5-21-1963366536-3467600762-1340127474-1005 - Administrator - Enabled) => C:\Users\johan_000
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Avira (HKLM-x32\...\{B9E9546C-BAD0-43AB-8812-4FC3F8A9547C}) (Version: 1.2.113.25350 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{d2c9315d-82be-4e7a-8d9f-ccbe716c2552}) (Version: 1.2.113.25350 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon MG2900 series Benutzerregistrierung (HKLM-x32\...\Canon MG2900 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.00 - Canon Inc.)
Canon MG2900 series On-screen Manual (HKLM-x32\...\Canon MG2900 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5000 series Benutzerregistrierung (HKLM-x32\...\Canon TS5000 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon TS5000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5000_series) (Version: 1.02 - Canon Inc.)
Canon TS5000 series On-Screen-Handbuch (HKLM-x32\...\Canon TS5000 series On-Screen-Handbuch) (Version: 1.1.0 - Canon Inc.)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ and The Covert Operations™ (HKLM-x32\...\{050E298D-C9B8-4582-A332-26201268A297}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{1A882F29-BC18-4AC2-A71E-0FC30FA32568}) (Version: 1.0.0.0 - Electronic Arts)
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.A.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.2.19144 - Landesfinanzdirektion Thüringen)
EPSON SX430 Series Printer Uninstall (HKLM\...\EPSON SX430 Series) (Version: - SEIKO EPSON Corporation)
EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fragen-Lern-CD International Klassen B+A (HKLM-x32\...\Fragen-Lern-CD International Klassen B+A) (Version: 1.0 - Wendel-Verlag)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3977 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
iTunes (HKLM\...\{69D24652-4A1D-49C6-AA0C-573A38083F6C}) (Version: 12.7.3.46 - Apple Inc.)
Janitos Offline-Tarifrechner 3.4.7.4 (HKLM-x32\...\Janitos Offline-Tarifrechner 3_is1) (Version: - Fairware24)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.163 - McAfee, Inc.)
McAfee® Internet Security (HKLM-x32\...\MSC) (Version: 16.0 R11 - McAfee, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 60.0.1 (x64 de) (HKLM\...\Mozilla Firefox 60.0.1 (x64 de)) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.1.6710 - Mozilla)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
OpenVPN 2.3.10-I602 (HKLM\...\OpenVPN) (Version: 2.3.10-I602 - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.8.11002 - Electronic Arts, Inc.)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.330 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.43 - Qualcomm Atheros)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7358 - Realtek Semiconductor Corp.)
Scientific Viewer 5.5 (HKLM-x32\...\{CE644673-D8DA-4C22-A958-CBE3A06C4A8B}) (Version: 5.50 - MacKichan Software)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype Version 8.18 (HKLM-x32\...\Skype_is1) (Version: 8.18 - Skype Technologies S.A.)
Skype Web Plugin (HKLM-x32\...\{EB96DF8B-65A7-4E72-BFB1-38DB36870D16}) (Version: 7.32.6.278 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
test und FINANZtest Archiv CD-Rom 2017 (HKLM-x32\...\test und FINANZtest Archiv CD-Rom 2017) (Version: 1.0.0.0 - )
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.9 - Tunngle.net GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WISO steuer:Sparbuch 2017 (HKLM-x32\...\{4B58E20F-F052-4C6F-993B-7E62C7240E2A}) (Version: 24.00.1375 - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2018 (HKLM-x32\...\{26D074D9-1133-499E-9C98-5E3A863D2E93}) (Version: 25.02.1498 - Buhl Data Service GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005_Classes\CLSID\{41052F6E-3662-4584-BCD3-77BCCAAE8470}\InprocServer32 -> C:\Users\johan_000\AppData\Local\SkypePlugin\7.32.6.278\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005_Classes\CLSID\{60813F68-E9F7-4B3C-80B4-A76A66211660}\localserver32 -> C:\Users\johan_000\AppData\Local\SkypePlugin\7.32.6.278\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\johan_000\AppData\Local\SkypePlugin\7.32.6.278\EdgeCalling.exe (Skype Technologies S.A.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2014-08-27] (Qualcomm®Atheros®)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-04-11] (McAfee, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2014-08-27] (Qualcomm®Atheros®)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-10-24] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-04-08] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-04-11] (McAfee, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0649AE8F-211C-4642-B17C-6C3EE47ECC1A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {25F13F12-0F14-42F2-ABE2-27D3DF22E4D1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {2DFA2FC7-2CF0-4B07-B366-CC05A7BB863F} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {3CE9E8BE-062E-421A-8788-C0C439D369DA} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [2018-03-27] (McAfee, Inc.)
Task: {449099CA-5FFD-4E4E-B62F-FCF59C0EB791} - System32\Tasks\{2FAAADA7-FDDE-43C7-A19D-3B3EF3812755} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Acer\abDocs\AcerDocsSetup.exe" -c -uninstall
Task: {4BFF405C-5370-433F-B95B-EA4430A55737} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {4D2DD3EC-FFC3-474D-B4CA-E01CCAA05BBC} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {51691614-C001-43AF-B816-071B82612145} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {67915EAC-59AE-4AF3-AD89-506E4F0BD9B4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {7DD5F2EF-5FD8-4F87-BD80-FF4447E7A298} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-12-30] (Acer Incorporate)
Task: {90520175-8688-4612-93F2-4DC37A4FE955} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-09] (Acer Incorporated)
Task: {BA6B51F0-8B3B-4C70-9159-5E9FAADBC7E6} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {BD793353-7AF8-4B6B-82B2-AFDD7280FE63} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-09] (Adobe Systems Incorporated)
Task: {C6DCF76E-6BC0-4ED5-8B18-A3F719875488} - System32\Tasks\FUB => C:\Program Files (x86)\Acer\Care Center\FUB.bat <==== ACHTUNG
Task: {C9A4BC17-95EC-41CF-B7E7-36A2718D50B8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-09] (Adobe Systems Incorporated)
Task: {C9D38617-9F27-4F2D-B9D5-2ABEF00074C4} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {E46CA6B0-9876-4594-8365-299CE24443C2} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {FCFA6CD1-5DB8-47DB-9657-1B54B46E9A78} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2018-02-28] (McAfee, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-05-02 12:27 - 2015-04-08 23:30 - 000116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-01-05 01:14 - 2018-01-05 01:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-05 01:13 - 2018-01-05 01:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-04 14:30 - 2015-07-04 14:30 - 000183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-02-19 17:23 - 2014-10-24 05:39 - 000456808 _____ () C:\Windows\system32\igfxTray.exe
2018-04-06 13:05 - 2018-04-06 13:05 - 000896136 _____ () C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPMsgBusDLL.dll
2014-08-27 20:45 - 2014-08-27 20:45 - 000011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-08-27 20:41 - 2014-08-27 20:41 - 000086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-08-27 20:47 - 2014-08-27 20:47 - 000012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2018-01-22 04:15 - 2018-01-22 04:15 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-01-22 04:15 - 2018-01-22 04:15 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2014-03-16 19:42 - 2014-03-16 19:42 - 004411488 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2012-05-16 21:12 - 2012-05-16 21:12 - 000179200 _____ () C:\Program Files\Rainlendar2\lua52.dll
2014-03-14 12:24 - 2014-03-14 12:24 - 000324608 _____ () C:\Program Files\Rainlendar2\libical.dll
2014-03-16 19:42 - 2014-03-16 19:42 - 000082528 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2014-03-14 12:24 - 2014-03-14 12:24 - 000080384 _____ () C:\Program Files\Rainlendar2\libicalss.dll
2012-06-17 15:21 - 2012-06-17 15:21 - 000015360 _____ () C:\Program Files\Rainlendar2\lfs.dll
2018-06-03 09:23 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-06-03 09:23 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-03-24 17:28 - 2013-10-01 11:09 - 000078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2015-05-02 12:16 - 2015-05-23 03:48 - 000011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-10-10 10:37 - 2014-10-10 10:37 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Application Data:BDSDRMHK [64]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\johan_000\OneDrive\Pictures\Eigene Aufnahmen\WP_20150426_12_14_11_Pro.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\StartupApproved\Run: => "Steam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{F8B35D48-3C7D-4C6A-BDDA-09548A83D7CE}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{CD538265-83B0-4300-9758-2D18C3DF8FE8}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{292D208F-8F61-4BBF-9AC6-5A10EFE6CDFB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{093BB5B6-CA26-41E0-8F95-C99ED24CD0ED}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4B721A9F-B014-42DD-AAEF-644C6F42C474}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{24402A7F-65D8-4506-B7FF-1D418A6F66E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0B9110A1-CDD9-444F-877C-867488DBB079}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8B4681B6-9C78-404D-AB0F-311647B52736}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FF0E0438-1E08-47F6-8DEA-3889B495BE0A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4A908F3A-BB33-4098-BEB2-06328B7FCB4B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{DCA90C3E-3800-4317-8F30-ADDE3509A4B6}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{9032880C-31D5-406A-BEA3-24D3554524C5}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{835EA096-00A4-4398-9EFA-3C149BEEA15A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{48D61D4D-9A5D-485A-8E61-6A24C29E828B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{FEA0769E-0CCA-44F5-B690-F9FCD944F643}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6AD8E723-CB17-4604-98F1-31478AD1C46A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A8F52802-6EF1-4E8D-9306-8BE27A217A6F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{81C34AE6-6796-4B1F-AAC5-FEBE11CBF7AF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{CB3ABB6D-A88A-4DFC-9CC2-7D567DEE1D66}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{91D5DB8D-4FB6-41A2-8DA5-987129BAC6CA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4B7F462C-9C15-4EE9-9CA3-58E59977715D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B84EE29B-2003-44EA-9695-7184654A7AE8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{5BB720FD-9668-4D22-888A-DDA432BCA3A0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{6A64665E-09E9-4588-BB89-4BE3D1173DE2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{1395C35E-6AD0-4D55-8CE7-3EACC4B8B392}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{238BBABD-FEB5-40BF-880D-A1D61AC582E5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{5DD86093-3FD0-4474-802F-211C8B8125B8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F3FA8213-1A14-4DBC-A308-5C33CA573021}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{C767D3E4-1521-4402-8670-504AF0B4236A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{C49122BC-868C-4748-8EC4-A6461468934C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{13FB51BB-9AFA-4EAD-8027-28C32A8B3F14}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{E3DFA4ED-4624-4D76-9A6B-23DBFAC07784}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{208B09A5-A303-4472-BD71-54B347300131}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{C869129C-C61D-47FD-B76D-B58E88C67AB7}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{61FF2E81-4C4B-4072-96E5-06926FF2398E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{BCF46940-66C8-4F60-A1F2-11EA2B0BED72}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{CF968175-774E-4C1D-93A2-A12B14EBC6FD}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{25BAA30D-4639-4C1C-A09A-B7E8C4B5A9B4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{09D3AD0D-8FCC-4131-AF08-430D31AE08CC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EE69293A-CE31-4DE4-BE57-4C978D7B3D37}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A8AF188E-A296-4299-B5BE-C6453F0F2D4C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1E59A9D9-C68B-4F48-A6F6-98360E6A30A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{41520518-BC13-4852-8078-BA3F11CA3297}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A371968E-57C1-47AC-9C87-653531037FC8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{6A18096B-617B-4FD8-A8E1-205608E1488D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9BDB11D8-9BB1-4D61-A09D-1AC378E79391}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C067CC91-022F-4805-811E-BC7F8DAA00A3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8446B1A2-F5D1-4F94-A313-B64798E79182}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{80D9CACB-18A9-415D-BBB0-E85CBE64C53C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6ABE84ED-5EFB-44E1-B05C-FB56A5356E1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{605986F1-8624-43FB-9DA3-EA50FA9CEE3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{E9171FC4-3BD5-46FF-BB6F-FA0D02046DA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{7472605A-F1D0-483D-8DC3-1680E1D0F81E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{E351AF82-EC4A-4E21-9193-8DB37DEA9EB8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3C1A1570-C9E3-4CD7-90B0-B681348D5A3D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{460F4C76-22C1-438F-8254-7B3714C772EA}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BB7B9BAF-CC51-4EF1-BE74-91B0E7EEA69E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E3AD27A4-214D-4C8A-806D-5A15D90D38E6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{51324EE0-E354-4405-B9EC-990B78269E7F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{44BCA715-6AB9-4F91-8524-6106B18C44C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{3EA8321D-5909-41E1-9F79-1BA2D7B7FB8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [TCP Query User{C45BFD94-EC44-42B5-8C36-46462EE62308}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{39A0CC7D-CBBC-4938-B985-F2DE33401D0D}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{141EAB74-24F2-431F-BBC4-EE7C9916D024}C:\program files\openvpn\bin\openvpn.exe] => (Block) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{ACF6AE44-A953-4653-8FE5-A46EF65FB32B}C:\program files\openvpn\bin\openvpn.exe] => (Block) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{F0277A66-36D1-443A-85EF-BD9A43EADF61}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{AE2C8A86-385A-47AC-83A7-0A5419F453A5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B24A5433-9566-4FCA-B1BF-CEDF0CDE05FE}C:\program files (x86)\fairware24\janitostarifrechner\zebedee.exe] => (Allow) C:\program files (x86)\fairware24\janitostarifrechner\zebedee.exe
FirewallRules: [UDP Query User{090D9668-9EE6-469A-A191-C98EEAF573E4}C:\program files (x86)\fairware24\janitostarifrechner\zebedee.exe] => (Allow) C:\program files (x86)\fairware24\janitostarifrechner\zebedee.exe
FirewallRules: [{41F01875-6592-4361-A0EB-4F9A82CF1A1E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6AE51FE8-46B0-4A44-949A-4C740DD7225E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F8A5F74C-4600-4DE9-B2E4-3F129E6E321F}] => (Allow) C:\Spiele\C&C 1\CNC and The Covert Operations\CNC95Launcher.exe
FirewallRules: [{52644705-6D94-47A6-9295-3370710C77FA}] => (Allow) C:\Spiele\C&C 1\CNC and The Covert Operations\CNC95Launcher.exe
FirewallRules: [{A1CA101D-BA8F-4414-BC79-C5DB7CE4C998}] => (Allow) C:\Spiele\C&C Red Alert 2\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{2138C0CA-58D1-4B31-A539-55D5DAE1EE08}] => (Allow) C:\Spiele\C&C Red Alert 2\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{D4F854C6-4FB2-4EBA-B132-8FF6304DF3EF}] => (Allow) C:\Spiele\C&C 4 Teberium Twilight\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [{564EF35A-D694-4E8D-8818-73B9380FC276}] => (Allow) C:\Spiele\C&C 4 Teberium Twilight\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [TCP Query User{866A756C-413B-43B4-AB81-4134B7238B7A}C:\spiele\c&c 4 teberium twilight\command conquer 4 tiberian twilight\data\cnc4.game] => (Block) C:\spiele\c&c 4 teberium twilight\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [UDP Query User{2BFDBAFC-D95B-4531-967F-A6392624873A}C:\spiele\c&c 4 teberium twilight\command conquer 4 tiberian twilight\data\cnc4.game] => (Block) C:\spiele\c&c 4 teberium twilight\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [{294C3271-2990-46E8-9734-0531882F29B1}] => (Allow) C:\Spiele\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{FA1AB558-D6F3-46A0-840B-59F7904BF773}] => (Allow) C:\Spiele\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{E8149216-5F9A-463E-9E60-4B07C2F7EB45}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{6CDC80B0-2650-474B-9C72-C56B6789FA11}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{4EF70DAE-FE20-4736-9117-F21981EB758C}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{11A9161B-3C4B-45DA-AB42-68A54394F32E}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{365E8E32-0A4A-438B-94B8-A38A009AABF7}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{A2185D3A-6F24-447A-9618-CD3B1AC8D9C9}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [TCP Query User{8AB303D0-6F96-44E2-BB30-2CADFA3E67B1}C:\program files (x86)\origin games\command and conquer red alert ii\game.exe] => (Block) C:\program files (x86)\origin games\command and conquer red alert ii\game.exe
FirewallRules: [UDP Query User{9DBEF367-4419-4FD8-829B-2EE218E19DA7}C:\program files (x86)\origin games\command and conquer red alert ii\game.exe] => (Block) C:\program files (x86)\origin games\command and conquer red alert ii\game.exe
FirewallRules: [TCP Query User{42A58ACB-7C4C-4B42-9319-4F3FC79A3C21}C:\users\johan_000\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\johan_000\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [UDP Query User{B42E830C-6D18-490C-930E-36EDA7FBD0BF}C:\users\johan_000\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\johan_000\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [{49AE227F-D2A1-4983-9B04-C157AA45ED90}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{C91AD725-7A6F-4AE7-BBE2-CFE0267C4D00}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4DEA3856-948F-4BD1-9A82-305C207F02EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8E2B7ADA-EEC9-482D-8B31-F5381D4E0D25}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{15494353-0268-4F21-914D-58221230940D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B63FFEDD-72F7-4F33-9101-930217A3A805}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{EB770392-485C-4FFA-9914-37F9D36B7A5D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{7704A801-AC77-42F9-9DA6-1809AB51D4B5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{0E13601C-ABE6-4804-90BA-0B3633E509E1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{A4FA0856-916B-4036-BFAB-C5DCFF07BCCF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{1BE8D93A-E861-49FA-9E3F-BF05E9542BF5}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{109C09C9-1E39-4220-9470-DA8F6937AB0D}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
==================== Wiederherstellungspunkte =========================
09-05-2018 18:42:32 Windows Update
19-05-2018 11:46:31 Geplanter Prüfpunkt
22-05-2018 21:50:11 McAfee Vulnerability Scanner
29-05-2018 21:53:35 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/02/2018 03:59:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1204
Startzeit: 01d3fa7927610c7d
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 2c772941-666d-11e8-8302-1008b1a6508e
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/28/2018 08:42:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2641
Error: (05/28/2018 08:42:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2641
Error: (05/28/2018 08:42:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/28/2018 08:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1328
Error: (05/28/2018 08:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1328
Error: (05/28/2018 08:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/23/2018 09:20:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13890
Systemfehler:
=============
Error: (06/03/2018 09:16:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Origin Web Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/03/2018 09:16:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ePower Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/03/2018 09:16:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/03/2018 09:16:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/03/2018 09:16:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/03/2018 09:16:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/03/2018 09:16:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/03/2018 09:16:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberGhost 6 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Windows Defender:
===================================
Date: 2017-04-27 11:33:10.977
Description:
Fehler von Windows Defender beim Laden von Signaturen. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen.
Betroffene Signaturen: Aktuell
Fehlercode: 0x80073aba
Fehlerbeschreibung: Die Ressource ist zu alt und daher nicht mehr kompatibel.
Signaturversion: 1.187.322.0;1.187.322.0
Modulversion: 1.1.11104.0
Date: 2015-05-01 00:32:58.468
Description:
Fehler von Windows Defender beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.187.322.0
Updatequelle: Microsoft Update-Server
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.11104.0
Fehlercode: 0x8024001e
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
CodeIntegrity:
===================================
Date: 2016-01-17 21:15:54.712
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-17 21:15:54.620
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 21:40:07.682
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 21:40:07.606
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 19:34:23.346
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 19:34:23.262
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 19:29:13.587
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 19:29:13.509
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 5276.79 MB
Summe virtueller Speicher: 9395.27 MB
Verfügbarer virtueller Speicher: 6407.74 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:913.05 GB) (Free:733.94 GB) NTFS
\\?\Volume{a5010966-2a02-4dfa-a782-1d2bcb70dcdf}\ (RECOVERY) (Fixed) (Total:0.59 GB) (Free:0.32 GB) NTFS
\\?\Volume{d1de73af-164e-4c0c-a76f-a31c1da6fbd6}\ (Push Button Reset) (Fixed) (Total:17.45 GB) (Free:2.03 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DF566A8F)
Partition: GPT.
==================== Ende von Addition.txt ============================
Reihenfolge in der ich die Logs gepostet hab: - AdwCleaner - Mallwarebytes - FRST - Addition |
|
03.06.2018, 10:08
| #6 |
| /// TB-Ausbilder | Auf dubiosen link in PM auf Facebook geklickt Servus, Schritt 1
Schritt 2
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
03.06.2018, 11:25
| #7 |
| | Fixlog ...Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02.06.2018
durchgeführt von johan_000 (03-06-2018 12:12:02) Run:1
Gestartet von C:\Users\johan_000\Desktop
Geladene Profile: johan_000 (Verfügbare Profile: johan_000)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=de-de
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005 -> DefaultScope {AB08804A-4B5E-11E5-8273-1008B1A6508E} URL =
SearchScopes: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005 -> {70F4535E-E3A0-45D2-815B-340CBA3EF4AB} URL =
SearchScopes: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005 -> {DECF2A63-EEAD-46BF-98E7-7FAADBFD1AF8} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
Task: {449099CA-5FFD-4E4E-B62F-FCF59C0EB791} - System32\Tasks\{2FAAADA7-FDDE-43C7-A19D-3B3EF3812755} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Acer\abDocs\AcerDocsSetup.exe" -c -uninstall
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
CMD: dir "C:\"
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
RemoveProxy:
CMD: ipconfig /flushdns
EmptyTemp:
*****************
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wert erfolgreich wiederhergestellt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Wert erfolgreich wiederhergestellt
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\Software\Microsoft\Internet Explorer\Main\\Start Page => Wert erfolgreich wiederhergestellt
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Wert erfolgreich wiederhergestellt
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => erfolgreich entfernt
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => nicht gefunden
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}" => erfolgreich entfernt
HKLM\Software\Classes\CLSID\{AA9A4890-4262-4441-8977-E2FFCBFB706C} => nicht gefunden
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => erfolgreich entfernt
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => nicht gefunden
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}" => erfolgreich entfernt
HKLM\Software\Wow6432Node\Classes\CLSID\{AA9A4890-4262-4441-8977-E2FFCBFB706C} => nicht gefunden
"HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => erfolgreich entfernt
"HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{70F4535E-E3A0-45D2-815B-340CBA3EF4AB}" => erfolgreich entfernt
HKLM\Software\Classes\CLSID\{70F4535E-E3A0-45D2-815B-340CBA3EF4AB} => nicht gefunden
"HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DECF2A63-EEAD-46BF-98E7-7FAADBFD1AF8}" => erfolgreich entfernt
HKLM\Software\Classes\CLSID\{DECF2A63-EEAD-46BF-98E7-7FAADBFD1AF8} => nicht gefunden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{449099CA-5FFD-4E4E-B62F-FCF59C0EB791}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{449099CA-5FFD-4E4E-B62F-FCF59C0EB791}" => erfolgreich entfernt
C:\Windows\System32\Tasks\{2FAAADA7-FDDE-43C7-A19D-3B3EF3812755} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2FAAADA7-FDDE-43C7-A19D-3B3EF3812755}" => erfolgreich entfernt
========= dir "%ProgramFiles%" =========
Datentr„ger in Laufwerk C: ist Acer
Volumeseriennummer: 4266-E74F
Verzeichnis von C:\Program Files
03.06.2018 09:23 <DIR> .
03.06.2018 09:23 <DIR> ..
28.11.2015 23:29 <DIR> 7-Zip
24.03.2015 18:16 <DIR> Accessory Store
01.05.2015 00:59 <DIR> Acer
26.02.2018 21:50 <DIR> Bonjour
05.04.2018 20:13 <DIR> Canon
23.03.2018 20:14 <DIR> Common Files
28.05.2018 21:32 <DIR> CyberGhost 6
24.03.2015 17:29 <DIR> Dolby Digital Plus
24.03.2015 17:34 <DIR> Dropbox
24.03.2015 17:12 <DIR> Intel
09.05.2018 22:45 <DIR> Internet Explorer
26.02.2018 21:52 <DIR> iPod
21.03.2018 23:15 <DIR> IrfanView
26.02.2018 21:52 <DIR> iTunes
24.03.2015 17:37 <DIR> LoveFilm
03.06.2018 09:23 <DIR> Malwarebytes
23.03.2018 20:17 <DIR> McAfee
23.03.2018 20:14 <DIR> McAfee.com
09.06.2015 09:55 <DIR> Microsoft Mouse and Keyboard Center
02.05.2015 20:21 <DIR> Microsoft Office
18.06.2017 10:14 <DIR> Microsoft Silverlight
19.02.2015 17:32 <DIR> MSBuild
02.05.2015 12:27 <DIR> NVIDIA Corporation
16.02.2016 11:38 <DIR> OpenVPN
07.07.2015 15:42 <DIR> R
06.05.2015 16:23 <DIR> Rainlendar2
24.03.2015 17:29 <DIR> Realtek
19.02.2015 17:32 <DIR> Reference Assemblies
16.02.2016 11:38 <DIR> TAP-Windows
02.05.2015 20:34 <DIR> VideoLAN
13.04.2017 01:30 <DIR> Windows Defender
06.05.2015 11:23 <DIR> Windows Mail
06.05.2015 11:23 <DIR> Windows Media Player
06.05.2015 11:23 <DIR> Windows Multimedia Platform
22.08.2013 17:36 <DIR> Windows NT
06.05.2015 11:23 <DIR> Windows Photo Viewer
06.05.2015 11:23 <DIR> Windows Portable Devices
06.05.2015 11:20 <DIR> WindowsPowerShell
22.05.2018 21:51 <DIR> WinRAR
0 Datei(en), 0 Bytes
41 Verzeichnis(se), 788.045.189.120 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramFiles(x86)%" =========
Datentr„ger in Laufwerk C: ist Acer
Volumeseriennummer: 4266-E74F
Verzeichnis von C:\Program Files (x86)
23.03.2018 20:14 <DIR> .
23.03.2018 20:14 <DIR> ..
01.05.2015 00:58 <DIR> Acer
10.05.2015 20:38 <DIR> Adobe
26.02.2018 21:50 <DIR> Apple Software Update
23.03.2018 20:10 <DIR> Avira
26.02.2018 21:50 <DIR> Bonjour
05.04.2018 20:07 <DIR> Canon
26.02.2018 21:49 <DIR> Common Files
27.02.2016 01:32 <DIR> Domination
24.03.2016 17:11 <DIR> ElsterFormular
15.04.2016 18:33 <DIR> epson
04.06.2017 13:10 <DIR> Fairware24
13.12.2015 14:56 <DIR> HERMA
24.03.2015 17:12 <DIR> Intel
09.05.2018 22:45 <DIR> Internet Explorer
12.01.2016 13:02 <DIR> ISO to USB
15.08.2017 22:44 <DIR> Java
28.05.2018 19:28 <DIR> McAfee
09.01.2018 09:37 <DIR> Microsoft
01.10.2015 17:46 <DIR> Microsoft ASP.NET
28.11.2015 19:01 <DIR> Microsoft Games for Windows - LIVE
27.09.2017 17:13 <DIR> Microsoft Office
18.06.2017 10:14 <DIR> Microsoft Silverlight
18.05.2015 09:47 <DIR> Microsoft Works
02.05.2015 20:24 <DIR> Microsoft.NET
28.05.2018 19:27 <DIR> Mozilla Firefox
28.05.2018 19:27 <DIR> Mozilla Maintenance Service
02.05.2015 20:42 <DIR> MSBuild
02.05.2015 12:28 <DIR> NVIDIA Corporation
09.12.2017 00:10 <DIR> Origin
09.12.2017 00:58 <DIR> Origin Games
11.07.2016 23:21 <DIR> PDF24
24.03.2015 17:24 <DIR> Qualcomm Atheros
24.03.2015 17:28 <DIR> Realtek
19.02.2015 17:32 <DIR> Reference Assemblies
07.10.2015 15:23 <DIR> Scientific Viewer
09.01.2018 09:37 <DIR> Skype
25.11.2017 14:14 <DIR> Steam
20.12.2017 20:20 <DIR> test und FINANZtest Archiv CD-Rom 2017
24.08.2015 09:56 <DIR> Tinypic
09.12.2017 00:26 <DIR> Tunngle
31.05.2017 20:03 <DIR> Wendel-Verlag
25.11.2017 09:45 <DIR> WestwoodChat
25.11.2017 09:45 <DIR> WestwoodOnline
13.04.2017 01:30 <DIR> Windows Defender
06.05.2015 11:20 <DIR> Windows Mail
06.05.2015 11:20 <DIR> Windows Media Player
06.05.2015 11:20 <DIR> Windows Multimedia Platform
22.08.2013 17:36 <DIR> Windows NT
06.05.2015 11:20 <DIR> Windows Photo Viewer
06.05.2015 11:20 <DIR> Windows Portable Devices
22.08.2013 17:36 <DIR> WindowsPowerShell
26.01.2018 21:59 <DIR> WISO
03.06.2018 09:16 <DIR> Yahoo!
0 Datei(en), 0 Bytes
55 Verzeichnis(se), 788.045.115.392 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramData%" =========
Datentr„ger in Laufwerk C: ist Acer
Volumeseriennummer: 4266-E74F
Verzeichnis von C:\ProgramData
01.05.2015 00:59 <DIR> Acer
10.05.2015 20:40 <DIR> Adobe
26.02.2018 21:50 <DIR> Apple
26.02.2018 21:51 <DIR> Apple Computer
24.03.2015 17:32 <DIR> Atheros
23.03.2018 20:09 <DIR> Avira
01.06.2015 13:46 <DIR> boost_interprocess
26.01.2018 21:52 <DIR> Buhl Data Service GmbH
05.04.2018 19:52 <DIR> Canon
15.04.2016 18:11 <DIR> Canon IJ Network Tool
05.04.2018 20:15 <DIR> CanonIJWSpt
24.03.2015 17:42 <DIR> CLSK
01.05.2015 01:04 <DIR> CyberLink
25.11.2017 09:45 <DIR> Electronic Arts
24.03.2016 17:12 <DIR> elsterformular
22.05.2015 13:17 <DIR> EPSON
12.02.2018 16:49 <DIR> firebird
24.03.2015 17:42 <DIR> install_clap
24.03.2015 17:11 <DIR> Intel
04.06.2017 13:10 <DIR> JanitosTarifrechner
03.06.2018 09:23 <DIR> Malwarebytes
26.03.2018 22:03 <DIR> McAfee
13.04.2018 15:21 <DIR> Microsoft Help
02.05.2015 12:59 <DIR> NVIDIA
01.06.2015 14:09 <DIR> NVIDIA Corporation
01.05.2015 00:56 <DIR> OEM
24.03.2015 18:16 <DIR> OEM_YAHOO
15.08.2017 22:45 <DIR> Oracle
13.12.2017 02:43 <DIR> Origin
02.06.2018 10:23 <DIR> Package Cache
24.03.2015 17:15 <DIR> Qualcomm Atheros
06.05.2015 11:20 <DIR> regid.1991-06.com.microsoft
09.01.2018 09:37 <DIR> Skype
24.03.2015 17:42 <DIR> Temp
10.12.2017 01:14 <DIR> Tunngle
31.05.2017 20:02 <DIR> Wendel-Verlag
01.05.2015 01:13 <DIR> WildTangent
0 Datei(en), 0 Bytes
37 Verzeichnis(se), 788.045.070.336 Bytes frei
========= Ende von CMD: =========
========= dir "%Appdata%" =========
Datentr„ger in Laufwerk C: ist Acer
Volumeseriennummer: 4266-E74F
Verzeichnis von C:\Users\johan_000\AppData\Roaming
23.03.2018 20:09 <DIR> .
23.03.2018 20:09 <DIR> ..
10.05.2015 22:17 <DIR> Adobe
26.02.2018 22:08 <DIR> Apple Computer
02.05.2015 15:08 <DIR> Atheros
26.01.2018 22:03 <DIR> Buhl
13.05.2017 13:40 <DIR> Buhl Data Service
05.04.2018 20:25 <DIR> Canon
26.11.2017 22:33 <DIR> Command and Conquer 4
03.12.2017 16:49 <DIR> dvdcss
06.05.2015 17:59 <DIR> elsterformular
06.08.2015 12:28 <DIR> EPSON
06.05.2015 15:32 <DIR> Identities
21.03.2018 23:15 <DIR> IrfanView
02.05.2015 20:21 <DIR> Macromedia
15.11.2017 10:34 <DIR> Mozilla
12.12.2017 23:11 <DIR> Origin
26.01.2018 17:32 <DIR> PluginHost
09.01.2018 09:37 <DIR> Skype
27.02.2016 01:23 <DIR> Sun
09.12.2017 02:38 <DIR> Tunngle
28.05.2018 23:17 <DIR> vlc
28.01.2016 12:51 <DIR> WinRAR
15.08.2017 22:46 <DIR> Yahoo
0 Datei(en), 0 Bytes
24 Verzeichnis(se), 788.044.808.192 Bytes frei
========= Ende von CMD: =========
========= dir "%LocalAppdata%" =========
Datentr„ger in Laufwerk C: ist Acer
Volumeseriennummer: 4266-E74F
Verzeichnis von C:\Users\johan_000\AppData\Local
03.06.2018 09:16 <DIR> .
03.06.2018 09:16 <DIR> ..
05.11.2015 15:26 <DIR> Adobe
26.02.2018 21:50 <DIR> Apple
26.02.2018 21:53 <DIR> Apple Computer
15.04.2016 21:49 <DIR> Apps
02.05.2015 15:09 <DIR> BMExplorer
26.01.2018 21:59 <DIR> Buhl
13.05.2017 13:40 <DIR> Buhl Data Service
20.07.2015 12:00 <DIR> CEF
30.11.2017 14:45 <DIR> CrashDumps
23.03.2018 20:11 <DIR> CyberGhost
24.04.2018 20:43 <DIR> Diagnostics
26.11.2017 22:33 <DIR> Electronic_Arts_Inc
06.05.2018 11:34 <DIR> ElevatedDiagnostics
28.11.2015 22:42 <DIR> Fallout3
11.12.2015 01:29 <DIR> FalloutNV
18.12.2017 16:15 129.456 GDIPFONTCACHEV1.DAT
03.06.2015 21:20 <DIR> GWX
10.05.2015 18:45 <DIR> Harebrained Schemes
13.12.2015 14:57 <DIR> HERMA
05.10.2015 20:38 <DIR> Macromedia
20.06.2017 12:51 <DIR> Microsoft
01.07.2015 15:56 <DIR> Microsoft Help
17.08.2015 12:40 <DIR> Mozilla
10.05.2015 18:41 <DIR> My Games
02.05.2015 15:06 <DIR> NVIDIA
02.05.2015 15:06 <DIR> NVIDIA Corporation
25.11.2017 09:33 <DIR> Origin
16.06.2017 06:48 <DIR> Packages
02.05.2015 15:08 <DIR> PackageStaging
26.08.2015 23:35 <DIR> PDF24
07.07.2015 15:40 <DIR> Programs
30.07.2016 18:22 <DIR> Skype
26.01.2018 17:32 <DIR> SkypePlugin
24.11.2017 21:18 <DIR> Steam
03.06.2018 12:11 <DIR> Temp
06.03.2018 13:29 <DIR> VirtualStore
1 Datei(en), 129.456 Bytes
37 Verzeichnis(se), 788.044.746.752 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramFiles(x86)%" =========
Datentr„ger in Laufwerk C: ist Acer
Volumeseriennummer: 4266-E74F
Verzeichnis von C:\Program Files (x86)\Common Files
26.02.2018 21:49 <DIR> .
26.02.2018 21:49 <DIR> ..
10.05.2015 20:38 <DIR> Adobe
26.02.2018 21:50 <DIR> Apple
24.03.2015 17:15 <DIR> Atheros
04.10.2015 23:25 <DIR> DESIGNER
13.12.2015 14:56 <DIR> HERMA
24.03.2015 17:28 <DIR> InstallShield
24.03.2015 15:57 <DIR> Intel
15.08.2017 22:43 <DIR> Java
23.03.2018 20:14 <DIR> mcafee
04.10.2015 00:31 <DIR> Microsoft Shared
19.02.2015 18:39 <DIR> Nikon
24.03.2015 17:11 <DIR> PostureAgent
22.08.2013 17:36 <DIR> Services
24.11.2017 21:18 <DIR> Steam
06.05.2015 11:20 <DIR> System
0 Datei(en), 0 Bytes
17 Verzeichnis(se), 788.044.693.504 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramW6432%" =========
Datentr„ger in Laufwerk C: ist Acer
Volumeseriennummer: 4266-E74F
Verzeichnis von C:\Program Files\Common Files
23.03.2018 20:14 <DIR> .
23.03.2018 20:14 <DIR> ..
26.02.2018 21:50 <DIR> Apple
23.03.2018 20:14 <DIR> AV
02.05.2015 15:04 <DIR> EPSON
21.05.2018 19:33 <DIR> McAfee
02.05.2015 20:24 <DIR> microsoft shared
24.03.2015 17:23 <DIR> QCA_Bluetooth
22.08.2013 17:36 <DIR> Services
06.05.2015 11:23 <DIR> System
0 Datei(en), 0 Bytes
10 Verzeichnis(se), 788.044.632.064 Bytes frei
========= Ende von CMD: =========
========= dir "%UserProfile%" =========
Datentr„ger in Laufwerk C: ist Acer
Volumeseriennummer: 4266-E74F
Verzeichnis von C:\Users\johan_000
02.06.2018 10:22 <DIR> .
02.06.2018 10:22 <DIR> ..
27.02.2016 04:18 91 .lobby
27.02.2016 01:23 <DIR> .oracle_jre_usage
25.11.2017 09:27 <DIR> .Origin
25.11.2017 09:27 <DIR> .QtWebEngineProcess
03.06.2018 09:18 <DIR> .rainlendar2
09.01.2018 20:19 <DIR> Contacts
03.06.2018 12:12 <DIR> Desktop
30.05.2018 08:20 <DIR> Documents
27.02.2016 01:32 <DIR> Domination Maps
02.06.2018 16:05 <DIR> Downloads
09.01.2018 20:19 <DIR> Favorites
26.01.2018 21:46 <DIR> Links
26.02.2018 21:55 <DIR> Music
03.06.2018 09:22 <DIR> OneDrive
21.03.2018 22:56 <DIR> Pictures
09.01.2018 20:19 <DIR> Saved Games
09.01.2018 20:19 <DIR> Searches
24.08.2015 18:49 <DIR> Tracing
03.06.2018 12:11 <DIR> Videos
1 Datei(en), 91 Bytes
20 Verzeichnis(se), 788.044.566.528 Bytes frei
========= Ende von CMD: =========
========= dir "C:\" =========
Datentr„ger in Laufwerk C: ist Acer
Volumeseriennummer: 4266-E74F
Verzeichnis von C:\
03.06.2018 09:16 <DIR> AdwCleaner
03.06.2018 12:12 <DIR> FRST
22.08.2013 17:22 <DIR> PerfLogs
03.06.2018 09:23 <DIR> Program Files
23.03.2018 20:14 <DIR> Program Files (x86)
09.12.2017 00:53 <DIR> Spiele
21.03.2018 23:33 <DIR> TEMP
15.04.2016 23:53 <DIR> Test
11.05.2015 08:12 <DIR> Users
16.04.2016 00:10 3.210.270.720 Win7.iso
03.06.2018 09:36 <DIR> Windows
1 Datei(en), 3.210.270.720 Bytes
10 Verzeichnis(se), 788.044.509.184 Bytes frei
========= Ende von CMD: =========
================== ExportKey: ===================
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\TemporaryPaths]
=== Ende von ExportKey ===
========= RemoveProxy: =========
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 25165824 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16029764 B
Java, Flash, Steam htmlcache => 268751005 B
Windows/system/drivers => 472681251 B
Edge => 0 B
Chrome => 0 B
Firefox => 119657787 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1311936 B
systemprofile32 => 128 B
LocalService => 13535654 B
NetworkService => 6607872 B
johan_000 => 826909376 B
RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 12:12:49 ====
Code:
ATTFilter Farbar Recovery Scan Tool (x64) Version: 02.06.2018
durchgeführt von johan_000 (03-06-2018 12:17:47)
Gestartet von C:\Users\johan_000\Desktop
Start-Modus: Normal
================== Datei-Suche: "SearchAll: pokki;Booking.com;YSearchUtil;Yahoo!\yset" =============
Datei:
========
Ordner:
========
Registry:
========
===================== Suchergebnis für "pokki" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn]
"SBOEM2"="%ALLUSERSPROFILE%\Pokki\Pokki Start Menu.lnk"
[HKEY_USERS\S-1-5-21-1963366536-3467600762-1340127474-1005\Software\Microsoft\IntelliType Pro\AppSpecific\HostAppService.exe]
"Path"="C:\Users\johan_000\AppData\Local\Pokki\Engine\HostAppService.exe"
[HKEY_USERS\S-1-5-21-1963366536-3467600762-1340127474-1005\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\johan_000\AppData\Local\Pokki\Setup\Skype\WinServicesUpdater.exe"="0x534143500100000000000000070000002800000058C76E02BF906F0201000000000000000000010600010000975FD891C99ECE01000000800000000002000000280000000000000000000040000000000000000000000000000000005D2F0000000000000100000001000000"
[HKEY_USERS\S-1-5-21-1963366536-3467600762-1340127474-1005\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\johan_000\AppData\Local\Pokki\Engine\HostAppService.exe"="0x534143500100000000000000070000002800000000D67700A47F780001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000006DFE6100000000000100000001000000"
===================== Suchergebnis für "Booking.com" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\4AE8B7C2.Booking.comPartnerEdition_1.2.1.0_x64__6wqyppa9wfhnr]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\4AE8B7C2.Booking.comPartnerEdition_1.2.1.0_x64__6wqyppa9wfhnr]
"Path"="C:\Program Files\WindowsApps\4AE8B7C2.Booking.comPartnerEdition_1.2.1.0_x64__6wqyppa9wfhnr"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Applications\4AE8B7C2.Booking.comPartnerEdition_1.2.1.0_x64__6wqyppa9wfhnr]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Applications\4AE8B7C2.Booking.comPartnerEdition_1.2.1.0_x64__6wqyppa9wfhnr]
"Path"="%SYSTEMDRIVE%\Program Files\WindowsApps\4AE8B7C2.Booking.comPartnerEdition_1.2.1.0_x64__6wqyppa9wfhnr\AppxManifest.xml"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\S-1-5-21-1963366536-3467600762-1340127474-1005\4AE8B7C2.Booking.comPartnerEdition_1.2.1.0_x64__6wqyppa9wfhnr]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\S-1-5-21-1963366536-3467600762-1340127474-1005\4AE8B7C2.Booking.comPartnerEdition_1.2.1.0_x64__6wqyppa9wfhnr]
"Path"="%SYSTEMDRIVE%\Program Files\WindowsApps\4AE8B7C2.Booking.comPartnerEdition_1.2.1.0_x64__6wqyppa9wfhnr\AppxManifest.xml"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SVDEn\WideTiles\WideTile3]
"AppId"="4AE8B7C2.Booking.comPartnerEdition_6wqyppa9wfhnr!App"
[HKEY_USERS\S-1-5-21-1963366536-3467600762-1340127474-1005\Software\Microsoft\Windows\CurrentVersion\AppSync\Sync\4AE8B7C2.Booking.comPartnerEdition_6wqyppa9wfhnr]
[HKEY_USERS\S-1-5-21-1963366536-3467600762-1340127474-1005\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\CollectionStaging\packagestate-4ae8b7c2.booking.compartneredition_6wqyppa9wfhnr-0]
[HKEY_USERS\S-1-5-21-1963366536-3467600762-1340127474-1005\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\4ae8b7c2.booking.compartneredition_6wqyppa9wfhnr-0]
[HKEY_USERS\S-1-5-21-1963366536-3467600762-1340127474-1005\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\4ae8b7c2.booking.compartneredition_6wqyppa9wfhnr]
[HKEY_USERS\S-1-5-21-1963366536-3467600762-1340127474-1005\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\windowspackagesettings\notifications-4ae8b7c2.booking.compartneredition_6wqyppa9wfhnr]
===================== Suchergebnis für "YSearchUtil" ==========
===================== Suchergebnis für "Yahoo!\yset" ==========
====== Ende von Suche ======
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02.06.2018
durchgeführt von johan_000 (Administrator) auf JO (03-06-2018 12:23:12)
Gestartet von C:\Users\johan_000\Desktop
Geladene Profile: johan_000 (Verfügbare Profile: johan_000)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(© 2015 Microsoft Corporation) C:\Users\johan_000\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPServiceHost.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_8\mcapexe.exe
(McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13763800 2014-10-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-01] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (CANON INC.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-08-27] (Atheros Communications)
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [4411488 2014-03-16] ()
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\Run: [BingSvc] => C:\Users\johan_000\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1393744 2018-05-14] (CyberGhost S.A.)
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\MountPoints2: {686f99f2-d23d-11e4-825e-806e6f6e6963} - "D:\.\setup.exe"
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\MountPoints2: {ab6f5072-6cf6-11e5-8277-1008b1a6508e} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5D225C14-7FBD-4101-9A54-722F99002927}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AFCF6C45-3D37-4927-9D40-48A8A3022F5C}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-01-19] (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-15] (Oracle Corporation)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-01-19] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-15] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-01-19] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-01-19] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2018-04-11] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2018-04-11] (McAfee, Inc.)
FireFox:
========
FF DefaultProfile: mc0bv80i.default
FF ProfilePath: C:\Users\johan_000\AppData\Roaming\Mozilla\Firefox\Profiles\mc0bv80i.default [2018-06-03]
FF Homepage: Mozilla\Firefox\Profiles\mc0bv80i.default -> hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=de-de
hxxps://www.google.de/
FF Extension: (Google Scholar-Schaltfläche) - C:\Users\johan_000\AppData\Roaming\Mozilla\Firefox\Profiles\mc0bv80i.default\Extensions\button@scholar.google.com.xpi [2017-10-10]
FF Extension: (TLS 1.3 gradual roll-out fallback-limit) - C:\Users\johan_000\AppData\Roaming\Mozilla\Firefox\Profiles\mc0bv80i.default\features\{56ce5523-9d80-4510-abe9-875ab8b05ebe}\tls13-version-fallback-rollout-bug1462099@mozilla.org.xpi [2018-06-02] [Legacy]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-05-06]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-09] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2018-04-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-09] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-15] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2018-04-11] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1963366536-3467600762-1340127474-1005: SkypePlugin -> C:\Users\johan_000\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi.dll [2017-04-18] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-1963366536-3467600762-1340127474-1005: SkypePlugin64 -> C:\Users\johan_000\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi-x64.dll [2017-04-18] (Skype Technologies S.A.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [322176 2014-08-27] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [451288 2018-05-22] (Avira Operations GmbH & Co. KG)
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [239184 2018-05-14] (CyberGhost S.A.)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-09-21] (McAfee, Inc.)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-10-24] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604312 2018-01-19] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_8\McApExe.exe [728808 2018-04-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\\McCSPServiceHost.exe [2141912 2018-04-06] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [359888 2018-02-23] (McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [512976 2018-02-23] (McAfee, LLC)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [473040 2018-02-23] (McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1669328 2018-04-02] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38240 2016-02-01] (The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2134848 2017-12-09] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3014472 2017-12-09] (Electronic Arts)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1061528 2018-03-06] (McAfee, Inc.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [873968 2017-06-30] (Tunngle.net GmbH) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3905536 2014-08-11] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-08-27] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77216 2018-02-28] (McAfee, LLC)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [218336 2017-10-09] (McAfee, Inc.)
S3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-11] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-11] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-11] (Intel Corporation)
S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-11] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [190696 2018-06-03] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112864 2018-06-03] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [44768 2018-06-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-06-03] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [103648 2018-06-03] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [497568 2018-02-28] (McAfee, LLC)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [360352 2018-02-28] (McAfee, LLC)
U3 mfeavfk01; kein ImagePath
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83952 2018-02-28] (McAfee, LLC)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [529312 2018-02-28] (McAfee, LLC)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [953248 2018-02-28] (McAfee, LLC)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [543632 2018-01-22] (McAfee LLC.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [108432 2018-01-22] (McAfee LLC.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [115616 2018-02-28] (McAfee, LLC)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252832 2018-02-28] (McAfee, LLC)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [19616 2014-09-06] (Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [39464 2016-04-27] (Tunngle.net GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-06-03 12:20 - 2018-06-03 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2018-06-03 12:17 - 2018-06-03 12:22 - 000004515 _____ C:\Users\johan_000\Desktop\Search.txt
2018-06-03 12:12 - 2018-06-03 12:12 - 000021984 _____ C:\Users\johan_000\Desktop\Fixlog.txt
2018-06-03 09:35 - 2018-06-03 09:35 - 000000000 ____D C:\Users\johan_000\Desktop\FRST-OlderVersion
2018-06-03 09:32 - 2018-06-03 09:32 - 000002451 _____ C:\Users\johan_000\Desktop\malwarebytes.txt
2018-06-03 09:24 - 2018-06-03 12:14 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-06-03 09:24 - 2018-06-03 12:14 - 000112864 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-06-03 09:24 - 2018-06-03 12:14 - 000103648 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-06-03 09:24 - 2018-06-03 12:14 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-06-03 09:24 - 2018-06-03 09:24 - 000190696 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-06-03 09:23 - 2018-06-03 09:23 - 076918432 _____ (Malwarebytes ) C:\Users\johan_000\Desktop\mb3-setup-consumer-3.5.1.2522-1.0.365-1.0.5330.exe
2018-06-03 09:23 - 2018-06-03 09:23 - 000001887 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-06-03 09:23 - 2018-06-03 09:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-06-03 09:23 - 2018-06-03 09:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-06-03 09:23 - 2018-06-03 09:23 - 000000000 ____D C:\Program Files\Malwarebytes
2018-06-03 09:23 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-06-03 09:12 - 2018-06-03 09:16 - 000000000 ____D C:\AdwCleaner
2018-06-03 09:04 - 2018-06-03 09:04 - 007271632 _____ (Malwarebytes) C:\Users\johan_000\Desktop\adwcleaner_7.1.1.exe
2018-06-02 16:08 - 2018-06-03 12:23 - 000023160 _____ C:\Users\johan_000\Desktop\FRST.txt
2018-06-02 16:08 - 2018-06-03 09:37 - 000051562 _____ C:\Users\johan_000\Desktop\Addition.txt
2018-06-02 16:08 - 2018-06-03 09:35 - 002413056 _____ (Farbar) C:\Users\johan_000\Desktop\FRST64.exe
2018-06-02 16:02 - 2018-06-03 12:23 - 000000000 ____D C:\FRST
2018-06-02 10:23 - 2018-06-02 10:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-05-23 19:56 - 2018-05-23 19:56 - 000000022 _____ C:\Users\johan_000\Desktop\WinRAR-ZIP-Archiv (neu).zip
2018-05-11 09:06 - 2018-05-15 19:15 - 000009141 _____ C:\Users\johan_000\Documents\Kita Klärung 400.xlsx
2018-05-09 18:09 - 2018-04-22 11:02 - 000803696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-05-09 18:09 - 2018-04-22 10:06 - 000612600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-05-09 18:09 - 2018-04-22 10:04 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-05-09 18:09 - 2018-04-22 09:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-05-09 18:09 - 2018-04-22 09:38 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-05-09 18:09 - 2018-04-22 09:32 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-05-09 18:09 - 2018-04-22 09:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-05-09 18:09 - 2018-04-22 09:26 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-05-09 18:09 - 2018-04-22 09:24 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-05-09 18:09 - 2018-04-22 09:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-05-09 18:09 - 2018-04-22 09:00 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-05-09 18:09 - 2018-04-22 08:57 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-05-09 18:09 - 2018-04-22 08:54 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-05-09 18:09 - 2018-04-22 08:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-05-09 18:09 - 2018-04-22 08:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-05-09 18:09 - 2018-04-22 08:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-05-09 18:09 - 2018-04-22 08:48 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-05-09 18:09 - 2018-04-22 08:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-05-09 18:09 - 2018-04-22 08:33 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-05-09 18:09 - 2018-04-22 08:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-05-09 18:09 - 2018-04-22 08:31 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-05-09 18:09 - 2018-04-22 08:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-05-09 18:09 - 2018-04-22 08:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-05-09 18:09 - 2018-04-22 08:27 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-05-09 18:09 - 2018-04-22 08:26 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-05-09 18:09 - 2018-04-22 08:26 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-05-09 18:09 - 2018-04-22 08:22 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-05-09 18:09 - 2018-04-22 08:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-05-09 18:09 - 2018-04-22 08:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-05-09 18:09 - 2018-04-22 08:04 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-05-09 18:09 - 2018-04-22 08:03 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-05-09 18:09 - 2018-04-15 18:55 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-05-09 18:09 - 2018-04-15 18:16 - 000536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-05-09 18:09 - 2018-04-11 03:03 - 007406936 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-05-09 18:09 - 2018-04-11 03:02 - 001676056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-05-09 18:09 - 2018-04-11 03:02 - 001536112 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-05-09 18:09 - 2018-04-10 20:51 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-05-09 18:09 - 2018-04-10 20:27 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-05-09 18:09 - 2018-04-10 20:13 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-05-09 18:09 - 2018-04-10 19:01 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-05-09 18:09 - 2018-04-10 18:50 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-05-09 18:09 - 2018-04-07 18:17 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-05-09 18:09 - 2018-04-07 17:49 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-05-09 18:09 - 2018-04-07 17:41 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-05-09 18:09 - 2018-04-07 17:23 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-05-09 18:09 - 2018-04-07 17:20 - 001707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-05-09 18:09 - 2018-04-07 17:10 - 001344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-05-09 18:09 - 2018-04-07 17:06 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-05-09 18:09 - 2018-04-07 17:01 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-05-09 18:09 - 2018-04-06 23:27 - 000376656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2018-05-09 18:09 - 2018-03-24 17:57 - 001101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2018-05-09 18:09 - 2018-03-24 17:40 - 001171456 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2018-05-09 18:09 - 2018-03-24 17:34 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2018-05-09 18:09 - 2018-03-24 17:22 - 001086976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2018-05-09 18:09 - 2018-03-24 16:56 - 007033344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-05-09 18:09 - 2018-03-24 16:54 - 006214144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-05-09 18:09 - 2018-03-16 00:29 - 000136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-05-09 18:09 - 2018-03-10 22:55 - 000137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-05-09 18:09 - 2018-03-10 21:04 - 000120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-05-09 18:09 - 2018-03-10 19:51 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-05-09 18:09 - 2018-03-10 19:47 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-05-09 18:09 - 2018-03-10 19:47 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-05-09 18:09 - 2018-03-10 19:43 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-05-09 18:09 - 2018-03-10 18:46 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2018-05-09 18:09 - 2018-03-10 18:44 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-05-09 18:09 - 2018-03-10 18:35 - 000696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2018-05-09 18:09 - 2018-03-10 18:35 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-05-09 18:09 - 2018-03-10 18:33 - 003717632 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-05-09 18:09 - 2018-03-10 18:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-05-09 18:09 - 2018-03-10 18:21 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-05-09 18:09 - 2018-03-10 18:21 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-05-09 18:09 - 2018-03-10 18:20 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-05-09 18:09 - 2018-03-10 18:18 - 000726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-05-09 18:09 - 2018-03-10 18:18 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2018-05-09 18:09 - 2018-03-10 18:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-05-09 18:09 - 2018-03-10 18:18 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-05-09 18:09 - 2018-03-10 18:17 - 002240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-05-09 18:09 - 2018-03-10 18:17 - 000897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-05-09 18:09 - 2018-03-09 20:57 - 000276816 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-05-09 18:09 - 2018-03-03 18:24 - 001725952 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2018-05-09 18:09 - 2018-03-03 18:18 - 000894976 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2018-05-09 18:09 - 2018-03-03 18:18 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll
2018-05-09 18:09 - 2018-03-03 18:15 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2018-05-09 18:09 - 2018-03-03 18:04 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2018-05-09 18:09 - 2018-03-03 18:04 - 000265728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcuiu.dll
2018-05-09 18:09 - 2018-02-14 23:45 - 001308336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-05-09 18:09 - 2018-02-14 16:47 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-06-03 12:21 - 2015-03-25 00:47 - 000759378 _____ C:\Windows\system32\perfh007.dat
2018-06-03 12:21 - 2015-03-25 00:47 - 000156604 _____ C:\Windows\system32\perfc007.dat
2018-06-03 12:21 - 2014-03-18 12:03 - 001769264 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-03 12:21 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-06-03 12:15 - 2016-11-20 01:15 - 000000000 ____D C:\Users\johan_000\AppData\LocalLow\Mozilla
2018-06-03 12:15 - 2015-05-02 15:09 - 000000000 ____D C:\Users\johan_000\OneDrive
2018-06-03 12:14 - 2015-05-06 16:23 - 000000000 ____D C:\Users\johan_000\.rainlendar2
2018-06-03 12:13 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-03 12:13 - 2013-08-22 15:25 - 000524288 ___SH C:\Windows\system32\config\BBI
2018-06-03 12:12 - 2015-05-05 20:54 - 000000000 ____D C:\Users\johan_000\AppData\LocalLow\Temp
2018-06-03 09:43 - 2015-05-02 15:14 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1963366536-3467600762-1340127474-1005
2018-06-03 09:16 - 2017-08-15 22:46 - 000000000 ____D C:\Program Files (x86)\Yahoo!
2018-06-02 10:33 - 2016-06-20 21:56 - 000000000 ____D C:\Users\johan_000\Documents\Telefon
2018-06-02 10:23 - 2015-02-19 18:48 - 000000000 ____D C:\ProgramData\Package Cache
2018-06-02 10:22 - 2015-05-02 15:06 - 000000000 ____D C:\Users\johan_000
2018-05-30 08:27 - 2016-03-27 22:29 - 000000000 ____D C:\Users\johan_000\Documents\F
2018-05-28 23:17 - 2015-05-02 20:44 - 000000000 ____D C:\Users\johan_000\AppData\Roaming\vlc
2018-05-28 21:32 - 2018-03-06 13:28 - 000000000 ____D C:\Program Files\CyberGhost 6
2018-05-28 19:29 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2018-05-28 19:28 - 2018-03-23 20:14 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-05-28 19:27 - 2017-05-21 11:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-28 19:27 - 2015-08-17 12:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-22 21:51 - 2016-01-28 12:51 - 000000000 ____D C:\Users\johan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-05-22 21:51 - 2016-01-28 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-05-22 21:51 - 2016-01-28 12:50 - 000000000 ____D C:\Program Files\WinRAR
2018-05-21 19:33 - 2018-03-23 20:14 - 000003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2018-05-21 19:33 - 2018-03-23 20:08 - 000000000 ____D C:\Program Files\Common Files\McAfee
2018-05-21 19:32 - 2018-03-23 20:14 - 000000000 ____D C:\Windows\System32\Tasks\McAfee
2018-05-21 19:32 - 2013-08-22 17:36 - 000000000 ___HD C:\Windows\ELAMBKUP
2018-05-19 11:50 - 2015-05-10 20:39 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-05-19 11:49 - 2015-05-10 20:38 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-19 11:39 - 2015-08-17 12:15 - 000001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-19 09:39 - 2015-05-06 08:49 - 000000000 ____D C:\Users\johan_000\Documents\ING DiBa
2018-05-11 09:18 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-05-10 00:02 - 2013-08-22 16:44 - 000508008 _____ C:\Windows\system32\FNTCACHE.DAT
2018-05-09 19:08 - 2015-05-06 08:50 - 000000000 ____D C:\Users\johan_000\Documents\Steuern
2018-05-09 18:52 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-05-09 18:47 - 2015-05-05 03:28 - 000000000 ____D C:\Windows\system32\MRT
2018-05-09 18:44 - 2017-10-15 12:49 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-05-09 18:44 - 2015-05-05 03:28 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-05-09 13:55 - 2018-03-13 16:03 - 000004512 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-05-09 13:55 - 2015-11-05 15:25 - 000004342 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-05-09 13:55 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-05-09 13:55 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2018-05-06 11:34 - 2015-05-11 20:17 - 000000000 ____D C:\Users\johan_000\AppData\Local\ElevatedDiagnostics
2018-05-06 11:07 - 2015-05-06 08:50 - 000000000 ____D C:\Users\johan_000\Documents\Various Docs
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2018-05-30 07:49
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02.06.2018
durchgeführt von johan_000 (03-06-2018 12:23:47)
Gestartet von C:\Users\johan_000\Desktop
Windows 8.1 (Update) (X64) (2015-04-30 22:33:35)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1963366536-3467600762-1340127474-500 - Administrator - Disabled)
Gast (S-1-5-21-1963366536-3467600762-1340127474-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1963366536-3467600762-1340127474-1003 - Limited - Enabled)
johan_000 (S-1-5-21-1963366536-3467600762-1340127474-1005 - Administrator - Enabled) => C:\Users\johan_000
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Avira (HKLM-x32\...\{B9E9546C-BAD0-43AB-8812-4FC3F8A9547C}) (Version: 1.2.113.25350 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{d2c9315d-82be-4e7a-8d9f-ccbe716c2552}) (Version: 1.2.113.25350 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon MG2900 series Benutzerregistrierung (HKLM-x32\...\Canon MG2900 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.00 - Canon Inc.)
Canon MG2900 series On-screen Manual (HKLM-x32\...\Canon MG2900 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5000 series Benutzerregistrierung (HKLM-x32\...\Canon TS5000 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon TS5000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5000_series) (Version: 1.02 - Canon Inc.)
Canon TS5000 series On-Screen-Handbuch (HKLM-x32\...\Canon TS5000 series On-Screen-Handbuch) (Version: 1.1.0 - Canon Inc.)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ and The Covert Operations™ (HKLM-x32\...\{050E298D-C9B8-4582-A332-26201268A297}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{1A882F29-BC18-4AC2-A71E-0FC30FA32568}) (Version: 1.0.0.0 - Electronic Arts)
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.A.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.2.19144 - Landesfinanzdirektion Thüringen)
EPSON SX430 Series Printer Uninstall (HKLM\...\EPSON SX430 Series) (Version: - SEIKO EPSON Corporation)
EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fragen-Lern-CD International Klassen B+A (HKLM-x32\...\Fragen-Lern-CD International Klassen B+A) (Version: 1.0 - Wendel-Verlag)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3977 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
iTunes (HKLM\...\{69D24652-4A1D-49C6-AA0C-573A38083F6C}) (Version: 12.7.3.46 - Apple Inc.)
Janitos Offline-Tarifrechner 3.4.7.4 (HKLM-x32\...\Janitos Offline-Tarifrechner 3_is1) (Version: - Fairware24)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.163 - McAfee, Inc.)
McAfee® Internet Security (HKLM-x32\...\MSC) (Version: 16.0 R11 - McAfee, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 60.0.1 (x64 de) (HKLM\...\Mozilla Firefox 60.0.1 (x64 de)) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.1.6710 - Mozilla)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
OpenVPN 2.3.10-I602 (HKLM\...\OpenVPN) (Version: 2.3.10-I602 - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.8.11002 - Electronic Arts, Inc.)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.330 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.43 - Qualcomm Atheros)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7358 - Realtek Semiconductor Corp.)
Scientific Viewer 5.5 (HKLM-x32\...\{CE644673-D8DA-4C22-A958-CBE3A06C4A8B}) (Version: 5.50 - MacKichan Software)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype Version 8.18 (HKLM-x32\...\Skype_is1) (Version: 8.18 - Skype Technologies S.A.)
Skype Web Plugin (HKLM-x32\...\{EB96DF8B-65A7-4E72-BFB1-38DB36870D16}) (Version: 7.32.6.278 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
test und FINANZtest Archiv CD-Rom 2017 (HKLM-x32\...\test und FINANZtest Archiv CD-Rom 2017) (Version: 1.0.0.0 - )
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.9 - Tunngle.net GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WISO steuer:Sparbuch 2017 (HKLM-x32\...\{4B58E20F-F052-4C6F-993B-7E62C7240E2A}) (Version: 24.00.1375 - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2018 (HKLM-x32\...\{26D074D9-1133-499E-9C98-5E3A863D2E93}) (Version: 25.02.1498 - Buhl Data Service GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005_Classes\CLSID\{41052F6E-3662-4584-BCD3-77BCCAAE8470}\InprocServer32 -> C:\Users\johan_000\AppData\Local\SkypePlugin\7.32.6.278\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005_Classes\CLSID\{60813F68-E9F7-4B3C-80B4-A76A66211660}\localserver32 -> C:\Users\johan_000\AppData\Local\SkypePlugin\7.32.6.278\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1963366536-3467600762-1340127474-1005_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\johan_000\AppData\Local\SkypePlugin\7.32.6.278\EdgeCalling.exe (Skype Technologies S.A.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2014-08-27] (Qualcomm®Atheros®)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-04-11] (McAfee, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2014-08-27] (Qualcomm®Atheros®)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-10-24] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-04-08] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-04-11] (McAfee, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0649AE8F-211C-4642-B17C-6C3EE47ECC1A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {25F13F12-0F14-42F2-ABE2-27D3DF22E4D1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {2DFA2FC7-2CF0-4B07-B366-CC05A7BB863F} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {3CE9E8BE-062E-421A-8788-C0C439D369DA} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [2018-03-27] (McAfee, Inc.)
Task: {4BFF405C-5370-433F-B95B-EA4430A55737} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {4D2DD3EC-FFC3-474D-B4CA-E01CCAA05BBC} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {51691614-C001-43AF-B816-071B82612145} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {67915EAC-59AE-4AF3-AD89-506E4F0BD9B4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {7DD5F2EF-5FD8-4F87-BD80-FF4447E7A298} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-12-30] (Acer Incorporate)
"{82B5C018-CD88-4E37-9B2D-69A64E9630D4}" task wurde entsperrt. <==== ACHTUNG
Task: {90520175-8688-4612-93F2-4DC37A4FE955} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-09] (Acer Incorporated)
Task: {BA6B51F0-8B3B-4C70-9159-5E9FAADBC7E6} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {BD793353-7AF8-4B6B-82B2-AFDD7280FE63} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-09] (Adobe Systems Incorporated)
Task: {C6DCF76E-6BC0-4ED5-8B18-A3F719875488} - System32\Tasks\FUB => C:\Program Files (x86)\Acer\Care Center\FUB.bat <==== ACHTUNG
Task: {C9A4BC17-95EC-41CF-B7E7-36A2718D50B8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-09] (Adobe Systems Incorporated)
Task: {C9D38617-9F27-4F2D-B9D5-2ABEF00074C4} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {E46CA6B0-9876-4594-8365-299CE24443C2} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
"{EB9EEB66-5420-435D-B48D-51FD3AD470E7}" task wurde entsperrt. <==== ACHTUNG
Task: {FCFA6CD1-5DB8-47DB-9657-1B54B46E9A78} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2018-02-28] (McAfee, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-05-02 12:27 - 2015-04-08 23:30 - 000116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-01-05 01:14 - 2018-01-05 01:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-05 01:13 - 2018-01-05 01:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-06-03 09:23 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-06-03 09:23 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2015-02-19 17:23 - 2014-10-24 05:39 - 000456808 _____ () C:\Windows\system32\igfxTray.exe
2015-07-04 14:30 - 2015-07-04 14:30 - 000183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-08-27 20:45 - 2014-08-27 20:45 - 000011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-08-27 20:41 - 2014-08-27 20:41 - 000086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-08-27 20:47 - 2014-08-27 20:47 - 000012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2018-01-22 04:15 - 2018-01-22 04:15 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-01-22 04:15 - 2018-01-22 04:15 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2014-03-16 19:42 - 2014-03-16 19:42 - 004411488 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2012-05-16 21:12 - 2012-05-16 21:12 - 000179200 _____ () C:\Program Files\Rainlendar2\lua52.dll
2014-03-14 12:24 - 2014-03-14 12:24 - 000324608 _____ () C:\Program Files\Rainlendar2\libical.dll
2014-03-16 19:42 - 2014-03-16 19:42 - 000082528 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2014-03-14 12:24 - 2014-03-14 12:24 - 000080384 _____ () C:\Program Files\Rainlendar2\libicalss.dll
2012-06-17 15:21 - 2012-06-17 15:21 - 000015360 _____ () C:\Program Files\Rainlendar2\lfs.dll
2018-04-06 13:05 - 2018-04-06 13:05 - 000896136 _____ () C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPMsgBusDLL.dll
2015-03-24 17:28 - 2013-10-01 11:09 - 000078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2015-05-02 12:16 - 2015-05-23 03:48 - 000011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-10-10 10:37 - 2014-10-10 10:37 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Application Data:BDSDRMHK [64]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\johan_000\OneDrive\Pictures\Eigene Aufnahmen\WP_20150426_12_14_11_Pro.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1963366536-3467600762-1340127474-1005\...\StartupApproved\Run: => "Steam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{F8B35D48-3C7D-4C6A-BDDA-09548A83D7CE}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{CD538265-83B0-4300-9758-2D18C3DF8FE8}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{292D208F-8F61-4BBF-9AC6-5A10EFE6CDFB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{093BB5B6-CA26-41E0-8F95-C99ED24CD0ED}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4B721A9F-B014-42DD-AAEF-644C6F42C474}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{24402A7F-65D8-4506-B7FF-1D418A6F66E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0B9110A1-CDD9-444F-877C-867488DBB079}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8B4681B6-9C78-404D-AB0F-311647B52736}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FF0E0438-1E08-47F6-8DEA-3889B495BE0A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4A908F3A-BB33-4098-BEB2-06328B7FCB4B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{DCA90C3E-3800-4317-8F30-ADDE3509A4B6}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{9032880C-31D5-406A-BEA3-24D3554524C5}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{835EA096-00A4-4398-9EFA-3C149BEEA15A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{48D61D4D-9A5D-485A-8E61-6A24C29E828B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{FEA0769E-0CCA-44F5-B690-F9FCD944F643}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6AD8E723-CB17-4604-98F1-31478AD1C46A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A8F52802-6EF1-4E8D-9306-8BE27A217A6F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{81C34AE6-6796-4B1F-AAC5-FEBE11CBF7AF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{CB3ABB6D-A88A-4DFC-9CC2-7D567DEE1D66}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{91D5DB8D-4FB6-41A2-8DA5-987129BAC6CA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4B7F462C-9C15-4EE9-9CA3-58E59977715D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B84EE29B-2003-44EA-9695-7184654A7AE8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{5BB720FD-9668-4D22-888A-DDA432BCA3A0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{6A64665E-09E9-4588-BB89-4BE3D1173DE2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{1395C35E-6AD0-4D55-8CE7-3EACC4B8B392}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{238BBABD-FEB5-40BF-880D-A1D61AC582E5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{5DD86093-3FD0-4474-802F-211C8B8125B8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F3FA8213-1A14-4DBC-A308-5C33CA573021}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{C767D3E4-1521-4402-8670-504AF0B4236A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{C49122BC-868C-4748-8EC4-A6461468934C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{13FB51BB-9AFA-4EAD-8027-28C32A8B3F14}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{E3DFA4ED-4624-4D76-9A6B-23DBFAC07784}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{208B09A5-A303-4472-BD71-54B347300131}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{C869129C-C61D-47FD-B76D-B58E88C67AB7}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{61FF2E81-4C4B-4072-96E5-06926FF2398E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{BCF46940-66C8-4F60-A1F2-11EA2B0BED72}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{CF968175-774E-4C1D-93A2-A12B14EBC6FD}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{25BAA30D-4639-4C1C-A09A-B7E8C4B5A9B4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{09D3AD0D-8FCC-4131-AF08-430D31AE08CC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EE69293A-CE31-4DE4-BE57-4C978D7B3D37}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A8AF188E-A296-4299-B5BE-C6453F0F2D4C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1E59A9D9-C68B-4F48-A6F6-98360E6A30A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{41520518-BC13-4852-8078-BA3F11CA3297}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A371968E-57C1-47AC-9C87-653531037FC8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{6A18096B-617B-4FD8-A8E1-205608E1488D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9BDB11D8-9BB1-4D61-A09D-1AC378E79391}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C067CC91-022F-4805-811E-BC7F8DAA00A3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8446B1A2-F5D1-4F94-A313-B64798E79182}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{80D9CACB-18A9-415D-BBB0-E85CBE64C53C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6ABE84ED-5EFB-44E1-B05C-FB56A5356E1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{605986F1-8624-43FB-9DA3-EA50FA9CEE3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{E9171FC4-3BD5-46FF-BB6F-FA0D02046DA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{7472605A-F1D0-483D-8DC3-1680E1D0F81E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{E351AF82-EC4A-4E21-9193-8DB37DEA9EB8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3C1A1570-C9E3-4CD7-90B0-B681348D5A3D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{460F4C76-22C1-438F-8254-7B3714C772EA}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BB7B9BAF-CC51-4EF1-BE74-91B0E7EEA69E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E3AD27A4-214D-4C8A-806D-5A15D90D38E6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{51324EE0-E354-4405-B9EC-990B78269E7F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{44BCA715-6AB9-4F91-8524-6106B18C44C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{3EA8321D-5909-41E1-9F79-1BA2D7B7FB8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [TCP Query User{C45BFD94-EC44-42B5-8C36-46462EE62308}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{39A0CC7D-CBBC-4938-B985-F2DE33401D0D}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{141EAB74-24F2-431F-BBC4-EE7C9916D024}C:\program files\openvpn\bin\openvpn.exe] => (Block) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{ACF6AE44-A953-4653-8FE5-A46EF65FB32B}C:\program files\openvpn\bin\openvpn.exe] => (Block) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{F0277A66-36D1-443A-85EF-BD9A43EADF61}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{AE2C8A86-385A-47AC-83A7-0A5419F453A5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B24A5433-9566-4FCA-B1BF-CEDF0CDE05FE}C:\program files (x86)\fairware24\janitostarifrechner\zebedee.exe] => (Allow) C:\program files (x86)\fairware24\janitostarifrechner\zebedee.exe
FirewallRules: [UDP Query User{090D9668-9EE6-469A-A191-C98EEAF573E4}C:\program files (x86)\fairware24\janitostarifrechner\zebedee.exe] => (Allow) C:\program files (x86)\fairware24\janitostarifrechner\zebedee.exe
FirewallRules: [{41F01875-6592-4361-A0EB-4F9A82CF1A1E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6AE51FE8-46B0-4A44-949A-4C740DD7225E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F8A5F74C-4600-4DE9-B2E4-3F129E6E321F}] => (Allow) C:\Spiele\C&C 1\CNC and The Covert Operations\CNC95Launcher.exe
FirewallRules: [{52644705-6D94-47A6-9295-3370710C77FA}] => (Allow) C:\Spiele\C&C 1\CNC and The Covert Operations\CNC95Launcher.exe
FirewallRules: [{A1CA101D-BA8F-4414-BC79-C5DB7CE4C998}] => (Allow) C:\Spiele\C&C Red Alert 2\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{2138C0CA-58D1-4B31-A539-55D5DAE1EE08}] => (Allow) C:\Spiele\C&C Red Alert 2\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{D4F854C6-4FB2-4EBA-B132-8FF6304DF3EF}] => (Allow) C:\Spiele\C&C 4 Teberium Twilight\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [{564EF35A-D694-4E8D-8818-73B9380FC276}] => (Allow) C:\Spiele\C&C 4 Teberium Twilight\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [TCP Query User{866A756C-413B-43B4-AB81-4134B7238B7A}C:\spiele\c&c 4 teberium twilight\command conquer 4 tiberian twilight\data\cnc4.game] => (Block) C:\spiele\c&c 4 teberium twilight\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [UDP Query User{2BFDBAFC-D95B-4531-967F-A6392624873A}C:\spiele\c&c 4 teberium twilight\command conquer 4 tiberian twilight\data\cnc4.game] => (Block) C:\spiele\c&c 4 teberium twilight\command conquer 4 tiberian twilight\data\cnc4.game
FirewallRules: [{294C3271-2990-46E8-9734-0531882F29B1}] => (Allow) C:\Spiele\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{FA1AB558-D6F3-46A0-840B-59F7904BF773}] => (Allow) C:\Spiele\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{E8149216-5F9A-463E-9E60-4B07C2F7EB45}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{6CDC80B0-2650-474B-9C72-C56B6789FA11}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{4EF70DAE-FE20-4736-9117-F21981EB758C}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{11A9161B-3C4B-45DA-AB42-68A54394F32E}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{365E8E32-0A4A-438B-94B8-A38A009AABF7}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{A2185D3A-6F24-447A-9618-CD3B1AC8D9C9}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [TCP Query User{8AB303D0-6F96-44E2-BB30-2CADFA3E67B1}C:\program files (x86)\origin games\command and conquer red alert ii\game.exe] => (Block) C:\program files (x86)\origin games\command and conquer red alert ii\game.exe
FirewallRules: [UDP Query User{9DBEF367-4419-4FD8-829B-2EE218E19DA7}C:\program files (x86)\origin games\command and conquer red alert ii\game.exe] => (Block) C:\program files (x86)\origin games\command and conquer red alert ii\game.exe
FirewallRules: [TCP Query User{42A58ACB-7C4C-4B42-9319-4F3FC79A3C21}C:\users\johan_000\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\johan_000\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [UDP Query User{B42E830C-6D18-490C-930E-36EDA7FBD0BF}C:\users\johan_000\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\johan_000\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [{49AE227F-D2A1-4983-9B04-C157AA45ED90}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{C91AD725-7A6F-4AE7-BBE2-CFE0267C4D00}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4DEA3856-948F-4BD1-9A82-305C207F02EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8E2B7ADA-EEC9-482D-8B31-F5381D4E0D25}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{15494353-0268-4F21-914D-58221230940D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B63FFEDD-72F7-4F33-9101-930217A3A805}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{EB770392-485C-4FFA-9914-37F9D36B7A5D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{7704A801-AC77-42F9-9DA6-1809AB51D4B5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{0E13601C-ABE6-4804-90BA-0B3633E509E1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{A4FA0856-916B-4036-BFAB-C5DCFF07BCCF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{1BE8D93A-E861-49FA-9E3F-BF05E9542BF5}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{109C09C9-1E39-4220-9470-DA8F6937AB0D}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
==================== Wiederherstellungspunkte =========================
09-05-2018 18:42:32 Windows Update
19-05-2018 11:46:31 Geplanter Prüfpunkt
22-05-2018 21:50:11 McAfee Vulnerability Scanner
29-05-2018 21:53:35 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/02/2018 03:59:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1204
Startzeit: 01d3fa7927610c7d
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 2c772941-666d-11e8-8302-1008b1a6508e
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/28/2018 08:42:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2641
Error: (05/28/2018 08:42:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2641
Error: (05/28/2018 08:42:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/28/2018 08:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1328
Error: (05/28/2018 08:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1328
Error: (05/28/2018 08:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/23/2018 09:20:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13890
Systemfehler:
=============
Error: (06/03/2018 12:19:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.
Error: (06/03/2018 12:13:38 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942405.
Error: (06/03/2018 12:13:38 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT)
Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942405.
Error: (06/03/2018 09:16:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Origin Web Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/03/2018 09:16:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ePower Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/03/2018 09:16:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/03/2018 09:16:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/03/2018 09:16:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Windows Defender:
===================================
Date: 2017-04-27 11:33:10.977
Description:
Fehler von Windows Defender beim Laden von Signaturen. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen.
Betroffene Signaturen: Aktuell
Fehlercode: 0x80073aba
Fehlerbeschreibung: Die Ressource ist zu alt und daher nicht mehr kompatibel.
Signaturversion: 1.187.322.0;1.187.322.0
Modulversion: 1.1.11104.0
Date: 2015-05-01 00:32:58.468
Description:
Fehler von Windows Defender beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.187.322.0
Updatequelle: Microsoft Update-Server
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.11104.0
Fehlercode: 0x8024001e
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
CodeIntegrity:
===================================
Date: 2016-01-17 21:15:54.712
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-17 21:15:54.620
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 21:40:07.682
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 21:40:07.606
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 19:34:23.346
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 19:34:23.262
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 19:29:13.587
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-09-30 19:29:13.509
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 5341.16 MB
Summe virtueller Speicher: 9395.27 MB
Verfügbarer virtueller Speicher: 6146.02 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:913.05 GB) (Free:735.58 GB) NTFS
\\?\Volume{a5010966-2a02-4dfa-a782-1d2bcb70dcdf}\ (RECOVERY) (Fixed) (Total:0.59 GB) (Free:0.32 GB) NTFS
\\?\Volume{d1de73af-164e-4c0c-a76f-a31c1da6fbd6}\ (Push Button Reset) (Fixed) (Total:17.45 GB) (Free:2.03 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DF566A8F)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
| Themen zu Auf dubiosen link in PM auf Facebook geklickt |
| alten, anderen, beitrag, benutzer, direkt, einfach, fehler, folge, geschlossen, getarnt, hallo zusammen, hängen, interne, internet, laden, link, nachricht, oberfläche, recht, runter, security, tab, thread, vpn, zusammen |
Hybrid-Darstellung
