Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
www1.online Windows 10

www1.online Windows 10


Log-Analyse und Auswertung: www1.online Windows 10

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 12.05.2020, 20:34   #6
jamoin
 
www1.online Windows 10 - Standard

www1.online Windows 10


Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-05-2020
durchgeführt von Lukas (12-05-2020 21:31:45)
Gestartet von C:\Users\Lukas\Downloads
Windows 10 Home Version 1909 18363.778 (X64) (2020-02-22 18:54:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3059128823-690407670-1345120979-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3059128823-690407670-1345120979-503 - Limited - Disabled)
Gast (S-1-5-21-3059128823-690407670-1345120979-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3059128823-690407670-1345120979-1002 - Limited - Enabled)
Lukas (S-1-5-21-3059128823-690407670-1345120979-1001 - Administrator - Enabled) => C:\Users\Lukas
simon (S-1-5-21-3059128823-690407670-1345120979-1004 - Limited - Enabled) => C:\Users\simon
WDAGUtilityAccount (S-1-5-21-3059128823-690407670-1345120979-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.371 - Adobe)
AMD Ryzen Master (HKLM\...\{03213877-8001-4F2C-8917-26B127DE1540}) (Version: 1.0.1.0239 - Advanced Micro Devices, Inc.)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.8 - Electronic Arts, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Assassin's Creed Odyssey (HKLM-x32\...\Uplay Install 5059) (Version:  - Ubisoft)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.24.3 - Bethesda Softworks)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cockatrice (HKLM\...\Cockatrice) (Version: 2.7.4 - Cockatrice team)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
Electrum (HKU\S-1-5-21-3059128823-690407670-1345120979-1001\...\Electrum) (Version: 2.9.3 - Electrum Technologies GmbH)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Futuremark SystemInfo (HKLM-x32\...\{E192B91F-DD48-42A0-8ECF-03EC75A3780F}) (Version: 5.18.705.0 - Futuremark)
GameInput Redistributable (HKLM-x32\...\{A2B830F7-26CA-E462-3163-FC645BC6CF13}) (Version: 10.1.19041.1147 - Microsoft Corporation)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Gothic II - Die Nacht des Raben (HKLM-x32\...\Gothic II - Die Nacht des Raben) (Version:  - JoWooD Productions Software AG)
Gothic II (HKLM-x32\...\Gothic II) (Version:  - JoWooD Productions Software AG)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Gwent (HKLM-x32\...\1971477531_is1) (Version: 5.0.1 - GOG.com)
IOTA Wallet 2.5.6 (only current user) (HKU\S-1-5-21-3059128823-690407670-1345120979-1001\...\85125e2a-0211-5c49-9018-9358da1074b1) (Version: 2.5.6 - IOTA Foundation)
iTunes (HKLM\...\{9E84991B-6078-4311-A714-0A1360C3706C}) (Version: 12.9.0.167 - Apple Inc.)
Jaxx 1.3.9 (only current user) (HKU\S-1-5-21-3059128823-690407670-1345120979-1001\...\c8bd836d-41d7-5f55-90da-0bae2db13a07) (Version: 1.3.9 - decentral.ca)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
LM60 Config (HKLM-x32\...\{9FC40B37-3621-41F1-A0F1-B42202CABD59}) (Version: 0.90 - LIONCAST) Hidden
LM60 Config (HKLM-x32\...\InstallShield_{9FC40B37-3621-41F1-A0F1-B42202CABD59}) (Version: 0.90 - LIONCAST)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-3059128823-690407670-1345120979-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27033 (HKLM-x32\...\{cc3a7c63-31fb-4129-9024-63ebefd86a95}) (Version: 14.16.27033.0 - Microsoft Corporation)
Mozilla Firefox 76.0.1 (x64 de) (HKLM\...\Mozilla Firefox 76.0.1 (x64 de)) (Version: 76.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
MSI Kombustor v4 0.6.3.3 (64-bit) (HKLM-x32\...\{F3D3CC6B-9AD7-4F43-8C69-40D5902FDC5C}}_is1) (Version:  - MSI / Geeks3D)
MTG Arena (HKLM-x32\...\{F992AE4E-1630-43F9-A799-5A79C72C431D}) (Version: 0.1.2182 - Wizards of the Coast)
Neon 0.0.7 (only current user) (HKU\S-1-5-21-3059128823-690407670-1345120979-1001\...\211a501f-25dd-501b-8c98-509ac17aedfa) (Version: 0.0.7 - Ethan Fast)
Nextcloud (HKLM-x32\...\Nextcloud) (Version: 2.5.1.61652 - Nextcloud GmbH)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA Grafiktreiber 445.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.87 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.7 (HKLM-x32\...\{81D7585D-3E44-4984-B99B-911492419D3E}) (Version: 4.17.9800 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.43.28287 - Electronic Arts, Inc.)
PerformanceTest v9.0 (HKLM\...\PerformanceTest 9_is1) (Version: 9.0.1019.0 - Passmark Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Quake Champions (HKLM-x32\...\Quake Champions) (Version:  - Bethesda Softworks)
RaiBlocks (HKLM-x32\...\rai 9.0.0) (Version: 9.0.0 - Humanity)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8158 - Realtek Semiconductor Corp.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
ROCCAT Ryos Keyboard Driver (HKLM-x32\...\{70F3EF93-44F4-446A-90B8-33DAB2799AF1}) (Version: 1.29.0009 - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Spine (HKLM-x32\...\Spine) (Version: 1.14.3 - Clockwork Origins)
Spotify (HKU\S-1-5-21-3059128823-690407670-1345120979-1001\...\Spotify) (Version: 1.1.32.618.gda5638a6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 78.1 - Ubisoft)
VALORANT (HKU\S-1-5-21-3059128823-690407670-1345120979-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
XTREME GAMING ENGINE (HKLM-x32\...\GIGABYTE XTREME GAMING ENGINE_is1) (Version: 1.2.1.1 - GIGABYTE Technology Co.,Inc.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.3.13.0_x86__ffd303wmbhcjt [2020-04-28] (BreeZip) [MS Ad]
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2020-02-22] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2020-02-22] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-19] (Dolby Laboratories)
Forza Horizon 4 -> C:\Program Files\WindowsApps\Microsoft.SunriseBaseGame_1.415.400.2_x64__8wekyb3d8bbwe [2020-05-07] (Microsoft Studios)
Forza Horizon 4 Formula Drift Car Pack -> C:\Program Files\WindowsApps\Microsoft.FormulaDriftCarPack_1.0.3.2_neutral__8wekyb3d8bbwe [2020-03-27] (Microsoft Studios)
Gaming Services -> C:\Program Files\WindowsApps\Microsoft.GamingServices_2.40.29002.0_x64__8wekyb3d8bbwe [2020-05-05] (Microsoft Corporation)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2019-07-30] (Keeper Security Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft News – Nachrichten -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-05] (Microsoft Studios) [MS Ad]
MSN Wetter -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.92.3818.2_x64__8wekyb3d8bbwe [2020-05-05] (ms-resource:PublisherDisplayName)
Xbox (Beta) -> C:\Program Files\WindowsApps\Microsoft.GamingApp_2003.1001.4.0_x64__8wekyb3d8bbwe [2020-03-10] (Microsoft Corporation) [Startup Task]

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3059128823-690407670-1345120979-1001_Classes\CLSID\{11a554c7-9855-4c17-bb4e-8f5ddea03941} -> [Nextcloud] => C:\Users\Lukas\Nextcloud [2019-01-28 21:23]
ShellIconOverlayIdentifiers: [  OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\Nextcloud\shellext\OCOverlays_x64.dll [2018-06-22] (ownCloud Inc.) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [  OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\Nextcloud\shellext\OCOverlays_x64.dll [2018-06-22] (ownCloud Inc.) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [  OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\Nextcloud\shellext\OCOverlays_x64.dll [2018-06-22] (ownCloud Inc.) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [  OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\Nextcloud\shellext\OCOverlays_x64.dll [2018-06-22] (ownCloud Inc.) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [  OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\Nextcloud\shellext\OCOverlays_x64.dll [2018-06-22] (ownCloud Inc.) [Datei ist nicht signiert]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-12] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OCContextMenuHandler] -> {841A0AAD-AA11-4B50-84D9-7F8E727D77D7} => C:\Program Files (x86)\Nextcloud\shellext\OCContextMenu_x64.dll [2018-06-22] (ownCloud Inc.) [Datei ist nicht signiert]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-12] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2017-11-12 14:58 - 2017-11-12 14:56 - 000104448 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2018-06-22 19:12 - 2018-06-22 19:12 - 000062976 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Nextcloud\shellext\OCUtil_x64.dll
2018-06-22 19:12 - 2018-06-22 19:12 - 000174592 _____ (ownCloud Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Nextcloud\shellext\OCOverlays_x64.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [468]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ==========

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3059128823-690407670-1345120979-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lukas\Downloads\265693.png
DNS Servers: 9.9.9.9 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: ss_conn_service => 2
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "LIONCAST LM60 GAMING MOUSE SOFTWARE.exe"
HKU\S-1-5-21-3059128823-690407670-1345120979-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3059128823-690407670-1345120979-1001\...\StartupApproved\Run: => "Nextcloud"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{579A8ABA-8E4F-431E-81D6-0B4BA317FC5A}E:\games\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) E:\games\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe (Crytek GmbH -> Crytek GmbH)
FirewallRules: [TCP Query User{80BBDD27-5D39-49B4-B3F3-128F7136E3BD}E:\games\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) E:\games\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe (Crytek GmbH -> Crytek GmbH)
FirewallRules: [{CB008B87-F742-4591-8220-4C14C00340F3}] => (Allow) D:\Games\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{098C2CAD-5B36-4E25-A78C-4891337B2AC8}] => (Allow) D:\Games\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{771678DE-1508-47E2-BC39-3F02B4341D7A}] => (Allow) D:\Games\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Odyssey\ACOdyssey_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{AF13C0B1-E9AF-4A92-A142-4589B68A55D4}] => (Allow) D:\Games\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{9BDA21E3-437D-4B10-95E8-13D93B1D1678}] => (Allow) D:\Games\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{7C9E0EA5-228D-45BB-8F57-AFD286498201}] => (Allow) D:\Games\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{1D42B19C-E9B9-4269-8203-547DD87BE478}] => (Allow) D:\Games\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [UDP Query User{BE307D27-1AD9-47F9-AA34-3DF13D7D341D}E:\games\diablo iii\x64\diablo iii64.exe] => (Allow) E:\games\diablo iii\x64\diablo iii64.exe => Keine Datei
FirewallRules: [TCP Query User{8ADF8AF3-C7D8-4326-807C-4D17ACD6E9B0}E:\games\diablo iii\x64\diablo iii64.exe] => (Allow) E:\games\diablo iii\x64\diablo iii64.exe => Keine Datei
FirewallRules: [{5641F185-3212-4F8B-858E-593E2C85133C}] => (Allow) E:\Games\Steam\steamapps\common\Star Realms\StarRealms.exe () [Datei ist nicht signiert]
FirewallRules: [{0B64EFAA-4A02-4F96-BF17-677E82BAEFFD}] => (Allow) E:\Games\Steam\steamapps\common\Star Realms\StarRealms.exe () [Datei ist nicht signiert]
FirewallRules: [{8929D6B8-C497-4826-8582-53512A19C183}] => (Allow) E:\Games\Steam\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{8AC6B3C9-E72C-47C3-A2AB-EA6F75383BEB}] => (Allow) E:\Games\Steam\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{D8F7F720-2A65-41F0-8BF9-4E68C3B3473B}] => (Allow) E:\Games\Steam\steamapps\common\Hunt Showdown\hunt.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{8ABAFDAF-DC73-4F4E-914D-04DB7C6A2353}] => (Allow) E:\Games\Steam\steamapps\common\Hunt Showdown\hunt.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{B0009AA4-454B-46C2-97AC-7015EC7F2AD2}E:\games\magic\mtgarena\mtga.exe] => (Allow) E:\games\magic\mtgarena\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [TCP Query User{B321AF9C-F31E-4A8E-96EE-4C9E0173AED0}E:\games\magic\mtgarena\mtga.exe] => (Allow) E:\games\magic\mtgarena\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [{9F80C2EA-60FD-4688-9910-A97D554DB774}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F8C51276-58B2-40C3-AED3-FB435175F260}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4D38FC6F-D080-4CE6-B26C-942612701174}] => (Allow) D:\Games\Steam\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{96FB824C-A8CD-46C3-8FCF-267FCAA53984}] => (Allow) D:\Games\Steam\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{873DD5B0-602F-49C1-8B7B-5909C4CA8092}] => (Allow) E:\Games\Steam\steamapps\common\South Park The Fractured But Whole\SouthPark_TFBW.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{41DA5E76-9008-4153-A0A4-2A500AB917B6}] => (Allow) E:\Games\Steam\steamapps\common\South Park The Fractured But Whole\SouthPark_TFBW.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{178396A2-FD6D-4117-B29E-99C44EFA923A}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{9B127BEA-4C21-4E31-A633-8536D7918BEA}] => (Allow) C:\Program Files (x86)\Epson Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{11EC7164-B6E3-45FE-9B71-8B23BD55A6E0}] => (Allow) D:\Games\Steam\steamapps\common\Mordhau\Mordhau.exe => Keine Datei
FirewallRules: [{C7400422-8DA0-49CF-AC6A-EC8A8E5C0139}] => (Allow) D:\Games\Steam\steamapps\common\Mordhau\Mordhau.exe => Keine Datei
FirewallRules: [UDP Query User{C77A6171-076B-4D28-AAA2-B0DD6D2DBC15}D:\games\steam\steamapps\common\pubg_closed_experimental\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steam\steamapps\common\pubg_closed_experimental\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [TCP Query User{EDF7BD04-472A-4C4F-A569-25B69DD9F470}D:\games\steam\steamapps\common\pubg_closed_experimental\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steam\steamapps\common\pubg_closed_experimental\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [{DCF0D8AC-8502-4DA7-801B-AB99ED30CBAC}] => (Allow) D:\Games\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{404DDDF5-027C-42E1-82E6-E802D112BADE}] => (Allow) D:\Games\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [UDP Query User{C5EE8DFB-2A77-4B14-80E8-768FDD23B33B}D:\games\steam\steamapps\common\hunt showdown\bin\win_x64\gamelauncher.exe] => (Allow) D:\games\steam\steamapps\common\hunt showdown\bin\win_x64\gamelauncher.exe => Keine Datei
FirewallRules: [TCP Query User{B8C1A821-221F-4072-A82E-5BA0DA280035}D:\games\steam\steamapps\common\hunt showdown\bin\win_x64\gamelauncher.exe] => (Allow) D:\games\steam\steamapps\common\hunt showdown\bin\win_x64\gamelauncher.exe => Keine Datei
FirewallRules: [{B222D970-FDA8-4A81-B50E-CCAD282392DE}] => (Allow) D:\Games\Steam\steamapps\common\Hunt Showdown\hunt.exe => Keine Datei
FirewallRules: [{79DF9045-AAA1-4407-8CF2-F6330A0A4529}] => (Allow) D:\Games\Steam\steamapps\common\Hunt Showdown\hunt.exe => Keine Datei
FirewallRules: [UDP Query User{76595B5F-8A5F-444D-939C-2E567F765EC2}D:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{B2CC48DD-65BB-456A-849A-825FCE12E101}D:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{C4653959-907D-4108-A293-2B0D896BB69D}D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => Keine Datei
FirewallRules: [TCP Query User{2F76BFE1-F48D-470F-B63C-C214ED2EEB17}D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => Keine Datei
FirewallRules: [UDP Query User{1E68F17A-4609-4F90-BE6C-9BAEDAD3C708}D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => Keine Datei
FirewallRules: [TCP Query User{40972422-DE2D-49E4-BB1B-CE4E1C8F403A}D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => Keine Datei
FirewallRules: [{6399F94A-67F6-40D6-8C08-5C20A956F5F4}] => (Allow) C:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{9DA5FC26-1D36-4393-9066-BF2CD491030D}] => (Allow) C:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{67E9D517-C8BA-46F1-9D1A-088588D5AE52}] => (Allow) C:\Games\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FBAE727F-1759-4DF1-B449-C6286D03C500}] => (Allow) C:\Games\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{755FE148-E729-4446-A383-4C43AC217F0C}C:\users\lukas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lukas\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{A3C1F3E7-4A36-40DF-8993-08CF48DAA55B}C:\users\lukas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lukas\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6F6F8ACC-B6A3-4EAB-AED5-3EEEDEA729A7}] => (Allow) D:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{C5B81696-8768-4831-8784-30BDEF97BD26}] => (Allow) D:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{C4A097C0-222A-4654-90D9-137B29EFCC69}] => (Allow) D:\Games\Steam\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{AEB890D5-DEB5-4ECC-B04C-5D5E74181406}] => (Allow) D:\Games\Steam\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{56EC3131-DA9E-4AC8-9605-D96A466054F8}] => (Allow) D:\Games\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (Bethesda Softworks) [Datei ist nicht signiert]
FirewallRules: [{E93B177A-E28F-4651-901D-078B277BFBB8}] => (Allow) D:\Games\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (Bethesda Softworks) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{73A0AE79-5983-4B34-B2BD-DA76ED7BB7EC}D:\games\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\games\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{3B8D5534-18B6-4E04-8ABD-2044C06E0835}D:\games\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\games\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{68F269D4-F27B-483F-9A30-BD7B3F41B51F}D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe] => (Allow) D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe (id Software) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{3D5D7296-4D03-446F-B138-4E49B3DD5CFA}D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe] => (Allow) D:\games\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe (id Software) [Datei ist nicht signiert]
FirewallRules: [{8B14A21B-118B-40A5-AB59-5D596517081F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4C479999-1629-46EC-A69B-10740D7326B2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8D8EE57C-BDA2-4173-9C86-F1669037D5E8}] => (Allow) D:\Games\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{3C795AAE-A329-4ABD-9850-7EC73320D719}] => (Allow) D:\Games\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [TCP Query User{BDDCF7DE-8121-4DD6-9841-FF351993CCA7}D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{80AABEE0-A1D3-4C80-914F-ADE0B0198194}D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{1968B71F-89AC-4153-B77B-4A80FF911B70}] => (Allow) D:\Games\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [Datei ist nicht signiert]
FirewallRules: [{0AE6FFE7-36F3-4E03-9A25-48333C4FDAF2}] => (Allow) D:\Games\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{2A367E6E-F5D2-4B5C-A37E-70CC76D5B9C6}D:\games\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [UDP Query User{740C3946-2C3F-43F0-B3B1-0A887DAF9931}D:\games\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [TCP Query User{96241889-2F9A-48DB-A069-C1581EA4DC37}C:\games\clockwork origins\spine\bin\spine.exe] => (Allow) C:\games\clockwork origins\spine\bin\spine.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{5E7E816E-3831-4935-94B3-47A6CF6CB941}C:\games\clockwork origins\spine\bin\spine.exe] => (Allow) C:\games\clockwork origins\spine\bin\spine.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{02C5ED90-90FD-4E98-B531-C20E9D1BA503}D:\games\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) D:\games\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe => Keine Datei
FirewallRules: [UDP Query User{522FA5C1-379B-41DD-BDB8-DE17129C26DF}D:\games\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) D:\games\steam\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe => Keine Datei
FirewallRules: [{02DE8262-9105-4295-98FE-D49412A96E1C}] => (Allow) C:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8F4687DB-5FB9-4BD8-B167-751785F12364}] => (Allow) C:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{F14DE2D9-7B26-4242-8783-A6085218242D}C:\program files (x86)\gog galaxy\games\gwent\gwent.exe] => (Allow) C:\program files (x86)\gog galaxy\games\gwent\gwent.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{B6C41F0F-2074-4A1E-85B1-44D9BF771731}C:\program files (x86)\gog galaxy\games\gwent\gwent.exe] => (Allow) C:\program files (x86)\gog galaxy\games\gwent\gwent.exe () [Datei ist nicht signiert]
FirewallRules: [{FCC6B887-9935-4475-9B7D-A8C2D0078B22}] => (Allow) D:\Games\Steam\steamapps\common\SCUM\SCUM\Binaries\Win64\SCUM.exe => Keine Datei
FirewallRules: [{0E324E3C-3813-4716-875D-A833F2729EDE}] => (Allow) D:\Games\Steam\steamapps\common\SCUM\SCUM\Binaries\Win64\SCUM.exe => Keine Datei
FirewallRules: [{F7D74A67-DF38-4D3D-B6BA-39AC65A6342B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BEA46F31-8F8C-4183-B060-3B187C2FE5D1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{04C1856C-04E5-4DB2-9DA0-F3D7EBA2125A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{89F856B9-0431-46EC-9AD8-3680EDDA9E1C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F9FDFC23-B5E6-4A21-B627-5097C6103B09}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4B4108A2-ED2E-4D26-83B3-4662663A4938}] => (Allow) D:\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{33878199-2EB0-481B-BED5-C76EAE6545BE}C:\users\lukas\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\lukas\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{613B1DE9-CE4C-43D1-883E-C2F3EE905F14}C:\users\lukas\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\lukas\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DB6808BB-EFB3-4FB4-A0D5-CD13040583E3}] => (Allow) D:\Games\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{EA450F90-C6CE-458D-B4FB-B17C984F1372}] => (Allow) D:\Games\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [TCP Query User{CA32DD12-E294-433B-9DCE-3A95EB4B9C78}D:\games\magic\mtgarena\mtga.exe] => (Allow) D:\games\magic\mtgarena\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [UDP Query User{31E941DD-3C13-46DF-AD99-126124AF6B3B}D:\games\magic\mtgarena\mtga.exe] => (Allow) D:\games\magic\mtgarena\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [TCP Query User{82B6B5AC-8C10-4E24-8E70-8086DE5B3639}D:\games\gwent\gwent_ptr\gwent.exe] => (Allow) D:\games\gwent\gwent_ptr\gwent.exe => Keine Datei
FirewallRules: [UDP Query User{EA3322D5-C0AF-43FE-BAF0-86E3DADBB69D}D:\games\gwent\gwent_ptr\gwent.exe] => (Allow) D:\games\gwent\gwent_ptr\gwent.exe => Keine Datei
FirewallRules: [{488E3CC6-384F-425E-8751-9404B7130B3B}] => (Allow) D:\Games\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Odyssey\ACOdyssey.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{EA7F23B3-89C5-4EC8-8469-7AFA99E3F6C3}] => (Allow) D:\Games\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [Datei ist nicht signiert]
FirewallRules: [{AFDA18E9-F564-4EC0-B31B-7AC7C1D19E2F}] => (Allow) D:\Games\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [Datei ist nicht signiert]
FirewallRules: [{9233E169-C87C-4022-94D2-F6D873374833}] => (Allow) D:\Games\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe => Keine Datei
FirewallRules: [{299FA25A-BDE0-4436-AC87-6C66C3C51C11}] => (Allow) D:\Games\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe => Keine Datei
FirewallRules: [{0AEDDF65-4889-4331-B4FE-3852D65CCC9A}] => (Allow) D:\Games\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe => Keine Datei
FirewallRules: [{AD3AEAD7-F610-409C-B1D9-40D90B1F5707}] => (Allow) D:\Games\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe => Keine Datei
FirewallRules: [{22C723ED-F970-4851-AE2B-CE3E7AA311AF}] => (Allow) D:\Games\Steam\steamapps\common\ELEX\system\ELEX.exe (Piranha Bytes) [Datei ist nicht signiert]
FirewallRules: [{1C22AD9E-4F8C-4D02-AB0C-64A802CA0120}] => (Allow) D:\Games\Steam\steamapps\common\ELEX\system\ELEX.exe (Piranha Bytes) [Datei ist nicht signiert]
FirewallRules: [{198C0B9B-400E-42F9-98BB-4013187574A3}] => (Allow) D:\Games\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [Datei ist nicht signiert]
FirewallRules: [{22CED4A6-F03A-400B-942F-B6E8218D3317}] => (Allow) D:\Games\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{C948B5FE-6A32-43F3-9CBD-B47DE2E368F1}D:\games\origin launcher\apex\r5apex.exe] => (Allow) D:\games\origin launcher\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{415956F2-7D38-4022-8BDD-DA31D9B0BE63}D:\games\origin launcher\apex\r5apex.exe] => (Allow) D:\games\origin launcher\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [{80499180-A281-458F-BCCB-A33EE3E609EE}] => (Allow) D:\Games\Steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe () [Datei ist nicht signiert]
FirewallRules: [{E45AE61B-CADB-4075-ABE1-2C2834308BFC}] => (Allow) D:\Games\Steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe () [Datei ist nicht signiert]
FirewallRules: [{7D67B671-52E4-4FD6-B4C8-C29249556B5E}] => (Allow) D:\Games\Origin Launcher\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{0E268396-E0EB-4141-99D2-F26FBBE8D8D7}] => (Allow) D:\Games\Origin Launcher\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{7B7DFC9C-4036-4E52-8471-52A264D359A2}D:\games\origin launcher\apex\r5apex.exe] => (Allow) D:\games\origin launcher\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{DA582D26-9ACC-4A4D-AC2B-ECB939E7506D}D:\games\origin launcher\apex\r5apex.exe] => (Allow) D:\games\origin launcher\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [{F91EF0E6-59BB-4DCE-A23F-4C3DD68E0EFE}] => (Allow) E:\Games\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [Datei ist nicht signiert]
FirewallRules: [{4DAA5256-B1D2-4DC8-A319-F428D70C8DEE}] => (Allow) E:\Games\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [Datei ist nicht signiert]
FirewallRules: [{B980A2EA-BB76-4975-AE98-6789F14F4AE4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FFC7EEEA-E71D-46F7-9AEC-7BA9000B1431}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B9BFA5E6-A44B-43EB-A796-3A5439D9E5F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{164B5E16-131C-4633-B347-E79FA13B0870}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{48ECCD9A-0E15-4770-8B02-85809250D3E6}] => (Allow) E:\Games\Steam\steamapps\common\Borderlands 3\OakGame\Binaries\Win64\Borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{485FC083-E875-4377-9FAD-D50239B9CD5D}] => (Allow) E:\Games\Steam\steamapps\common\Borderlands 3\OakGame\Binaries\Win64\Borderlands3.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{42BB9CD3-2A01-4F6F-8173-DC0919260A14}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Wiederherstellungspunkte =========================

21-04-2020 13:31:51 Installed Adobe Acrobat Reader DC - Deutsch.
03-05-2020 11:36:45 Geplanter Prüfpunkt
08-05-2020 15:35:49 Windows Update
12-05-2020 20:36:18 chip 1-click download service wurde entfernt.
12-05-2020 21:26:18 AdwCleaner_BeforeCleaning_12/05/2020_21:26:17

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (05/12/2020 09:14:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15788,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/12/2020 08:59:46 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14120,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/12/2020 08:50:19 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4736,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/12/2020 08:38:39 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (05/12/2020 08:38:39 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (05/12/2020 08:17:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15792,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/12/2020 08:09:23 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18872,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/12/2020 08:04:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13564,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


Systemfehler:
=============
Error: (05/12/2020 09:26:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/12/2020 09:26:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ASUS Com Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/12/2020 09:26:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth Driver Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/12/2020 09:26:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/12/2020 09:26:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/12/2020 09:26:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "GameInput Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/12/2020 09:26:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ASUS System Control Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/12/2020 09:26:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.


Windows Defender:
===================================
Date: 2020-05-12 20:35:57.217
Description: 
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {D5EA21E3-BCE7-4298-86A3-590EE94C7F19}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Vollständige Überprüfung
Benutzer: Maschineeee\Lukas

==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 5007 06/18/2019
Hauptplatine: ASUSTeK COMPUTER INC. PRIME X370-A
Prozessor: AMD Ryzen 7 1800X Eight-Core Processor 
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 16320.75 MB
Verfügbarer physikalischer RAM: 11827.76 MB
Summe virtueller Speicher: 32704.75 MB
Verfügbarer virtueller Speicher: 25941.68 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:232.22 GB) (Free:28.7 GB) NTFS
Drive d: (Daten) (Fixed) (Total:931.51 GB) (Free:340.09 GB) NTFS
Drive e: (SSD Kingston) (Fixed) (Total:447.13 GB) (Free:115.97 GB) NTFS

\\?\Volume{0101bd9c-9bad-11e7-bc0c-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{75360a39-0000-0000-0000-80143a000000}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E4E94126)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 75360A39)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=577 MB) - (Type=27)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 7F44664B)
Partition 1: (Not Active) - (Size=447.1 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt =======================

 

Themen zu www1.online Windows 10
.dll, administrator, adobe, adobe flash player, asus, browser, computer, defender, desktop, explorer, firefox, flash player, frage, geforce, google, hilfe, home, mozilla, node.js, nvcontainer.exe, nvidia, prozesse, realtek, registry, scan, sigcheck, trojaner, usb, windows, windowsapps, www1.online


« PC plötzlich sehr langsam | Windows 10 (präventive) Hygienemaßnahme aufgrund kleinerer Unstimmigkeiten »


Ähnliche Themen: www1.online Windows 10


  1. Windows 8.1 "www1.online.... und blankes Fenster im Firefox" statt Startseite (nach Open Office Update)
    Plagegeister aller Art und deren Bekämpfung - 30.04.2020 (12)
  2. http://www1.online/?w=RD9898
    Plagegeister aller Art und deren Bekämpfung - 27.04.2020 (13)
  3. Windows 10: www1.online erscheint bei Suche über Adresszeile
    Log-Analyse und Auswertung - 18.09.2019 (26)
  4. Windows 10: www1 online?w=RD4345&q beim Starten von Firefox
    Log-Analyse und Auswertung - 01.09.2019 (23)
  5. www1.online Weiterleitung auf about:blank
    Log-Analyse und Auswertung - 28.08.2019 (25)
  6. Windows 8 - Browserstartseite auf www1.online... geändert
    Log-Analyse und Auswertung - 25.08.2019 (29)
  7. Firefox-Startseite www1.online/?w=.....
    Plagegeister aller Art und deren Bekämpfung - 24.08.2019 (24)
  8. Windows 10: Firefox Sucherweiterung www1.online
    Log-Analyse und Auswertung - 23.08.2019 (30)
  9. Windows 8.1: www1.online/?w=RD6763 beim Öffnen von Chrome nach "open office update"
    Log-Analyse und Auswertung - 21.01.2019 (5)
  10. Firefox: www1.online/?w=RD2332
    Log-Analyse und Auswertung - 24.06.2018 (11)
  11. www1.online/?w=RD2332
    Plagegeister aller Art und deren Bekämpfung - 06.06.2018 (3)
  12. Windows 10, falsches OpenOffice Update,Internetbrowsers geht auf www1.online/?w=RD2121
    Plagegeister aller Art und deren Bekämpfung - 25.11.2017 (12)
  13. www1.online/?w=RD2121
    Plagegeister aller Art und deren Bekämpfung - 14.11.2017 (12)
  14. http://www1.online/?w=RD9898
    Plagegeister aller Art und deren Bekämpfung - 06.07.2017 (13)
  15. http://www1.online/?w=RD9898 -> about blank
    Log-Analyse und Auswertung - 12.05.2017 (4)
  16. Windows 10 Pro: Google Chrome -> http://www1.online/?w=RD9898 -> about blank
    Log-Analyse und Auswertung - 07.05.2017 (16)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema www1.online Windows 10 - Addition Code: Alles auswählen Aufklappen ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-05-2020 durchgeführt von Lukas (12-05-2020 21:31:45) Gestartet von C:\Users\Lukas\Downloads Windows 10 Home Version 1909 18363.778 - www1.online Windows 10...
Archiv
Du betrachtest: www1.online Windows 10 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132