| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Probleme mit Maleware oder Trojaner nach Toolbar InstallationWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.02.2017, 12:56
| #1 |
 |  Probleme mit Maleware oder Trojaner nach Toolbar Installation Hallo, ich habe am 10.02. ein neues Thema erstellt. Leider habe ich eben erst gesehen, dass das Thema im falschen Forum (Log- Analyse und Auswertung) gelandet ist. Deswegen habe ich wahrscheinlich auch noch keine Antwort erhalten. Kann ich das dort erstellte Thema irgendwie noch nachträglich verschieben oder soll ich jetzt hier nochmal ein neues Thema erstellen? |
|
15.02.2017, 20:48
| #2 |
| /// TB-Ausbilder   | Probleme mit Maleware oder Trojaner nach Toolbar Installation Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
16.02.2017, 10:51
| #3 |
| | Probleme mit Maleware oder Trojaner nach Toolbar Installation Hallo Matthias,
__________________erstmal kurz vielen lieben Dank für die schnelle Antwort. Hier die gewünschten LogDateien: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-02-2017 02 durchgeführt von julia (Administrator) auf DESKTOP-N0N5AE6 (16-02-2017 10:38:16) Gestartet von C:\Users\julia\Desktop\Virus Geladene Profile: julia (Verfügbare Profile: julia) Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe (AMD) C:\Windows\System32\atiesrxx.exe (GfK) C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe (G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe (G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe (G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe (G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (AMD) C:\Windows\System32\atieclxx.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe (G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe (G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe (G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe (GfK SE) C:\Program Files (x86)\GfK Internet-Monitor\GfK-LoginInterface.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe (The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Sand Studio) C:\Program Files (x86)\AirDroid\AirDroid.exe (The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\NielsenOnline64.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music Helper.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (@@Manufacturer@@) C:\Program Files (x86)\GfK Internet-Monitor\Chrome Extension\GfKChromeHost.exe (Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe () C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-15] (Realtek Semiconductor) HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [2088872 2015-09-09] (cFos Software GmbH) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G DATA\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [441160 2016-09-15] (G DATA Software AG) HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51928 2017-02-10] (Copyright (c) 2017 Plays.tv, LLC) HKLM-x32\...\Run: [NielsenOnline] => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe [202896 2016-12-30] (The Nielsen Company) HKU\S-1-5-19\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG HKU\S-1-5-20\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [8651896 2017-01-16] (Sand Studio) HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Spotify Web Helper] => C:\Users\julia\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1555056 2016-10-02] (Spotify Ltd) HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Spotify] => C:\Users\julia\AppData\Roaming\Spotify\Spotify.exe [6937200 2016-10-02] (Spotify Ltd) HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation) HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [BigNox] => C:\Users\julia\AppData\Roaming\Nox\bin\Nox.exe [5100872 2016-07-31] (Duodian Technology Co. Ltd.) HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2062208 2016-05-26] (Sony) HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\RunOnce: [Uninstall C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64" HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\MountPoints2: {4620abb5-cad0-11e6-9182-0013ef030494} - "I:\shelexec.exe" .\starter.html HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{2683783b-a4bc-4329-ac88-9cc1e28fadf5}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{b3b846c1-63d0-49c7-a2c1-ceb545584257}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp BHO: GfK Internet-Monitor -> {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} -> C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll [2016-10-31] (GfK) BHO-x32: GfK Internet-Monitor -> {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} -> C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll [2016-10-31] (GfK) Toolbar: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei FireFox: ======== FF DefaultProfile: z4n199ml.default FF ProfilePath: C:\Users\julia\AppData\Roaming\Mozilla\Firefox\Profiles\z4n199ml.default [2017-02-16] FF NetworkProxy: Mozilla\Firefox\Profiles\z4n199ml.default -> type", 0 FF Extension: (Nielsen NetSight) - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\netsight@nielsen.xpi [2017-02-16] FF HKLM\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi FF Extension: (GfK Internet) - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi [2017-02-16] FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\netsight@nielsen.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-02-11] () FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-02-11] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1190779463-2330029784-2471901394-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.reading4money.de/paidmail.php?username=julemaus89&id=1414525986&mid=0 CHR StartupUrls: Default -> "hxxp://www.spielesite.com/","hxxps://de.upjers.com/","hxxp://www.startparadies.de/index.php","hxxps://www.facebook.com/","hxxp://www.klamm.de/","hxxp://www.bonix.org/","hxxp://www.dodona-mails.de/","hxxp://testberichte.reviews/","hxxp://www.shimly.de/" CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908&prt=cr CHR DefaultSearchKeyword: Default -> NortonSafe CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff CHR Plugin: (Widevine Content Decryption Module) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.885\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\PepperFlash\pepflashplayer.dll => Keine Datei CHR Profile: C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default [2017-02-16] CHR Extension: (Google Drive) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-29] CHR Extension: (Lovely Cats Tab) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdoeoonepndhefdpieicgajkhadocngm [2016-06-24] CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-01-30] CHR Extension: (LadyCashback.de Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjnhchdicihpfajapekoedijbldehbbk [2017-02-14] CHR Extension: (YouTube) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-29] CHR Extension: (Nielsen NetSight) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgmmbefnahabhcchpfkobeindpppflc [2017-02-05] CHR Extension: (Kindle Cloud Reader) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnemmpobpfaichgccgcilgncfigplmol [2016-09-15] CHR Extension: (Google-Suche) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-04-29] CHR Extension: (Norton Home Page for Chrome) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2016-04-29] CHR Extension: (Google Kalender) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-06] CHR Extension: (GfK Internet-Monitor) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh [2016-11-04] CHR Extension: (Google Docs Offline) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-29] CHR Extension: (GfK Digital Trends App) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikkcdahfmnbofoaeofipdcejkgkbofj [2016-06-14] CHR Extension: (Questler Bonusfinder 3.0) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipddihbjlikcgpbikkgjibobkahjafni [2016-06-24] CHR Extension: (CashbackDeals.de Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnlhjofgnkcljojnibhmeopimidoblfm [2017-02-14] CHR Extension: (Andasa iCat) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcbpnhnickonbgkbgbegepdldmcnjoif [2016-10-21] CHR Extension: (iGraal Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2017-02-14] CHR Extension: (Google Play) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-04-29] CHR Extension: (Tabby Cat) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mefhakmgclhhfbdadeojlkbllmecialg [2016-11-10] CHR Extension: (Google Play Books) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2016-04-29] CHR Extension: (boost-Bar) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbifpjmldocepoilnjgbkaaighinkhpp [2016-10-11] CHR Extension: (Bundlr) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\neaecllpgiioinacndhkakancoifnbhm [2016-04-29] CHR Extension: (Norton Safe) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-09-03] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19] CHR Extension: (Google Mail) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-29] CHR Extension: (Chrome Media Router) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-06] CHR HKLM\...\Chrome\Extension: [bpgmmbefnahabhcchpfkobeindpppflc] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [bpgmmbefnahabhcchpfkobeindpppflc] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] () R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [463112 2014-07-31] () R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [4950632 2016-10-06] (G DATA Software AG) R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [984904 2016-09-15] (G DATA Software AG) R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3044496 2016-09-27] (G Data Software AG) R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [726952 2015-09-09] (cFos Software GmbH) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-30] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-30] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.) R2 GDBackupSvc; C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe [4072264 2016-09-30] (G DATA Software AG) R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3286120 2016-09-15] (G Data Software AG) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [822600 2016-09-27] (G DATA Software AG) R2 GfK-NetworkMeter; C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe [1222880 2016-10-31] (GfK) R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [1992256 2016-10-31] () R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1476160 2016-07-06] () R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 NielsenUpdate; C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [3161744 2016-12-30] (The Nielsen Company) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119176 2017-01-15] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2181648 2017-01-15] (Electronic Arts) R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-02-10] (Copyright (c) 2017 Plays.tv, LLC) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-01-25] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-01-25] (Advanced Micro Devices, Inc.) R3 AppObserver; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\appobserver64.sys [23696 2016-08-11] (The Nielsen Company) R3 AsrAutoChkUpdDrv; C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys [22280 2017-02-16] (ASRock Incorporation) R3 AsrDrv101; C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys [22280 2016-04-29] (ASRock Incorporation) R0 AsrRamDisk; C:\WINDOWS\System32\drivers\AsrRamDisk.sys [40200 2013-08-02] (ASRock Inc.) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-07-21] (Advanced Micro Devices) S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [100776 2015-08-23] (ASUS Corporation) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.) R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [180808 2016-10-13] (G Data Software AG) S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2016-04-21] (G Data Software AG) R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [37400 2016-10-13] (G Data Software AG) R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [30280 2016-10-13] (G DATA Software AG) R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [274400 2016-10-13] (G Data Software AG) R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [105544 2016-10-13] (G Data Software AG) R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [77384 2016-10-13] (G DATA Software AG) R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [116296 2016-10-16] (G Data Software) R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [153160 2016-10-13] (G Data Software AG) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-02-16] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) S3 MBI; C:\WINDOWS\System32\drivers\MBI.sys [41456 2015-10-15] (Intel(R) Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R1 nnfwdk; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\nnfwdk64.sys [34960 2016-08-11] (The Nielsen Company) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-08-20] (Realtek ) R3 RtlWlanu_OldIC; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Realtek Semiconductor Corporation ) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.) S3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation) S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [114632 2015-09-16] (BigNox Corporation) R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation) R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation) S3 dbx; system32\DRIVERS\dbx.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-02-16 08:30 - 2017-02-16 08:30 - 00003034 _____ C:\WINDOWS\System32\Tasks\AsrSP.exe 2017-02-14 13:08 - 2017-02-14 13:08 - 00003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForjulia 2017-02-14 13:08 - 2017-02-14 13:08 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForjulia.job 2017-02-11 10:58 - 2017-02-11 10:58 - 00000000 ____D C:\Users\julia\AppData\Roaming\Macromedia 2017-02-11 10:58 - 2017-02-11 10:58 - 00000000 ____D C:\Users\julia\AppData\Local\Macromedia 2017-02-10 19:29 - 2017-02-16 10:38 - 00000000 ____D C:\FRST 2017-02-08 08:36 - 2017-02-08 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2017-02-05 17:37 - 2017-02-05 18:08 - 00000000 ____D C:\Users\julia\Desktop\USB Stick 2017-02-04 14:27 - 2017-02-04 14:28 - 00411140 _____ C:\WINDOWS\Minidump\020417-29406-01.dmp 2017-02-04 14:27 - 2017-02-04 14:27 - 00000000 ____D C:\WINDOWS\Minidump 2017-02-02 19:26 - 2017-02-16 10:00 - 00000000 ____D C:\Users\julia\AppData\LocalLow\Mozilla 2017-02-01 14:49 - 2017-02-16 10:38 - 00000000 ____D C:\Users\julia\Desktop\Virus 2017-02-01 14:41 - 2017-02-05 17:15 - 00000000 ____D C:\AdwCleaner 2017-01-31 17:47 - 2017-02-11 18:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-01-27 19:13 - 2017-01-27 19:13 - 00140131 _____ C:\Users\julia\Desktop\Rechnung 4333534.pdf 2017-01-26 08:34 - 2017-01-26 08:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings 2017-01-26 08:34 - 2017-01-26 08:34 - 00000000 ____D C:\Program Files\ATI Technologies 2017-01-25 09:12 - 2017-01-27 17:28 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2017-01-25 08:44 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2017-01-25 08:44 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2017-01-25 01:29 - 2017-01-25 01:29 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2017-01-25 01:29 - 2017-01-25 01:29 - 00768024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2017-01-25 01:29 - 2017-01-25 01:29 - 00121368 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2017-01-25 01:29 - 2017-01-25 01:29 - 00100888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll 2017-01-25 01:29 - 2017-01-25 01:29 - 00038424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll 2017-01-25 01:29 - 2017-01-25 01:29 - 00038416 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll 2017-01-25 01:28 - 2017-01-25 01:28 - 00488496 _____ C:\WINDOWS\system32\amdmiracast.dll 2017-01-25 01:28 - 2017-01-25 01:28 - 00166408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2017-01-25 01:28 - 2017-01-25 01:28 - 00130224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2017-01-24 16:38 - 2017-01-24 16:38 - 06381952 _____ C:\Users\julia\Desktop\eBook_Faszientraining.pdf 2017-01-21 16:56 - 2017-01-21 16:56 - 00005262 _____ C:\Users\julia\Desktop\Questionmail Questionmail Richtig Antworten 500 Punkte sammeln!(sasm).eml ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-02-16 10:35 - 2016-08-06 21:05 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-02-16 10:31 - 2016-05-29 07:54 - 00000000 ____D C:\Users\julia\Documents\AirDroid 2017-02-16 08:39 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2017-02-16 08:36 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-02-16 08:36 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-02-16 08:30 - 2016-08-09 07:53 - 00003038 _____ C:\WINDOWS\System32\Tasks\AsrAPPShop 2017-02-16 08:30 - 2016-04-29 23:51 - 00022280 _____ (ASRock Incorporation) C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys 2017-02-16 08:30 - 2016-04-29 21:35 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-02-15 21:22 - 2016-08-09 07:55 - 00004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{37189C47-5908-4B51-91BC-1DD3B7B485AE} 2017-02-15 11:35 - 2016-04-29 20:51 - 00000000 ____D C:\Users\julia\AppData\Local\CrashDumps 2017-02-12 08:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-02-12 00:29 - 2016-08-06 21:11 - 00000000 ____D C:\Users\julia 2017-02-11 18:48 - 2016-07-25 19:04 - 00000000 ____D C:\Program Files (x86)\Steam 2017-02-11 18:42 - 2016-07-31 19:44 - 00000000 ____D C:\Users\julia\.android 2017-02-11 18:42 - 2016-07-31 19:41 - 00000000 ____D C:\Users\julia\.BigNox 2017-02-11 18:42 - 2016-07-31 19:37 - 00000000 ____D C:\Users\julia\AppData\Local\Nox 2017-02-11 18:42 - 2016-04-29 21:38 - 00000000 ____D C:\Users\julia\AppData\Roaming\Spotify 2017-02-11 18:40 - 2016-06-22 18:12 - 00000000 ____D C:\Users\julia\AppData\Roaming\PlaysTV 2017-02-11 18:40 - 2016-04-29 21:38 - 00000000 ____D C:\Users\julia\AppData\Local\Spotify 2017-02-11 18:36 - 2016-08-06 21:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-02-11 18:36 - 2016-04-29 20:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-02-11 18:35 - 2016-08-06 21:58 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2017-02-11 18:35 - 2016-08-06 21:08 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin 2017-02-11 18:35 - 2016-07-16 07:04 - 01310720 _____ C:\WINDOWS\system32\config\BBI 2017-02-11 10:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-02-11 10:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-02-11 10:56 - 2016-04-29 21:15 - 00000000 ____D C:\Users\julia\AppData\Local\Adobe 2017-02-11 01:36 - 2016-05-10 10:40 - 00197120 ___SH C:\Users\julia\Desktop\Thumbs.db 2017-02-10 16:39 - 2016-12-17 08:28 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-02-10 16:39 - 2016-12-17 08:28 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-02-10 14:14 - 2016-11-22 12:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2017-02-08 08:36 - 2016-04-30 01:08 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-02-07 08:40 - 2016-08-11 08:04 - 00000000 ____D C:\WINDOWS\system32\MpEngineStore 2017-02-06 19:13 - 2016-04-29 20:39 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-02-06 19:13 - 2016-04-29 20:39 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-02-06 19:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-02-04 15:30 - 2016-09-01 23:14 - 00000000 ____D C:\Users\julia\AppData\Local\Amazon Music 2017-02-04 14:29 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2017-02-04 14:27 - 2016-05-09 22:49 - 1366395123 _____ C:\WINDOWS\MEMORY.DMP 2017-02-04 13:58 - 2016-11-14 18:48 - 00000000 ____D C:\Users\julia\AppData\Roaming\vlc 2017-02-04 08:26 - 2016-05-01 07:34 - 00000000 ____D C:\ProgramData\AMD 2017-02-02 20:19 - 2016-09-01 23:14 - 00001320 _____ C:\Users\julia\Desktop\Amazon Music.lnk 2017-02-02 19:48 - 2016-11-15 18:21 - 00001089 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2017-02-02 19:48 - 2016-11-15 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2017-01-30 16:57 - 2016-04-30 01:15 - 00000000 ___RD C:\Users\julia\Dropbox 2017-01-29 15:08 - 2016-11-13 19:58 - 00000000 ____D C:\Users\julia\AppData\Roaming\dvdcss 2017-01-27 11:31 - 2016-05-10 14:56 - 00000000 ____D C:\Users\julia\Thunderbird backup 2017-01-26 08:32 - 2016-08-06 21:08 - 00000000 ____D C:\Program Files\AMD 2017-01-25 09:13 - 2016-04-29 20:05 - 00000000 ____D C:\AMD 2017-01-25 09:12 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-25 01:29 - 2016-10-26 00:04 - 09405464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 07589400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 02463256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 02150928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00909336 _____ (AMD) C:\WINDOWS\system32\coinst_16.40.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00643096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00420376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2017-01-25 01:29 - 2016-10-26 00:04 - 00310808 _____ C:\WINDOWS\system32\dgtrayicon.exe 2017-01-25 01:29 - 2016-10-26 00:04 - 00293400 _____ C:\WINDOWS\system32\GameManager64.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00287248 _____ C:\WINDOWS\system32\clinfo.exe 2017-01-25 01:29 - 2016-10-26 00:04 - 00285720 _____ C:\WINDOWS\system32\hsa-thunk64.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00266256 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00248344 _____ C:\WINDOWS\system32\atieah64.exe 2017-01-25 01:29 - 2016-10-26 00:04 - 00239128 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00178200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00154648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00147480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00130584 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00128536 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00084504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00077848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll 2017-01-25 01:29 - 2016-08-12 00:07 - 00145952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2017-01-25 01:29 - 2016-08-12 00:07 - 00107544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll 2017-01-25 01:29 - 2016-08-12 00:06 - 00258072 _____ C:\WINDOWS\SysWOW64\GameManager32.dll 2017-01-25 01:29 - 2016-07-02 08:01 - 00541208 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2017-01-25 01:29 - 2016-07-02 08:01 - 00476696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2017-01-25 01:29 - 2016-07-02 08:01 - 00305176 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe 2017-01-25 01:29 - 2016-07-02 08:01 - 00251416 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll 2017-01-25 01:29 - 2016-07-02 08:01 - 00226328 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2017-01-25 01:29 - 2016-07-02 08:01 - 00193560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2017-01-25 01:29 - 2016-07-02 08:01 - 00153112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll 2017-01-25 01:29 - 2016-07-02 08:01 - 00135704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2017-01-25 01:29 - 2016-07-02 08:01 - 00126488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll 2017-01-25 01:29 - 2016-04-05 08:38 - 00219672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2017-01-25 01:29 - 2016-04-05 08:37 - 01351192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2017-01-25 01:29 - 2016-04-05 08:27 - 00158336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2017-01-25 01:29 - 2016-04-05 08:27 - 00118800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll 2017-01-25 01:28 - 2016-10-26 00:05 - 00162216 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll 2017-01-25 01:28 - 2016-10-26 00:05 - 00145360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2017-01-25 01:28 - 2016-10-26 00:05 - 00130216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2017-01-25 01:28 - 2016-10-26 00:05 - 00112328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2017-01-25 01:28 - 2016-07-02 08:01 - 00145872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll 2017-01-25 01:28 - 2016-07-02 08:01 - 00112336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2017-01-22 15:47 - 2016-04-29 21:16 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-10-02 14:25 - 2016-10-02 14:25 - 0000000 _____ () C:\Users\julia\AppData\Roaming\gdfw.log 2016-10-02 14:25 - 2016-10-02 14:25 - 0000779 _____ () C:\Users\julia\AppData\Roaming\gdscan.log 2016-07-31 07:34 - 2016-11-06 16:41 - 0007598 _____ () C:\Users\julia\AppData\Local\Resmon.ResmonCfg 2016-04-30 03:12 - 2016-04-30 03:12 - 0000057 _____ () C:\ProgramData\Ament.ini 2016-08-06 21:07 - 2016-08-06 21:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== 2017-02-02 19:48 - 2017-02-02 19:48 - 7097928 _____ (VS Revo Group ) C:\Users\julia\AppData\Local\Temp\VSUSetup.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-02-08 23:29 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-02-2017 02
durchgeführt von julia (16-02-2017 10:39:21)
Gestartet von C:\Users\julia\Desktop\Virus
Windows 10 Pro Version 1607 (X64) (2016-08-06 20:35:33)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1190779463-2330029784-2471901394-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1190779463-2330029784-2471901394-503 - Limited - Disabled)
Gast (S-1-5-21-1190779463-2330029784-2471901394-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1190779463-2330029784-2471901394-1003 - Limited - Enabled)
julia (S-1-5-21-1190779463-2330029784-2471901394-1001 - Administrator - Enabled) => C:\Users\julia
LynCat (S-1-5-21-1190779463-2330029784-2471901394-1004 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
AirDroid 3.3.1.1 (HKLM-x32\...\AirDroid) (Version: 3.3.1.1 - Sand Studio)
Amazon Kindle (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Amazon Kindle) (Version: 1.17.0.44170 - Amazon)
Amazon Music (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Amazon Amazon Music) (Version: 5.3.5.1704 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{04E14C12-EAB9-9B07-5A25-CAF2D10B2579}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
APP Shop v1.0.24 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.24 - ASRock Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock Restart to UEFI v1.0.5 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.5 - )
ASRock XFast RAM v3.0.3 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
A-Tuning v2.0.280 (HKLM-x32\...\A-Tuning_is1) (Version: 2.0.280 - ASRock Inc.)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.3.0.1 - G DATA Software AG)
GfK Internet-Monitor (HKLM-x32\...\39992AD7-103F-4308-8BB7-3F65F543604D) (Version: 15.4.173 - GfK)
GoodNightLed v3.0.1 (HKLM-x32\...\GoodNightLed_is1) (Version: 3.0.1 - ASRock Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.20.104.05220 (HKLM-x32\...\{78D4C553-4B41-97A5-22B4-2F446987B724}) (Version: 2.20.104.05220 - Sony)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 de)) (Version: 45.7.1 - Mozilla)
Nielsen (HKLM-x32\...\NetSight) (Version: - )
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.6.0.0 - Duodian Technology Co. Ltd.)
OEM Application Profile (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.5.6379 - Electronic Arts, Inc.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.18.2-r120419-release - Plays.tv, LLC)
PS4 Remote Play (HKLM-x32\...\{127839B2-AF0F-41CA-9F00-A247D04ACD81}) (Version: 1.0.0.15181 - Sony Interactive Entertainment Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7560 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Spotify (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Spotify) (Version: 1.0.34.146.g28f9eda2 - Spotify AB)
SRWare Iron Version SRWare Iron 33.0.1800.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 33.0.1800.0 - SRWare)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten (HKLM\...\{EF27865C-E636-47C4-8B35-CE8A88045681}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Uplay (HKLM-x32\...\Uplay) (Version: 21.1 - Ubisoft)
Usb GamePad (HKLM-x32\...\{DEC7CD2E-2BB5-40C3-9592-078F64677E6C}) (Version: 1.00.0000 - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
WinDS PRO 2016.04.08 (HKLM\...\{4237FF56-4BD0-481E-BD44-C1A8DDA9C753}_is1) (Version: 2016.04.08 - WinDS PRO Central)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XFast LAN v10.10 (HKLM\...\XFast LAN) (Version: 10.10 - cFos Software GmbH, Bonn)
Xperia Companion (HKLM-x32\...\{8f4f39fa-087f-4e5c-84f3-1433ac7389e9}) (Version: 1.2.8.0 - Sony)
Xperia Companion (x32 Version: 1.2.8.0 - Sony) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {066EF000-1D31-4F43-8E09-C97DCCC96278} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {2556CECF-EA3C-447B-94AA-800BAC478C7D} - \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start -> Keine Datei <==== ACHTUNG
Task: {32FAAA18-3DCE-4579-B103-6C51178C0E22} - System32\Tasks\HPCeeScheduleForjulia => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {4387A60B-29E8-479F-894F-0466AFBB76C7} - System32\Tasks\AsrAPPShop => C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe [2016-02-05] ()
Task: {471EA7B1-B69E-4FE6-9507-551F2D76CF4B} - System32\Tasks\cFos\Registration Tasks\Open Browser => Chrome.exe "hxxp://www.cfos.de/de/cfosspeed/documentation/keyboard-leds.htm?reg-10.10.2238-asrock"
Task: {4C90C93F-B372-447A-BAD9-4C877F578A53} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-30] (Dropbox, Inc.)
Task: {4CA7C5ED-61A5-4A08-B76C-971D3E54939A} - \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources -> Keine Datei <==== ACHTUNG
Task: {502B87CA-6578-4727-98E0-D5312A5A1A26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.)
Task: {50E75D14-4AFB-4ACB-823D-3611FAA325F0} - \HPCustParticipation HP Deskjet 3050A J611 series -> Keine Datei <==== ACHTUNG
Task: {760F7F73-70D6-4F7A-ACB0-CE52D03A6E5F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {849173CC-06EF-4522-99B4-34CDDAB5DA29} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> Keine Datei <==== ACHTUNG
Task: {8F0C3895-A13C-4DAC-A594-051736FCCC88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {9A1A1B87-522E-4728-AD81-4834AD0209FE} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {9A8C6E8B-C1D2-4DCC-978C-F7856E76371A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
Task: {9C6A1060-F966-4927-B888-198454C7ADF3} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> Keine Datei <==== ACHTUNG
Task: {9E858082-438A-4EF2-B0C6-F930C7B617BB} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> Keine Datei <==== ACHTUNG
Task: {AB9FACDB-986A-4467-9238-8115E635C99F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.)
Task: {B1EF102A-D9C4-4BA0-8C3D-01C864291EB2} - \AMD Updater -> Keine Datei <==== ACHTUNG
Task: {C0A505F4-A735-439A-BD69-EC99BF450795} - System32\Tasks\AsrSP.exe => C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\AsrSP.exe [2014-12-02] ()
Task: {DA111EEE-D374-4720-B899-179957A0B716} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {E4F6F8E8-7CA4-4492-9371-6468BC21B942} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-30] (Dropbox, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForjulia.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-11-03 12:01 - 2016-10-31 17:11 - 01992256 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
2016-07-31 18:43 - 2016-07-06 14:20 - 01476160 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
2016-04-29 23:50 - 2014-07-31 15:17 - 00463112 _____ () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2016-09-15 04:24 - 2016-09-15 04:24 - 00423752 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-11-21 17:19 - 2016-11-21 17:19 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-29 23:51 - 2016-02-05 15:38 - 06134024 _____ () C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-06 21:41 - 2016-08-06 21:41 - 00959168 _____ () C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-09-14 08:17 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 18:18 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 18:18 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 18:18 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2017-02-06 08:43 - 2017-02-06 08:44 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-06 08:43 - 2017-02-06 08:44 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-06 08:43 - 2017-02-06 08:44 - 42895872 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 08:43 - 2017-02-06 08:43 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\roottools.dll
2016-11-23 08:47 - 2016-11-23 08:47 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-23 08:47 - 2016-11-23 08:47 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 07:54 - 2016-06-03 07:54 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-23 08:47 - 2016-11-23 08:47 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-23 08:47 - 2016-11-23 08:47 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2017-02-15 08:33 - 2017-02-15 08:33 - 03865088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-02-16 08:35 - 2017-02-16 08:35 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe
2017-02-16 08:35 - 2017-02-16 08:35 - 06538240 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\WhatsNew.Store.dll
2016-07-31 18:43 - 2016-07-06 14:20 - 00619584 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll
2016-10-01 17:37 - 2017-01-15 12:27 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2016-09-07 07:57 - 2016-08-11 09:34 - 00800912 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\communication.dll
2016-09-07 07:57 - 2016-08-11 09:34 - 00191632 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\npsp1.dll
2016-09-07 07:57 - 2016-08-11 09:34 - 00260752 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\npwmi.dll
2016-04-21 02:23 - 2017-01-16 08:34 - 09080360 _____ () C:\Program Files (x86)\AirDroid\Android.dll
2016-04-21 02:20 - 2017-01-16 08:34 - 00642088 _____ () C:\Program Files (x86)\AirDroid\System.Data.SQLite.dll
2017-02-06 19:13 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 19:13 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2016-09-01 23:14 - 2017-02-01 00:57 - 53478912 _____ () C:\Users\julia\AppData\Local\Amazon Music\libcef.dll
2016-09-01 23:14 - 2017-02-01 00:57 - 01976832 _____ () C:\Users\julia\AppData\Local\Amazon Music\libglesv2.dll
2016-09-01 23:14 - 2017-02-01 00:57 - 00075264 _____ () C:\Users\julia\AppData\Local\Amazon Music\libegl.dll
2017-02-15 08:44 - 2017-02-02 12:30 - 17840216 _____ () C:\Users\julia\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.221\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-04-29 11:54 - 2016-04-29 11:52 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\julia\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "XperiaCompanion"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "BigNox"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BE8EDC0C-73E0-4F9F-9C2E-06DDE5F03E9B}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe
FirewallRules: [{2227EE2C-CE55-45FB-B30E-62DC8230A899}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{30F3774D-AD02-45B3-B257-534DA49823C7}] => (Allow) C:\Users\julia\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{783C2224-7D58-48D8-AD4C-4B0B5C77B453}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{CF90C652-DC55-467E-BAC1-4DF8396B2C92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{E6E289E2-4AA2-40F5-ACA6-9C82995E68B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{E53E8737-385D-4ABE-B897-20BB0428F9D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{9BACBB96-FF86-4833-A8AF-0CF03B271854}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{9AB2427A-D301-4180-8CA0-4214ACCFDC3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{89B25E3E-040C-4F42-860C-8C29EBDC2477}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{F31FD7FA-96A5-42E7-A231-1FD1C5ECDCC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{DE177724-6098-43D0-8806-973ABCD8489B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{D761F58A-F839-48D7-99C4-55FC2B2D31AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{A7B83730-8336-4D8C-9855-F525F4B87FD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{DB0775A4-53C5-4D60-8B8F-3179817021C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{F9BB05C7-2A2A-47AA-A4C8-F67AA78B7F80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{97388F1B-476A-40C6-B599-72697B7ED5EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{AEAF1BD8-98C9-42F7-AC18-6186FD66BF03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{E9783289-E69A-4E06-9EAF-6EE9BCD26A7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{380E5670-8329-4A13-A453-1FCB2C92CEE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{11AEA279-FA35-443C-A14E-5AA0A7F496B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{BD8FDB87-DE06-432F-88BA-BC1C337988D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe
FirewallRules: [{31C13ED3-EFCB-40F3-ABB5-23F388D89AD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe
FirewallRules: [{6D7778AF-2ACA-4C81-8398-D5260FFCBE29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{9070EA33-9E66-4FCD-A375-B8D09CC4E587}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{6870B29C-5372-4701-8F42-D6DE725973DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transformice\Transformice.exe
FirewallRules: [{E5FA8FB3-D425-415A-B4AB-C6F08CB81390}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transformice\Transformice.exe
FirewallRules: [{C5EE77CF-1244-4FB7-BAD8-8979C065A7A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shakes & Fidget\Shakes and Fidget.exe
FirewallRules: [{D1CDF799-6265-4CD5-A626-94F4491BE72F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shakes & Fidget\Shakes and Fidget.exe
FirewallRules: [{74505E9A-F844-4FF4-A118-C989F71C77AE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D0F4A6E6-0E01-410A-99B6-349CB62D49AF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{98A6B571-7328-46CA-A786-18FA12118E8A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4BFA63AA-FB4E-4CBD-81D2-92E7FCAFDCD2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E9B7DABE-E09E-44E7-AC61-314074E4A507}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{290E19E0-A4C5-4803-A438-0E623CA48EE5}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{4F347DFD-A148-4E94-A8C2-19C58D774FCD}] => (Allow) C:\Users\julia\AppData\Local\Temp\7zS48E3\HPDiagnosticCoreUI.exe
FirewallRules: [{EF4D3B24-6D1A-4A4C-B8B8-232EE3665BFE}] => (Allow) C:\Users\julia\AppData\Local\Temp\7zS48E3\HPDiagnosticCoreUI.exe
FirewallRules: [{93BCAC83-2502-4ADE-A68A-50235D8FDC39}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{718492BD-2476-4DD7-ACFD-68AB1EA53F10}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D5F54F87-F1F2-47DF-B930-427698A21F72}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2FBA69FF-5B93-4B59-863C-F14782090247}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CDB8F4BC-F6B5-4AED-9C6B-FF33D179093F}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe
FirewallRules: [UDP Query User{B554B3E6-7C3B-4686-9087-B4E5C9C25893}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [TCP Query User{4C110523-B488-46B3-899F-EF71BBE24D74}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{748F1E3C-DECB-4B30-BF51-756112C3CD69}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{393AB3D0-4A56-48CE-BD65-1DEEE70B2C32}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{E976C55B-498B-4F14-8840-5CE9729A6F01}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [UDP Query User{211AA0BB-B2BF-4AF9-ABA8-82CFF5CC0E1E}C:\users\julia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julia\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4D4FCBF6-4215-4F30-9ECA-5C56A461A339}C:\users\julia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EAF9E66-9C4A-4D0A-B054-19C130287E25}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20BCDFFA-F48F-451F-9909-7564F609CD50}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9C1BE638-D25E-4253-BB83-CE781B3F37EB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{7E8694C3-45BB-4745-A308-C6A35808C8D1}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D2F959ED-037E-46F8-AD5E-3286E5F07D61}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [{74359E8A-16FD-4F59-B923-0FE364A84156}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{880A6D2F-EEAB-438E-8929-2631F3FAE283}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{903D728A-A328-40A1-B1E4-F918302DFD0B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{DF62B350-1B30-45B9-9F9A-0835826ECD8F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{40ECC61F-8402-4117-B87D-EB3BA1C6DF00}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{5201F840-C181-4ADF-B64F-BA586C2E85AF}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{88D0A7BC-0EC0-4F83-B6DA-3A76E49049FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B0853F73-EE22-4F33-BD5F-457343C80640}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D800BFC-875A-44C6-B3DE-9FA69B80A8F8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{030DB97E-3233-4BFA-A3C7-62C05B1472AD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{661DEAD1-BBE5-469E-9396-3681E714EF41}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{ACE30677-F83A-4849-8B62-F821F27DBE48}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{869C9BD8-D89B-478E-A6DD-98A98BAAD329}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{852DA3E8-FB7A-4E00-9A41-FD7EC5D20F76}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
==================== Wiederherstellungspunkte =========================
13-02-2017 09:06:51 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/16/2017 08:33:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-N0N5AE6)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/15/2017 12:57:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SkypeHost.exe, Version 11.11.105.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: ed8
Startzeit: 01d2877a2094278f
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Berichts-ID: dce15be5-f375-11e6-918e-0013ef030494
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c
Auf das fehlerhafte Paket bezogene Anwendungs-ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (02/15/2017 12:57:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-N0N5AE6)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/15/2017 11:56:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SkypeHost.exe, Version 11.11.105.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 4a40
Startzeit: 01d28777074ecf31
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Berichts-ID: 574d4097-f36d-11e6-918e-0013ef030494
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c
Auf das fehlerhafte Paket bezogene Anwendungs-ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (02/15/2017 11:56:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-N0N5AE6)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/15/2017 11:34:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe, Version: 10.0.14393.0, Zeitstempel: 0x5789907f
Name des fehlerhaften Moduls: MSDetourHelp.dll_unloaded, Version: 7.3.0.8026, Zeitstempel: 0x57ac8b48
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000272f8
ID des fehlerhaften Prozesses: 0x24e8
Startzeit der fehlerhaften Anwendung: 0x01d287771d80b812
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SysWOW64\rundll32.exe
Pfad des fehlerhaften Moduls: MSDetourHelp.dll
Berichtskennung: 5d1ae49a-4f89-42b4-931d-77a87d0f5619
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/15/2017 11:34:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899b5a
Name des fehlerhaften Moduls: USBKeyCredentialProvider.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x53d9fa55
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002b4dd
ID des fehlerhaften Prozesses: 0x2364
Startzeit der fehlerhaften Anwendung: 0x01d2876e17ee72ea
Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\LogonUI.exe
Pfad des fehlerhaften Moduls: USBKeyCredentialProvider.dll
Berichtskennung: 84ba6dd5-9b21-4e66-8b02-3fdaee46a093
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/15/2017 10:18:45 AM) (Source: MsiInstaller) (EventID: 1002) (User: DESKTOP-N0N5AE6)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".
Error: (02/15/2017 10:18:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ETD_GetSMART.exe, Version: 1.0.0.4, Zeitstempel: 0x573f7758
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00293638
ID des fehlerhaften Prozesses: 0x215c
Startzeit der fehlerhaften Anwendung: 0x01d2876c72b5b56d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: b3eb250e-771c-4f62-9dae-8f9b779c46e9
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/15/2017 10:18:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ETD_GetSMART.exe, Version: 1.0.0.4, Zeitstempel: 0x573f7758
Name des fehlerhaften Moduls: ETD_GetSMART.exe, Version: 1.0.0.4, Zeitstempel: 0x573f7758
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000045fa
ID des fehlerhaften Prozesses: 0x215c
Startzeit der fehlerhaften Anwendung: 0x01d2876c72b5b56d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe
Berichtskennung: c17e9e35-0fa2-439b-9be1-2d623355fa28
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (02/16/2017 08:29:30 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/16/2017 12:24:27 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/15/2017 11:33:36 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/15/2017 10:30:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/15/2017 09:39:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/15/2017 09:39:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/15/2017 09:39:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/15/2017 09:39:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/15/2017 08:29:47 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/15/2017 12:18:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-02-13 19:49:26.594
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-02-06 15:30:22.008
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-02-05 20:23:11.527
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-02-05 19:25:05.946
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-02-03 19:14:25.480
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-30 17:39:50.482
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-30 17:39:49.524
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-09 13:09:05.578
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-09 13:09:05.167
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-05 15:58:00.988
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 16198.66 MB
Verfügbarer physikalischer RAM: 10401.27 MB
Summe virtueller Speicher: 18630.66 MB
Verfügbarer virtueller Speicher: 11792.1 MB
==================== Laufwerke ================================
Drive c: (Win10-Prof) (Fixed) (Total:931.02 GB) (Free:738.17 GB) NTFS
Drive e: (INTENSO) (Fixed) (Total:1863.01 GB) (Free:209.7 GB) NTFS
Drive f: (Elements) (Fixed) (Total:1397.26 GB) (Free:35.59 GB) NTFS
Drive g: (INTENSO ALT) (Fixed) (Total:1863.01 GB) (Free:960.39 GB) NTFS
Drive h: (INTENSO) (Fixed) (Total:698.63 GB) (Free:352.49 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FB5E5C55)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 1322A89A)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 698.6 GB) (Disk ID: 08E2026F)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 4D49C8E7)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 1397.3 GB) (Disk ID: 000AEA9D)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
16.02.2017, 10:52
| #4 |
| | Probleme mit Maleware oder Trojaner nach Toolbar InstallationCode:
ATTFilter 10:45:55.0368 0x2a68 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
10:46:00.0631 0x2a68 ============================================================
10:46:00.0631 0x2a68 Current date / time: 2017/02/16 10:46:00.0631
10:46:00.0631 0x2a68 SystemInfo:
10:46:00.0631 0x2a68
10:46:00.0631 0x2a68 OS Version: 10.0.14393 ServicePack: 0.0
10:46:00.0631 0x2a68 Product type: Workstation
10:46:00.0631 0x2a68 ComputerName: DESKTOP-N0N5AE6
10:46:00.0632 0x2a68 UserName: julia
10:46:00.0632 0x2a68 Windows directory: C:\WINDOWS
10:46:00.0632 0x2a68 System windows directory: C:\WINDOWS
10:46:00.0632 0x2a68 Running under WOW64
10:46:00.0632 0x2a68 Processor architecture: Intel x64
10:46:00.0632 0x2a68 Number of processors: 4
10:46:00.0632 0x2a68 Page size: 0x1000
10:46:00.0632 0x2a68 Boot type: Normal boot
10:46:00.0632 0x2a68 CodeIntegrityOptions = 0x00000001
10:46:00.0632 0x2a68 ============================================================
10:46:00.0858 0x2a68 KLMD registered as C:\WINDOWS\system32\drivers\65784865.sys
10:46:00.0858 0x2a68 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
10:46:01.0005 0x2a68 System UUID: {3621A839-9A77-6A58-849F-E7071E6DF660}
10:46:01.0353 0x2a68 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:46:01.0372 0x2a68 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:46:01.0375 0x2a68 Drive \Device\Harddisk2\DR2 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:46:01.0379 0x2a68 Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:46:01.0382 0x2a68 Drive \Device\Harddisk4\DR4 - Size: 0x15D50D00000 ( 1397.26 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:46:01.0386 0x2a68 ============================================================
10:46:01.0386 0x2a68 \Device\Harddisk0\DR0:
10:46:01.0387 0x2a68 MBR partitions:
10:46:01.0387 0x2a68 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
10:46:01.0387 0x2a68 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x7460BDB0
10:46:01.0387 0x2a68 \Device\Harddisk1\DR1:
10:46:01.0387 0x2a68 MBR partitions:
10:46:01.0387 0x2a68 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E06CC1
10:46:01.0387 0x2a68 \Device\Harddisk2\DR2:
10:46:01.0389 0x2a68 MBR partitions:
10:46:01.0389 0x2a68 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57544B01
10:46:01.0389 0x2a68 \Device\Harddisk3\DR3:
10:46:01.0389 0x2a68 MBR partitions:
10:46:01.0389 0x2a68 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E06CC1
10:46:01.0389 0x2a68 \Device\Harddisk4\DR4:
10:46:01.0390 0x2a68 MBR partitions:
10:46:01.0390 0x2a68 \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86000
10:46:01.0390 0x2a68 ============================================================
10:46:01.0409 0x2a68 C: <-> \Device\Harddisk0\DR0\Partition2
10:46:01.0410 0x2a68 E: <-> \Device\Harddisk1\DR1\Partition1
10:46:01.0421 0x2a68 F: <-> \Device\Harddisk4\DR4\Partition1
10:46:01.0458 0x2a68 G: <-> \Device\Harddisk3\DR3\Partition1
10:46:01.0470 0x2a68 H: <-> \Device\Harddisk2\DR2\Partition1
10:46:01.0470 0x2a68 ============================================================
10:46:01.0470 0x2a68 Initialize success
10:46:01.0470 0x2a68 ============================================================
10:46:32.0168 0x46dc ============================================================
10:46:32.0168 0x46dc Scan started
10:46:32.0168 0x46dc Mode: Manual; SigCheck; TDLFS;
10:46:32.0168 0x46dc ============================================================
10:46:32.0168 0x46dc KSN ping started
10:46:32.0723 0x46dc KSN ping finished: true
10:46:34.0921 0x46dc ================ Scan system memory ========================
10:46:34.0921 0x46dc System memory - ok
10:46:34.0922 0x46dc ================ Scan services =============================
10:46:35.0073 0x46dc 1394ohci - ok
10:46:35.0083 0x46dc 3ware - ok
10:46:35.0108 0x46dc ACPI - ok
10:46:35.0113 0x46dc AcpiDev - ok
10:46:35.0119 0x46dc acpiex - ok
10:46:35.0126 0x46dc acpipagr - ok
10:46:35.0154 0x46dc AcpiPmi - ok
10:46:35.0160 0x46dc acpitime - ok
10:46:35.0226 0x46dc [ 295D6A7FC220634C8E6F5F27A6EDAEE7, 155C83D1E359764A25B97B050B8ED6ABB5FF742D00401004206A4616434EE3D4 ] AdaptiveSleepService C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
10:46:35.0292 0x46dc AdaptiveSleepService - ok
10:46:35.0407 0x46dc [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:46:35.0431 0x46dc AdobeARMservice - ok
10:46:35.0441 0x46dc ADP80XX - ok
10:46:35.0466 0x46dc AFD - ok
10:46:35.0476 0x46dc ahcache - ok
10:46:35.0493 0x46dc AJRouter - ok
10:46:35.0503 0x46dc ALG - ok
10:46:35.0536 0x46dc [ 52E0D15D162A6C02E58C5E9E91155031, 09BB2288929D853CAFA25A741CB540E20BDEF421E3E41BFF5BEF78D786021F5A ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
10:46:35.0552 0x46dc AMD External Events Utility - ok
10:46:35.0607 0x46dc [ 08E3B9567A6FDD17A69956BA80F1E2D6, 179C4A09E51A41289C1AA11E778EB09E877A7F45FB5D54216F58D3EAF1FA88C4 ] amdacpksd C:\WINDOWS\system32\drivers\amdacpksd.sys
10:46:35.0626 0x46dc amdacpksd - ok
10:46:35.0632 0x46dc AmdK8 - ok
10:46:35.0676 0x46dc [ B28145E732EDEBBEDABC311DBA56D52A, 43745C17A3AC2A7A6FB0DBF1A2158C6B365198581E8E3B1F7E7E9EE9763A2735 ] amdkmafd C:\WINDOWS\system32\drivers\amdkmafd.sys
10:46:35.0685 0x46dc amdkmafd - ok
10:46:35.0731 0x46dc amdkmdag - ok
10:46:35.0774 0x46dc [ 8B5782CA9386724048F11C1607425B31, B398B8547B5BB806B73211A3C40EC0337B2D5274F17DD0F7FFDCC91CA853DA7B ] amdkmdap C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys
10:46:35.0806 0x46dc amdkmdap - ok
10:46:35.0813 0x46dc AmdPPM - ok
10:46:35.0818 0x46dc amdsata - ok
10:46:35.0823 0x46dc amdsbs - ok
10:46:35.0829 0x46dc amdxata - ok
10:46:35.0834 0x46dc AppID - ok
10:46:35.0839 0x46dc AppIDSvc - ok
10:46:35.0845 0x46dc Appinfo - ok
10:46:35.0851 0x46dc applockerfltr - ok
10:46:35.0856 0x46dc AppMgmt - ok
10:46:35.0950 0x46dc [ CF75D615A823FB3A0F8AA87CC53BE4AB, 6ACA246D12A6EA95AEDEE1FF99A6A1BA25000A47AB095E8B72C9352E82E9A21A ] AppObserver C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\appobserver64.sys
10:46:35.0959 0x46dc AppObserver - ok
10:46:35.0976 0x46dc AppReadiness - ok
10:46:36.0003 0x46dc AppVClient - ok
10:46:36.0016 0x46dc AppvStrm - ok
10:46:36.0048 0x46dc AppvVemgr - ok
10:46:36.0057 0x46dc AppvVfs - ok
10:46:36.0065 0x46dc AppXSvc - ok
10:46:36.0071 0x46dc arcsas - ok
10:46:36.0100 0x46dc [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys
10:46:36.0112 0x46dc AsrAppCharger - ok
10:46:36.0205 0x46dc [ 75D6C3469347DE1CDFA3B1B9F1544208, 2AA1B08F47FBB1E2BD2E4A492F5D616968E703E1359A921F62B38B8E4662F0C4 ] AsrAutoChkUpdDrv C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys
10:46:36.0223 0x46dc AsrAutoChkUpdDrv - ok
10:46:36.0240 0x46dc [ 1A234F4643F5658BAB07BFA611282267, F40435488389B4FB3B945CA21A8325A51E1B5F80F045AB019748D0EC66056A8B ] AsrDrv101 C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys
10:46:36.0252 0x46dc AsrDrv101 - ok
10:46:36.0348 0x46dc [ A16DACE95B82683C852CD18578162735, 6E3663B43FB18BFD3B47A63297FA251C467D7B3C7B70020FC87DEAD8F0882B37 ] ASRockIOMon C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
10:46:36.0376 0x46dc ASRockIOMon - ok
10:46:36.0397 0x46dc [ A149C93231945A5118C63AEACA6D1E72, 60B28184585B389751FCF71651A139D74018DE04AEBF4A497835AF727B64BD53 ] AsrRamDisk C:\WINDOWS\system32\drivers\AsrRamDisk.sys
10:46:36.0406 0x46dc AsrRamDisk - ok
10:46:36.0411 0x46dc AsyncMac - ok
10:46:36.0416 0x46dc atapi - ok
10:46:36.0455 0x46dc [ FD9A5BCC3AFB02E87668B749546B6229, 4BE969A11CEE8033F40EDE7E06A5904B328D3FC1842855C0DB38D5EEF458219C ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
10:46:36.0476 0x46dc AtiHDAudioService - ok
10:46:36.0501 0x46dc [ 9BD46423250EE6D39A2647B7BB89BFC3, 4D8499F5E170E42C22932FA519444A8A37190D7DFA0F449F016436ADEBC85865 ] ATP C:\WINDOWS\System32\drivers\AsusTP.sys
10:46:36.0511 0x46dc ATP - ok
10:46:36.0517 0x46dc AudioEndpointBuilder - ok
10:46:36.0532 0x46dc Audiosrv - ok
10:46:36.0764 0x46dc [ F6C322B06ABB622B32115BF32EEE253B, F06D265DDD56A052ACFBB46DD057E246FCF3F65457133D98C1EA130E0DDFEAFE ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
10:46:36.0886 0x46dc AVKProxy - ok
10:46:36.0968 0x46dc [ 98DAE6FDBEF58BF07E9650DF3B729C8A, F5B81DA51AE357A6EB094561AC4ECC4E1263FBC7D111579A888BDD6DC51C7C76 ] AVKService C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe
10:46:36.0998 0x46dc AVKService - ok
10:46:37.0092 0x46dc [ 580D451B3F20565634D048D7B229EE40, 36CD7EA285F908BEA1E8E68C6CC29CD5A70E23DB38C5E2D1A41684A62FF17AEA ] AVKWCtl C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
10:46:37.0168 0x46dc AVKWCtl - ok
10:46:37.0190 0x46dc AxInstSV - ok
10:46:37.0196 0x46dc b06bdrv - ok
10:46:37.0201 0x46dc BasicDisplay - ok
10:46:37.0206 0x46dc BasicRender - ok
10:46:37.0214 0x46dc bcmfn - ok
10:46:37.0219 0x46dc bcmfn2 - ok
10:46:37.0246 0x46dc BDESVC - ok
10:46:37.0272 0x46dc Beep - ok
10:46:37.0281 0x46dc BFE - ok
10:46:37.0289 0x46dc BITS - ok
10:46:37.0364 0x46dc [ 3F56903E124E820AEECE6D471583C6C1, B3C045AFACC8A8F5DC289ADE9ACFB2FE7F9CA24A900BBAED47E2A63837208CB3 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
10:46:37.0390 0x46dc Bonjour Service - ok
10:46:37.0412 0x46dc bowser - ok
10:46:37.0428 0x46dc BrokerInfrastructure - ok
10:46:37.0433 0x46dc Browser - ok
10:46:37.0461 0x46dc BthAvrcpTg - ok
10:46:37.0466 0x46dc BthHFEnum - ok
10:46:37.0471 0x46dc bthhfhid - ok
10:46:37.0482 0x46dc BthHFSrv - ok
10:46:37.0488 0x46dc BTHMODEM - ok
10:46:37.0496 0x46dc bthserv - ok
10:46:37.0503 0x46dc buttonconverter - ok
10:46:37.0510 0x46dc CapImg - ok
10:46:37.0516 0x46dc cdfs - ok
10:46:37.0527 0x46dc CDPSvc - ok
10:46:37.0546 0x46dc CDPUserSvc - ok
10:46:37.0586 0x46dc cdrom - ok
10:46:37.0634 0x46dc CertPropSvc - ok
10:46:37.0747 0x46dc [ 512C91F1261CC0463CAC3C12F142669A, BF70A3128CE50B0FAFEB35353494D750E56D686C30F399F0234AA9242DB19031 ] cfosspeed C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys
10:46:37.0800 0x46dc cfosspeed - ok
10:46:37.0937 0x46dc [ A9A581F2C8F06C083831A996742375BE, 7A7DC106FF149703A17330F670B9A94578664BBD844F5BBD32B5832A221BE934 ] cFosSpeedS C:\Program Files\ASRock\XFast LAN\spd.exe
10:46:37.0971 0x46dc cFosSpeedS - ok
10:46:37.0978 0x46dc cht4iscsi - ok
10:46:37.0983 0x46dc cht4vbd - ok
10:46:37.0988 0x46dc circlass - ok
10:46:38.0006 0x46dc CLFS - ok
10:46:38.0012 0x46dc ClipSVC - ok
10:46:38.0017 0x46dc clreg - ok
10:46:38.0032 0x46dc CmBatt - ok
10:46:38.0037 0x46dc CNG - ok
10:46:38.0042 0x46dc cnghwassist - ok
10:46:38.0085 0x46dc CompositeBus - ok
10:46:38.0090 0x46dc COMSysApp - ok
10:46:38.0097 0x46dc condrv - ok
10:46:38.0136 0x46dc CoreMessagingRegistrar - ok
10:46:38.0155 0x46dc CryptSvc - ok
10:46:38.0166 0x46dc CSC - ok
10:46:38.0174 0x46dc CscService - ok
10:46:38.0181 0x46dc dam - ok
10:46:38.0237 0x46dc [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
10:46:38.0249 0x46dc dbupdate - ok
10:46:38.0257 0x46dc [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
10:46:38.0269 0x46dc dbupdatem - ok
10:46:38.0274 0x46dc dbx - ok
10:46:38.0297 0x46dc [ 2C5A991F0320D95BAC80D0C31F43A79E, CC7887132AF15C77676A3186429FE0071DCC8DC9C6252314D99C02E54867BE10 ] DbxSvc C:\WINDOWS\system32\DbxSvc.exe
10:46:38.0308 0x46dc DbxSvc - ok
10:46:38.0316 0x46dc DcomLaunch - ok
10:46:38.0322 0x46dc DcpSvc - ok
10:46:38.0345 0x46dc defragsvc - ok
10:46:38.0365 0x46dc DeviceAssociationService - ok
10:46:38.0381 0x46dc DeviceInstall - ok
10:46:38.0386 0x46dc DevQueryBroker - ok
10:46:38.0401 0x46dc Dfsc - ok
10:46:38.0434 0x46dc [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
10:46:38.0446 0x46dc dg_ssudbus - ok
10:46:38.0459 0x46dc Dhcp - ok
10:46:38.0484 0x46dc diagnosticshub.standardcollector.service - ok
10:46:38.0527 0x46dc DiagTrack - ok
10:46:38.0532 0x46dc disk - ok
10:46:38.0563 0x46dc DmEnrollmentSvc - ok
10:46:38.0568 0x46dc dmvsc - ok
10:46:38.0573 0x46dc dmwappushservice - ok
10:46:38.0587 0x46dc Dnscache - ok
10:46:38.0594 0x46dc dot3svc - ok
10:46:38.0628 0x46dc DPS - ok
10:46:38.0637 0x46dc drmkaud - ok
10:46:38.0642 0x46dc DsmSvc - ok
10:46:38.0648 0x46dc DsSvc - ok
10:46:38.0654 0x46dc DXGKrnl - ok
10:46:38.0659 0x46dc EapHost - ok
10:46:38.0675 0x46dc ebdrv - ok
10:46:38.0710 0x46dc EFS - ok
10:46:38.0746 0x46dc EhStorClass - ok
10:46:38.0767 0x46dc EhStorTcgDrv - ok
10:46:38.0779 0x46dc embeddedmode - ok
10:46:38.0823 0x46dc EntAppSvc - ok
10:46:38.0831 0x46dc ErrDev - ok
10:46:38.0854 0x46dc EventSystem - ok
10:46:38.0859 0x46dc exfat - ok
10:46:38.0866 0x46dc fastfat - ok
10:46:38.0895 0x46dc Fax - ok
10:46:38.0901 0x46dc fdc - ok
10:46:38.0915 0x46dc fdPHost - ok
10:46:38.0921 0x46dc FDResPub - ok
10:46:38.0955 0x46dc fhsvc - ok
10:46:38.0994 0x46dc FileCrypt - ok
10:46:39.0000 0x46dc FileInfo - ok
10:46:39.0006 0x46dc Filetrace - ok
10:46:39.0011 0x46dc flpydisk - ok
10:46:39.0018 0x46dc FltMgr - ok
10:46:39.0046 0x46dc FontCache - ok
10:46:39.0143 0x46dc FontCache3.0.0.0 - ok
10:46:39.0155 0x46dc FrameServer - ok
10:46:39.0160 0x46dc FsDepends - ok
10:46:39.0167 0x46dc Fs_Rec - ok
10:46:39.0186 0x46dc fvevol - ok
10:46:39.0326 0x46dc [ 5B687E80548998161B11E093150A3215, 7C29D725B69FBFD2A1C762D4567E8252A03246F36551389E98D4AF6F516B6100 ] GDBackupSvc C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe
10:46:39.0424 0x46dc GDBackupSvc - ok
10:46:39.0465 0x46dc [ 3F24DCB0037A0121C220CB8EAF9A340D, 6F1EED1A2FE31D03EF2050D6B124BD5782020B7B7A6862FE6FCA0F4C2481BFAF ] GDBehave C:\WINDOWS\system32\drivers\GDBehave.sys
10:46:39.0477 0x46dc GDBehave - ok
10:46:39.0507 0x46dc [ 1314062567B9ED86BFFDE5D8C48C52AE, 01DE02308E478F50DBFE4C6EAE9D0C052C1575283F2C182388E2028F3BF2E756 ] GDElam C:\WINDOWS\system32\DRIVERS\GDElam.sys
10:46:39.0524 0x46dc GDElam - ok
10:46:39.0616 0x46dc [ EC7C7AEE53383D2FABB98B05F63514FF, 149633A96E9803F168D3EF0A3182529D0247FFB748021F262F1D19F2C993FCF8 ] GDFwSvc C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
10:46:39.0700 0x46dc GDFwSvc - ok
10:46:39.0727 0x46dc [ DD7D5196EB9C4321EA57B668AF873840, 0E934032911203A22BC84519F303061703DF503F19382ACDE37AAD53FCBEDF1A ] GDKBB C:\WINDOWS\system32\drivers\GDKBB64.sys
10:46:39.0736 0x46dc GDKBB - ok
10:46:39.0744 0x46dc [ 4A9000A1B02C394CD2C5E6450A04002D, E979C07888C4E20D3037E60A1A48501A0B3EC905C407781B6D437314851E1C32 ] GDKBFlt C:\WINDOWS\system32\drivers\GDKBFlt64.sys
10:46:39.0756 0x46dc GDKBFlt - ok
10:46:39.0781 0x46dc [ EE1927F18C9298D96A47017272D591E8, 6D880B43969B41636D520962BD77DD3FA59374903F6E72354610DFC01306E7EE ] GDMnIcpt C:\WINDOWS\system32\drivers\MiniIcpt.sys
10:46:39.0795 0x46dc GDMnIcpt - ok
10:46:39.0810 0x46dc [ DC5200C3055D6EB5355F8975FB38E9EE, 6E1E059DDEF04F1B0761570B75BF2914256243F1398E682BF4DF00AF3CE44585 ] GDPkIcpt C:\WINDOWS\system32\drivers\PktIcpt.sys
10:46:39.0823 0x46dc GDPkIcpt - ok
10:46:39.0855 0x46dc [ 1FCEE46DEFDF64DC7E1939E3F9E56718, CED8A28472AF234DED48AE0EB38CC697F50B7D9BF0BDBDE2F9D29CEE9DF0454E ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
10:46:39.0882 0x46dc GDScan - ok
10:46:39.0909 0x46dc [ 4E294DB229885177DA056A3471476A19, CEC297E50B96650CB822C5D6BD89FF9DD96311A2A07692935C101F39F6A89BBA ] gdwfpcd C:\WINDOWS\system32\drivers\gdwfpcd64.sys
10:46:39.0920 0x46dc gdwfpcd - ok
10:46:39.0926 0x46dc gencounter - ok
10:46:39.0933 0x46dc genericusbfn - ok
10:46:39.0986 0x46dc [ 006537C2E4E3501C48893B3E862B85BE, 1E67B67E8CA546D3811F53D56FA58E913DCD4B4E1300A2373DCAF04D3B2770BC ] GfK-NetworkMeter C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe
10:46:40.0024 0x46dc GfK-NetworkMeter - ok
10:46:40.0103 0x46dc [ 73260AE94F97F8839836E09090130AAB, 76169687A230805FDAB74453BABD889BEFCB777B0B9E6D1DBC72FFA1F9EDD5C3 ] GfK-Reporting-Service C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
10:46:40.0154 0x46dc GfK-Reporting-Service - ok
10:46:40.0229 0x46dc [ FA18DAFE475969EEB83706E165515A52, F7642CFDD1D9B1F8418D57C55A5142CA2DD09A318E5520940F5EFF965F94EAC9 ] GfK-Update-Service C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
10:46:40.0270 0x46dc GfK-Update-Service - ok
10:46:40.0279 0x46dc GPIOClx0101 - ok
10:46:40.0286 0x46dc gpsvc - ok
10:46:40.0292 0x46dc GpuEnergyDrv - ok
10:46:40.0320 0x46dc [ 6809BA27F97EAFC5C30F743E30DE1DB6, BAC1E0E4542B9917731FD50B1A646CFDA31679FDF2A5A875742AA88600847547 ] GRD C:\WINDOWS\system32\drivers\GRD.sys
10:46:40.0332 0x46dc GRD - ok
10:46:40.0382 0x46dc [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:46:40.0394 0x46dc gupdate - ok
10:46:40.0412 0x46dc [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:46:40.0424 0x46dc gupdatem - ok
10:46:40.0430 0x46dc HDAudBus - ok
10:46:40.0437 0x46dc HidBatt - ok
10:46:40.0443 0x46dc HidBth - ok
10:46:40.0451 0x46dc hidi2c - ok
10:46:40.0457 0x46dc hidinterrupt - ok
10:46:40.0464 0x46dc HidIr - ok
10:46:40.0480 0x46dc hidserv - ok
10:46:40.0508 0x46dc [ 38DA94B6DD8022DA43810E4328608E54, ACE0A36143FF37BC42F136DB7317028540D1C0F21A5FD13F67E1A3DB2426A5EA ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
10:46:40.0518 0x46dc HIDSwitch - ok
10:46:40.0540 0x46dc HidUsb - ok
10:46:40.0568 0x46dc HomeGroupListener - ok
10:46:40.0576 0x46dc HomeGroupProvider - ok
10:46:40.0607 0x46dc [ FEDBFAFC5BAD0AE52ADE4DF75DBFF69F, A16CED31C64EAA92FE1BB4194A5124476BD53459F4B758ED504F2CFB31D6A580 ] HookCentre C:\WINDOWS\system32\drivers\HookCentre.sys
10:46:40.0617 0x46dc HookCentre - ok
10:46:40.0623 0x46dc HpSAMD - ok
10:46:40.0665 0x46dc [ EC80F3ECC5F8543E22BBCB037D837CA9, 23A4AE80A6C317CE77BD9D352CD9CED8649E3AD98A7C0A2044138BB20B46F398 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
10:46:40.0675 0x46dc HPSupportSolutionsFrameworkService - ok
10:46:40.0690 0x46dc HTTP - ok
10:46:40.0713 0x46dc HvHost - ok
10:46:40.0743 0x46dc hvservice - ok
10:46:40.0755 0x46dc hwpolicy - ok
10:46:40.0767 0x46dc hyperkbd - ok
10:46:40.0780 0x46dc i8042prt - ok
10:46:40.0787 0x46dc iagpio - ok
10:46:40.0795 0x46dc iai2c - ok
10:46:40.0802 0x46dc iaLPSS2i_GPIO2 - ok
10:46:40.0807 0x46dc iaLPSS2i_I2C - ok
10:46:40.0813 0x46dc iaLPSSi_GPIO - ok
10:46:40.0818 0x46dc iaLPSSi_I2C - ok
10:46:40.0824 0x46dc iaStorAV - ok
10:46:40.0829 0x46dc iaStorV - ok
10:46:40.0836 0x46dc ibbus - ok
10:46:40.0851 0x46dc icssvc - ok
10:46:40.0856 0x46dc IKEEXT - ok
10:46:40.0862 0x46dc IndirectKmd - ok
10:46:41.0010 0x46dc [ 7F08B78B1516626869FB44A61EFDF566, C585902D4F6E36A44097C192CCF19F1947F99C86A7BB77E83C0BE475F0151161 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
10:46:41.0117 0x46dc IntcAzAudAddService - ok
10:46:41.0130 0x46dc intelide - ok
10:46:41.0135 0x46dc intelpep - ok
10:46:41.0141 0x46dc intelppm - ok
10:46:41.0153 0x46dc iorate - ok
10:46:41.0158 0x46dc IpFilterDriver - ok
10:46:41.0180 0x46dc iphlpsvc - ok
10:46:41.0186 0x46dc IPMIDRV - ok
10:46:41.0190 0x46dc IPNAT - ok
10:46:41.0196 0x46dc irda - ok
10:46:41.0203 0x46dc IRENUM - ok
10:46:41.0209 0x46dc irmon - ok
10:46:41.0214 0x46dc isapnp - ok
10:46:41.0220 0x46dc iScsiPrt - ok
10:46:41.0233 0x46dc [ DD1F43B86AD84E53203F92FD3EF3AEB6, 9DE2BA80B315E56DF2E74EAA65F4ECB8324DFC19E30EB56EDDF08340AB100E87 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
10:46:41.0246 0x46dc iwdbus - ok
10:46:41.0263 0x46dc kbdclass - ok
10:46:41.0281 0x46dc kbdhid - ok
10:46:41.0314 0x46dc kdnic - ok
10:46:41.0319 0x46dc KeyIso - ok
10:46:41.0340 0x46dc KSecDD - ok
10:46:41.0345 0x46dc KSecPkg - ok
10:46:41.0350 0x46dc ksthunk - ok
10:46:41.0356 0x46dc KtmRm - ok
10:46:41.0361 0x46dc LanmanServer - ok
10:46:41.0382 0x46dc LanmanWorkstation - ok
10:46:41.0390 0x46dc lfsvc - ok
10:46:41.0412 0x46dc LicenseManager - ok
10:46:41.0418 0x46dc lltdio - ok
10:46:41.0425 0x46dc lltdsvc - ok
10:46:41.0430 0x46dc lmhosts - ok
10:46:41.0438 0x46dc LSI_SAS - ok
10:46:41.0443 0x46dc LSI_SAS2i - ok
10:46:41.0448 0x46dc LSI_SAS3i - ok
10:46:41.0456 0x46dc LSI_SSS - ok
10:46:41.0472 0x46dc LSM - ok
10:46:41.0477 0x46dc luafv - ok
10:46:41.0490 0x46dc MapsBroker - ok
10:46:41.0509 0x46dc [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
10:46:41.0517 0x46dc MBAMProtector - ok
10:46:41.0591 0x46dc [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
10:46:41.0631 0x46dc MBAMService - ok
10:46:41.0660 0x46dc [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
10:46:41.0672 0x46dc MBAMSwissArmy - ok
10:46:41.0686 0x46dc [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
10:46:41.0695 0x46dc MBAMWebAccessControl - ok
10:46:41.0706 0x46dc [ C91B758B4AB1ECEA34AEDA851E05B5D9, 73BA1CAD3CAEE87F5855ED0F4E1F3A96FACA656D1C935B56CC4B5D5AEBF7191C ] MBI C:\WINDOWS\System32\drivers\MBI.sys
10:46:41.0716 0x46dc MBI - ok
10:46:41.0723 0x46dc megasas - ok
10:46:41.0755 0x46dc megasas2i - ok
10:46:41.0760 0x46dc megasr - ok
10:46:41.0767 0x46dc MessagingService - ok
10:46:41.0783 0x46dc mlx4_bus - ok
10:46:41.0788 0x46dc MMCSS - ok
10:46:41.0794 0x46dc Modem - ok
10:46:41.0812 0x46dc monitor - ok
10:46:41.0818 0x46dc mouclass - ok
10:46:41.0822 0x46dc mouhid - ok
10:46:41.0828 0x46dc mountmgr - ok
10:46:41.0862 0x46dc [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:46:41.0874 0x46dc MozillaMaintenance - ok
10:46:41.0879 0x46dc mpsdrv - ok
10:46:41.0884 0x46dc MpsSvc - ok
10:46:41.0898 0x46dc MRxDAV - ok
10:46:41.0908 0x46dc mrxsmb - ok
10:46:41.0938 0x46dc mrxsmb10 - ok
10:46:41.0943 0x46dc mrxsmb20 - ok
10:46:41.0954 0x46dc MsBridge - ok
10:46:41.0965 0x46dc MSDTC - ok
10:46:41.0974 0x46dc Msfs - ok
10:46:41.0980 0x46dc msgpiowin32 - ok
10:46:41.0985 0x46dc mshidkmdf - ok
10:46:41.0991 0x46dc mshidumdf - ok
10:46:41.0997 0x46dc msisadrv - ok
10:46:42.0011 0x46dc MSiSCSI - ok
10:46:42.0017 0x46dc msiserver - ok
10:46:42.0023 0x46dc MSKSSRV - ok
10:46:42.0028 0x46dc MsLldp - ok
10:46:42.0033 0x46dc MSPCLOCK - ok
10:46:42.0039 0x46dc MSPQM - ok
10:46:42.0044 0x46dc MsRPC - ok
10:46:42.0051 0x46dc MsSecFlt - ok
10:46:42.0058 0x46dc mssmbios - ok
10:46:42.0062 0x46dc MSTEE - ok
10:46:42.0090 0x46dc MTConfig - ok
10:46:42.0095 0x46dc Mup - ok
10:46:42.0100 0x46dc mvumis - ok
10:46:42.0117 0x46dc NativeWifiP - ok
10:46:42.0123 0x46dc NcaSvc - ok
10:46:42.0144 0x46dc NcbService - ok
10:46:42.0149 0x46dc NcdAutoSetup - ok
10:46:42.0155 0x46dc ndfltr - ok
10:46:42.0169 0x46dc NDIS - ok
10:46:42.0174 0x46dc NdisCap - ok
10:46:42.0189 0x46dc NdisImPlatform - ok
10:46:42.0193 0x46dc NdisTapi - ok
10:46:42.0198 0x46dc Ndisuio - ok
10:46:42.0205 0x46dc NdisVirtualBus - ok
10:46:42.0209 0x46dc NdisWan - ok
10:46:42.0215 0x46dc ndiswanlegacy - ok
10:46:42.0221 0x46dc ndproxy - ok
10:46:42.0226 0x46dc Ndu - ok
10:46:42.0231 0x46dc NetAdapterCx - ok
10:46:42.0237 0x46dc NetBIOS - ok
10:46:42.0245 0x46dc NetBT - ok
10:46:42.0251 0x46dc Netlogon - ok
10:46:42.0258 0x46dc Netman - ok
10:46:42.0265 0x46dc netprofm - ok
10:46:42.0276 0x46dc NetSetupSvc - ok
10:46:42.0297 0x46dc NetTcpPortSharing - ok
10:46:42.0305 0x46dc NgcCtnrSvc - ok
10:46:42.0311 0x46dc NgcSvc - ok
10:46:42.0424 0x46dc [ D071420836523656737B7D8252175B17, F88822A2A88ACE2EF3F3C5DF61671F8E2846F38D6405CE795D835C8406EC79B3 ] NielsenUpdate C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
10:46:42.0500 0x46dc NielsenUpdate - ok
10:46:42.0511 0x46dc NlaSvc - ok
10:46:42.0573 0x46dc [ 1FB571692EDEFEE0DC1A10DA33113C10, 35BB050759232338F28C1304EB9DE89DC63B87989AC60C4AEDEBDB2A4F407BDB ] nnfwdk C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\nnfwdk64.sys
10:46:42.0583 0x46dc nnfwdk - ok
10:46:42.0589 0x46dc Npfs - ok
10:46:42.0595 0x46dc npsvctrig - ok
10:46:42.0601 0x46dc nsi - ok
10:46:42.0608 0x46dc nsiproxy - ok
10:46:42.0625 0x46dc NTFS - ok
10:46:42.0630 0x46dc Null - ok
10:46:42.0636 0x46dc nvraid - ok
10:46:42.0641 0x46dc nvstor - ok
10:46:42.0658 0x46dc OneSyncSvc - ok
10:46:42.0863 0x46dc [ 3E498CE04DD40C60769854DF2CE8D21D, 28B9331787FE598A79E40DA839B022D353280BE0E8F0D20CE4AAB6284866DE48 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
10:46:42.0916 0x46dc Origin Client Service - ok
10:46:43.0041 0x46dc [ B66980E730FEF1E31BE39B09F55514A1, 756F7695AB112FB2FEBA905F5F9E7C9435823195DE164AF60071457BC047535E ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
10:46:43.0095 0x46dc Origin Web Helper Service - ok
10:46:43.0111 0x46dc p2pimsvc - ok
10:46:43.0130 0x46dc p2psvc - ok
10:46:43.0134 0x46dc Parport - ok
10:46:43.0150 0x46dc partmgr - ok
10:46:43.0200 0x46dc PcaSvc - ok
10:46:43.0219 0x46dc pci - ok
10:46:43.0247 0x46dc pciide - ok
10:46:43.0255 0x46dc pcmcia - ok
10:46:43.0261 0x46dc pcw - ok
10:46:43.0273 0x46dc pdc - ok
10:46:43.0308 0x46dc PEAUTH - ok
10:46:43.0315 0x46dc PeerDistSvc - ok
10:46:43.0322 0x46dc percsas2i - ok
10:46:43.0332 0x46dc percsas3i - ok
10:46:43.0409 0x46dc PerfHost - ok
10:46:43.0445 0x46dc PhoneSvc - ok
10:46:43.0464 0x46dc PimIndexMaintenanceSvc - ok
10:46:43.0477 0x46dc pla - ok
10:46:43.0536 0x46dc [ E3286E1138D2B8481FD58152E4D851F9, A2A78EBB24A2C3CB0BCC7ED1143D0E589469C8BD651DA1CE441AB3F20C38A261 ] PlaysService C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
10:46:43.0557 0x46dc PlaysService - ok
10:46:43.0568 0x46dc PlugPlay - ok
10:46:43.0577 0x46dc PNRPAutoReg - ok
10:46:43.0584 0x46dc PNRPsvc - ok
10:46:43.0591 0x46dc PolicyAgent - ok
10:46:43.0599 0x46dc Power - ok
10:46:43.0606 0x46dc PptpMiniport - ok
10:46:43.0747 0x46dc [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
10:46:43.0868 0x46dc PrintNotify - ok
10:46:43.0880 0x46dc Processor - ok
10:46:43.0888 0x46dc ProfSvc - ok
10:46:43.0909 0x46dc Psched - ok
10:46:43.0914 0x46dc QWAVE - ok
10:46:43.0919 0x46dc QWAVEdrv - ok
10:46:43.0925 0x46dc RasAcd - ok
10:46:43.0947 0x46dc RasAgileVpn - ok
10:46:43.0952 0x46dc RasAuto - ok
10:46:43.0957 0x46dc Rasl2tp - ok
10:46:43.0966 0x46dc RasMan - ok
10:46:43.0971 0x46dc RasPppoe - ok
10:46:43.0976 0x46dc RasSstp - ok
10:46:43.0995 0x46dc rdbss - ok
10:46:44.0022 0x46dc rdpbus - ok
10:46:44.0027 0x46dc RDPDR - ok
10:46:44.0055 0x46dc RdpVideoMiniport - ok
10:46:44.0060 0x46dc rdyboost - ok
10:46:44.0065 0x46dc ReFSv1 - ok
10:46:44.0084 0x46dc RemoteAccess - ok
10:46:44.0089 0x46dc RemoteRegistry - ok
10:46:44.0134 0x46dc RetailDemo - ok
10:46:44.0148 0x46dc RmSvc - ok
10:46:44.0160 0x46dc RpcEptMapper - ok
10:46:44.0179 0x46dc RpcLocator - ok
10:46:44.0184 0x46dc RpcSs - ok
10:46:44.0190 0x46dc rspndr - ok
10:46:44.0229 0x46dc [ 952209B8749D7AB91D5BB95665C5D13E, B7E6D7293A2D2B7492FD240E52E041E0BA4818F99FEBB3C6B718C1871D190E26 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
10:46:44.0257 0x46dc rt640x64 - ok
10:46:44.0265 0x46dc RtlWlanu_OldIC - ok
10:46:44.0271 0x46dc s3cap - ok
10:46:44.0284 0x46dc SamSs - ok
10:46:44.0290 0x46dc sbp2port - ok
10:46:44.0326 0x46dc SCardSvr - ok
10:46:44.0351 0x46dc ScDeviceEnum - ok
10:46:44.0367 0x46dc scfilter - ok
10:46:44.0373 0x46dc Schedule - ok
10:46:44.0379 0x46dc scmbus - ok
10:46:44.0385 0x46dc scmdisk0101 - ok
10:46:44.0401 0x46dc SCPolicySvc - ok
10:46:44.0424 0x46dc sdbus - ok
10:46:44.0429 0x46dc SDRSVC - ok
10:46:44.0435 0x46dc sdstor - ok
10:46:44.0442 0x46dc seclogon - ok
10:46:44.0447 0x46dc SENS - ok
10:46:44.0450 0x46dc Sense - ok
10:46:44.0478 0x46dc SensorDataService - ok
10:46:44.0483 0x46dc SensorService - ok
10:46:44.0488 0x46dc SensrSvc - ok
10:46:44.0494 0x46dc SerCx - ok
10:46:44.0500 0x46dc SerCx2 - ok
10:46:44.0505 0x46dc Serenum - ok
10:46:44.0510 0x46dc Serial - ok
10:46:44.0516 0x46dc sermouse - ok
10:46:44.0529 0x46dc SessionEnv - ok
10:46:44.0534 0x46dc sfloppy - ok
10:46:44.0563 0x46dc SharedAccess - ok
10:46:44.0569 0x46dc ShellHWDetection - ok
10:46:44.0587 0x46dc shpamsvc - ok
10:46:44.0594 0x46dc SiSRaid2 - ok
10:46:44.0601 0x46dc SiSRaid4 - ok
10:46:44.0625 0x46dc smphost - ok
10:46:44.0642 0x46dc SmsRouter - ok
10:46:44.0651 0x46dc SNMPTRAP - ok
10:46:44.0672 0x46dc spaceport - ok
10:46:44.0677 0x46dc SpbCx - ok
10:46:44.0707 0x46dc Spooler - ok
10:46:44.0715 0x46dc sppsvc - ok
10:46:44.0720 0x46dc srv - ok
10:46:44.0726 0x46dc srv2 - ok
10:46:44.0741 0x46dc srvnet - ok
10:46:44.0746 0x46dc SSDPSRV - ok
10:46:44.0750 0x46dc SstpSvc - ok
10:46:44.0764 0x46dc [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
10:46:44.0778 0x46dc ssudmdm - ok
10:46:44.0818 0x46dc StateRepository - ok
10:46:44.0924 0x46dc [ 345C39599C3D4940D12F5F9F42A79229, B5D6C716D374E453940C2A23772B9E063CBCB06DA74574F0F19F813AE65F4A78 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:46:44.0964 0x46dc Steam Client Service - ok
10:46:44.0974 0x46dc stexstor - ok
10:46:45.0006 0x46dc [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
10:46:45.0019 0x46dc StillCam - ok
10:46:45.0025 0x46dc stisvc - ok
10:46:45.0040 0x46dc storahci - ok
10:46:45.0045 0x46dc storflt - ok
10:46:45.0050 0x46dc stornvme - ok
10:46:45.0056 0x46dc storqosflt - ok
10:46:45.0072 0x46dc StorSvc - ok
10:46:45.0078 0x46dc storufs - ok
10:46:45.0083 0x46dc storvsc - ok
10:46:45.0088 0x46dc svsvc - ok
10:46:45.0094 0x46dc swenum - ok
10:46:45.0099 0x46dc swprv - ok
10:46:45.0120 0x46dc Synth3dVsc - ok
10:46:45.0126 0x46dc SysMain - ok
10:46:45.0138 0x46dc SystemEventsBroker - ok
10:46:45.0149 0x46dc TabletInputService - ok
10:46:45.0154 0x46dc TapiSrv - ok
10:46:45.0160 0x46dc Tcpip - ok
10:46:45.0164 0x46dc Tcpip6 - ok
10:46:45.0172 0x46dc tcpipreg - ok
10:46:45.0180 0x46dc tdx - ok
10:46:45.0420 0x46dc [ D6DDCFFF145CB7D334EECC2F9A8E304F, DC2E19A799F336DF299460C8DB4EE0B2597ADC6C4728F2BB3BBCFA1192BE809C ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
10:46:45.0583 0x46dc TeamViewer - ok
10:46:45.0600 0x46dc terminpt - ok
10:46:45.0605 0x46dc TermService - ok
10:46:45.0611 0x46dc Themes - ok
10:46:45.0625 0x46dc TieringEngineService - ok
10:46:45.0631 0x46dc tiledatamodelsvc - ok
10:46:45.0635 0x46dc TimeBrokerSvc - ok
10:46:45.0641 0x46dc TPM - ok
10:46:45.0646 0x46dc TrkWks - ok
10:46:45.0678 0x46dc TrustedInstaller - ok
10:46:45.0685 0x46dc tsusbflt - ok
10:46:45.0691 0x46dc TsUsbGD - ok
10:46:45.0696 0x46dc tsusbhub - ok
10:46:45.0701 0x46dc tunnel - ok
10:46:45.0721 0x46dc [ 6A606227DE13B850DCD28AD0F4112506, 6E65A79635BFD0F739479ED1C9C44075F774F9B4C9B98750A99E6FC780EE1000 ] TXEIx64 C:\WINDOWS\System32\drivers\TXEIx64.sys
10:46:45.0734 0x46dc TXEIx64 - ok
10:46:45.0752 0x46dc tzautoupdate - ok
10:46:45.0757 0x46dc UASPStor - ok
10:46:45.0762 0x46dc UcmCx0101 - ok
10:46:45.0767 0x46dc UcmTcpciCx0101 - ok
10:46:45.0772 0x46dc UcmUcsi - ok
10:46:45.0778 0x46dc Ucx01000 - ok
10:46:45.0783 0x46dc UdeCx - ok
10:46:45.0788 0x46dc udfs - ok
10:46:45.0793 0x46dc UEFI - ok
10:46:45.0799 0x46dc UevAgentDriver - ok
10:46:45.0820 0x46dc UevAgentService - ok
10:46:45.0825 0x46dc Ufx01000 - ok
10:46:45.0831 0x46dc UfxChipidea - ok
10:46:45.0836 0x46dc ufxsynopsys - ok
10:46:45.0847 0x46dc UI0Detect - ok
10:46:45.0852 0x46dc umbus - ok
10:46:45.0857 0x46dc UmPass - ok
10:46:45.0863 0x46dc UmRdpService - ok
10:46:45.0869 0x46dc UnistoreSvc - ok
10:46:45.0885 0x46dc upnphost - ok
10:46:45.0889 0x46dc UrsChipidea - ok
10:46:45.0895 0x46dc UrsCx01000 - ok
10:46:45.0900 0x46dc UrsSynopsys - ok
10:46:45.0914 0x46dc usbaudio - ok
10:46:45.0919 0x46dc usbccgp - ok
10:46:45.0924 0x46dc usbcir - ok
10:46:45.0930 0x46dc usbehci - ok
10:46:45.0936 0x46dc usbhub - ok
10:46:45.0941 0x46dc USBHUB3 - ok
10:46:45.0947 0x46dc usbohci - ok
10:46:45.0952 0x46dc usbprint - ok
10:46:45.0965 0x46dc usbscan - ok
10:46:45.0970 0x46dc usbser - ok
10:46:45.0974 0x46dc USBSTOR - ok
10:46:45.0980 0x46dc usbuhci - ok
10:46:46.0005 0x46dc usbvideo - ok
10:46:46.0010 0x46dc USBXHCI - ok
10:46:46.0015 0x46dc UserDataSvc - ok
10:46:46.0033 0x46dc UserManager - ok
10:46:46.0048 0x46dc UsoSvc - ok
10:46:46.0052 0x46dc VaultSvc - ok
10:46:46.0078 0x46dc [ 98FE661F5744A3E79767CA24ECD2CFC3, D1126DB85CDF9DBBC64C35520742046182F96F5FF6E80196F93D7B7D5F116D8B ] VBoxUSB C:\WINDOWS\System32\Drivers\VBoxUSB.sys
10:46:46.0094 0x46dc VBoxUSB - ok
10:46:46.0105 0x46dc [ 0E3C4F20B2CE21168F3242D9CAC6CBF2, 1BD5E1A2000EBC1C335A8960ACDCD08BDC8230F533A80D086D2EE6FE4990EA02 ] VBoxUSBMon C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
10:46:46.0118 0x46dc VBoxUSBMon - ok
10:46:46.0123 0x46dc vdrvroot - ok
10:46:46.0144 0x46dc vds - ok
10:46:46.0148 0x46dc VerifierExt - ok
10:46:46.0167 0x46dc vhdmp - ok
10:46:46.0172 0x46dc vhf - ok
10:46:46.0177 0x46dc vmbus - ok
10:46:46.0182 0x46dc VMBusHID - ok
10:46:46.0187 0x46dc vmgid - ok
10:46:46.0208 0x46dc vmicguestinterface - ok
10:46:46.0213 0x46dc vmicheartbeat - ok
10:46:46.0218 0x46dc vmickvpexchange - ok
10:46:46.0239 0x46dc vmicrdv - ok
10:46:46.0243 0x46dc vmicshutdown - ok
10:46:46.0249 0x46dc vmictimesync - ok
10:46:46.0254 0x46dc vmicvmsession - ok
10:46:46.0260 0x46dc vmicvss - ok
10:46:46.0267 0x46dc volmgr - ok
10:46:46.0273 0x46dc volmgrx - ok
10:46:46.0278 0x46dc volsnap - ok
10:46:46.0285 0x46dc volume - ok
10:46:46.0290 0x46dc vpci - ok
10:46:46.0296 0x46dc vsmraid - ok
10:46:46.0301 0x46dc VSS - ok
10:46:46.0306 0x46dc VSTXRAID - ok
10:46:46.0312 0x46dc vwifibus - ok
10:46:46.0317 0x46dc vwififlt - ok
10:46:46.0322 0x46dc vwifimp - ok
10:46:46.0328 0x46dc W32Time - ok
10:46:46.0333 0x46dc WacomPen - ok
10:46:46.0338 0x46dc WalletService - ok
10:46:46.0344 0x46dc wanarp - ok
10:46:46.0349 0x46dc wanarpv6 - ok
10:46:46.0355 0x46dc wbengine - ok
10:46:46.0369 0x46dc WbioSrvc - ok
10:46:46.0375 0x46dc wcifs - ok
10:46:46.0380 0x46dc Wcmsvc - ok
10:46:46.0384 0x46dc wcncsvc - ok
10:46:46.0389 0x46dc wcnfs - ok
10:46:46.0395 0x46dc WdBoot - ok
10:46:46.0400 0x46dc Wdf01000 - ok
10:46:46.0405 0x46dc WdFilter - ok
10:46:46.0411 0x46dc WdiServiceHost - ok
10:46:46.0416 0x46dc WdiSystemHost - ok
10:46:46.0428 0x46dc wdiwifi - ok
10:46:46.0433 0x46dc WdNisDrv - ok
10:46:46.0461 0x46dc WdNisSvc - ok
10:46:46.0468 0x46dc WebClient - ok
10:46:46.0473 0x46dc Wecsvc - ok
10:46:46.0480 0x46dc WEPHOSTSVC - ok
10:46:46.0487 0x46dc wercplsupport - ok
10:46:46.0493 0x46dc WerSvc - ok
10:46:46.0497 0x46dc WFPLWFS - ok
10:46:46.0503 0x46dc WiaRpc - ok
10:46:46.0508 0x46dc WIMMount - ok
10:46:46.0512 0x46dc WinDefend - ok
10:46:46.0523 0x46dc WindowsTrustedRT - ok
10:46:46.0529 0x46dc WindowsTrustedRTProxy - ok
10:46:46.0549 0x46dc WinHttpAutoProxySvc - ok
10:46:46.0554 0x46dc WinMad - ok
10:46:46.0603 0x46dc Winmgmt - ok
10:46:46.0616 0x46dc WinRM - ok
10:46:46.0626 0x46dc WINUSB - ok
10:46:46.0631 0x46dc WinVerbs - ok
10:46:46.0654 0x46dc wisvc - ok
10:46:46.0666 0x46dc WlanSvc - ok
10:46:46.0681 0x46dc wlidsvc - ok
10:46:46.0686 0x46dc WmiAcpi - ok
10:46:46.0694 0x46dc wmiApSrv - ok
10:46:46.0707 0x46dc WMPNetworkSvc - ok
10:46:46.0713 0x46dc Wof - ok
10:46:46.0746 0x46dc workfolderssvc - ok
10:46:46.0752 0x46dc WPDBusEnum - ok
10:46:46.0757 0x46dc WpdUpFltr - ok
10:46:46.0763 0x46dc WpnService - ok
10:46:46.0768 0x46dc WpnUserService - ok
10:46:46.0775 0x46dc ws2ifsl - ok
10:46:46.0782 0x46dc wscsvc - ok
10:46:46.0791 0x46dc WSDPrintDevice - ok
10:46:46.0798 0x46dc WSearch - ok
10:46:46.0816 0x46dc wuauserv - ok
10:46:46.0821 0x46dc WudfPf - ok
10:46:46.0827 0x46dc WUDFRd - ok
10:46:46.0832 0x46dc wudfsvc - ok
10:46:46.0837 0x46dc WUDFWpdFs - ok
10:46:46.0843 0x46dc WUDFWpdMtp - ok
10:46:46.0864 0x46dc WwanSvc - ok
10:46:46.0885 0x46dc XblAuthManager - ok
10:46:46.0902 0x46dc XblGameSave - ok
10:46:46.0907 0x46dc xboxgip - ok
10:46:46.0913 0x46dc XboxNetApiSvc - ok
10:46:46.0936 0x46dc xinputhid - ok
10:46:46.0963 0x46dc [ D3D9CB4BA15C1854294517AA8954E201, DFBB6E1A5FF01123FEAD6EFFA67F4A0203792AFDF82EAFFC2DA981A584896542 ] XQHDrv C:\WINDOWS\system32\DRIVERS\XQHDrv.sys
10:46:46.0979 0x46dc XQHDrv - ok
10:46:46.0982 0x46dc ================ Scan global ===============================
10:46:47.0037 0x46dc [ Global ] - ok
10:46:47.0038 0x46dc ================ Scan MBR ==================================
10:46:47.0049 0x46dc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:46:47.0339 0x46dc \Device\Harddisk0\DR0 - ok
10:46:47.0343 0x46dc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
10:46:48.0114 0x46dc \Device\Harddisk1\DR1 - ok
10:46:48.0120 0x46dc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
10:46:48.0655 0x46dc \Device\Harddisk2\DR2 - ok
10:46:48.0661 0x46dc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
10:46:49.0366 0x46dc \Device\Harddisk3\DR3 - ok
10:46:49.0371 0x46dc [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk4\DR4
10:46:49.0991 0x46dc \Device\Harddisk4\DR4 - ok
10:46:49.0991 0x46dc ================ Scan VBR ==================================
10:46:49.0994 0x46dc [ 95640EAFE8ECC0F8A271D82081F4A50E ] \Device\Harddisk0\DR0\Partition1
10:46:49.0996 0x46dc \Device\Harddisk0\DR0\Partition1 - ok
10:46:50.0000 0x46dc [ 93F98209FF315ACEBA415BC027DA3D4B ] \Device\Harddisk0\DR0\Partition2
10:46:50.0001 0x46dc \Device\Harddisk0\DR0\Partition2 - ok
10:46:50.0005 0x46dc [ 9E2C072B82BF6A726F370B6333062648 ] \Device\Harddisk1\DR1\Partition1
10:46:50.0006 0x46dc \Device\Harddisk1\DR1\Partition1 - ok
10:46:50.0011 0x46dc [ DE3C4A774925145FAE27CED1ABEDE518 ] \Device\Harddisk2\DR2\Partition1
10:46:50.0016 0x46dc \Device\Harddisk2\DR2\Partition1 - ok
10:46:50.0020 0x46dc [ CBDB8840A14F2768BA62E90127E8823C ] \Device\Harddisk3\DR3\Partition1
10:46:50.0024 0x46dc \Device\Harddisk3\DR3\Partition1 - ok
10:46:50.0028 0x46dc [ 5987F11274CFF1DD83E0CFDB7F594D72 ] \Device\Harddisk4\DR4\Partition1
10:46:50.0033 0x46dc \Device\Harddisk4\DR4\Partition1 - ok
10:46:50.0033 0x46dc ================ Scan generic autorun ======================
10:46:50.0460 0x46dc [ 4878D4D36D683EBE2F1E5F83C6A3BDB3, 82DA7BFED5F61DF4B679B06339E4065CCE0DA0D6741287F93A2EF1BCC85AB1E1 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
10:46:50.0772 0x46dc RTHDVCPL - ok
10:46:50.0899 0x46dc [ C5BDFF312B6AEEF2B4790625B50FCC5E, CE3743140200021A216F0D22334C1EE65B8C7A54552838853771C61467DD05AC ] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
10:46:50.0951 0x46dc XFast LAN - ok
10:46:51.0315 0x46dc [ 508A138C09D5030E3A22A11FCF90D69E, 3B1E2660453ABAA9610FA2FE85C81AA4DA56FA7823AF01E5ACC411A646604A94 ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
10:46:51.0493 0x46dc StartCN - ok
10:46:51.0509 0x46dc Logitech Download Assistant - ok
10:46:51.0543 0x46dc OneDriveSetup - ok
10:46:51.0546 0x46dc OneDriveSetup - ok
10:46:51.0865 0x46dc [ B21BF907BEC57CE79A4E1EC7F0717638, AC03F7085ADA3BC49DA183DED2ACB4407F4219D20E224EA7A4157D36884BFC06 ] C:\Program Files (x86)\AirDroid\AirDroid.exe
10:46:52.0056 0x46dc AirDroid 3 - ok
10:46:52.0213 0x46dc [ 0D28681183514A3E064AAA9C12D9DC7B, F32FA1A7565E1A2737B67E7DAF8ACC5FDF253D5D9AFC94DB0CB4F0C63117B313 ] C:\Users\julia\AppData\Roaming\Spotify\SpotifyWebHelper.exe
10:46:52.0254 0x46dc Spotify Web Helper - ok
10:46:52.0467 0x46dc [ 33527CE93566F5728535C7DA68C6C11D, CF26D17E6BD44F0482DB85A400F42CF9B33BE74B27B9DBE3FA18DFB4D14C3485 ] C:\Users\julia\AppData\Roaming\Spotify\Spotify.exe
10:46:52.0624 0x46dc Spotify - ok
10:46:52.0719 0x46dc [ FC7E2535A6F2DA0988F91A6232139661, E6FA0AD4435B226778AF36DF0ABC235BECC8228542D9F8D5F43D961BCB767CEE ] C:\Program Files (x86)\Steam\steam.exe
10:46:52.0787 0x46dc Steam - ok
10:46:52.0961 0x46dc [ 8B37E45C7C41561BF82B2E2A0145C4E5, 5889D467C96E17A4D5B924EF84B0DAFA6CB04ACB248E0C6B0C5CC2CFEFD7CEB3 ] C:\Users\julia\AppData\Roaming\Nox\bin\Nox.exe
10:46:53.0078 0x46dc BigNox - ok
10:46:53.0197 0x46dc [ 0BA57111C2F9A4313F2311CD61DE65FB, 69D4573EC5A720BCDEA094A44F5F6129632B045952525A890DE57A2C002DF934 ] C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe
10:46:53.0248 0x46dc XperiaCompanionAgent - ok
10:46:53.0395 0x46dc [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
10:46:53.0457 0x46dc HP Deskjet 3050A J611 series (NET) - ok
10:46:53.0471 0x46dc Uninstall C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64 - ok
10:46:53.0473 0x46dc Waiting for KSN requests completion. In queue: 10
10:46:54.0498 0x46dc AV detected via SS2: G DATA INTERNET SECURITY, C:\Program Files (x86)\G DATA\InternetSecurity\AVK\avkwscpe.exe ( 25.1.0.0 ), 0x41000 ( enabled : updated )
10:46:54.0500 0x46dc AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
10:46:54.0503 0x46dc FW detected via SS2: G*DATA Personal Firewall, C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )
10:46:54.0595 0x46dc ============================================================
10:46:54.0595 0x46dc Scan finished
10:46:54.0595 0x46dc ============================================================
10:46:54.0616 0x4854 Detected object count: 0
10:46:54.0616 0x4854 Actual detected object count: 0
|
|
16.02.2017, 17:40
| #5 | |
| /// TB-Ausbilder | Probleme mit Maleware oder Trojaner nach Toolbar Installation Servus, bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. |
|
16.02.2017, 18:53
| #6 |
| | Probleme mit Maleware oder Trojaner nach Toolbar Installation Hallo, Entschuldigung, ich dachte wenn ich einen Ordne direkt auf dem Desktop erstelle, ist das in Ordnung. Ich werde es gleich nochmal machen Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-02-2017 02 durchgeführt von julia (Administrator) auf DESKTOP-N0N5AE6 (16-02-2017 18:31:48) Gestartet von C:\Users\julia\Desktop Geladene Profile: julia (Verfügbare Profile: julia) Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe (AMD) C:\Windows\System32\atiesrxx.exe (GfK) C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe (G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe (G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe (G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe (G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (AMD) C:\Windows\System32\atieclxx.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe (G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe (G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe (G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe (GfK SE) C:\Program Files (x86)\GfK Internet-Monitor\GfK-LoginInterface.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe (The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Sand Studio) C:\Program Files (x86)\AirDroid\AirDroid.exe (The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\NielsenOnline64.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music Helper.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (@@Manufacturer@@) C:\Program Files (x86)\GfK Internet-Monitor\Chrome Extension\GfKChromeHost.exe (Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe () C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-15] (Realtek Semiconductor) HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [2088872 2015-09-09] (cFos Software GmbH) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G DATA\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [441160 2016-09-15] (G DATA Software AG) HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51928 2017-02-10] (Copyright (c) 2017 Plays.tv, LLC) HKLM-x32\...\Run: [NielsenOnline] => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe [202896 2016-12-30] (The Nielsen Company) HKU\S-1-5-19\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG HKU\S-1-5-20\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [8651896 2017-01-16] (Sand Studio) HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Spotify Web Helper] => C:\Users\julia\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1555056 2016-10-02] (Spotify Ltd) HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Spotify] => C:\Users\julia\AppData\Roaming\Spotify\Spotify.exe [6937200 2016-10-02] (Spotify Ltd) HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation) HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [BigNox] => C:\Users\julia\AppData\Roaming\Nox\bin\Nox.exe [5100872 2016-07-31] (Duodian Technology Co. Ltd.) HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2062208 2016-05-26] (Sony) HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\RunOnce: [Uninstall C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64" HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\MountPoints2: {4620abb5-cad0-11e6-9182-0013ef030494} - "I:\shelexec.exe" .\starter.html HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{2683783b-a4bc-4329-ac88-9cc1e28fadf5}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{b3b846c1-63d0-49c7-a2c1-ceb545584257}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp BHO: GfK Internet-Monitor -> {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} -> C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll [2016-10-31] (GfK) BHO-x32: GfK Internet-Monitor -> {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} -> C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll [2016-10-31] (GfK) Toolbar: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei FireFox: ======== FF DefaultProfile: z4n199ml.default FF ProfilePath: C:\Users\julia\AppData\Roaming\Mozilla\Firefox\Profiles\z4n199ml.default [2017-02-16] FF NetworkProxy: Mozilla\Firefox\Profiles\z4n199ml.default -> type", 0 FF Extension: (Nielsen NetSight) - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\netsight@nielsen.xpi [2017-02-16] FF HKLM\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi FF Extension: (GfK Internet) - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi [2017-02-16] FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\netsight@nielsen.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-02-11] () FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-02-11] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1190779463-2330029784-2471901394-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.reading4money.de/paidmail.php?username=julemaus89&id=1414525986&mid=0 CHR StartupUrls: Default -> "hxxp://www.spielesite.com/","hxxps://de.upjers.com/","hxxp://www.startparadies.de/index.php","hxxps://www.facebook.com/","hxxp://www.klamm.de/","hxxp://www.bonix.org/","hxxp://www.dodona-mails.de/","hxxp://testberichte.reviews/","hxxp://www.shimly.de/" CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908&prt=cr CHR DefaultSearchKeyword: Default -> NortonSafe CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff CHR Plugin: (Widevine Content Decryption Module) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.885\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\PepperFlash\pepflashplayer.dll => Keine Datei CHR Profile: C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default [2017-02-16] CHR Extension: (Google Drive) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-29] CHR Extension: (Lovely Cats Tab) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdoeoonepndhefdpieicgajkhadocngm [2016-06-24] CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-01-30] CHR Extension: (LadyCashback.de Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjnhchdicihpfajapekoedijbldehbbk [2017-02-14] CHR Extension: (YouTube) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-29] CHR Extension: (Nielsen NetSight) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgmmbefnahabhcchpfkobeindpppflc [2017-02-05] CHR Extension: (Kindle Cloud Reader) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnemmpobpfaichgccgcilgncfigplmol [2016-09-15] CHR Extension: (Google-Suche) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-04-29] CHR Extension: (Norton Home Page for Chrome) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2016-04-29] CHR Extension: (Google Kalender) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-06] CHR Extension: (GfK Internet-Monitor) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh [2016-11-04] CHR Extension: (Google Docs Offline) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-29] CHR Extension: (GfK Digital Trends App) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikkcdahfmnbofoaeofipdcejkgkbofj [2016-06-14] CHR Extension: (Questler Bonusfinder 3.0) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipddihbjlikcgpbikkgjibobkahjafni [2016-06-24] CHR Extension: (CashbackDeals.de Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnlhjofgnkcljojnibhmeopimidoblfm [2017-02-14] CHR Extension: (Andasa iCat) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcbpnhnickonbgkbgbegepdldmcnjoif [2016-10-21] CHR Extension: (iGraal Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2017-02-14] CHR Extension: (Google Play) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-04-29] CHR Extension: (Tabby Cat) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mefhakmgclhhfbdadeojlkbllmecialg [2016-11-10] CHR Extension: (Google Play Books) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2016-04-29] CHR Extension: (boost-Bar) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbifpjmldocepoilnjgbkaaighinkhpp [2016-10-11] CHR Extension: (Bundlr) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\neaecllpgiioinacndhkakancoifnbhm [2016-04-29] CHR Extension: (Norton Safe) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-09-03] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19] CHR Extension: (Google Mail) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-29] CHR Extension: (Chrome Media Router) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-06] CHR HKLM\...\Chrome\Extension: [bpgmmbefnahabhcchpfkobeindpppflc] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [bpgmmbefnahabhcchpfkobeindpppflc] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] () R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [463112 2014-07-31] () R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [4950632 2016-10-06] (G DATA Software AG) R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [984904 2016-09-15] (G DATA Software AG) R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3044496 2016-09-27] (G Data Software AG) R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [726952 2015-09-09] (cFos Software GmbH) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-30] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-30] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.) R2 GDBackupSvc; C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe [4072264 2016-09-30] (G DATA Software AG) R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3286120 2016-09-15] (G Data Software AG) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [822600 2016-09-27] (G DATA Software AG) R2 GfK-NetworkMeter; C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe [1222880 2016-10-31] (GfK) R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [1992256 2016-10-31] () R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1476160 2016-07-06] () R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 NielsenUpdate; C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [3161744 2016-12-30] (The Nielsen Company) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119176 2017-01-15] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2181648 2017-01-15] (Electronic Arts) R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-02-10] (Copyright (c) 2017 Plays.tv, LLC) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-01-25] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-01-25] (Advanced Micro Devices, Inc.) R3 AppObserver; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\appobserver64.sys [23696 2016-08-11] (The Nielsen Company) R3 AsrAutoChkUpdDrv; C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys [22280 2017-02-16] (ASRock Incorporation) R3 AsrDrv101; C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys [22280 2016-04-29] (ASRock Incorporation) R0 AsrRamDisk; C:\WINDOWS\System32\drivers\AsrRamDisk.sys [40200 2013-08-02] (ASRock Inc.) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-07-21] (Advanced Micro Devices) S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [100776 2015-08-23] (ASUS Corporation) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.) R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [180808 2016-10-13] (G Data Software AG) S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2016-04-21] (G Data Software AG) R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [37400 2016-10-13] (G Data Software AG) R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [30280 2016-10-13] (G DATA Software AG) R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [274400 2016-10-13] (G Data Software AG) R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [105544 2016-10-13] (G Data Software AG) R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [77384 2016-10-13] (G DATA Software AG) R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [116296 2016-10-16] (G Data Software) R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [153160 2016-10-13] (G Data Software AG) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-02-16] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) S3 MBI; C:\WINDOWS\System32\drivers\MBI.sys [41456 2015-10-15] (Intel(R) Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R1 nnfwdk; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\nnfwdk64.sys [34960 2016-08-11] (The Nielsen Company) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-08-20] (Realtek ) R3 RtlWlanu_OldIC; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Realtek Semiconductor Corporation ) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.) S3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation) S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [114632 2015-09-16] (BigNox Corporation) R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation) R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation) S3 dbx; system32\DRIVERS\dbx.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-02-16 18:31 - 2017-02-16 18:32 - 00030336 _____ C:\Users\julia\Desktop\FRST.txt 2017-02-16 18:23 - 2017-02-16 18:23 - 04747704 _____ (AO Kaspersky Lab) C:\Users\julia\Desktop\tdsskiller.exe 2017-02-16 18:22 - 2017-02-16 18:26 - 02422272 _____ (Farbar) C:\Users\julia\Desktop\FRST64.exe 2017-02-16 10:45 - 2017-02-16 10:52 - 00090086 _____ C:\TDSSKiller.3.1.0.12_16.02.2017_10.45.55_log.txt 2017-02-16 10:42 - 2017-02-16 10:44 - 00171940 _____ C:\TDSSKiller.3.1.0.12_16.02.2017_10.42.12_log.txt 2017-02-16 08:30 - 2017-02-16 08:30 - 00003034 _____ C:\WINDOWS\System32\Tasks\AsrSP.exe 2017-02-14 13:08 - 2017-02-14 13:08 - 00003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForjulia 2017-02-14 13:08 - 2017-02-14 13:08 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForjulia.job 2017-02-11 10:58 - 2017-02-11 10:58 - 00000000 ____D C:\Users\julia\AppData\Roaming\Macromedia 2017-02-11 10:58 - 2017-02-11 10:58 - 00000000 ____D C:\Users\julia\AppData\Local\Macromedia 2017-02-10 19:29 - 2017-02-16 18:31 - 00000000 ____D C:\FRST 2017-02-08 08:36 - 2017-02-08 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2017-02-05 17:37 - 2017-02-05 18:08 - 00000000 ____D C:\Users\julia\Desktop\USB Stick 2017-02-04 14:27 - 2017-02-04 14:28 - 00411140 _____ C:\WINDOWS\Minidump\020417-29406-01.dmp 2017-02-04 14:27 - 2017-02-04 14:27 - 00000000 ____D C:\WINDOWS\Minidump 2017-02-02 19:26 - 2017-02-16 10:00 - 00000000 ____D C:\Users\julia\AppData\LocalLow\Mozilla 2017-02-01 14:49 - 2017-02-16 10:38 - 00000000 ____D C:\Users\julia\Desktop\Virus 2017-02-01 14:41 - 2017-02-05 17:15 - 00000000 ____D C:\AdwCleaner 2017-01-31 17:47 - 2017-02-11 18:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-01-27 19:13 - 2017-01-27 19:13 - 00140131 _____ C:\Users\julia\Desktop\Rechnung 4333534.pdf 2017-01-26 08:34 - 2017-01-26 08:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings 2017-01-26 08:34 - 2017-01-26 08:34 - 00000000 ____D C:\Program Files\ATI Technologies 2017-01-25 09:12 - 2017-01-27 17:28 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2017-01-25 08:44 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2017-01-25 08:44 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2017-01-25 01:29 - 2017-01-25 01:29 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2017-01-25 01:29 - 2017-01-25 01:29 - 00768024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2017-01-25 01:29 - 2017-01-25 01:29 - 00121368 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2017-01-25 01:29 - 2017-01-25 01:29 - 00100888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll 2017-01-25 01:29 - 2017-01-25 01:29 - 00038424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll 2017-01-25 01:29 - 2017-01-25 01:29 - 00038416 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll 2017-01-25 01:28 - 2017-01-25 01:28 - 00488496 _____ C:\WINDOWS\system32\amdmiracast.dll 2017-01-25 01:28 - 2017-01-25 01:28 - 00166408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2017-01-25 01:28 - 2017-01-25 01:28 - 00130224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2017-01-24 16:38 - 2017-01-24 16:38 - 06381952 _____ C:\Users\julia\Desktop\eBook_Faszientraining.pdf 2017-01-21 16:56 - 2017-01-21 16:56 - 00005262 _____ C:\Users\julia\Desktop\Questionmail Questionmail Richtig Antworten 500 Punkte sammeln!(sasm).eml ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-02-16 18:29 - 2016-05-29 07:54 - 00000000 ____D C:\Users\julia\Documents\AirDroid 2017-02-16 18:21 - 2016-08-06 21:05 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-02-16 17:38 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2017-02-16 14:33 - 2016-04-29 20:51 - 00000000 ____D C:\Users\julia\AppData\Local\CrashDumps 2017-02-16 08:36 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-02-16 08:36 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-02-16 08:30 - 2016-08-09 07:53 - 00003038 _____ C:\WINDOWS\System32\Tasks\AsrAPPShop 2017-02-16 08:30 - 2016-04-29 23:51 - 00022280 _____ (ASRock Incorporation) C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys 2017-02-16 08:30 - 2016-04-29 21:35 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-02-15 21:22 - 2016-08-09 07:55 - 00004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{37189C47-5908-4B51-91BC-1DD3B7B485AE} 2017-02-12 08:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-02-12 00:29 - 2016-08-06 21:11 - 00000000 ____D C:\Users\julia 2017-02-11 18:48 - 2016-07-25 19:04 - 00000000 ____D C:\Program Files (x86)\Steam 2017-02-11 18:42 - 2016-07-31 19:44 - 00000000 ____D C:\Users\julia\.android 2017-02-11 18:42 - 2016-07-31 19:41 - 00000000 ____D C:\Users\julia\.BigNox 2017-02-11 18:42 - 2016-07-31 19:37 - 00000000 ____D C:\Users\julia\AppData\Local\Nox 2017-02-11 18:42 - 2016-04-29 21:38 - 00000000 ____D C:\Users\julia\AppData\Roaming\Spotify 2017-02-11 18:40 - 2016-06-22 18:12 - 00000000 ____D C:\Users\julia\AppData\Roaming\PlaysTV 2017-02-11 18:40 - 2016-04-29 21:38 - 00000000 ____D C:\Users\julia\AppData\Local\Spotify 2017-02-11 18:36 - 2016-08-06 21:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-02-11 18:36 - 2016-04-29 20:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-02-11 18:35 - 2016-08-06 21:58 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2017-02-11 18:35 - 2016-08-06 21:08 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin 2017-02-11 18:35 - 2016-07-16 07:04 - 01310720 _____ C:\WINDOWS\system32\config\BBI 2017-02-11 10:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-02-11 10:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-02-11 10:56 - 2016-04-29 21:15 - 00000000 ____D C:\Users\julia\AppData\Local\Adobe 2017-02-11 01:36 - 2016-05-10 10:40 - 00197120 ___SH C:\Users\julia\Desktop\Thumbs.db 2017-02-10 16:39 - 2016-12-17 08:28 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-02-10 16:39 - 2016-12-17 08:28 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-02-10 14:14 - 2016-11-22 12:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2017-02-08 08:36 - 2016-04-30 01:08 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-02-07 08:40 - 2016-08-11 08:04 - 00000000 ____D C:\WINDOWS\system32\MpEngineStore 2017-02-06 19:13 - 2016-04-29 20:39 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-02-06 19:13 - 2016-04-29 20:39 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-02-06 19:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-02-04 15:30 - 2016-09-01 23:14 - 00000000 ____D C:\Users\julia\AppData\Local\Amazon Music 2017-02-04 14:29 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2017-02-04 14:27 - 2016-05-09 22:49 - 1366395123 _____ C:\WINDOWS\MEMORY.DMP 2017-02-04 13:58 - 2016-11-14 18:48 - 00000000 ____D C:\Users\julia\AppData\Roaming\vlc 2017-02-04 08:26 - 2016-05-01 07:34 - 00000000 ____D C:\ProgramData\AMD 2017-02-02 20:19 - 2016-09-01 23:14 - 00001320 _____ C:\Users\julia\Desktop\Amazon Music.lnk 2017-02-02 19:48 - 2016-11-15 18:21 - 00001089 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2017-02-02 19:48 - 2016-11-15 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2017-01-30 16:57 - 2016-04-30 01:15 - 00000000 ___RD C:\Users\julia\Dropbox 2017-01-29 15:08 - 2016-11-13 19:58 - 00000000 ____D C:\Users\julia\AppData\Roaming\dvdcss 2017-01-27 11:31 - 2016-05-10 14:56 - 00000000 ____D C:\Users\julia\Thunderbird backup 2017-01-26 08:32 - 2016-08-06 21:08 - 00000000 ____D C:\Program Files\AMD 2017-01-25 09:13 - 2016-04-29 20:05 - 00000000 ____D C:\AMD 2017-01-25 09:12 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-25 01:29 - 2016-10-26 00:04 - 09405464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 07589400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 02463256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 02150928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00909336 _____ (AMD) C:\WINDOWS\system32\coinst_16.40.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00643096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00420376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2017-01-25 01:29 - 2016-10-26 00:04 - 00310808 _____ C:\WINDOWS\system32\dgtrayicon.exe 2017-01-25 01:29 - 2016-10-26 00:04 - 00293400 _____ C:\WINDOWS\system32\GameManager64.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00287248 _____ C:\WINDOWS\system32\clinfo.exe 2017-01-25 01:29 - 2016-10-26 00:04 - 00285720 _____ C:\WINDOWS\system32\hsa-thunk64.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00266256 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00248344 _____ C:\WINDOWS\system32\atieah64.exe 2017-01-25 01:29 - 2016-10-26 00:04 - 00239128 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00178200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00154648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00147480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00130584 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00128536 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00084504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll 2017-01-25 01:29 - 2016-10-26 00:04 - 00077848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll 2017-01-25 01:29 - 2016-08-12 00:07 - 00145952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2017-01-25 01:29 - 2016-08-12 00:07 - 00107544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll 2017-01-25 01:29 - 2016-08-12 00:06 - 00258072 _____ C:\WINDOWS\SysWOW64\GameManager32.dll 2017-01-25 01:29 - 2016-07-02 08:01 - 00541208 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2017-01-25 01:29 - 2016-07-02 08:01 - 00476696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2017-01-25 01:29 - 2016-07-02 08:01 - 00305176 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe 2017-01-25 01:29 - 2016-07-02 08:01 - 00251416 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll 2017-01-25 01:29 - 2016-07-02 08:01 - 00226328 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2017-01-25 01:29 - 2016-07-02 08:01 - 00193560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2017-01-25 01:29 - 2016-07-02 08:01 - 00153112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll 2017-01-25 01:29 - 2016-07-02 08:01 - 00135704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2017-01-25 01:29 - 2016-07-02 08:01 - 00126488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll 2017-01-25 01:29 - 2016-04-05 08:38 - 00219672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2017-01-25 01:29 - 2016-04-05 08:37 - 01351192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2017-01-25 01:29 - 2016-04-05 08:27 - 00158336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2017-01-25 01:29 - 2016-04-05 08:27 - 00118800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll 2017-01-25 01:28 - 2016-10-26 00:05 - 00162216 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll 2017-01-25 01:28 - 2016-10-26 00:05 - 00145360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2017-01-25 01:28 - 2016-10-26 00:05 - 00130216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2017-01-25 01:28 - 2016-10-26 00:05 - 00112328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2017-01-25 01:28 - 2016-07-02 08:01 - 00145872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll 2017-01-25 01:28 - 2016-07-02 08:01 - 00112336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2017-01-22 15:47 - 2016-04-29 21:16 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-10-02 14:25 - 2016-10-02 14:25 - 0000000 _____ () C:\Users\julia\AppData\Roaming\gdfw.log 2016-10-02 14:25 - 2016-10-02 14:25 - 0000779 _____ () C:\Users\julia\AppData\Roaming\gdscan.log 2016-07-31 07:34 - 2016-11-06 16:41 - 0007598 _____ () C:\Users\julia\AppData\Local\Resmon.ResmonCfg 2016-04-30 03:12 - 2016-04-30 03:12 - 0000057 _____ () C:\ProgramData\Ament.ini 2016-08-06 21:07 - 2016-08-06 21:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== 2017-02-02 19:48 - 2017-02-02 19:48 - 7097928 _____ (VS Revo Group ) C:\Users\julia\AppData\Local\Temp\VSUSetup.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-02-08 23:29 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-02-2017 02
durchgeführt von julia (16-02-2017 18:32:25)
Gestartet von C:\Users\julia\Desktop
Windows 10 Pro Version 1607 (X64) (2016-08-06 20:35:33)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1190779463-2330029784-2471901394-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1190779463-2330029784-2471901394-503 - Limited - Disabled)
Gast (S-1-5-21-1190779463-2330029784-2471901394-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1190779463-2330029784-2471901394-1003 - Limited - Enabled)
julia (S-1-5-21-1190779463-2330029784-2471901394-1001 - Administrator - Enabled) => C:\Users\julia
LynCat (S-1-5-21-1190779463-2330029784-2471901394-1004 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
AirDroid 3.3.1.1 (HKLM-x32\...\AirDroid) (Version: 3.3.1.1 - Sand Studio)
Amazon Kindle (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Amazon Kindle) (Version: 1.17.0.44170 - Amazon)
Amazon Music (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Amazon Amazon Music) (Version: 5.3.5.1704 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{04E14C12-EAB9-9B07-5A25-CAF2D10B2579}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
APP Shop v1.0.24 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.24 - ASRock Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock Restart to UEFI v1.0.5 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.5 - )
ASRock XFast RAM v3.0.3 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
A-Tuning v2.0.280 (HKLM-x32\...\A-Tuning_is1) (Version: 2.0.280 - ASRock Inc.)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.3.0.1 - G DATA Software AG)
GfK Internet-Monitor (HKLM-x32\...\39992AD7-103F-4308-8BB7-3F65F543604D) (Version: 15.4.173 - GfK)
GoodNightLed v3.0.1 (HKLM-x32\...\GoodNightLed_is1) (Version: 3.0.1 - ASRock Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.20.104.05220 (HKLM-x32\...\{78D4C553-4B41-97A5-22B4-2F446987B724}) (Version: 2.20.104.05220 - Sony)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 de)) (Version: 45.7.1 - Mozilla)
Nielsen (HKLM-x32\...\NetSight) (Version: - )
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.6.0.0 - Duodian Technology Co. Ltd.)
OEM Application Profile (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.5.6379 - Electronic Arts, Inc.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.18.2-r120419-release - Plays.tv, LLC)
PS4 Remote Play (HKLM-x32\...\{127839B2-AF0F-41CA-9F00-A247D04ACD81}) (Version: 1.0.0.15181 - Sony Interactive Entertainment Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7560 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Spotify (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Spotify) (Version: 1.0.34.146.g28f9eda2 - Spotify AB)
SRWare Iron Version SRWare Iron 33.0.1800.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 33.0.1800.0 - SRWare)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten (HKLM\...\{EF27865C-E636-47C4-8B35-CE8A88045681}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Uplay (HKLM-x32\...\Uplay) (Version: 21.1 - Ubisoft)
Usb GamePad (HKLM-x32\...\{DEC7CD2E-2BB5-40C3-9592-078F64677E6C}) (Version: 1.00.0000 - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
WinDS PRO 2016.04.08 (HKLM\...\{4237FF56-4BD0-481E-BD44-C1A8DDA9C753}_is1) (Version: 2016.04.08 - WinDS PRO Central)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XFast LAN v10.10 (HKLM\...\XFast LAN) (Version: 10.10 - cFos Software GmbH, Bonn)
Xperia Companion (HKLM-x32\...\{8f4f39fa-087f-4e5c-84f3-1433ac7389e9}) (Version: 1.2.8.0 - Sony)
Xperia Companion (x32 Version: 1.2.8.0 - Sony) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {066EF000-1D31-4F43-8E09-C97DCCC96278} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {2556CECF-EA3C-447B-94AA-800BAC478C7D} - \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start -> Keine Datei <==== ACHTUNG
Task: {32FAAA18-3DCE-4579-B103-6C51178C0E22} - System32\Tasks\HPCeeScheduleForjulia => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {4387A60B-29E8-479F-894F-0466AFBB76C7} - System32\Tasks\AsrAPPShop => C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe [2016-02-05] ()
Task: {471EA7B1-B69E-4FE6-9507-551F2D76CF4B} - System32\Tasks\cFos\Registration Tasks\Open Browser => Chrome.exe "hxxp://www.cfos.de/de/cfosspeed/documentation/keyboard-leds.htm?reg-10.10.2238-asrock"
Task: {4C90C93F-B372-447A-BAD9-4C877F578A53} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-30] (Dropbox, Inc.)
Task: {4CA7C5ED-61A5-4A08-B76C-971D3E54939A} - \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources -> Keine Datei <==== ACHTUNG
Task: {502B87CA-6578-4727-98E0-D5312A5A1A26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.)
Task: {50E75D14-4AFB-4ACB-823D-3611FAA325F0} - \HPCustParticipation HP Deskjet 3050A J611 series -> Keine Datei <==== ACHTUNG
Task: {760F7F73-70D6-4F7A-ACB0-CE52D03A6E5F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {849173CC-06EF-4522-99B4-34CDDAB5DA29} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> Keine Datei <==== ACHTUNG
Task: {8F0C3895-A13C-4DAC-A594-051736FCCC88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {9A8C6E8B-C1D2-4DCC-978C-F7856E76371A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
Task: {9ACE166C-F599-4125-86A4-5B4DB2491DC4} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {9C6A1060-F966-4927-B888-198454C7ADF3} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> Keine Datei <==== ACHTUNG
Task: {9E858082-438A-4EF2-B0C6-F930C7B617BB} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> Keine Datei <==== ACHTUNG
Task: {AB9FACDB-986A-4467-9238-8115E635C99F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.)
Task: {B1EF102A-D9C4-4BA0-8C3D-01C864291EB2} - \AMD Updater -> Keine Datei <==== ACHTUNG
Task: {C0A505F4-A735-439A-BD69-EC99BF450795} - System32\Tasks\AsrSP.exe => C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\AsrSP.exe [2014-12-02] ()
Task: {DA111EEE-D374-4720-B899-179957A0B716} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {E4F6F8E8-7CA4-4492-9371-6468BC21B942} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-30] (Dropbox, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForjulia.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-11-03 12:01 - 2016-10-31 17:11 - 01992256 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
2016-07-31 18:43 - 2016-07-06 14:20 - 01476160 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
2016-04-29 23:50 - 2014-07-31 15:17 - 00463112 _____ () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2016-09-15 04:24 - 2016-09-15 04:24 - 00423752 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-11-21 17:19 - 2016-11-21 17:19 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-29 23:51 - 2016-02-05 15:38 - 06134024 _____ () C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-06 21:41 - 2016-08-06 21:41 - 00959168 _____ () C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-09-14 08:17 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 18:18 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 18:18 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 18:18 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-11-23 08:47 - 2016-11-23 08:47 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-23 08:47 - 2016-11-23 08:47 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 07:54 - 2016-06-03 07:54 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-23 08:47 - 2016-11-23 08:47 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-23 08:47 - 2016-11-23 08:47 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2017-02-15 08:33 - 2017-02-15 08:33 - 03865088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-02-16 08:35 - 2017-02-16 08:35 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe
2017-02-16 08:35 - 2017-02-16 08:35 - 06538240 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\WhatsNew.Store.dll
2016-07-31 18:43 - 2016-07-06 14:20 - 00619584 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll
2016-10-01 17:37 - 2017-01-15 12:27 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2016-09-07 07:57 - 2016-08-11 09:34 - 00800912 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\communication.dll
2016-09-07 07:57 - 2016-08-11 09:34 - 00191632 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\npsp1.dll
2016-09-07 07:57 - 2016-08-11 09:34 - 00260752 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\npwmi.dll
2016-04-21 02:23 - 2017-01-16 08:34 - 09080360 _____ () C:\Program Files (x86)\AirDroid\Android.dll
2016-04-21 02:20 - 2017-01-16 08:34 - 00642088 _____ () C:\Program Files (x86)\AirDroid\System.Data.SQLite.dll
2016-08-06 21:41 - 2016-08-06 21:41 - 00679624 _____ () C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2017-02-06 19:13 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 19:13 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2016-09-01 23:14 - 2017-02-01 00:57 - 53478912 _____ () C:\Users\julia\AppData\Local\Amazon Music\libcef.dll
2016-09-01 23:14 - 2017-02-01 00:57 - 01976832 _____ () C:\Users\julia\AppData\Local\Amazon Music\libglesv2.dll
2016-09-01 23:14 - 2017-02-01 00:57 - 00075264 _____ () C:\Users\julia\AppData\Local\Amazon Music\libegl.dll
2017-02-15 08:44 - 2017-02-02 12:30 - 17840216 _____ () C:\Users\julia\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.221\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-04-29 11:54 - 2016-04-29 11:52 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\julia\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "XperiaCompanion"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "BigNox"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BE8EDC0C-73E0-4F9F-9C2E-06DDE5F03E9B}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe
FirewallRules: [{2227EE2C-CE55-45FB-B30E-62DC8230A899}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{30F3774D-AD02-45B3-B257-534DA49823C7}] => (Allow) C:\Users\julia\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{783C2224-7D58-48D8-AD4C-4B0B5C77B453}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{CF90C652-DC55-467E-BAC1-4DF8396B2C92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{E6E289E2-4AA2-40F5-ACA6-9C82995E68B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{E53E8737-385D-4ABE-B897-20BB0428F9D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{9BACBB96-FF86-4833-A8AF-0CF03B271854}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{9AB2427A-D301-4180-8CA0-4214ACCFDC3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{89B25E3E-040C-4F42-860C-8C29EBDC2477}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{F31FD7FA-96A5-42E7-A231-1FD1C5ECDCC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{DE177724-6098-43D0-8806-973ABCD8489B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{D761F58A-F839-48D7-99C4-55FC2B2D31AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{A7B83730-8336-4D8C-9855-F525F4B87FD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{DB0775A4-53C5-4D60-8B8F-3179817021C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{F9BB05C7-2A2A-47AA-A4C8-F67AA78B7F80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{97388F1B-476A-40C6-B599-72697B7ED5EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{AEAF1BD8-98C9-42F7-AC18-6186FD66BF03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{E9783289-E69A-4E06-9EAF-6EE9BCD26A7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{380E5670-8329-4A13-A453-1FCB2C92CEE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{11AEA279-FA35-443C-A14E-5AA0A7F496B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{BD8FDB87-DE06-432F-88BA-BC1C337988D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe
FirewallRules: [{31C13ED3-EFCB-40F3-ABB5-23F388D89AD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe
FirewallRules: [{6D7778AF-2ACA-4C81-8398-D5260FFCBE29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{9070EA33-9E66-4FCD-A375-B8D09CC4E587}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{6870B29C-5372-4701-8F42-D6DE725973DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transformice\Transformice.exe
FirewallRules: [{E5FA8FB3-D425-415A-B4AB-C6F08CB81390}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transformice\Transformice.exe
FirewallRules: [{C5EE77CF-1244-4FB7-BAD8-8979C065A7A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shakes & Fidget\Shakes and Fidget.exe
FirewallRules: [{D1CDF799-6265-4CD5-A626-94F4491BE72F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shakes & Fidget\Shakes and Fidget.exe
FirewallRules: [{74505E9A-F844-4FF4-A118-C989F71C77AE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D0F4A6E6-0E01-410A-99B6-349CB62D49AF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{98A6B571-7328-46CA-A786-18FA12118E8A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4BFA63AA-FB4E-4CBD-81D2-92E7FCAFDCD2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E9B7DABE-E09E-44E7-AC61-314074E4A507}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{290E19E0-A4C5-4803-A438-0E623CA48EE5}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{4F347DFD-A148-4E94-A8C2-19C58D774FCD}] => (Allow) C:\Users\julia\AppData\Local\Temp\7zS48E3\HPDiagnosticCoreUI.exe
FirewallRules: [{EF4D3B24-6D1A-4A4C-B8B8-232EE3665BFE}] => (Allow) C:\Users\julia\AppData\Local\Temp\7zS48E3\HPDiagnosticCoreUI.exe
FirewallRules: [{93BCAC83-2502-4ADE-A68A-50235D8FDC39}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{718492BD-2476-4DD7-ACFD-68AB1EA53F10}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D5F54F87-F1F2-47DF-B930-427698A21F72}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2FBA69FF-5B93-4B59-863C-F14782090247}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CDB8F4BC-F6B5-4AED-9C6B-FF33D179093F}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe
FirewallRules: [UDP Query User{B554B3E6-7C3B-4686-9087-B4E5C9C25893}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [TCP Query User{4C110523-B488-46B3-899F-EF71BBE24D74}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{748F1E3C-DECB-4B30-BF51-756112C3CD69}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{393AB3D0-4A56-48CE-BD65-1DEEE70B2C32}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{E976C55B-498B-4F14-8840-5CE9729A6F01}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [UDP Query User{211AA0BB-B2BF-4AF9-ABA8-82CFF5CC0E1E}C:\users\julia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julia\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4D4FCBF6-4215-4F30-9ECA-5C56A461A339}C:\users\julia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EAF9E66-9C4A-4D0A-B054-19C130287E25}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20BCDFFA-F48F-451F-9909-7564F609CD50}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9C1BE638-D25E-4253-BB83-CE781B3F37EB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{7E8694C3-45BB-4745-A308-C6A35808C8D1}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D2F959ED-037E-46F8-AD5E-3286E5F07D61}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [{74359E8A-16FD-4F59-B923-0FE364A84156}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{880A6D2F-EEAB-438E-8929-2631F3FAE283}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{903D728A-A328-40A1-B1E4-F918302DFD0B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{DF62B350-1B30-45B9-9F9A-0835826ECD8F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{40ECC61F-8402-4117-B87D-EB3BA1C6DF00}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{5201F840-C181-4ADF-B64F-BA586C2E85AF}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{88D0A7BC-0EC0-4F83-B6DA-3A76E49049FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B0853F73-EE22-4F33-BD5F-457343C80640}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D800BFC-875A-44C6-B3DE-9FA69B80A8F8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{030DB97E-3233-4BFA-A3C7-62C05B1472AD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{661DEAD1-BBE5-469E-9396-3681E714EF41}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{ACE30677-F83A-4849-8B62-F821F27DBE48}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{869C9BD8-D89B-478E-A6DD-98A98BAAD329}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{852DA3E8-FB7A-4E00-9A41-FD7EC5D20F76}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
==================== Wiederherstellungspunkte =========================
13-02-2017 09:06:51 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/16/2017 02:33:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ETD_GetSMART.exe, Version: 1.0.0.4, Zeitstempel: 0x573f7758
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00293638
ID des fehlerhaften Prozesses: 0x4fe4
Startzeit der fehlerhaften Anwendung: 0x01d2885931a9caed
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: b12fe7f9-0d9b-47a0-b988-f7a5adf13d07
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/16/2017 02:33:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ETD_GetSMART.exe, Version: 1.0.0.4, Zeitstempel: 0x573f7758
Name des fehlerhaften Moduls: ETD_GetSMART.exe, Version: 1.0.0.4, Zeitstempel: 0x573f7758
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000045fa
ID des fehlerhaften Prozesses: 0x4fe4
Startzeit der fehlerhaften Anwendung: 0x01d2885931a9caed
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe
Berichtskennung: ae11e0b3-8fd1-41fb-8d85-9929e5cee318
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/16/2017 02:33:21 PM) (Source: MsiInstaller) (EventID: 1002) (User: DESKTOP-N0N5AE6)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".
Error: (02/16/2017 02:33:00 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (02/16/2017 12:59:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SkypeHost.exe, Version 11.11.105.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 56cc
Startzeit: 01d288270497c647
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Berichts-ID: 554e57c2-f43f-11e6-918e-0013ef030494
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c
Auf das fehlerhafte Paket bezogene Anwendungs-ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (02/16/2017 12:59:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-N0N5AE6)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/16/2017 08:33:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-N0N5AE6)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/15/2017 12:57:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SkypeHost.exe, Version 11.11.105.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: ed8
Startzeit: 01d2877a2094278f
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Berichts-ID: dce15be5-f375-11e6-918e-0013ef030494
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c
Auf das fehlerhafte Paket bezogene Anwendungs-ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (02/15/2017 12:57:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-N0N5AE6)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/15/2017 11:56:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SkypeHost.exe, Version 11.11.105.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 4a40
Startzeit: 01d28777074ecf31
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Berichts-ID: 574d4097-f36d-11e6-918e-0013ef030494
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c
Auf das fehlerhafte Paket bezogene Anwendungs-ID: ppleae38af2e007f4358a809ac99a64a67c1
Systemfehler:
=============
Error: (02/16/2017 08:29:30 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/16/2017 12:24:27 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/15/2017 11:33:36 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/15/2017 10:30:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/15/2017 09:39:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/15/2017 09:39:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/15/2017 09:39:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/15/2017 09:39:55 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/15/2017 08:29:47 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/15/2017 12:18:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-02-13 19:49:26.594
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-02-06 15:30:22.008
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-02-05 20:23:11.527
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-02-05 19:25:05.946
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-02-03 19:14:25.480
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-30 17:39:50.482
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-30 17:39:49.524
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-09 13:09:05.578
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-09 13:09:05.167
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-05 15:58:00.988
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 16198.66 MB
Verfügbarer physikalischer RAM: 9397.97 MB
Summe virtueller Speicher: 18630.66 MB
Verfügbarer virtueller Speicher: 10752.4 MB
==================== Laufwerke ================================
Drive c: (Win10-Prof) (Fixed) (Total:931.02 GB) (Free:738.13 GB) NTFS
Drive e: (INTENSO) (Fixed) (Total:1863.01 GB) (Free:209.7 GB) NTFS
Drive f: (Elements) (Fixed) (Total:1397.26 GB) (Free:35.59 GB) NTFS
Drive g: (INTENSO ALT) (Fixed) (Total:1863.01 GB) (Free:960.39 GB) NTFS
Drive h: (INTENSO) (Fixed) (Total:698.63 GB) (Free:352.49 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FB5E5C55)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 1322A89A)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 698.6 GB) (Disk ID: 08E2026F)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 4D49C8E7)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 1397.3 GB) (Disk ID: 000AEA9D)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
16.02.2017, 18:54
| #7 |
| | Probleme mit Maleware oder Trojaner nach Toolbar InstallationCode:
ATTFilter 18:34:11.0550 0x0698 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
18:34:16.0495 0x0698 ============================================================
18:34:16.0495 0x0698 Current date / time: 2017/02/16 18:34:16.0495
18:34:16.0495 0x0698 SystemInfo:
18:34:16.0496 0x0698
18:34:16.0496 0x0698 OS Version: 10.0.14393 ServicePack: 0.0
18:34:16.0496 0x0698 Product type: Workstation
18:34:16.0496 0x0698 ComputerName: DESKTOP-N0N5AE6
18:34:16.0496 0x0698 UserName: julia
18:34:16.0496 0x0698 Windows directory: C:\WINDOWS
18:34:16.0496 0x0698 System windows directory: C:\WINDOWS
18:34:16.0496 0x0698 Running under WOW64
18:34:16.0496 0x0698 Processor architecture: Intel x64
18:34:16.0496 0x0698 Number of processors: 4
18:34:16.0496 0x0698 Page size: 0x1000
18:34:16.0496 0x0698 Boot type: Normal boot
18:34:16.0496 0x0698 CodeIntegrityOptions = 0x00000001
18:34:16.0496 0x0698 ============================================================
18:34:16.0712 0x0698 KLMD registered as C:\WINDOWS\system32\drivers\13929998.sys
18:34:16.0712 0x0698 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
18:34:16.0836 0x0698 System UUID: {3621A839-9A77-6A58-849F-E7071E6DF660}
18:34:17.0164 0x0698 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:34:17.0172 0x0698 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:17.0175 0x0698 Drive \Device\Harddisk2\DR2 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:17.0180 0x0698 Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:17.0183 0x0698 Drive \Device\Harddisk4\DR4 - Size: 0x15D50D00000 ( 1397.26 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:34:17.0186 0x0698 ============================================================
18:34:17.0186 0x0698 \Device\Harddisk0\DR0:
18:34:17.0186 0x0698 MBR partitions:
18:34:17.0186 0x0698 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
18:34:17.0186 0x0698 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x7460BDB0
18:34:17.0186 0x0698 \Device\Harddisk1\DR1:
18:34:17.0186 0x0698 MBR partitions:
18:34:17.0186 0x0698 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E06CC1
18:34:17.0186 0x0698 \Device\Harddisk2\DR2:
18:34:17.0187 0x0698 MBR partitions:
18:34:17.0187 0x0698 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57544B01
18:34:17.0187 0x0698 \Device\Harddisk3\DR3:
18:34:17.0402 0x0698 MBR partitions:
18:34:17.0402 0x0698 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E06CC1
18:34:17.0402 0x0698 \Device\Harddisk4\DR4:
18:34:17.0403 0x0698 MBR partitions:
18:34:17.0403 0x0698 \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86000
18:34:17.0403 0x0698 ============================================================
18:34:17.0434 0x0698 C: <-> \Device\Harddisk0\DR0\Partition2
18:34:17.0463 0x0698 E: <-> \Device\Harddisk1\DR1\Partition1
18:34:17.0490 0x0698 F: <-> \Device\Harddisk4\DR4\Partition1
18:34:17.0525 0x0698 G: <-> \Device\Harddisk3\DR3\Partition1
18:34:17.0930 0x0698 H: <-> \Device\Harddisk2\DR2\Partition1
18:34:17.0930 0x0698 ============================================================
18:34:17.0930 0x0698 Initialize success
18:34:17.0930 0x0698 ============================================================
18:36:41.0510 0x49d8 ============================================================
18:36:41.0510 0x49d8 Scan started
18:36:41.0510 0x49d8 Mode: Manual; SigCheck; TDLFS;
18:36:41.0510 0x49d8 ============================================================
18:36:41.0510 0x49d8 KSN ping started
18:37:01.0574 0x49d8 KSN ping finished: true
18:37:04.0868 0x49d8 ================ Scan system memory ========================
18:37:04.0868 0x49d8 System memory - ok
18:37:04.0870 0x49d8 ================ Scan services =============================
18:37:05.0078 0x49d8 1394ohci - ok
18:37:05.0085 0x49d8 3ware - ok
18:37:05.0103 0x49d8 ACPI - ok
18:37:05.0110 0x49d8 AcpiDev - ok
18:37:05.0117 0x49d8 acpiex - ok
18:37:05.0125 0x49d8 acpipagr - ok
18:37:05.0160 0x49d8 AcpiPmi - ok
18:37:05.0166 0x49d8 acpitime - ok
18:37:05.0231 0x49d8 [ 295D6A7FC220634C8E6F5F27A6EDAEE7, 155C83D1E359764A25B97B050B8ED6ABB5FF742D00401004206A4616434EE3D4 ] AdaptiveSleepService C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
18:37:05.0298 0x49d8 AdaptiveSleepService - ok
18:37:05.0400 0x49d8 [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:37:05.0409 0x49d8 AdobeARMservice - ok
18:37:05.0418 0x49d8 ADP80XX - ok
18:37:05.0441 0x49d8 AFD - ok
18:37:05.0451 0x49d8 ahcache - ok
18:37:05.0458 0x49d8 AJRouter - ok
18:37:05.0469 0x49d8 ALG - ok
18:37:05.0501 0x49d8 [ 52E0D15D162A6C02E58C5E9E91155031, 09BB2288929D853CAFA25A741CB540E20BDEF421E3E41BFF5BEF78D786021F5A ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
18:37:05.0517 0x49d8 AMD External Events Utility - ok
18:37:05.0566 0x49d8 [ 08E3B9567A6FDD17A69956BA80F1E2D6, 179C4A09E51A41289C1AA11E778EB09E877A7F45FB5D54216F58D3EAF1FA88C4 ] amdacpksd C:\WINDOWS\system32\drivers\amdacpksd.sys
18:37:05.0580 0x49d8 amdacpksd - ok
18:37:05.0586 0x49d8 AmdK8 - ok
18:37:05.0621 0x49d8 [ B28145E732EDEBBEDABC311DBA56D52A, 43745C17A3AC2A7A6FB0DBF1A2158C6B365198581E8E3B1F7E7E9EE9763A2735 ] amdkmafd C:\WINDOWS\system32\drivers\amdkmafd.sys
18:37:05.0630 0x49d8 amdkmafd - ok
18:37:05.0686 0x49d8 amdkmdag - ok
18:37:05.0723 0x49d8 [ 8B5782CA9386724048F11C1607425B31, B398B8547B5BB806B73211A3C40EC0337B2D5274F17DD0F7FFDCC91CA853DA7B ] amdkmdap C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys
18:37:05.0744 0x49d8 amdkmdap - ok
18:37:05.0751 0x49d8 AmdPPM - ok
18:37:05.0756 0x49d8 amdsata - ok
18:37:05.0762 0x49d8 amdsbs - ok
18:37:05.0767 0x49d8 amdxata - ok
18:37:05.0772 0x49d8 AppID - ok
18:37:05.0778 0x49d8 AppIDSvc - ok
18:37:05.0784 0x49d8 Appinfo - ok
18:37:05.0790 0x49d8 applockerfltr - ok
18:37:05.0796 0x49d8 AppMgmt - ok
18:37:05.0876 0x49d8 [ CF75D615A823FB3A0F8AA87CC53BE4AB, 6ACA246D12A6EA95AEDEE1FF99A6A1BA25000A47AB095E8B72C9352E82E9A21A ] AppObserver C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\appobserver64.sys
18:37:05.0885 0x49d8 AppObserver - ok
18:37:05.0920 0x49d8 AppReadiness - ok
18:37:05.0958 0x49d8 AppVClient - ok
18:37:05.0971 0x49d8 AppvStrm - ok
18:37:05.0992 0x49d8 AppvVemgr - ok
18:37:06.0002 0x49d8 AppvVfs - ok
18:37:06.0026 0x49d8 AppXSvc - ok
18:37:06.0032 0x49d8 arcsas - ok
18:37:06.0055 0x49d8 [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys
18:37:06.0064 0x49d8 AsrAppCharger - ok
18:37:06.0200 0x49d8 [ 75D6C3469347DE1CDFA3B1B9F1544208, 2AA1B08F47FBB1E2BD2E4A492F5D616968E703E1359A921F62B38B8E4662F0C4 ] AsrAutoChkUpdDrv C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys
18:37:06.0207 0x49d8 AsrAutoChkUpdDrv - ok
18:37:06.0244 0x49d8 [ 1A234F4643F5658BAB07BFA611282267, F40435488389B4FB3B945CA21A8325A51E1B5F80F045AB019748D0EC66056A8B ] AsrDrv101 C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys
18:37:06.0262 0x49d8 AsrDrv101 - ok
18:37:06.0306 0x49d8 [ A16DACE95B82683C852CD18578162735, 6E3663B43FB18BFD3B47A63297FA251C467D7B3C7B70020FC87DEAD8F0882B37 ] ASRockIOMon C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
18:37:06.0329 0x49d8 ASRockIOMon - ok
18:37:06.0352 0x49d8 [ A149C93231945A5118C63AEACA6D1E72, 60B28184585B389751FCF71651A139D74018DE04AEBF4A497835AF727B64BD53 ] AsrRamDisk C:\WINDOWS\system32\drivers\AsrRamDisk.sys
18:37:06.0361 0x49d8 AsrRamDisk - ok
18:37:06.0367 0x49d8 AsyncMac - ok
18:37:06.0374 0x49d8 atapi - ok
18:37:06.0410 0x49d8 [ FD9A5BCC3AFB02E87668B749546B6229, 4BE969A11CEE8033F40EDE7E06A5904B328D3FC1842855C0DB38D5EEF458219C ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
18:37:06.0430 0x49d8 AtiHDAudioService - ok
18:37:06.0456 0x49d8 [ 9BD46423250EE6D39A2647B7BB89BFC3, 4D8499F5E170E42C22932FA519444A8A37190D7DFA0F449F016436ADEBC85865 ] ATP C:\WINDOWS\System32\drivers\AsusTP.sys
18:37:06.0466 0x49d8 ATP - ok
18:37:06.0471 0x49d8 AudioEndpointBuilder - ok
18:37:06.0487 0x49d8 Audiosrv - ok
18:37:06.0661 0x49d8 [ F6C322B06ABB622B32115BF32EEE253B, F06D265DDD56A052ACFBB46DD057E246FCF3F65457133D98C1EA130E0DDFEAFE ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
18:37:06.0782 0x49d8 AVKProxy - ok
18:37:06.0847 0x49d8 [ 98DAE6FDBEF58BF07E9650DF3B729C8A, F5B81DA51AE357A6EB094561AC4ECC4E1263FBC7D111579A888BDD6DC51C7C76 ] AVKService C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe
18:37:06.0877 0x49d8 AVKService - ok
18:37:06.0967 0x49d8 [ 580D451B3F20565634D048D7B229EE40, 36CD7EA285F908BEA1E8E68C6CC29CD5A70E23DB38C5E2D1A41684A62FF17AEA ] AVKWCtl C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
18:37:07.0044 0x49d8 AVKWCtl - ok
18:37:07.0065 0x49d8 AxInstSV - ok
18:37:07.0070 0x49d8 b06bdrv - ok
18:37:07.0076 0x49d8 BasicDisplay - ok
18:37:07.0081 0x49d8 BasicRender - ok
18:37:07.0091 0x49d8 bcmfn - ok
18:37:07.0097 0x49d8 bcmfn2 - ok
18:37:07.0110 0x49d8 BDESVC - ok
18:37:07.0127 0x49d8 Beep - ok
18:37:07.0135 0x49d8 BFE - ok
18:37:07.0144 0x49d8 BITS - ok
18:37:07.0213 0x49d8 [ 3F56903E124E820AEECE6D471583C6C1, B3C045AFACC8A8F5DC289ADE9ACFB2FE7F9CA24A900BBAED47E2A63837208CB3 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
18:37:07.0226 0x49d8 Bonjour Service - ok
18:37:07.0246 0x49d8 bowser - ok
18:37:07.0262 0x49d8 BrokerInfrastructure - ok
18:37:07.0268 0x49d8 Browser - ok
18:37:07.0285 0x49d8 BthAvrcpTg - ok
18:37:07.0290 0x49d8 BthHFEnum - ok
18:37:07.0296 0x49d8 bthhfhid - ok
18:37:07.0307 0x49d8 BthHFSrv - ok
18:37:07.0312 0x49d8 BTHMODEM - ok
18:37:07.0320 0x49d8 bthserv - ok
18:37:07.0326 0x49d8 buttonconverter - ok
18:37:07.0331 0x49d8 CapImg - ok
18:37:07.0337 0x49d8 cdfs - ok
18:37:07.0352 0x49d8 CDPSvc - ok
18:37:07.0371 0x49d8 CDPUserSvc - ok
18:37:07.0407 0x49d8 cdrom - ok
18:37:07.0418 0x49d8 CertPropSvc - ok
18:37:07.0521 0x49d8 [ 512C91F1261CC0463CAC3C12F142669A, BF70A3128CE50B0FAFEB35353494D750E56D686C30F399F0234AA9242DB19031 ] cfosspeed C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys
18:37:07.0574 0x49d8 cfosspeed - ok
18:37:07.0705 0x49d8 [ A9A581F2C8F06C083831A996742375BE, 7A7DC106FF149703A17330F670B9A94578664BBD844F5BBD32B5832A221BE934 ] cFosSpeedS C:\Program Files\ASRock\XFast LAN\spd.exe
18:37:07.0734 0x49d8 cFosSpeedS - ok
18:37:07.0740 0x49d8 cht4iscsi - ok
18:37:07.0745 0x49d8 cht4vbd - ok
18:37:07.0754 0x49d8 circlass - ok
18:37:07.0771 0x49d8 CLFS - ok
18:37:07.0776 0x49d8 ClipSVC - ok
18:37:07.0781 0x49d8 clreg - ok
18:37:07.0796 0x49d8 CmBatt - ok
18:37:07.0802 0x49d8 CNG - ok
18:37:07.0807 0x49d8 cnghwassist - ok
18:37:07.0857 0x49d8 CompositeBus - ok
18:37:07.0868 0x49d8 COMSysApp - ok
18:37:07.0875 0x49d8 condrv - ok
18:37:07.0920 0x49d8 CoreMessagingRegistrar - ok
18:37:07.0933 0x49d8 CryptSvc - ok
18:37:07.0940 0x49d8 CSC - ok
18:37:07.0947 0x49d8 CscService - ok
18:37:07.0955 0x49d8 dam - ok
18:37:08.0012 0x49d8 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
18:37:08.0023 0x49d8 dbupdate - ok
18:37:08.0032 0x49d8 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
18:37:08.0042 0x49d8 dbupdatem - ok
18:37:08.0047 0x49d8 dbx - ok
18:37:08.0071 0x49d8 [ 2C5A991F0320D95BAC80D0C31F43A79E, CC7887132AF15C77676A3186429FE0071DCC8DC9C6252314D99C02E54867BE10 ] DbxSvc C:\WINDOWS\system32\DbxSvc.exe
18:37:08.0083 0x49d8 DbxSvc - ok
18:37:08.0103 0x49d8 DcomLaunch - ok
18:37:08.0108 0x49d8 DcpSvc - ok
18:37:08.0114 0x49d8 defragsvc - ok
18:37:08.0130 0x49d8 DeviceAssociationService - ok
18:37:08.0145 0x49d8 DeviceInstall - ok
18:37:08.0151 0x49d8 DevQueryBroker - ok
18:37:08.0166 0x49d8 Dfsc - ok
18:37:08.0198 0x49d8 [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
18:37:08.0210 0x49d8 dg_ssudbus - ok
18:37:08.0233 0x49d8 Dhcp - ok
18:37:08.0259 0x49d8 diagnosticshub.standardcollector.service - ok
18:37:08.0271 0x49d8 DiagTrack - ok
18:37:08.0276 0x49d8 disk - ok
18:37:08.0307 0x49d8 DmEnrollmentSvc - ok
18:37:08.0315 0x49d8 dmvsc - ok
18:37:08.0320 0x49d8 dmwappushservice - ok
18:37:08.0332 0x49d8 Dnscache - ok
18:37:08.0339 0x49d8 dot3svc - ok
18:37:08.0362 0x49d8 DPS - ok
18:37:08.0371 0x49d8 drmkaud - ok
18:37:08.0378 0x49d8 DsmSvc - ok
18:37:08.0383 0x49d8 DsSvc - ok
18:37:08.0399 0x49d8 DXGKrnl - ok
18:37:08.0405 0x49d8 EapHost - ok
18:37:08.0420 0x49d8 ebdrv - ok
18:37:08.0454 0x49d8 EFS - ok
18:37:08.0470 0x49d8 EhStorClass - ok
18:37:08.0491 0x49d8 EhStorTcgDrv - ok
18:37:08.0497 0x49d8 embeddedmode - ok
18:37:08.0536 0x49d8 EntAppSvc - ok
18:37:08.0541 0x49d8 ErrDev - ok
18:37:08.0552 0x49d8 EventSystem - ok
18:37:08.0557 0x49d8 exfat - ok
18:37:08.0562 0x49d8 fastfat - ok
18:37:08.0579 0x49d8 Fax - ok
18:37:08.0585 0x49d8 fdc - ok
18:37:08.0600 0x49d8 fdPHost - ok
18:37:08.0605 0x49d8 FDResPub - ok
18:37:08.0639 0x49d8 fhsvc - ok
18:37:08.0669 0x49d8 FileCrypt - ok
18:37:08.0674 0x49d8 FileInfo - ok
18:37:08.0679 0x49d8 Filetrace - ok
18:37:08.0684 0x49d8 flpydisk - ok
18:37:08.0690 0x49d8 FltMgr - ok
18:37:08.0720 0x49d8 FontCache - ok
18:37:08.0798 0x49d8 FontCache3.0.0.0 - ok
18:37:08.0819 0x49d8 FrameServer - ok
18:37:08.0825 0x49d8 FsDepends - ok
18:37:08.0830 0x49d8 Fs_Rec - ok
18:37:08.0870 0x49d8 fvevol - ok
18:37:09.0033 0x49d8 [ 5B687E80548998161B11E093150A3215, 7C29D725B69FBFD2A1C762D4567E8252A03246F36551389E98D4AF6F516B6100 ] GDBackupSvc C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe
18:37:09.0130 0x49d8 GDBackupSvc - ok
18:37:09.0170 0x49d8 [ 3F24DCB0037A0121C220CB8EAF9A340D, 6F1EED1A2FE31D03EF2050D6B124BD5782020B7B7A6862FE6FCA0F4C2481BFAF ] GDBehave C:\WINDOWS\system32\drivers\GDBehave.sys
18:37:09.0182 0x49d8 GDBehave - ok
18:37:09.0212 0x49d8 [ 1314062567B9ED86BFFDE5D8C48C52AE, 01DE02308E478F50DBFE4C6EAE9D0C052C1575283F2C182388E2028F3BF2E756 ] GDElam C:\WINDOWS\system32\DRIVERS\GDElam.sys
18:37:09.0228 0x49d8 GDElam - ok
18:37:09.0321 0x49d8 [ EC7C7AEE53383D2FABB98B05F63514FF, 149633A96E9803F168D3EF0A3182529D0247FFB748021F262F1D19F2C993FCF8 ] GDFwSvc C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
18:37:09.0404 0x49d8 GDFwSvc - ok
18:37:09.0441 0x49d8 [ DD7D5196EB9C4321EA57B668AF873840, 0E934032911203A22BC84519F303061703DF503F19382ACDE37AAD53FCBEDF1A ] GDKBB C:\WINDOWS\system32\drivers\GDKBB64.sys
18:37:09.0450 0x49d8 GDKBB - ok
18:37:09.0479 0x49d8 [ 4A9000A1B02C394CD2C5E6450A04002D, E979C07888C4E20D3037E60A1A48501A0B3EC905C407781B6D437314851E1C32 ] GDKBFlt C:\WINDOWS\system32\drivers\GDKBFlt64.sys
18:37:09.0489 0x49d8 GDKBFlt - ok
18:37:09.0526 0x49d8 [ EE1927F18C9298D96A47017272D591E8, 6D880B43969B41636D520962BD77DD3FA59374903F6E72354610DFC01306E7EE ] GDMnIcpt C:\WINDOWS\system32\drivers\MiniIcpt.sys
18:37:09.0540 0x49d8 GDMnIcpt - ok
18:37:09.0555 0x49d8 [ DC5200C3055D6EB5355F8975FB38E9EE, 6E1E059DDEF04F1B0761570B75BF2914256243F1398E682BF4DF00AF3CE44585 ] GDPkIcpt C:\WINDOWS\system32\drivers\PktIcpt.sys
18:37:09.0566 0x49d8 GDPkIcpt - ok
18:37:09.0600 0x49d8 [ 1FCEE46DEFDF64DC7E1939E3F9E56718, CED8A28472AF234DED48AE0EB38CC697F50B7D9BF0BDBDE2F9D29CEE9DF0454E ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
18:37:09.0626 0x49d8 GDScan - ok
18:37:09.0644 0x49d8 [ 4E294DB229885177DA056A3471476A19, CEC297E50B96650CB822C5D6BD89FF9DD96311A2A07692935C101F39F6A89BBA ] gdwfpcd C:\WINDOWS\system32\drivers\gdwfpcd64.sys
18:37:09.0656 0x49d8 gdwfpcd - ok
18:37:09.0662 0x49d8 gencounter - ok
18:37:09.0667 0x49d8 genericusbfn - ok
18:37:09.0721 0x49d8 [ 006537C2E4E3501C48893B3E862B85BE, 1E67B67E8CA546D3811F53D56FA58E913DCD4B4E1300A2373DCAF04D3B2770BC ] GfK-NetworkMeter C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe
18:37:09.0759 0x49d8 GfK-NetworkMeter - ok
18:37:09.0838 0x49d8 [ 73260AE94F97F8839836E09090130AAB, 76169687A230805FDAB74453BABD889BEFCB777B0B9E6D1DBC72FFA1F9EDD5C3 ] GfK-Reporting-Service C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
18:37:09.0889 0x49d8 GfK-Reporting-Service - ok
18:37:09.0954 0x49d8 [ FA18DAFE475969EEB83706E165515A52, F7642CFDD1D9B1F8418D57C55A5142CA2DD09A318E5520940F5EFF965F94EAC9 ] GfK-Update-Service C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
18:37:09.0992 0x49d8 GfK-Update-Service - ok
18:37:10.0000 0x49d8 GPIOClx0101 - ok
18:37:10.0005 0x49d8 gpsvc - ok
18:37:10.0010 0x49d8 GpuEnergyDrv - ok
18:37:10.0034 0x49d8 [ 6809BA27F97EAFC5C30F743E30DE1DB6, BAC1E0E4542B9917731FD50B1A646CFDA31679FDF2A5A875742AA88600847547 ] GRD C:\WINDOWS\system32\drivers\GRD.sys
18:37:10.0046 0x49d8 GRD - ok
18:37:10.0100 0x49d8 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:37:10.0122 0x49d8 gupdate - ok
18:37:10.0138 0x49d8 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:37:10.0154 0x49d8 gupdatem - ok
18:37:10.0163 0x49d8 HDAudBus - ok
18:37:10.0171 0x49d8 HidBatt - ok
18:37:10.0179 0x49d8 HidBth - ok
18:37:10.0185 0x49d8 hidi2c - ok
18:37:10.0192 0x49d8 hidinterrupt - ok
18:37:10.0197 0x49d8 HidIr - ok
18:37:10.0215 0x49d8 hidserv - ok
18:37:10.0243 0x49d8 [ 38DA94B6DD8022DA43810E4328608E54, ACE0A36143FF37BC42F136DB7317028540D1C0F21A5FD13F67E1A3DB2426A5EA ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
18:37:10.0255 0x49d8 HIDSwitch - ok
18:37:10.0275 0x49d8 HidUsb - ok
18:37:10.0293 0x49d8 HomeGroupListener - ok
18:37:10.0311 0x49d8 HomeGroupProvider - ok
18:37:10.0331 0x49d8 [ FEDBFAFC5BAD0AE52ADE4DF75DBFF69F, A16CED31C64EAA92FE1BB4194A5124476BD53459F4B758ED504F2CFB31D6A580 ] HookCentre C:\WINDOWS\system32\drivers\HookCentre.sys
18:37:10.0343 0x49d8 HookCentre - ok
18:37:10.0349 0x49d8 HpSAMD - ok
18:37:10.0390 0x49d8 [ EC80F3ECC5F8543E22BBCB037D837CA9, 23A4AE80A6C317CE77BD9D352CD9CED8649E3AD98A7C0A2044138BB20B46F398 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
18:37:10.0399 0x49d8 HPSupportSolutionsFrameworkService - ok
18:37:10.0414 0x49d8 HTTP - ok
18:37:10.0438 0x49d8 HvHost - ok
18:37:10.0468 0x49d8 hvservice - ok
18:37:10.0473 0x49d8 hwpolicy - ok
18:37:10.0479 0x49d8 hyperkbd - ok
18:37:10.0495 0x49d8 i8042prt - ok
18:37:10.0500 0x49d8 iagpio - ok
18:37:10.0506 0x49d8 iai2c - ok
18:37:10.0512 0x49d8 iaLPSS2i_GPIO2 - ok
18:37:10.0517 0x49d8 iaLPSS2i_I2C - ok
18:37:10.0524 0x49d8 iaLPSSi_GPIO - ok
18:37:10.0530 0x49d8 iaLPSSi_I2C - ok
18:37:10.0536 0x49d8 iaStorAV - ok
18:37:10.0542 0x49d8 iaStorV - ok
18:37:10.0549 0x49d8 ibbus - ok
18:37:10.0586 0x49d8 icssvc - ok
18:37:10.0592 0x49d8 IKEEXT - ok
18:37:10.0598 0x49d8 IndirectKmd - ok
18:37:10.0728 0x49d8 [ 7F08B78B1516626869FB44A61EFDF566, C585902D4F6E36A44097C192CCF19F1947F99C86A7BB77E83C0BE475F0151161 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
18:37:10.0839 0x49d8 IntcAzAudAddService - ok
18:37:10.0852 0x49d8 intelide - ok
18:37:10.0858 0x49d8 intelpep - ok
18:37:10.0864 0x49d8 intelppm - ok
18:37:10.0888 0x49d8 iorate - ok
18:37:10.0894 0x49d8 IpFilterDriver - ok
18:37:10.0914 0x49d8 iphlpsvc - ok
18:37:10.0920 0x49d8 IPMIDRV - ok
18:37:10.0928 0x49d8 IPNAT - ok
18:37:10.0933 0x49d8 irda - ok
18:37:10.0940 0x49d8 IRENUM - ok
18:37:10.0947 0x49d8 irmon - ok
18:37:10.0954 0x49d8 isapnp - ok
18:37:10.0961 0x49d8 iScsiPrt - ok
18:37:10.0977 0x49d8 [ DD1F43B86AD84E53203F92FD3EF3AEB6, 9DE2BA80B315E56DF2E74EAA65F4ECB8324DFC19E30EB56EDDF08340AB100E87 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
18:37:10.0990 0x49d8 iwdbus - ok
18:37:11.0006 0x49d8 kbdclass - ok
18:37:11.0025 0x49d8 kbdhid - ok
18:37:11.0030 0x49d8 kdnic - ok
18:37:11.0036 0x49d8 KeyIso - ok
18:37:11.0054 0x49d8 KSecDD - ok
18:37:11.0061 0x49d8 KSecPkg - ok
18:37:11.0067 0x49d8 ksthunk - ok
18:37:11.0073 0x49d8 KtmRm - ok
18:37:11.0079 0x49d8 LanmanServer - ok
18:37:11.0096 0x49d8 LanmanWorkstation - ok
18:37:11.0104 0x49d8 lfsvc - ok
18:37:11.0136 0x49d8 LicenseManager - ok
18:37:11.0142 0x49d8 lltdio - ok
18:37:11.0149 0x49d8 lltdsvc - ok
18:37:11.0157 0x49d8 lmhosts - ok
18:37:11.0167 0x49d8 LSI_SAS - ok
18:37:11.0174 0x49d8 LSI_SAS2i - ok
18:37:11.0180 0x49d8 LSI_SAS3i - ok
18:37:11.0186 0x49d8 LSI_SSS - ok
18:37:11.0206 0x49d8 LSM - ok
18:37:11.0211 0x49d8 luafv - ok
18:37:11.0224 0x49d8 MapsBroker - ok
18:37:11.0243 0x49d8 [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
18:37:11.0254 0x49d8 MBAMProtector - ok
18:37:11.0305 0x49d8 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
18:37:11.0338 0x49d8 MBAMService - ok
18:37:11.0364 0x49d8 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
18:37:11.0378 0x49d8 MBAMSwissArmy - ok
18:37:11.0390 0x49d8 [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
18:37:11.0399 0x49d8 MBAMWebAccessControl - ok
18:37:11.0410 0x49d8 [ C91B758B4AB1ECEA34AEDA851E05B5D9, 73BA1CAD3CAEE87F5855ED0F4E1F3A96FACA656D1C935B56CC4B5D5AEBF7191C ] MBI C:\WINDOWS\System32\drivers\MBI.sys
18:37:11.0420 0x49d8 MBI - ok
18:37:11.0427 0x49d8 megasas - ok
18:37:11.0459 0x49d8 megasas2i - ok
18:37:11.0466 0x49d8 megasr - ok
18:37:11.0473 0x49d8 MessagingService - ok
18:37:11.0499 0x49d8 mlx4_bus - ok
18:37:11.0504 0x49d8 MMCSS - ok
18:37:11.0511 0x49d8 Modem - ok
18:37:11.0526 0x49d8 monitor - ok
18:37:11.0532 0x49d8 mouclass - ok
18:37:11.0537 0x49d8 mouhid - ok
18:37:11.0543 0x49d8 mountmgr - ok
18:37:11.0577 0x49d8 [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:37:11.0607 0x49d8 MozillaMaintenance - ok
18:37:11.0613 0x49d8 mpsdrv - ok
18:37:11.0619 0x49d8 MpsSvc - ok
18:37:11.0625 0x49d8 MRxDAV - ok
18:37:11.0642 0x49d8 mrxsmb - ok
18:37:11.0672 0x49d8 mrxsmb10 - ok
18:37:11.0678 0x49d8 mrxsmb20 - ok
18:37:11.0689 0x49d8 MsBridge - ok
18:37:11.0699 0x49d8 MSDTC - ok
18:37:11.0710 0x49d8 Msfs - ok
18:37:11.0717 0x49d8 msgpiowin32 - ok
18:37:11.0723 0x49d8 mshidkmdf - ok
18:37:11.0729 0x49d8 mshidumdf - ok
18:37:11.0737 0x49d8 msisadrv - ok
18:37:11.0756 0x49d8 MSiSCSI - ok
18:37:11.0761 0x49d8 msiserver - ok
18:37:11.0767 0x49d8 MSKSSRV - ok
18:37:11.0774 0x49d8 MsLldp - ok
18:37:11.0780 0x49d8 MSPCLOCK - ok
18:37:11.0786 0x49d8 MSPQM - ok
18:37:11.0794 0x49d8 MsRPC - ok
18:37:11.0803 0x49d8 MsSecFlt - ok
18:37:11.0811 0x49d8 mssmbios - ok
18:37:11.0816 0x49d8 MSTEE - ok
18:37:11.0823 0x49d8 MTConfig - ok
18:37:11.0829 0x49d8 Mup - ok
18:37:11.0835 0x49d8 mvumis - ok
18:37:11.0852 0x49d8 NativeWifiP - ok
18:37:11.0859 0x49d8 NcaSvc - ok
18:37:11.0879 0x49d8 NcbService - ok
18:37:11.0884 0x49d8 NcdAutoSetup - ok
18:37:11.0891 0x49d8 ndfltr - ok
18:37:11.0903 0x49d8 NDIS - ok
18:37:11.0909 0x49d8 NdisCap - ok
18:37:11.0933 0x49d8 NdisImPlatform - ok
18:37:11.0939 0x49d8 NdisTapi - ok
18:37:11.0945 0x49d8 Ndisuio - ok
18:37:11.0952 0x49d8 NdisVirtualBus - ok
18:37:11.0960 0x49d8 NdisWan - ok
18:37:11.0965 0x49d8 ndiswanlegacy - ok
18:37:11.0971 0x49d8 ndproxy - ok
18:37:11.0977 0x49d8 Ndu - ok
18:37:11.0983 0x49d8 NetAdapterCx - ok
18:37:11.0989 0x49d8 NetBIOS - ok
18:37:11.0998 0x49d8 NetBT - ok
18:37:12.0003 0x49d8 Netlogon - ok
18:37:12.0010 0x49d8 Netman - ok
18:37:12.0017 0x49d8 netprofm - ok
18:37:12.0030 0x49d8 NetSetupSvc - ok
18:37:12.0051 0x49d8 NetTcpPortSharing - ok
18:37:12.0060 0x49d8 NgcCtnrSvc - ok
18:37:12.0066 0x49d8 NgcSvc - ok
18:37:12.0176 0x49d8 [ D071420836523656737B7D8252175B17, F88822A2A88ACE2EF3F3C5DF61671F8E2846F38D6405CE795D835C8406EC79B3 ] NielsenUpdate C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
18:37:12.0255 0x49d8 NielsenUpdate - ok
18:37:12.0266 0x49d8 NlaSvc - ok
18:37:12.0326 0x49d8 [ 1FB571692EDEFEE0DC1A10DA33113C10, 35BB050759232338F28C1304EB9DE89DC63B87989AC60C4AEDEBDB2A4F407BDB ] nnfwdk C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\nnfwdk64.sys
18:37:12.0334 0x49d8 nnfwdk - ok
18:37:12.0340 0x49d8 Npfs - ok
18:37:12.0348 0x49d8 npsvctrig - ok
18:37:12.0355 0x49d8 nsi - ok
18:37:12.0362 0x49d8 nsiproxy - ok
18:37:12.0379 0x49d8 NTFS - ok
18:37:12.0385 0x49d8 Null - ok
18:37:12.0394 0x49d8 nvraid - ok
18:37:12.0400 0x49d8 nvstor - ok
18:37:12.0423 0x49d8 OneSyncSvc - ok
18:37:12.0556 0x49d8 [ 3E498CE04DD40C60769854DF2CE8D21D, 28B9331787FE598A79E40DA839B022D353280BE0E8F0D20CE4AAB6284866DE48 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:37:12.0614 0x49d8 Origin Client Service - ok
18:37:12.0685 0x49d8 [ B66980E730FEF1E31BE39B09F55514A1, 756F7695AB112FB2FEBA905F5F9E7C9435823195DE164AF60071457BC047535E ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
18:37:12.0742 0x49d8 Origin Web Helper Service - ok
18:37:12.0765 0x49d8 p2pimsvc - ok
18:37:12.0774 0x49d8 p2psvc - ok
18:37:12.0779 0x49d8 Parport - ok
18:37:12.0794 0x49d8 partmgr - ok
18:37:12.0824 0x49d8 PcaSvc - ok
18:37:12.0843 0x49d8 pci - ok
18:37:12.0860 0x49d8 pciide - ok
18:37:12.0865 0x49d8 pcmcia - ok
18:37:12.0871 0x49d8 pcw - ok
18:37:12.0886 0x49d8 pdc - ok
18:37:12.0912 0x49d8 PEAUTH - ok
18:37:12.0918 0x49d8 PeerDistSvc - ok
18:37:12.0923 0x49d8 percsas2i - ok
18:37:12.0929 0x49d8 percsas3i - ok
18:37:13.0002 0x49d8 PerfHost - ok
18:37:13.0039 0x49d8 PhoneSvc - ok
18:37:13.0058 0x49d8 PimIndexMaintenanceSvc - ok
18:37:13.0069 0x49d8 pla - ok
18:37:13.0129 0x49d8 [ E3286E1138D2B8481FD58152E4D851F9, A2A78EBB24A2C3CB0BCC7ED1143D0E589469C8BD651DA1CE441AB3F20C38A261 ] PlaysService C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
18:37:13.0138 0x49d8 PlaysService - ok
18:37:13.0144 0x49d8 PlugPlay - ok
18:37:13.0149 0x49d8 PNRPAutoReg - ok
18:37:13.0154 0x49d8 PNRPsvc - ok
18:37:13.0161 0x49d8 PolicyAgent - ok
18:37:13.0169 0x49d8 Power - ok
18:37:13.0175 0x49d8 PptpMiniport - ok
18:37:13.0331 0x49d8 [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
18:37:13.0457 0x49d8 PrintNotify - ok
18:37:13.0469 0x49d8 Processor - ok
18:37:13.0482 0x49d8 ProfSvc - ok
18:37:13.0488 0x49d8 Psched - ok
18:37:13.0495 0x49d8 QWAVE - ok
18:37:13.0500 0x49d8 QWAVEdrv - ok
18:37:13.0505 0x49d8 RasAcd - ok
18:37:13.0532 0x49d8 RasAgileVpn - ok
18:37:13.0537 0x49d8 RasAuto - ok
18:37:13.0543 0x49d8 Rasl2tp - ok
18:37:13.0551 0x49d8 RasMan - ok
18:37:13.0556 0x49d8 RasPppoe - ok
18:37:13.0563 0x49d8 RasSstp - ok
18:37:13.0579 0x49d8 rdbss - ok
18:37:13.0596 0x49d8 rdpbus - ok
18:37:13.0601 0x49d8 RDPDR - ok
18:37:13.0629 0x49d8 RdpVideoMiniport - ok
18:37:13.0634 0x49d8 rdyboost - ok
18:37:13.0640 0x49d8 ReFSv1 - ok
18:37:13.0658 0x49d8 RemoteAccess - ok
18:37:13.0664 0x49d8 RemoteRegistry - ok
18:37:13.0672 0x49d8 RetailDemo - ok
18:37:13.0682 0x49d8 RmSvc - ok
18:37:13.0687 0x49d8 RpcEptMapper - ok
18:37:13.0703 0x49d8 RpcLocator - ok
18:37:13.0708 0x49d8 RpcSs - ok
18:37:13.0714 0x49d8 rspndr - ok
18:37:13.0754 0x49d8 [ 952209B8749D7AB91D5BB95665C5D13E, B7E6D7293A2D2B7492FD240E52E041E0BA4818F99FEBB3C6B718C1871D190E26 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
18:37:13.0782 0x49d8 rt640x64 - ok
18:37:13.0813 0x49d8 RtlWlanu_OldIC - ok
18:37:13.0818 0x49d8 s3cap - ok
18:37:13.0838 0x49d8 SamSs - ok
18:37:13.0845 0x49d8 sbp2port - ok
18:37:13.0861 0x49d8 SCardSvr - ok
18:37:13.0876 0x49d8 ScDeviceEnum - ok
18:37:13.0891 0x49d8 scfilter - ok
18:37:13.0897 0x49d8 Schedule - ok
18:37:13.0902 0x49d8 scmbus - ok
18:37:13.0907 0x49d8 scmdisk0101 - ok
18:37:13.0925 0x49d8 SCPolicySvc - ok
18:37:13.0949 0x49d8 sdbus - ok
18:37:13.0955 0x49d8 SDRSVC - ok
18:37:13.0960 0x49d8 sdstor - ok
18:37:13.0966 0x49d8 seclogon - ok
18:37:13.0972 0x49d8 SENS - ok
18:37:13.0977 0x49d8 Sense - ok
18:37:13.0996 0x49d8 SensorDataService - ok
18:37:14.0011 0x49d8 SensorService - ok
18:37:14.0016 0x49d8 SensrSvc - ok
18:37:14.0021 0x49d8 SerCx - ok
18:37:14.0026 0x49d8 SerCx2 - ok
18:37:14.0031 0x49d8 Serenum - ok
18:37:14.0036 0x49d8 Serial - ok
18:37:14.0042 0x49d8 sermouse - ok
18:37:14.0055 0x49d8 SessionEnv - ok
18:37:14.0060 0x49d8 sfloppy - ok
18:37:14.0087 0x49d8 SharedAccess - ok
18:37:14.0093 0x49d8 ShellHWDetection - ok
18:37:14.0111 0x49d8 shpamsvc - ok
18:37:14.0116 0x49d8 SiSRaid2 - ok
18:37:14.0121 0x49d8 SiSRaid4 - ok
18:37:14.0149 0x49d8 smphost - ok
18:37:14.0166 0x49d8 SmsRouter - ok
18:37:14.0179 0x49d8 SNMPTRAP - ok
18:37:14.0206 0x49d8 spaceport - ok
18:37:14.0212 0x49d8 SpbCx - ok
18:37:14.0231 0x49d8 Spooler - ok
18:37:14.0239 0x49d8 sppsvc - ok
18:37:14.0245 0x49d8 srv - ok
18:37:14.0252 0x49d8 srv2 - ok
18:37:14.0275 0x49d8 srvnet - ok
18:37:14.0281 0x49d8 SSDPSRV - ok
18:37:14.0286 0x49d8 SstpSvc - ok
18:37:14.0308 0x49d8 [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
18:37:14.0322 0x49d8 ssudmdm - ok
18:37:14.0332 0x49d8 StateRepository - ok
18:37:14.0411 0x49d8 [ 345C39599C3D4940D12F5F9F42A79229, B5D6C716D374E453940C2A23772B9E063CBCB06DA74574F0F19F813AE65F4A78 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:37:14.0451 0x49d8 Steam Client Service - ok
18:37:14.0459 0x49d8 stexstor - ok
18:37:14.0490 0x49d8 [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
18:37:14.0504 0x49d8 StillCam - ok
18:37:14.0510 0x49d8 stisvc - ok
18:37:14.0515 0x49d8 storahci - ok
18:37:14.0520 0x49d8 storflt - ok
18:37:14.0525 0x49d8 stornvme - ok
18:37:14.0532 0x49d8 storqosflt - ok
18:37:14.0537 0x49d8 StorSvc - ok
18:37:14.0542 0x49d8 storufs - ok
18:37:14.0548 0x49d8 storvsc - ok
18:37:14.0554 0x49d8 svsvc - ok
18:37:14.0559 0x49d8 swenum - ok
18:37:14.0566 0x49d8 swprv - ok
18:37:14.0595 0x49d8 Synth3dVsc - ok
18:37:14.0599 0x49d8 SysMain - ok
18:37:14.0612 0x49d8 SystemEventsBroker - ok
18:37:14.0624 0x49d8 TabletInputService - ok
18:37:14.0630 0x49d8 TapiSrv - ok
18:37:14.0635 0x49d8 Tcpip - ok
18:37:14.0640 0x49d8 Tcpip6 - ok
18:37:14.0649 0x49d8 tcpipreg - ok
18:37:14.0660 0x49d8 tdx - ok
18:37:14.0888 0x49d8 [ D6DDCFFF145CB7D334EECC2F9A8E304F, DC2E19A799F336DF299460C8DB4EE0B2597ADC6C4728F2BB3BBCFA1192BE809C ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
18:37:15.0048 0x49d8 TeamViewer - ok
18:37:15.0065 0x49d8 terminpt - ok
18:37:15.0070 0x49d8 TermService - ok
18:37:15.0076 0x49d8 Themes - ok
18:37:15.0100 0x49d8 TieringEngineService - ok
18:37:15.0105 0x49d8 tiledatamodelsvc - ok
18:37:15.0111 0x49d8 TimeBrokerSvc - ok
18:37:15.0122 0x49d8 TPM - ok
18:37:15.0128 0x49d8 TrkWks - ok
18:37:15.0162 0x49d8 TrustedInstaller - ok
18:37:15.0169 0x49d8 tsusbflt - ok
18:37:15.0175 0x49d8 TsUsbGD - ok
18:37:15.0181 0x49d8 tsusbhub - ok
18:37:15.0186 0x49d8 tunnel - ok
18:37:15.0204 0x49d8 [ 6A606227DE13B850DCD28AD0F4112506, 6E65A79635BFD0F739479ED1C9C44075F774F9B4C9B98750A99E6FC780EE1000 ] TXEIx64 C:\WINDOWS\System32\drivers\TXEIx64.sys
18:37:15.0218 0x49d8 TXEIx64 - ok
18:37:15.0235 0x49d8 tzautoupdate - ok
18:37:15.0240 0x49d8 UASPStor - ok
18:37:15.0246 0x49d8 UcmCx0101 - ok
18:37:15.0253 0x49d8 UcmTcpciCx0101 - ok
18:37:15.0260 0x49d8 UcmUcsi - ok
18:37:15.0267 0x49d8 Ucx01000 - ok
18:37:15.0272 0x49d8 UdeCx - ok
18:37:15.0278 0x49d8 udfs - ok
18:37:15.0284 0x49d8 UEFI - ok
18:37:15.0289 0x49d8 UevAgentDriver - ok
18:37:15.0303 0x49d8 UevAgentService - ok
18:37:15.0308 0x49d8 Ufx01000 - ok
18:37:15.0314 0x49d8 UfxChipidea - ok
18:37:15.0320 0x49d8 ufxsynopsys - ok
18:37:15.0332 0x49d8 UI0Detect - ok
18:37:15.0336 0x49d8 umbus - ok
18:37:15.0342 0x49d8 UmPass - ok
18:37:15.0349 0x49d8 UmRdpService - ok
18:37:15.0356 0x49d8 UnistoreSvc - ok
18:37:15.0380 0x49d8 upnphost - ok
18:37:15.0385 0x49d8 UrsChipidea - ok
18:37:15.0392 0x49d8 UrsCx01000 - ok
18:37:15.0397 0x49d8 UrsSynopsys - ok
18:37:15.0407 0x49d8 usbaudio - ok
18:37:15.0412 0x49d8 usbccgp - ok
18:37:15.0418 0x49d8 usbcir - ok
18:37:15.0425 0x49d8 usbehci - ok
18:37:15.0432 0x49d8 usbhub - ok
18:37:15.0437 0x49d8 USBHUB3 - ok
18:37:15.0442 0x49d8 usbohci - ok
18:37:15.0448 0x49d8 usbprint - ok
18:37:15.0458 0x49d8 usbscan - ok
18:37:15.0464 0x49d8 usbser - ok
18:37:15.0469 0x49d8 USBSTOR - ok
18:37:15.0475 0x49d8 usbuhci - ok
18:37:15.0488 0x49d8 usbvideo - ok
18:37:15.0493 0x49d8 USBXHCI - ok
18:37:15.0500 0x49d8 UserDataSvc - ok
18:37:15.0516 0x49d8 UserManager - ok
18:37:15.0531 0x49d8 UsoSvc - ok
18:37:15.0535 0x49d8 VaultSvc - ok
18:37:15.0561 0x49d8 [ 98FE661F5744A3E79767CA24ECD2CFC3, D1126DB85CDF9DBBC64C35520742046182F96F5FF6E80196F93D7B7D5F116D8B ] VBoxUSB C:\WINDOWS\System32\Drivers\VBoxUSB.sys
18:37:15.0577 0x49d8 VBoxUSB - ok
18:37:15.0589 0x49d8 [ 0E3C4F20B2CE21168F3242D9CAC6CBF2, 1BD5E1A2000EBC1C335A8960ACDCD08BDC8230F533A80D086D2EE6FE4990EA02 ] VBoxUSBMon C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
18:37:15.0602 0x49d8 VBoxUSBMon - ok
18:37:15.0607 0x49d8 vdrvroot - ok
18:37:15.0637 0x49d8 vds - ok
18:37:15.0644 0x49d8 VerifierExt - ok
18:37:15.0660 0x49d8 vhdmp - ok
18:37:15.0666 0x49d8 vhf - ok
18:37:15.0671 0x49d8 vmbus - ok
18:37:15.0677 0x49d8 VMBusHID - ok
18:37:15.0683 0x49d8 vmgid - ok
18:37:15.0701 0x49d8 vmicguestinterface - ok
18:37:15.0706 0x49d8 vmicheartbeat - ok
18:37:15.0712 0x49d8 vmickvpexchange - ok
18:37:15.0732 0x49d8 vmicrdv - ok
18:37:15.0736 0x49d8 vmicshutdown - ok
18:37:15.0741 0x49d8 vmictimesync - ok
18:37:15.0748 0x49d8 vmicvmsession - ok
18:37:15.0754 0x49d8 vmicvss - ok
18:37:15.0760 0x49d8 volmgr - ok
18:37:15.0768 0x49d8 volmgrx - ok
18:37:15.0774 0x49d8 volsnap - ok
18:37:15.0780 0x49d8 volume - ok
18:37:15.0785 0x49d8 vpci - ok
18:37:15.0790 0x49d8 vsmraid - ok
18:37:15.0796 0x49d8 VSS - ok
18:37:15.0802 0x49d8 VSTXRAID - ok
18:37:15.0807 0x49d8 vwifibus - ok
18:37:15.0813 0x49d8 vwififlt - ok
18:37:15.0818 0x49d8 vwifimp - ok
18:37:15.0823 0x49d8 W32Time - ok
18:37:15.0829 0x49d8 WacomPen - ok
18:37:15.0835 0x49d8 WalletService - ok
18:37:15.0839 0x49d8 wanarp - ok
18:37:15.0845 0x49d8 wanarpv6 - ok
18:37:15.0851 0x49d8 wbengine - ok
18:37:15.0863 0x49d8 WbioSrvc - ok
18:37:15.0868 0x49d8 wcifs - ok
18:37:15.0875 0x49d8 Wcmsvc - ok
18:37:15.0881 0x49d8 wcncsvc - ok
18:37:15.0887 0x49d8 wcnfs - ok
18:37:15.0893 0x49d8 WdBoot - ok
18:37:15.0899 0x49d8 Wdf01000 - ok
18:37:15.0904 0x49d8 WdFilter - ok
18:37:15.0910 0x49d8 WdiServiceHost - ok
18:37:15.0915 0x49d8 WdiSystemHost - ok
18:37:15.0931 0x49d8 wdiwifi - ok
18:37:15.0936 0x49d8 WdNisDrv - ok
18:37:15.0965 0x49d8 WdNisSvc - ok
18:37:15.0969 0x49d8 WebClient - ok
18:37:15.0975 0x49d8 Wecsvc - ok
18:37:15.0981 0x49d8 WEPHOSTSVC - ok
18:37:15.0987 0x49d8 wercplsupport - ok
18:37:15.0992 0x49d8 WerSvc - ok
18:37:15.0999 0x49d8 WFPLWFS - ok
18:37:16.0006 0x49d8 WiaRpc - ok
18:37:16.0012 0x49d8 WIMMount - ok
18:37:16.0017 0x49d8 WinDefend - ok
18:37:16.0029 0x49d8 WindowsTrustedRT - ok
18:37:16.0035 0x49d8 WindowsTrustedRTProxy - ok
18:37:16.0052 0x49d8 WinHttpAutoProxySvc - ok
18:37:16.0058 0x49d8 WinMad - ok
18:37:16.0106 0x49d8 Winmgmt - ok
18:37:16.0119 0x49d8 WinRM - ok
18:37:16.0131 0x49d8 WINUSB - ok
18:37:16.0136 0x49d8 WinVerbs - ok
18:37:16.0168 0x49d8 wisvc - ok
18:37:16.0180 0x49d8 WlanSvc - ok
18:37:16.0194 0x49d8 wlidsvc - ok
18:37:16.0200 0x49d8 WmiAcpi - ok
18:37:16.0208 0x49d8 wmiApSrv - ok
18:37:16.0220 0x49d8 WMPNetworkSvc - ok
18:37:16.0225 0x49d8 Wof - ok
18:37:16.0260 0x49d8 workfolderssvc - ok
18:37:16.0267 0x49d8 WPDBusEnum - ok
18:37:16.0273 0x49d8 WpdUpFltr - ok
18:37:16.0281 0x49d8 WpnService - ok
18:37:16.0321 0x49d8 WpnUserService - ok
18:37:16.0343 0x49d8 ws2ifsl - ok
18:37:16.0350 0x49d8 wscsvc - ok
18:37:16.0465 0x49d8 WSDPrintDevice - ok
18:37:16.0471 0x49d8 WSearch - ok
18:37:16.0490 0x49d8 wuauserv - ok
18:37:16.0495 0x49d8 WudfPf - ok
18:37:16.0502 0x49d8 WUDFRd - ok
18:37:16.0507 0x49d8 wudfsvc - ok
18:37:16.0512 0x49d8 WUDFWpdFs - ok
18:37:16.0518 0x49d8 WUDFWpdMtp - ok
18:37:16.0538 0x49d8 WwanSvc - ok
18:37:16.0558 0x49d8 XblAuthManager - ok
18:37:16.0576 0x49d8 XblGameSave - ok
18:37:16.0583 0x49d8 xboxgip - ok
18:37:16.0589 0x49d8 XboxNetApiSvc - ok
18:37:16.0610 0x49d8 xinputhid - ok
18:37:16.0637 0x49d8 [ D3D9CB4BA15C1854294517AA8954E201, DFBB6E1A5FF01123FEAD6EFFA67F4A0203792AFDF82EAFFC2DA981A584896542 ] XQHDrv C:\WINDOWS\system32\DRIVERS\XQHDrv.sys
18:37:16.0654 0x49d8 XQHDrv - ok
18:37:16.0658 0x49d8 ================ Scan global ===============================
18:37:16.0721 0x49d8 [ Global ] - ok
18:37:16.0722 0x49d8 ================ Scan MBR ==================================
18:37:16.0733 0x49d8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:37:17.0033 0x49d8 \Device\Harddisk0\DR0 - ok
18:37:17.0038 0x49d8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
18:37:17.0820 0x49d8 \Device\Harddisk1\DR1 - ok
18:37:17.0827 0x49d8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
18:37:18.0381 0x49d8 \Device\Harddisk2\DR2 - ok
18:37:18.0387 0x49d8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
18:37:18.0604 0x49d8 \Device\Harddisk3\DR3 - ok
18:37:18.0610 0x49d8 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk4\DR4
18:37:19.0247 0x49d8 \Device\Harddisk4\DR4 - ok
18:37:19.0250 0x49d8 ================ Scan VBR ==================================
18:37:19.0257 0x49d8 [ 95640EAFE8ECC0F8A271D82081F4A50E ] \Device\Harddisk0\DR0\Partition1
18:37:19.0260 0x49d8 \Device\Harddisk0\DR0\Partition1 - ok
18:37:19.0276 0x49d8 [ 93F98209FF315ACEBA415BC027DA3D4B ] \Device\Harddisk0\DR0\Partition2
18:37:19.0278 0x49d8 \Device\Harddisk0\DR0\Partition2 - ok
18:37:19.0284 0x49d8 [ 9E2C072B82BF6A726F370B6333062648 ] \Device\Harddisk1\DR1\Partition1
18:37:19.0286 0x49d8 \Device\Harddisk1\DR1\Partition1 - ok
18:37:19.0293 0x49d8 [ DE3C4A774925145FAE27CED1ABEDE518 ] \Device\Harddisk2\DR2\Partition1
18:37:19.0298 0x49d8 \Device\Harddisk2\DR2\Partition1 - ok
18:37:19.0304 0x49d8 [ CBDB8840A14F2768BA62E90127E8823C ] \Device\Harddisk3\DR3\Partition1
18:37:19.0309 0x49d8 \Device\Harddisk3\DR3\Partition1 - ok
18:37:19.0316 0x49d8 [ 5987F11274CFF1DD83E0CFDB7F594D72 ] \Device\Harddisk4\DR4\Partition1
18:37:19.0320 0x49d8 \Device\Harddisk4\DR4\Partition1 - ok
18:37:19.0321 0x49d8 ================ Scan generic autorun ======================
18:37:19.0757 0x49d8 [ 4878D4D36D683EBE2F1E5F83C6A3BDB3, 82DA7BFED5F61DF4B679B06339E4065CCE0DA0D6741287F93A2EF1BCC85AB1E1 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:37:20.0063 0x49d8 RTHDVCPL - ok
18:37:20.0147 0x49d8 [ C5BDFF312B6AEEF2B4790625B50FCC5E, CE3743140200021A216F0D22334C1EE65B8C7A54552838853771C61467DD05AC ] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
18:37:20.0200 0x49d8 XFast LAN - ok
18:37:20.0462 0x49d8 [ 508A138C09D5030E3A22A11FCF90D69E, 3B1E2660453ABAA9610FA2FE85C81AA4DA56FA7823AF01E5ACC411A646604A94 ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
18:37:20.0642 0x49d8 StartCN - ok
18:37:20.0659 0x49d8 Logitech Download Assistant - ok
18:37:20.0697 0x49d8 OneDriveSetup - ok
18:37:20.0699 0x49d8 OneDriveSetup - ok
18:37:20.0980 0x49d8 [ B21BF907BEC57CE79A4E1EC7F0717638, AC03F7085ADA3BC49DA183DED2ACB4407F4219D20E224EA7A4157D36884BFC06 ] C:\Program Files (x86)\AirDroid\AirDroid.exe
18:37:21.0177 0x49d8 AirDroid 3 - ok
18:37:21.0303 0x49d8 [ 0D28681183514A3E064AAA9C12D9DC7B, F32FA1A7565E1A2737B67E7DAF8ACC5FDF253D5D9AFC94DB0CB4F0C63117B313 ] C:\Users\julia\AppData\Roaming\Spotify\SpotifyWebHelper.exe
18:37:21.0346 0x49d8 Spotify Web Helper - ok
18:37:21.0536 0x49d8 [ 33527CE93566F5728535C7DA68C6C11D, CF26D17E6BD44F0482DB85A400F42CF9B33BE74B27B9DBE3FA18DFB4D14C3485 ] C:\Users\julia\AppData\Roaming\Spotify\Spotify.exe
18:37:21.0693 0x49d8 Spotify - ok
18:37:21.0802 0x49d8 [ FC7E2535A6F2DA0988F91A6232139661, E6FA0AD4435B226778AF36DF0ABC235BECC8228542D9F8D5F43D961BCB767CEE ] C:\Program Files (x86)\Steam\steam.exe
18:37:21.0872 0x49d8 Steam - ok
18:37:22.0044 0x49d8 [ 8B37E45C7C41561BF82B2E2A0145C4E5, 5889D467C96E17A4D5B924EF84B0DAFA6CB04ACB248E0C6B0C5CC2CFEFD7CEB3 ] C:\Users\julia\AppData\Roaming\Nox\bin\Nox.exe
18:37:22.0163 0x49d8 BigNox - ok
18:37:22.0290 0x49d8 [ 0BA57111C2F9A4313F2311CD61DE65FB, 69D4573EC5A720BCDEA094A44F5F6129632B045952525A890DE57A2C002DF934 ] C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe
18:37:22.0342 0x49d8 XperiaCompanionAgent - ok
18:37:22.0546 0x49d8 [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
18:37:22.0609 0x49d8 HP Deskjet 3050A J611 series (NET) - ok
18:37:22.0624 0x49d8 Uninstall C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64 - ok
18:37:22.0625 0x49d8 Waiting for KSN requests completion. In queue: 10
18:37:23.0650 0x49d8 AV detected via SS2: G DATA INTERNET SECURITY, C:\Program Files (x86)\G DATA\InternetSecurity\AVK\avkwscpe.exe ( 25.1.0.0 ), 0x41000 ( enabled : updated )
18:37:23.0651 0x49d8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
18:37:23.0653 0x49d8 FW detected via SS2: G*DATA Personal Firewall, C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )
18:37:23.0779 0x49d8 ============================================================
18:37:23.0779 0x49d8 Scan finished
18:37:23.0779 0x49d8 ============================================================
18:37:23.0787 0x5b98 Detected object count: 0
18:37:23.0787 0x5b98 Actual detected object count: 0
|
|
17.02.2017, 20:38
| #8 |
| /// TB-Ausbilder | Probleme mit Maleware oder Trojaner nach Toolbar Installation Servus, Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2
Schritt 3 Downloade Dir bitte Malwarebytes Anti-Malware 3
Schritt 4 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 5
Bitte poste mit deiner nächsten Antwort
|
|
18.02.2017, 11:26
| #9 |
| | Probleme mit Maleware oder Trojaner nach Toolbar InstallationCode:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 18/02/2017 um 09:04:33
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-13.1 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : julia - DESKTOP-N0N5AE6
# Gestartet von : C:\Users\julia\Desktop\AdwCleaner_6.043.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [3127 Bytes] - [01/02/2017 14:44:49]
C:\AdwCleaner\AdwCleaner[C2].txt - [1050 Bytes] - [18/02/2017 09:04:33]
C:\AdwCleaner\AdwCleaner[S0].txt - [3111 Bytes] - [01/02/2017 14:43:30]
C:\AdwCleaner\AdwCleaner[S1].txt - [1490 Bytes] - [01/02/2017 16:17:14]
C:\AdwCleaner\AdwCleaner[S2].txt - [1570 Bytes] - [05/02/2017 17:15:30]
C:\AdwCleaner\AdwCleaner[S3].txt - [1637 Bytes] - [18/02/2017 09:04:00]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1415 Bytes] ##########
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 18.02.17
Scan-Zeit: 10:41
Protokolldatei: mbam.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.50
Version des Aktualisierungspakets: 1.0.1292
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-N0N5AE6\julia
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 413108
Abgelaufene Zeit: 9 Min., 7 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Pro x64
Ran by julia (Administrator) on 18.02.2017 at 10:54:33,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.02.2017 at 10:57:31,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-02-2017
durchgeführt von julia (Administrator) auf DESKTOP-N0N5AE6 (18-02-2017 11:10:29)
Gestartet von C:\Users\julia\Desktop
Geladene Profile: julia (Verfügbare Profile: julia)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(GfK) C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
() C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(AMD) C:\Windows\System32\atieclxx.exe
(GfK SE) C:\Program Files (x86)\GfK Internet-Monitor\GfK-LoginInterface.exe
(The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe
(The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe
(The Nielsen Company) C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\NielsenOnline64.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Sand Studio) C:\Program Files (x86)\AirDroid\AirDroid.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(@@Manufacturer@@) C:\Program Files (x86)\GfK Internet-Monitor\Chrome Extension\GfKChromeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Amazon Services LLC) C:\Users\julia\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-15] (Realtek Semiconductor)
HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [2088872 2015-09-09] (cFos Software GmbH)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G DATA\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [441160 2016-09-15] (G DATA Software AG)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51928 2017-02-10] (Copyright (c) 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [NielsenOnline] => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe [202896 2016-12-30] (The Nielsen Company)
HKU\S-1-5-19\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [8651896 2017-01-16] (Sand Studio)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Spotify Web Helper] => C:\Users\julia\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1555056 2016-10-02] (Spotify Ltd)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Spotify] => C:\Users\julia\AppData\Roaming\Spotify\Spotify.exe [6937200 2016-10-02] (Spotify Ltd)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [BigNox] => C:\Users\julia\AppData\Roaming\Nox\bin\Nox.exe [5100872 2016-07-31] (Duodian Technology Co. Ltd.)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2062208 2016-05-26] (Sony)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\RunOnce: [Uninstall C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\MountPoints2: {4620abb5-cad0-11e6-9182-0013ef030494} - "I:\shelexec.exe" .\starter.html
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2683783b-a4bc-4329-ac88-9cc1e28fadf5}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b3b846c1-63d0-49c7-a2c1-ceb545584257}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: GfK Internet-Monitor -> {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} -> C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll [2016-10-31] (GfK)
BHO-x32: GfK Internet-Monitor -> {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} -> C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll [2016-10-31] (GfK)
Toolbar: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
FireFox:
========
FF DefaultProfile: z4n199ml.default
FF ProfilePath: C:\Users\julia\AppData\Roaming\Mozilla\Firefox\Profiles\z4n199ml.default [2017-02-17]
FF NetworkProxy: Mozilla\Firefox\Profiles\z4n199ml.default -> type", 0
FF Extension: (Nielsen NetSight) - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\netsight@nielsen.xpi [2017-02-17]
FF HKLM\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi
FF Extension: (GfK Internet) - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi [2017-02-18]
FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\FirefoxAddOns\netsight@nielsen.xpi
FF Extension: (Nielsen NetSight) - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\FirefoxAddOns\netsight@nielsen.xpi [2017-02-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-02-11] ()
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-02-11] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1190779463-2330029784-2471901394-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.reading4money.de/paidmail.php?username=julemaus89&id=1414525986&mid=0
CHR StartupUrls: Default -> "hxxp://www.spielesite.com/","hxxps://de.upjers.com/","hxxp://www.startparadies.de/index.php","hxxps://www.facebook.com/","hxxp://www.klamm.de/","hxxp://www.bonix.org/","hxxp://www.dodona-mails.de/","hxxp://testberichte.reviews/","hxxp://www.shimly.de/"
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.885\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Profile: C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default [2017-02-18]
CHR Extension: (Google Drive) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-29]
CHR Extension: (Lovely Cats Tab) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdoeoonepndhefdpieicgajkhadocngm [2016-06-24]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-01-30]
CHR Extension: (LadyCashback.de Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjnhchdicihpfajapekoedijbldehbbk [2017-02-14]
CHR Extension: (YouTube) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-29]
CHR Extension: (Nielsen NetSight) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgmmbefnahabhcchpfkobeindpppflc [2017-02-05]
CHR Extension: (Kindle Cloud Reader) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnemmpobpfaichgccgcilgncfigplmol [2016-09-15]
CHR Extension: (Google-Suche) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-04-29]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2016-04-29]
CHR Extension: (Google Kalender) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-06]
CHR Extension: (GfK Internet-Monitor) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekfcceehmjiicgpkeblpbcpglgdklklh [2016-11-04]
CHR Extension: (Google Docs Offline) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-29]
CHR Extension: (GfK Digital Trends App) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikkcdahfmnbofoaeofipdcejkgkbofj [2016-06-14]
CHR Extension: (Questler Bonusfinder 3.0) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipddihbjlikcgpbikkgjibobkahjafni [2016-06-24]
CHR Extension: (CashbackDeals.de Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnlhjofgnkcljojnibhmeopimidoblfm [2017-02-14]
CHR Extension: (Andasa iCat) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcbpnhnickonbgkbgbegepdldmcnjoif [2016-10-21]
CHR Extension: (iGraal Cashback-Melder) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2017-02-17]
CHR Extension: (Google Play) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-04-29]
CHR Extension: (Tabby Cat) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mefhakmgclhhfbdadeojlkbllmecialg [2016-11-10]
CHR Extension: (Google Play Books) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2016-04-29]
CHR Extension: (boost-Bar) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbifpjmldocepoilnjgbkaaighinkhpp [2016-10-11]
CHR Extension: (Bundlr) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\neaecllpgiioinacndhkakancoifnbhm [2016-04-29]
CHR Extension: (Norton Safe) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-09-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-06]
CHR HKLM\...\Chrome\Extension: [bpgmmbefnahabhcchpfkobeindpppflc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bpgmmbefnahabhcchpfkobeindpppflc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] ()
R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [463112 2014-07-31] ()
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [4950632 2016-10-06] (G DATA Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [984904 2016-09-15] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3044496 2016-09-27] (G Data Software AG)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [726952 2015-09-09] (cFos Software GmbH)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-30] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.)
R2 GDBackupSvc; C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe [4072264 2016-09-30] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3286120 2016-09-15] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [822600 2016-09-27] (G DATA Software AG)
R2 GfK-NetworkMeter; C:\Program Files (x86)\GfK-NetworkMeter\GfK-NetworkMeter64.exe [1222880 2016-10-31] (GfK)
R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [1992256 2016-10-31] ()
R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1476160 2016-07-06] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NielsenUpdate; C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [3161744 2016-12-30] (The Nielsen Company)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119176 2017-01-15] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2181648 2017-01-15] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-02-10] (Copyright (c) 2017 Plays.tv, LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-01-25] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-01-25] (Advanced Micro Devices, Inc.)
R3 AppObserver; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\appobserver64.sys [23696 2016-12-30] (The Nielsen Company)
R3 AsrAutoChkUpdDrv; C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys [22280 2017-02-18] (ASRock Incorporation)
R3 AsrDrv101; C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys [22280 2016-04-29] (ASRock Incorporation)
R0 AsrRamDisk; C:\WINDOWS\System32\drivers\AsrRamDisk.sys [40200 2013-08-02] (ASRock Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-07-21] (Advanced Micro Devices)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [100776 2015-08-23] (ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [180808 2016-10-13] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2016-04-21] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [37400 2016-10-13] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [30280 2016-10-13] (G DATA Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [274400 2016-10-13] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [105544 2016-10-13] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [77384 2016-10-13] (G DATA Software AG)
R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [116296 2016-10-16] (G Data Software)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [153160 2016-10-13] (G Data Software AG)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251848 2017-02-18] (Malwarebytes)
S3 MBI; C:\WINDOWS\System32\drivers\MBI.sys [41456 2015-10-15] (Intel(R) Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 nnfwdk; C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\nnfwdk64.sys [34960 2016-12-30] (The Nielsen Company)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-08-20] (Realtek )
R3 RtlWlanu_OldIC; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.)
S3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [114632 2015-09-16] (BigNox Corporation)
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-18 11:09 - 2017-02-18 11:09 - 00000000 ____D C:\Users\julia\Desktop\FRST-OlderVersion
2017-02-18 10:57 - 2017-02-18 10:57 - 00000546 _____ C:\Users\julia\Desktop\JRT.txt
2017-02-18 10:53 - 2017-02-18 10:53 - 00001238 _____ C:\Users\julia\Desktop\mbam.txt
2017-02-18 10:40 - 2017-02-18 10:40 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-18 10:39 - 2017-02-18 10:39 - 00001922 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-18 10:39 - 2017-02-18 10:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-18 10:39 - 2017-02-18 10:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-18 10:39 - 2017-02-18 10:39 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-18 10:39 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-18 10:25 - 2017-02-18 10:25 - 00566128 _____ (Malwarebytes) C:\Users\julia\Desktop\mbam-clean-2.3.0.1001.exe
2017-02-17 20:53 - 2017-02-18 10:39 - 55566792 _____ (Malwarebytes ) C:\Users\julia\Desktop\mb3-setup-consumer-3.0.6.1469.exe
2017-02-17 20:52 - 2017-02-18 10:54 - 01663040 _____ (Malwarebytes) C:\Users\julia\Desktop\JRT.exe
2017-02-17 20:51 - 2017-02-18 08:44 - 04015056 _____ C:\Users\julia\Desktop\AdwCleaner_6.043.exe
2017-02-17 08:38 - 2017-02-18 11:02 - 00003034 _____ C:\WINDOWS\System32\Tasks\AsrSP.exe
2017-02-16 18:34 - 2017-02-16 18:54 - 00090086 _____ C:\TDSSKiller.3.1.0.12_16.02.2017_18.34.11_log.txt
2017-02-16 18:32 - 2017-02-16 18:33 - 00064755 _____ C:\Users\julia\Desktop\Addition.txt
2017-02-16 18:31 - 2017-02-18 11:10 - 00029601 _____ C:\Users\julia\Desktop\FRST.txt
2017-02-16 18:23 - 2017-02-16 18:34 - 04747704 _____ (AO Kaspersky Lab) C:\Users\julia\Desktop\tdsskiller.exe
2017-02-16 18:22 - 2017-02-18 11:09 - 02422272 _____ (Farbar) C:\Users\julia\Desktop\FRST64.exe
2017-02-16 10:45 - 2017-02-16 10:52 - 00090086 _____ C:\TDSSKiller.3.1.0.12_16.02.2017_10.45.55_log.txt
2017-02-16 10:42 - 2017-02-16 10:44 - 00171940 _____ C:\TDSSKiller.3.1.0.12_16.02.2017_10.42.12_log.txt
2017-02-14 13:08 - 2017-02-18 09:06 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForjulia.job
2017-02-14 13:08 - 2017-02-14 13:08 - 00003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForjulia
2017-02-11 10:58 - 2017-02-11 10:58 - 00000000 ____D C:\Users\julia\AppData\Roaming\Macromedia
2017-02-11 10:58 - 2017-02-11 10:58 - 00000000 ____D C:\Users\julia\AppData\Local\Macromedia
2017-02-10 19:29 - 2017-02-18 11:10 - 00000000 ____D C:\FRST
2017-02-08 08:36 - 2017-02-08 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-02-05 17:37 - 2017-02-05 18:08 - 00000000 ____D C:\Users\julia\Desktop\USB Stick
2017-02-04 14:27 - 2017-02-04 14:28 - 00411140 _____ C:\WINDOWS\Minidump\020417-29406-01.dmp
2017-02-04 14:27 - 2017-02-04 14:27 - 00000000 ____D C:\WINDOWS\Minidump
2017-02-02 19:26 - 2017-02-17 10:05 - 00000000 ____D C:\Users\julia\AppData\LocalLow\Mozilla
2017-02-01 14:49 - 2017-02-16 10:38 - 00000000 ____D C:\Users\julia\Desktop\Virus
2017-02-01 14:41 - 2017-02-18 09:04 - 00000000 ____D C:\AdwCleaner
2017-01-31 17:47 - 2017-02-11 18:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-27 19:13 - 2017-01-27 19:13 - 00140131 _____ C:\Users\julia\Desktop\Rechnung 4333534.pdf
2017-01-26 08:34 - 2017-01-26 08:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2017-01-26 08:34 - 2017-01-26 08:34 - 00000000 ____D C:\Program Files\ATI Technologies
2017-01-25 09:12 - 2017-01-27 17:28 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-01-25 08:44 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 08:44 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-25 01:29 - 2017-01-25 01:29 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00768024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00121368 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00100888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00038424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-01-25 01:29 - 2017-01-25 01:29 - 00038416 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-01-25 01:28 - 2017-01-25 01:28 - 00488496 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-01-25 01:28 - 2017-01-25 01:28 - 00166408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-01-25 01:28 - 2017-01-25 01:28 - 00130224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-01-24 16:38 - 2017-01-24 16:38 - 06381952 _____ C:\Users\julia\Desktop\eBook_Faszientraining.pdf
2017-01-21 16:56 - 2017-01-21 16:56 - 00005262 _____ C:\Users\julia\Desktop\Questionmail Questionmail Richtig Antworten 500 Punkte sammeln!(sasm).eml
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-18 11:12 - 2016-05-29 07:54 - 00000000 ____D C:\Users\julia\Documents\AirDroid
2017-02-18 11:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-18 10:59 - 2016-08-06 21:05 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-18 10:29 - 2016-08-09 07:53 - 00003038 _____ C:\WINDOWS\System32\Tasks\AsrAPPShop
2017-02-18 10:28 - 2016-04-29 23:51 - 00022280 _____ (ASRock Incorporation) C:\WINDOWS\SysWOW64\Drivers\AsrAutoChkUpdDrv.sys
2017-02-18 10:27 - 2016-08-06 21:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-18 10:26 - 2016-08-06 21:08 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-02-18 10:26 - 2016-07-16 07:04 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-02-18 09:12 - 2016-08-09 07:55 - 00004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{37189C47-5908-4B51-91BC-1DD3B7B485AE}
2017-02-18 09:12 - 2016-04-29 20:51 - 00000000 ____D C:\Users\julia\AppData\Local\CrashDumps
2017-02-18 09:08 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-18 08:40 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-18 08:35 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-12 00:29 - 2016-08-06 21:11 - 00000000 ____D C:\Users\julia
2017-02-11 18:48 - 2016-07-25 19:04 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-11 18:42 - 2016-07-31 19:44 - 00000000 ____D C:\Users\julia\.android
2017-02-11 18:42 - 2016-07-31 19:41 - 00000000 ____D C:\Users\julia\.BigNox
2017-02-11 18:42 - 2016-07-31 19:37 - 00000000 ____D C:\Users\julia\AppData\Local\Nox
2017-02-11 18:42 - 2016-04-29 21:38 - 00000000 ____D C:\Users\julia\AppData\Roaming\Spotify
2017-02-11 18:40 - 2016-06-22 18:12 - 00000000 ____D C:\Users\julia\AppData\Roaming\PlaysTV
2017-02-11 18:40 - 2016-04-29 21:38 - 00000000 ____D C:\Users\julia\AppData\Local\Spotify
2017-02-11 18:36 - 2016-04-29 20:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-11 18:35 - 2016-08-06 21:58 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-02-11 10:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-11 10:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-11 10:56 - 2016-04-29 21:15 - 00000000 ____D C:\Users\julia\AppData\Local\Adobe
2017-02-11 01:36 - 2016-05-10 10:40 - 00197120 ___SH C:\Users\julia\Desktop\Thumbs.db
2017-02-10 16:39 - 2016-12-17 08:28 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-02-10 16:39 - 2016-12-17 08:28 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-02-10 14:14 - 2016-11-22 12:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-02-08 08:36 - 2016-04-30 01:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-07 08:40 - 2016-08-11 08:04 - 00000000 ____D C:\WINDOWS\system32\MpEngineStore
2017-02-06 19:13 - 2016-04-29 20:39 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 19:13 - 2016-04-29 20:39 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-06 19:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-04 15:30 - 2016-09-01 23:14 - 00000000 ____D C:\Users\julia\AppData\Local\Amazon Music
2017-02-04 14:29 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-04 14:27 - 2016-05-09 22:49 - 1366395123 _____ C:\WINDOWS\MEMORY.DMP
2017-02-04 13:58 - 2016-11-14 18:48 - 00000000 ____D C:\Users\julia\AppData\Roaming\vlc
2017-02-04 08:26 - 2016-05-01 07:34 - 00000000 ____D C:\ProgramData\AMD
2017-02-02 20:19 - 2016-09-01 23:14 - 00001320 _____ C:\Users\julia\Desktop\Amazon Music.lnk
2017-02-02 19:48 - 2016-11-15 18:21 - 00001089 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-02-02 19:48 - 2016-11-15 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-01-30 16:57 - 2016-04-30 01:15 - 00000000 ___RD C:\Users\julia\Dropbox
2017-01-29 15:08 - 2016-11-13 19:58 - 00000000 ____D C:\Users\julia\AppData\Roaming\dvdcss
2017-01-27 11:31 - 2016-05-10 14:56 - 00000000 ____D C:\Users\julia\Thunderbird backup
2017-01-26 08:32 - 2016-08-06 21:08 - 00000000 ____D C:\Program Files\AMD
2017-01-25 09:13 - 2016-04-29 20:05 - 00000000 ____D C:\AMD
2017-01-25 09:12 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-25 01:29 - 2016-10-26 00:04 - 09405464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 07589400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 02463256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 02150928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 01015832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00909336 _____ (AMD) C:\WINDOWS\system32\coinst_16.40.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00643096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00420376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-01-25 01:29 - 2016-10-26 00:04 - 00310808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-01-25 01:29 - 2016-10-26 00:04 - 00293400 _____ C:\WINDOWS\system32\GameManager64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00287248 _____ C:\WINDOWS\system32\clinfo.exe
2017-01-25 01:29 - 2016-10-26 00:04 - 00285720 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00266256 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00248344 _____ C:\WINDOWS\system32\atieah64.exe
2017-01-25 01:29 - 2016-10-26 00:04 - 00239128 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00178200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00154648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00147480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00130584 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00128536 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00084504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-01-25 01:29 - 2016-10-26 00:04 - 00077848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-01-25 01:29 - 2016-08-12 00:07 - 00145952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-01-25 01:29 - 2016-08-12 00:07 - 00107544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2017-01-25 01:29 - 2016-08-12 00:06 - 00258072 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00541208 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-01-25 01:29 - 2016-07-02 08:01 - 00476696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00305176 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-01-25 01:29 - 2016-07-02 08:01 - 00251416 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00226328 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-01-25 01:29 - 2016-07-02 08:01 - 00193560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00153112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00135704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-01-25 01:29 - 2016-07-02 08:01 - 00126488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-01-25 01:29 - 2016-04-05 08:38 - 00219672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-01-25 01:29 - 2016-04-05 08:37 - 01351192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-01-25 01:29 - 2016-04-05 08:27 - 00158336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-01-25 01:29 - 2016-04-05 08:27 - 00118800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2017-01-25 01:28 - 2016-10-26 00:05 - 00162216 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-01-25 01:28 - 2016-10-26 00:05 - 00145360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-01-25 01:28 - 2016-10-26 00:05 - 00130216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-01-25 01:28 - 2016-10-26 00:05 - 00112328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-01-25 01:28 - 2016-07-02 08:01 - 00145872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-01-25 01:28 - 2016-07-02 08:01 - 00112336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-01-22 15:47 - 2016-04-29 21:16 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-10-02 14:25 - 2016-10-02 14:25 - 0000000 _____ () C:\Users\julia\AppData\Roaming\gdfw.log
2016-10-02 14:25 - 2016-10-02 14:25 - 0000779 _____ () C:\Users\julia\AppData\Roaming\gdscan.log
2016-07-31 07:34 - 2016-11-06 16:41 - 0007598 _____ () C:\Users\julia\AppData\Local\Resmon.ResmonCfg
2016-04-30 03:12 - 2016-04-30 03:12 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-08-06 21:07 - 2016-08-06 21:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2017-02-02 19:48 - 2017-02-02 19:48 - 7097928 _____ (VS Revo Group ) C:\Users\julia\AppData\Local\Temp\VSUSetup.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-02-08 23:29
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-02-2017
durchgeführt von julia (18-02-2017 11:12:34)
Gestartet von C:\Users\julia\Desktop
Windows 10 Pro Version 1607 (X64) (2016-08-06 20:35:33)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1190779463-2330029784-2471901394-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1190779463-2330029784-2471901394-503 - Limited - Disabled)
Gast (S-1-5-21-1190779463-2330029784-2471901394-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1190779463-2330029784-2471901394-1003 - Limited - Enabled)
julia (S-1-5-21-1190779463-2330029784-2471901394-1001 - Administrator - Enabled) => C:\Users\julia
LynCat (S-1-5-21-1190779463-2330029784-2471901394-1004 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
AirDroid 3.3.1.1 (HKLM-x32\...\AirDroid) (Version: 3.3.1.1 - Sand Studio)
Amazon Kindle (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Amazon Kindle) (Version: 1.17.0.44170 - Amazon)
Amazon Music (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Amazon Amazon Music) (Version: 5.3.5.1704 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{04E14C12-EAB9-9B07-5A25-CAF2D10B2579}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
APP Shop v1.0.24 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.24 - ASRock Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock Restart to UEFI v1.0.5 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.5 - )
ASRock XFast RAM v3.0.3 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
A-Tuning v2.0.280 (HKLM-x32\...\A-Tuning_is1) (Version: 2.0.280 - ASRock Inc.)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.3.0.1 - G DATA Software AG)
GfK Internet-Monitor (HKLM-x32\...\39992AD7-103F-4308-8BB7-3F65F543604D) (Version: 15.4.173 - GfK)
GoodNightLed v3.0.1 (HKLM-x32\...\GoodNightLed_is1) (Version: 3.0.1 - ASRock Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.20.104.05220 (HKLM-x32\...\{78D4C553-4B41-97A5-22B4-2F446987B724}) (Version: 2.20.104.05220 - Sony)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 de)) (Version: 45.7.1 - Mozilla)
Nielsen (HKLM-x32\...\NetSight) (Version: - )
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.6.0.0 - Duodian Technology Co. Ltd.)
OEM Application Profile (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.5.6379 - Electronic Arts, Inc.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.18.2-r120419-release - Plays.tv, LLC)
PS4 Remote Play (HKLM-x32\...\{127839B2-AF0F-41CA-9F00-A247D04ACD81}) (Version: 1.0.0.15181 - Sony Interactive Entertainment Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7560 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Spotify (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Spotify) (Version: 1.0.34.146.g28f9eda2 - Spotify AB)
SRWare Iron Version SRWare Iron 33.0.1800.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 33.0.1800.0 - SRWare)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten (HKLM\...\{EF27865C-E636-47C4-8B35-CE8A88045681}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Uplay (HKLM-x32\...\Uplay) (Version: 21.1 - Ubisoft)
Usb GamePad (HKLM-x32\...\{DEC7CD2E-2BB5-40C3-9592-078F64677E6C}) (Version: 1.00.0000 - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
WinDS PRO 2016.04.08 (HKLM\...\{4237FF56-4BD0-481E-BD44-C1A8DDA9C753}_is1) (Version: 2016.04.08 - WinDS PRO Central)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XFast LAN v10.10 (HKLM\...\XFast LAN) (Version: 10.10 - cFos Software GmbH, Bonn)
Xperia Companion (HKLM-x32\...\{8f4f39fa-087f-4e5c-84f3-1433ac7389e9}) (Version: 1.2.8.0 - Sony)
Xperia Companion (x32 Version: 1.2.8.0 - Sony) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {066EF000-1D31-4F43-8E09-C97DCCC96278} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {088841B5-0921-42EB-B35F-ED262A120F95} - System32\Tasks\AsrAPPShop => C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe [2016-02-05] ()
Task: {2556CECF-EA3C-447B-94AA-800BAC478C7D} - \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start -> Keine Datei <==== ACHTUNG
Task: {32FAAA18-3DCE-4579-B103-6C51178C0E22} - System32\Tasks\HPCeeScheduleForjulia => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {471EA7B1-B69E-4FE6-9507-551F2D76CF4B} - System32\Tasks\cFos\Registration Tasks\Open Browser => Chrome.exe "hxxp://www.cfos.de/de/cfosspeed/documentation/keyboard-leds.htm?reg-10.10.2238-asrock"
Task: {4C90C93F-B372-447A-BAD9-4C877F578A53} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-30] (Dropbox, Inc.)
Task: {4CA7C5ED-61A5-4A08-B76C-971D3E54939A} - \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources -> Keine Datei <==== ACHTUNG
Task: {502B87CA-6578-4727-98E0-D5312A5A1A26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.)
Task: {50E75D14-4AFB-4ACB-823D-3611FAA325F0} - \HPCustParticipation HP Deskjet 3050A J611 series -> Keine Datei <==== ACHTUNG
Task: {760F7F73-70D6-4F7A-ACB0-CE52D03A6E5F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {76766223-D4EE-40A1-B946-EA78046203CF} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {849173CC-06EF-4522-99B4-34CDDAB5DA29} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> Keine Datei <==== ACHTUNG
Task: {8F0C3895-A13C-4DAC-A594-051736FCCC88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {9A8C6E8B-C1D2-4DCC-978C-F7856E76371A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
Task: {9C6A1060-F966-4927-B888-198454C7ADF3} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> Keine Datei <==== ACHTUNG
Task: {9E858082-438A-4EF2-B0C6-F930C7B617BB} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> Keine Datei <==== ACHTUNG
Task: {AB9FACDB-986A-4467-9238-8115E635C99F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.)
Task: {B1EF102A-D9C4-4BA0-8C3D-01C864291EB2} - \AMD Updater -> Keine Datei <==== ACHTUNG
Task: {DA111EEE-D374-4720-B899-179957A0B716} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {E4F6F8E8-7CA4-4492-9371-6468BC21B942} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-30] (Dropbox, Inc.)
Task: {F5DE26B4-9D74-4647-AD6A-B963F33ED5ED} - System32\Tasks\AsrSP.exe => C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\AsrSP.exe [2014-12-02] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForjulia.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-31 18:43 - 2016-07-06 14:20 - 01476160 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
2016-04-29 23:50 - 2014-07-31 15:17 - 00463112 _____ () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2016-11-03 12:01 - 2016-10-31 17:11 - 01992256 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
2016-09-15 04:24 - 2016-09-15 04:24 - 00423752 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-11-21 17:19 - 2016-11-21 17:19 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2017-02-18 10:39 - 2017-01-20 07:47 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-06 21:41 - 2016-08-06 21:41 - 00959168 _____ () C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-09-14 08:17 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 18:18 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 18:18 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 18:18 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-18 08:40 - 2017-02-18 08:40 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-18 08:40 - 2017-02-18 08:40 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-18 08:40 - 2017-02-18 08:40 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 08:43 - 2017-02-06 08:43 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\roottools.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-07-31 18:43 - 2016-07-06 14:20 - 00619584 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll
2016-10-01 17:37 - 2017-01-15 12:27 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-02-10 21:06 - 2017-02-10 21:06 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-02-10 21:06 - 2017-02-10 21:06 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2016-04-21 02:23 - 2017-01-16 08:34 - 09080360 _____ () C:\Program Files (x86)\AirDroid\Android.dll
2016-04-21 02:20 - 2017-01-16 08:34 - 00642088 _____ () C:\Program Files (x86)\AirDroid\System.Data.SQLite.dll
2017-02-06 19:13 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 19:13 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-02-15 08:44 - 2017-02-02 12:30 - 17840216 _____ () C:\Users\julia\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.221\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-04-29 11:54 - 2016-04-29 11:52 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\julia\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "XperiaCompanion"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "BigNox"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BE8EDC0C-73E0-4F9F-9C2E-06DDE5F03E9B}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe
FirewallRules: [{2227EE2C-CE55-45FB-B30E-62DC8230A899}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{30F3774D-AD02-45B3-B257-534DA49823C7}] => (Allow) C:\Users\julia\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{783C2224-7D58-48D8-AD4C-4B0B5C77B453}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{CF90C652-DC55-467E-BAC1-4DF8396B2C92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{E6E289E2-4AA2-40F5-ACA6-9C82995E68B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{E53E8737-385D-4ABE-B897-20BB0428F9D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{9BACBB96-FF86-4833-A8AF-0CF03B271854}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{9AB2427A-D301-4180-8CA0-4214ACCFDC3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{89B25E3E-040C-4F42-860C-8C29EBDC2477}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{F31FD7FA-96A5-42E7-A231-1FD1C5ECDCC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{DE177724-6098-43D0-8806-973ABCD8489B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{D761F58A-F839-48D7-99C4-55FC2B2D31AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{A7B83730-8336-4D8C-9855-F525F4B87FD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{DB0775A4-53C5-4D60-8B8F-3179817021C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{F9BB05C7-2A2A-47AA-A4C8-F67AA78B7F80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{97388F1B-476A-40C6-B599-72697B7ED5EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{AEAF1BD8-98C9-42F7-AC18-6186FD66BF03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{E9783289-E69A-4E06-9EAF-6EE9BCD26A7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{380E5670-8329-4A13-A453-1FCB2C92CEE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{11AEA279-FA35-443C-A14E-5AA0A7F496B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{BD8FDB87-DE06-432F-88BA-BC1C337988D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe
FirewallRules: [{31C13ED3-EFCB-40F3-ABB5-23F388D89AD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe
FirewallRules: [{6D7778AF-2ACA-4C81-8398-D5260FFCBE29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{9070EA33-9E66-4FCD-A375-B8D09CC4E587}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{6870B29C-5372-4701-8F42-D6DE725973DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transformice\Transformice.exe
FirewallRules: [{E5FA8FB3-D425-415A-B4AB-C6F08CB81390}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transformice\Transformice.exe
FirewallRules: [{C5EE77CF-1244-4FB7-BAD8-8979C065A7A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shakes & Fidget\Shakes and Fidget.exe
FirewallRules: [{D1CDF799-6265-4CD5-A626-94F4491BE72F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shakes & Fidget\Shakes and Fidget.exe
FirewallRules: [{74505E9A-F844-4FF4-A118-C989F71C77AE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D0F4A6E6-0E01-410A-99B6-349CB62D49AF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{98A6B571-7328-46CA-A786-18FA12118E8A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4BFA63AA-FB4E-4CBD-81D2-92E7FCAFDCD2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E9B7DABE-E09E-44E7-AC61-314074E4A507}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{290E19E0-A4C5-4803-A438-0E623CA48EE5}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{4F347DFD-A148-4E94-A8C2-19C58D774FCD}] => (Allow) C:\Users\julia\AppData\Local\Temp\7zS48E3\HPDiagnosticCoreUI.exe
FirewallRules: [{EF4D3B24-6D1A-4A4C-B8B8-232EE3665BFE}] => (Allow) C:\Users\julia\AppData\Local\Temp\7zS48E3\HPDiagnosticCoreUI.exe
FirewallRules: [{93BCAC83-2502-4ADE-A68A-50235D8FDC39}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{718492BD-2476-4DD7-ACFD-68AB1EA53F10}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D5F54F87-F1F2-47DF-B930-427698A21F72}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2FBA69FF-5B93-4B59-863C-F14782090247}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CDB8F4BC-F6B5-4AED-9C6B-FF33D179093F}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe
FirewallRules: [UDP Query User{B554B3E6-7C3B-4686-9087-B4E5C9C25893}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [TCP Query User{4C110523-B488-46B3-899F-EF71BBE24D74}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{748F1E3C-DECB-4B30-BF51-756112C3CD69}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{393AB3D0-4A56-48CE-BD65-1DEEE70B2C32}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{E976C55B-498B-4F14-8840-5CE9729A6F01}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [UDP Query User{211AA0BB-B2BF-4AF9-ABA8-82CFF5CC0E1E}C:\users\julia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julia\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4D4FCBF6-4215-4F30-9ECA-5C56A461A339}C:\users\julia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EAF9E66-9C4A-4D0A-B054-19C130287E25}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20BCDFFA-F48F-451F-9909-7564F609CD50}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9C1BE638-D25E-4253-BB83-CE781B3F37EB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{7E8694C3-45BB-4745-A308-C6A35808C8D1}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D2F959ED-037E-46F8-AD5E-3286E5F07D61}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [{74359E8A-16FD-4F59-B923-0FE364A84156}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{880A6D2F-EEAB-438E-8929-2631F3FAE283}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{903D728A-A328-40A1-B1E4-F918302DFD0B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{DF62B350-1B30-45B9-9F9A-0835826ECD8F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{40ECC61F-8402-4117-B87D-EB3BA1C6DF00}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{5201F840-C181-4ADF-B64F-BA586C2E85AF}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{88D0A7BC-0EC0-4F83-B6DA-3A76E49049FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B0853F73-EE22-4F33-BD5F-457343C80640}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D800BFC-875A-44C6-B3DE-9FA69B80A8F8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{030DB97E-3233-4BFA-A3C7-62C05B1472AD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{661DEAD1-BBE5-469E-9396-3681E714EF41}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{ACE30677-F83A-4849-8B62-F821F27DBE48}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{869C9BD8-D89B-478E-A6DD-98A98BAAD329}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{852DA3E8-FB7A-4E00-9A41-FD7EC5D20F76}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
==================== Wiederherstellungspunkte =========================
13-02-2017 09:06:51 Geplanter Prüfpunkt
18-02-2017 10:54:52 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/18/2017 10:59:31 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (02/18/2017 10:59:26 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (02/18/2017 10:59:16 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (02/18/2017 10:58:09 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (02/18/2017 10:57:46 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (02/18/2017 10:55:47 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (02/18/2017 10:55:40 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (02/18/2017 10:55:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (02/18/2017 10:28:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899b5a
Name des fehlerhaften Moduls: USBKeyCredentialProvider.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x53d9fa55
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002b4a8
ID des fehlerhaften Prozesses: 0x18c
Startzeit der fehlerhaften Anwendung: 0x01d289c940b3d728
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\LogonUI.exe
Pfad des fehlerhaften Moduls: USBKeyCredentialProvider.dll
Berichtskennung: 3f37acda-c6da-41b4-8ff9-93f981f9e9df
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/18/2017 10:27:48 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Systemfehler:
=============
Error: (02/18/2017 11:01:47 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/18/2017 10:59:26 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/18/2017 10:41:54 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1190779463-2330029784-2471901394-1001-02182017104154342-ntuser.dat
Error: (02/18/2017 10:28:15 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/18/2017 10:27:42 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HomeGroupListener" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%2147944153 = In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.
Error: (02/18/2017 10:26:25 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst GDBackupSvc erreicht.
Error: (02/18/2017 10:25:47 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/18/2017 09:15:30 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/18/2017 09:15:30 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/18/2017 09:15:30 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N0N5AE6)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-N0N5AE6\julia" (SID: S-1-5-21-1190779463-2330029784-2471901394-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-02-13 19:49:26.594
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-02-06 15:30:22.008
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-02-05 20:23:11.527
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-02-05 19:25:05.946
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-02-03 19:14:25.480
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-30 17:39:50.482
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-30 17:39:49.524
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-09 13:09:05.578
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-09 13:09:05.167
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-05 15:58:00.988
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 16198.66 MB
Verfügbarer physikalischer RAM: 10918.05 MB
Summe virtueller Speicher: 18630.66 MB
Verfügbarer virtueller Speicher: 12783.68 MB
==================== Laufwerke ================================
Drive c: (Win10-Prof) (Fixed) (Total:931.02 GB) (Free:737.38 GB) NTFS
Drive e: (INTENSO) (Fixed) (Total:1863.01 GB) (Free:209.7 GB) NTFS
Drive f: (Elements) (Fixed) (Total:1397.26 GB) (Free:35.59 GB) NTFS
Drive g: (INTENSO ALT) (Fixed) (Total:1863.01 GB) (Free:960.39 GB) NTFS
Drive h: (INTENSO) (Fixed) (Total:698.63 GB) (Free:352.49 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FB5E5C55)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 1322A89A)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 698.6 GB) (Disk ID: 08E2026F)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 4D49C8E7)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 1397.3 GB) (Disk ID: 000AEA9D)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
18.02.2017, 12:58
| #10 |
| /// TB-Ausbilder | Probleme mit Maleware oder Trojaner nach Toolbar Installation Servus, in welchem Browser hast du die genannten Probleme? In Chrome? Hast du diese Probleme immer noch? Gibt es sonst Auffälligkeiten/Probleme? |
|
18.02.2017, 22:29
| #11 |
| | Probleme mit Maleware oder Trojaner nach Toolbar Installation Hallo, ja, die Probleme hatte ich bei Chrome. Seit heute Morgen läuft Chrome und System wieder schneller. Komische Emails bekomme ich seit gestern zum Glück nicht mehr. Leere Pop-up Fenster hat Chrome nur eins geöffnet, soweit ich das beobachten konnte. Welches Problem nun neu aufgetreten ist, dass ich "Anno-Online" im Chrome Browser nicht mehr spielen kann, er lädt nach dem Einloggen ein Drittel und dann passiert nichts mehr. Andere Spiele, die den FlashPlayer benötigen laufen im Prinzip. Im Firefox Browser lädt er "Anno" zwar, aber hier bekomme ich immer die Meldung, dass der FlashPlayer abgestürzt ist. Das Hochfahren geht immer noch unterschiedlich schnell. Manchmal hängt er beim Windows-Sperrbilschirm wo ich mein Passwort eingeben muss bis zu drei Minuten und gerade eben hatte ich zwei Minuten beim Laden des Desktops einen schwarzen Bildschirm. Danach hat er aber alles wie gewohnt geladen. Einfrieren tut es aber nicht mehr. Beim letzten Neustart vor ca. 2 Stunden habe ich beobachtet, dass die drei LED-Lampen (Num; Caps und Scroll) von meiner Tastatur, die ja eigentlich leuchten sollen sobald sie aktiviert werden, nicht funktionierten. Auch nach mehrmaligem Aktivieren ging nichts, aber die Tasten selbst funktionierten. Ich habe den PC dann nochmal neugestartet und dann ging es wieder. Dieses Problem hatte ich bisher noch nie gehabt. Hallo, vor ca. einer Stunde kam nun doch wieder eine von diesen merkwürdigen E-mails.... |
|
19.02.2017, 14:11
| #12 | |||||||||||
| /// TB-Ausbilder | Probleme mit Maleware oder Trojaner nach Toolbar Installation Servus, Zitat:
Rechner ist sauber, Google Chrome sieht auch gut aus. Alles andere hat nichts mit Malware zu tun. Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen:
Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
19.02.2017, 18:40
| #13 |
| | Probleme mit Maleware oder Trojaner nach Toolbar Installation Hallo, mit den "Spam-Mails" bin ich mir halt unsicher, da die von heute auf morgen plötzlich kamen und dann halt mehr als 20 Stück pro Tag. Das Problem kam bei meinem alten Laptop nämlich auch so plötzlich und der hatte einen fiesen Virus gehabt. Und kann ich das Problem mit meinem Online-Spiel eventuell noch irgendwie lösen? Chrome zurücksetzen hatte ja leider nichts gebracht. Den Flashplayer halte ich immer aktuell. Java habe ich glaube ich gar nicht installiert. Brauche ich das zwingend? meine Firewall läuft über GData und da habe ich auf die höchste Stufe gestellt. Vielen lieben Dank für die letzten Tipps zum "Rundumschutz". |
|
| Themen zu Probleme mit Maleware oder Trojaner nach Toolbar Installation |
| analyse, antwort, auswertung, erhalte, erstell, erstelle, erstellen, erstellte, falsche, falschen, forum, installation, keine antwort, maleware, neues, probleme, thema, toolbar, troja, trojaner, verschieben, wahrscheinlich |
Linear-Darstellung
