| |
| |||||||
Log-Analyse und Auswertung: Avast - svchost geblockt Malware LinkWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
15.02.2017, 16:54
| #1 |
 |  Avast - svchost geblockt Malware Link Liebes Team, Ich habe heute folgende Warnung von Avast! bekommen: Code:
ATTFilter 15.02.2017 13:43:56 https://131.253.61.84/ [L] URL:Mal (0)
15.02.2017 13:44:30 https://131.253.61.84/ [L] URL:Mal (0)
15.02.2017 13:45:02 https://131.253.61.84/ [L] URL:Mal (0)
15.02.2017 13:45:34 https://131.253.61.84/ [L] URL:Mal (0)
Dabei habe ich zu diesem Zeitpunkt nicht am Rechner gesessen und wurde nur durch die Audio-Meldung auf die Warnung aufmerksam. Danke im Voraus für eure Hilfe! Daniel EDIT sagt: Mein Betriebssystem ist Windows 10. Das habe ich vergessen mit zu schreiben. EDIT Ende Ich habe bisher den FRST-Scan gemacht, dazu hier die Log-Dateien: FRST.TXT (Anmerkung: Ich habe den Klarnamen eines bekannten im Bereich erstellte Dateien und Ordner zensiert, sowie meinen microsoft-Login-Namen zensiert) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-02-2017 01
durchgeführt von danie (Administrator) auf DESKTOP-9T9O37C (15-02-2017 16:06:09)
Gestartet von C:\Users\danie\Desktop
Geladene Profile: danie (Verfügbare Profile: defaultuser0 & danie)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\danie\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2085160 2010-03-05] (Synaptics Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15853176 2016-08-03] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-10-13] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2016-12-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6806144 2010-06-24] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26220296 2017-02-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [OneDrive] => C:\Users\danie\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1517280 2017-02-07] (Microsoft Corporation) <===== ACHTUNG
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Spotify Web Helper] => C:\Users\danie\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-07] (Spotify Ltd)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Spotify] => C:\Users\danie\AppData\Roaming\Spotify\Spotify.exe [7133808 2017-02-07] (Spotify Ltd)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [GoogleChromeAutoLaunch_1DE2210685523D121EF41F74D365AD10] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1116504 2017-02-01] (Google Inc.)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [22982848 2016-12-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
Startup: C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PixelRuler.lnk [2016-08-11]
ShortcutTarget: PixelRuler.lnk -> C:\Program Files (x86)\PixelRuler\PixelRuler.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{65b17e8d-7930-436e-a952-581958886376}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{90200e0b-80c6-4e80-8828-16c1b94ed4fe}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-07-28] (Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-01-12]
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @cambridgesoft.com/Chem3D,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\Chem3D\npChem3DPlugin.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=15.0 -> C:\Program Files (x86)\CambridgeSoft\ChemOffice2015\ChemDraw\npcdp32.dll [2015-03-14] (PerkinElmer)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default [2017-02-15]
CHR Extension: (Google Präsentationen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-04]
CHR Extension: (Flash Video Downloader) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2016-12-03]
CHR Extension: (Google Docs) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-04]
CHR Extension: (Google Drive) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-04]
CHR Extension: (YouTube) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-04]
CHR Extension: (Adblock Plus) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-28]
CHR Extension: (Video Downloader professional) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-10-28]
CHR Extension: (Avast SafePrice) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-22]
CHR Extension: (Google Tabellen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-04]
CHR Extension: (Full Screen Weather) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2016-08-04]
CHR Extension: (Google Docs Offline) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-04]
CHR Extension: (Hide My AdBlocker) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc [2016-11-10]
CHR Extension: (Avast Online Security) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Beebs - Access BBC iPlayer) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmliiafmgjkgkfadkpomlefdllhajdi [2017-01-08]
CHR Extension: (Weather Underground) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2016-08-04]
CHR Extension: (Google Mail) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-04]
CHR Extension: (Chrome Media Router) - C:\Users\danie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR Profile: C:\Users\danie\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-08]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-19] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.)
S2 IBG_gds_db; C:\Program Files (x86)\Embarcadero\Studio\18.0\InterBaseXE7\bin\ibguard.exe [636744 2016-02-25] (Embarcadero Technologies, Inc.)
S3 IBS_gds_db; C:\Program Files (x86)\Embarcadero\Studio\18.0\InterBaseXE7\bin\ibserver.exe [5587272 2016-02-25] (Embarcadero Technologies, Inc.)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-03-29] (Microsoft Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-03] (Logitech Inc.)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2016-03-28] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-17] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-21] (Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-01-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [205440 2017-01-16] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [137920 2017-01-16] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-15 16:06 - 2017-02-15 16:06 - 00029608 _____ C:\Users\danie\Desktop\FRST.txt
2017-02-15 16:05 - 2017-02-15 16:06 - 00000000 ____D C:\FRST
2017-02-15 16:03 - 2017-02-15 16:05 - 02422272 _____ (Farbar) C:\Users\danie\Desktop\FRST64.exe
2017-02-15 14:17 - 2017-02-15 14:17 - 00000000 ____D C:\Program Files (x86)\ESET
2017-02-13 21:58 - 2017-02-13 21:58 - 00000000 ___HD C:\OneDriveTemp
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\Users\danie\AppData\Roaming\IrfanView
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-02-13 16:22 - 2017-02-13 16:22 - 00000000 ____D C:\Program Files\IrfanView
2017-02-13 07:10 - 2017-02-13 07:10 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\Users\danie\Tracing
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\ProgramData\Skype
2017-02-13 07:10 - 2017-02-13 07:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-12 17:44 - 2017-02-12 18:30 - 00000000 ____D C:\Phone
2017-02-12 17:13 - 2017-02-12 17:17 - 00000000 ____D C:\Users\danie\AppData\Roaming\MyPhoneExplorer
2017-02-12 17:13 - 2017-02-12 17:13 - 00002126 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2017-02-12 17:13 - 2017-02-12 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2017-02-12 17:13 - 2017-02-12 17:13 - 00000000 ____D C:\Program Files (x86)\MyPhoneExplorer
2017-02-12 17:07 - 2017-02-12 17:24 - 00000000 ____D C:\Card
2017-02-12 16:12 - 2017-02-12 16:12 - 00000000 ____D C:\Users\danie\Documents\Samsung
2017-02-12 16:11 - 2017-02-12 16:12 - 00000000 ____D C:\Windows\LastGood
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2017-02-12 16:11 - 2017-02-12 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-02-12 16:10 - 2017-02-12 16:11 - 00000000 ____D C:\Users\danie\AppData\Roaming\Samsung
2017-02-12 16:10 - 2016-09-05 05:47 - 01499408 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2017-02-12 16:10 - 2016-09-05 05:47 - 00716920 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2017-02-12 16:10 - 2016-09-05 05:47 - 00165504 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2017-02-12 16:10 - 2016-09-05 05:47 - 00131712 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2017-02-12 16:10 - 2016-07-22 08:21 - 01499408 _____ (Microsoft Corporation) C:\Windows\system32\SET3DA.tmp
2017-02-12 16:10 - 2016-07-22 08:21 - 00716928 _____ (Microsoft Corporation) C:\Windows\system32\SET399.tmp
2017-02-12 16:10 - 2016-07-22 08:21 - 00164992 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\SETE6F9.tmp
2017-02-12 16:10 - 2016-07-22 08:21 - 00130688 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\SETBBB3.tmp
2017-02-12 16:09 - 2016-03-31 11:18 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2017-02-09 13:28 - 2017-02-09 13:28 - 02099905 _____ C:\Users\danie\Downloads\Wohnung_an-ummelden_Hinw_de+en.pdf
2017-02-09 13:28 - 2017-02-09 13:28 - 00334768 _____ C:\Users\danie\Downloads\Bestaetigung_BMG.pdf
2017-02-08 01:29 - 2017-02-08 01:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-08 00:13 - 2017-02-08 00:13 - 00207706 _____ C:\Users\danie\Downloads\Auslandsscheck_DE (1).pdf
2017-02-08 00:03 - 2017-02-08 00:03 - 00207706 _____ C:\Users\danie\Downloads\Auslandsscheck_DE.pdf
2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-02-06 23:48 - 2017-02-06 23:43 - 134270517 _____ C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments_online_converter#.pdf
2017-02-06 23:42 - 2017-02-06 23:43 - 134270517 _____ C:\Users\danie\Downloads\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.pdf
2017-02-06 23:30 - 2017-02-06 18:31 - 17294189 _____ C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.djvu
2017-02-06 23:09 - 2017-02-06 23:09 - 01616807 ____R C:\Users\danie\Documents\koehler_lehmann_2011.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 01102598 ____R C:\Users\danie\Documents\Practical laboratory course_***********.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00783869 ____R C:\Users\danie\Documents\lecture 12.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00680777 ____R C:\Users\danie\Documents\9783319055879-c2.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00664591 ____R C:\Users\danie\Documents\Otting_G_2010_Reiview.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00313885 ____R C:\Users\danie\Documents\bertini2001.pdf
2017-02-06 23:09 - 2017-02-06 23:09 - 00046833 ____R C:\Users\danie\Documents\L_6b_NOE_web.pdf
2017-02-06 18:41 - 2017-02-06 18:42 - 01824882 _____ C:\Users\danie\Documents\product_operator_formalism.pdf
2017-02-06 18:40 - 2017-02-06 18:40 - 02809960 _____ C:\Users\danie\Documents\relaxation_Enhancement.pdf
2017-02-06 18:27 - 2017-02-06 18:27 - 00680777 _____ C:\Users\danie\Downloads\9783319055879-c2.pdf
2017-02-06 18:20 - 2017-02-06 18:21 - 46049143 _____ C:\Users\danie\Downloads\Matthias Findeisen,Stefan Berger 50 and More Essential NMR Experiments. A Detailed Guide.pdf
2017-02-06 16:15 - 2017-02-06 16:15 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-13-english-29495
2017-02-06 16:14 - 2017-02-06 16:14 - 00026285 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-13-english-29495.zip
2017-02-05 21:39 - 2017-02-05 21:50 - 149068460 _____ C:\Users\danie\Downloads\lucifer.213.hdtv-lol.mkv.mp4.mp4
2017-02-05 20:34 - 2017-02-05 20:34 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-12-english-29201
2017-02-05 20:33 - 2017-02-05 20:33 - 00024770 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-12-english-29201.zip
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\Users\danie\AppData\Local\Remove_Empty_Directories
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remove Empty Directories
2017-02-05 15:15 - 2017-02-05 15:15 - 00000000 ____D C:\Program Files (x86)\Remove Empty Directories
2017-02-05 15:13 - 2017-02-05 15:15 - 00404482 _____ (Jonas John ) C:\Users\danie\Downloads\red-v2.2-setup.exe
2017-02-05 12:21 - 2017-02-05 12:21 - 00026159 _____ C:\Users\danie\Downloads\lucifer-season-2-episode-11-english-28991.zip
2017-02-05 12:21 - 2017-02-05 12:21 - 00000000 ____D C:\Users\danie\Downloads\lucifer-season-2-episode-11-english-28991
2017-02-04 22:34 - 2017-02-04 22:56 - 124549923 _____ C:\Users\danie\Downloads\Seriesonline.io-(360P - mp4)Lucifer - Season 2- Episode 11- Stewardess Interruptus.mp4
2017-02-04 22:30 - 2017-02-04 22:51 - 143374537 _____ C:\Users\danie\Downloads\Seriesonline.io-(360P - mp4)Lucifer - Season 2 Episode 12 - Love Handles.mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (5).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (4).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (3).mp4
2017-02-04 22:15 - 2017-02-04 22:15 - 00000007 _____ C:\Users\danie\Downloads\Watch video (2).mp4
2017-02-04 22:13 - 2017-02-04 22:13 - 00000007 _____ C:\Users\danie\Downloads\Watch video.mp4
2017-02-04 22:13 - 2017-02-04 22:13 - 00000007 _____ C:\Users\danie\Downloads\Watch video (1).mp4
2017-02-04 10:02 - 2016-07-15 19:29 - 05739008 _____ (Microsoft Corporation) C:\Windows\system32\prm0009.dll
2017-02-04 10:02 - 2016-07-15 19:29 - 02629120 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2017-02-04 10:02 - 2016-07-15 19:14 - 06354944 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2017-02-04 10:02 - 2016-07-15 18:45 - 02629120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons0009.dll
2017-02-04 10:02 - 2016-07-15 18:29 - 05489664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0009.dll
2017-02-04 10:01 - 2017-02-04 10:01 - 00001047 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-02-01 20:58 - 2017-02-01 20:58 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-02-01 20:58 - 2017-02-01 20:58 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-01 16:14 - 2017-02-01 16:14 - 00000000 ____D C:\Users\danie\AppData\Local\TeamViewer
2017-02-01 16:13 - 2017-02-01 16:14 - 00000000 ____D C:\Users\danie\AppData\Roaming\TeamViewer
2017-02-01 16:13 - 2017-02-01 16:13 - 00001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-02-01 16:13 - 2017-02-01 16:13 - 00001100 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-02-01 16:13 - 2017-02-01 16:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-01-30 12:59 - 2017-01-30 12:59 - 36727147 _____ C:\Users\danie\Downloads\Laborarbeit_2016_170130.pdf
2017-01-29 10:49 - 2017-01-29 10:49 - 00450814 _____ C:\Users\danie\Downloads\AGB_208_Strom_Privat_2017_01_NK.pdf
2017-01-25 21:42 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-01-25 21:42 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-01-25 14:50 - 2017-01-25 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-01-23 20:55 - 2017-01-23 20:55 - 00218282 _____ C:\Users\danie\Downloads\Medikamente_Formular.pdf
2017-01-23 19:42 - 2017-01-23 19:51 - 12095930 _____ C:\Users\danie\Downloads\[Manfred_Hesse,_Herbert_Meier,_Bernd_Zeeh]_Spektro(BookFi).pdf
2017-01-23 14:43 - 2017-01-23 14:43 - 00000000 ____D C:\Users\danie\AppData\Local\Adobe_Systems_Incorporate
2017-01-23 14:42 - 2017-01-23 15:04 - 00000000 ____D C:\Users\danie\Documents\My Digital Editions
2017-01-23 14:42 - 2017-01-23 14:42 - 00002257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.5.lnk
2017-01-23 14:42 - 2017-01-23 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2017-01-23 14:32 - 2017-01-23 14:50 - 01977054 _____ C:\Users\danie\Downloads\[James_Keeler]_Understanding_NMR_spectroscopy(BookFi) (1).pdf
2017-01-23 14:32 - 2017-01-23 14:41 - 02199824 _____ C:\Users\danie\Downloads\[James_Keeler]_Understanding_NMR_Spectroscopy(BookFi).pdf
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\Users\danie\AppData\Local\Passbild_Generator
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passbild-Generator
2017-01-22 20:36 - 2017-01-22 20:36 - 00000000 ____D C:\Program Files (x86)\Passbild-Generator
2017-01-22 15:05 - 2017-01-22 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2017-01-22 15:05 - 2017-01-22 15:05 - 00000000 ____D C:\Program Files\Oracle
2017-01-22 14:31 - 2017-01-22 14:53 - 00000000 ____D C:\Users\danie\Documents\Dateien_script
2017-01-21 21:42 - 2017-01-21 21:42 - 00000000 ____D C:\Users\danie\AppData\Roaming\GraphPad Software
2017-01-21 21:42 - 2017-01-21 21:42 - 00000000 ____D C:\ProgramData\GraphPad Software
2017-01-19 19:38 - 2017-01-19 19:38 - 00000000 ____D C:\Users\danie\Downloads\Django Unchained-kinox to(44884)-bySGexx
2017-01-16 17:38 - 2017-01-16 17:38 - 00205440 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2017-01-16 17:38 - 2017-01-16 17:38 - 00137920 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSB.sys
2017-01-16 17:38 - 2017-01-16 17:38 - 00131144 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-15 16:03 - 2016-08-15 20:57 - 00000000 ____D C:\Users\danie\AppData\Roaming\Skype
2017-02-15 15:54 - 2016-08-04 20:16 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-02-15 14:28 - 2016-08-06 19:43 - 00000000 ____D C:\Users\danie\AppData\Local\Spotify
2017-02-15 14:27 - 2016-08-06 19:43 - 00000000 ____D C:\Users\danie\AppData\Roaming\Spotify
2017-02-15 14:16 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\NDF
2017-02-15 13:55 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppReadiness
2017-02-15 11:37 - 2016-09-19 20:06 - 00004168 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{116B86B5-D81A-4122-817A-8BCA9244C3FC}
2017-02-15 08:58 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-15 02:00 - 2016-08-04 22:19 - 00000000 ____D C:\Users\danie\AppData\Local\Adobe
2017-02-14 21:36 - 2016-09-29 21:40 - 00000000 ____D C:\Users\danie\.VirtualBox
2017-02-13 22:05 - 2016-12-05 16:54 - 00000000 ____D C:\Users\danie\Documents\Calibre-Bibliothek
2017-02-13 21:58 - 2016-08-04 20:25 - 00000000 ___RD C:\Users\danie\OneDrive
2017-02-13 21:58 - 2016-08-04 20:22 - 00000000 ____D C:\Users\danie
2017-02-13 16:31 - 2016-08-04 21:52 - 00000000 ____D C:\Users\danie\AppData\Roaming\vlc
2017-02-13 01:17 - 2016-08-04 23:15 - 00007911 _____ C:\Windows\BRRBCOM.INI
2017-02-13 01:03 - 2016-08-04 20:23 - 00000000 ____D C:\Users\danie\AppData\Local\Packages
2017-02-12 23:54 - 2016-10-26 20:47 - 00000000 ____D C:\Users\danie\AppData\Roaming\Apple Computer
2017-02-12 21:41 - 2016-08-06 18:00 - 00004278 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-02-12 17:17 - 2016-08-13 12:08 - 00000000 ____D C:\Users\danie\.android
2017-02-12 17:03 - 2016-07-16 12:45 - 00000000 ____D C:\Windows\INF
2017-02-12 16:11 - 2016-08-05 21:12 - 00000000 ____D C:\ProgramData\Samsung
2017-02-12 16:10 - 2016-08-05 21:12 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-02-12 16:09 - 2016-08-04 23:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-08 01:29 - 2016-08-19 13:44 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-07 16:14 - 2016-12-06 07:37 - 00003290 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-07 16:14 - 2016-08-04 20:25 - 00002383 _____ C:\Users\danie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-06 22:30 - 2016-08-04 20:45 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-04 21:17 - 2016-12-05 17:01 - 00000000 ____D C:\Users\danie\AppData\Local\calibre-cache
2017-02-04 21:17 - 2016-12-05 16:54 - 00000000 ____D C:\Users\danie\AppData\Roaming\calibre
2017-02-04 21:16 - 2017-01-12 16:13 - 00000000 ____D C:\Bio_Linux
2017-02-04 10:02 - 2016-07-16 23:52 - 00000000 ____D C:\Windows\OCR
2017-02-04 10:02 - 2016-07-16 12:36 - 00000000 ____D C:\Windows\CbsTemp
2017-02-02 13:59 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-01 20:57 - 2016-08-04 20:24 - 01004544 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-01 20:57 - 2016-07-16 23:51 - 00550294 _____ C:\Windows\system32\perfh007.dat
2017-02-01 20:57 - 2016-07-16 23:51 - 00156908 _____ C:\Windows\system32\perfc007.dat
2017-02-01 20:50 - 2016-08-12 14:42 - 00000000 ____D C:\ProgramData\Embarcadero
2017-02-01 20:50 - 2016-08-04 20:16 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-01 20:45 - 2016-08-04 20:16 - 05014704 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-26 18:07 - 2016-07-16 07:04 - 00786432 _____ C:\Windows\system32\config\BBI
2017-01-25 14:50 - 2016-08-05 21:13 - 00003352 _____ C:\Windows\System32\Tasks\SamsungMagician
2017-01-23 14:52 - 2016-12-05 16:54 - 00000999 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2017-01-23 14:52 - 2016-12-05 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2017-01-23 14:52 - 2016-12-05 16:54 - 00000000 ____D C:\Program Files\Calibre2
2017-01-23 14:47 - 2016-08-04 20:23 - 00000000 ____D C:\Users\danie\AppData\Roaming\Adobe
2017-01-23 14:42 - 2016-08-04 22:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-01-21 21:40 - 2016-08-04 22:05 - 00000000 ____D C:\TMP
2017-01-19 18:15 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-19 18:14 - 2016-08-04 23:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-19 18:05 - 2016-08-04 22:38 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2017-01-18 21:42 - 2016-08-12 15:26 - 00000000 ____D C:\ProgramData\Oracle
2017-01-18 21:10 - 2016-08-12 15:26 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-01-18 21:10 - 2016-08-12 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-01-18 21:10 - 2016-08-12 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-18 21:10 - 2016-08-12 15:26 - 00000000 ____D C:\Program Files\Java
2017-01-16 17:38 - 2017-01-12 18:23 - 00959720 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2017-01-16 17:38 - 2016-09-29 21:37 - 00149304 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-08-05 17:44 - 2017-01-06 11:58 - 0000034 _____ () C:\Users\danie\AppData\Roaming\AdobeWLCMCache.dat
2016-11-30 10:50 - 2016-11-30 11:36 - 0001456 _____ () C:\Users\danie\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-09-21 20:12 - 2017-01-25 20:15 - 0009668 _____ () C:\Users\danie\AppData\Local\CDXLExtendedShim.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\danie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
Einige Dateien in TEMP:
====================
2016-08-10 18:42 - 2016-08-10 18:42 - 36403960 _____ (AppWork GmbH) C:\Users\danie\AppData\Local\Temp\JDSetup131153245463239802.exe
2016-08-13 07:56 - 2016-08-13 07:56 - 0741440 _____ (Oracle Corporation) C:\Users\danie\AppData\Local\Temp\jre-8u101-windows-au.exe
2017-01-18 21:04 - 2017-01-18 21:04 - 0739904 _____ (Oracle Corporation) C:\Users\danie\AppData\Local\Temp\jre-8u121-windows-au.exe
2016-09-19 18:45 - 2016-09-19 18:45 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\M9MYQW4AVM.DLL
2017-01-05 10:04 - 2017-01-05 10:05 - 2858376 _____ () C:\Users\danie\AppData\Local\Temp\npp.7.2.2.Installer.exe
2017-02-10 15:31 - 2017-02-10 15:31 - 0040448 ____N () C:\Users\danie\AppData\Local\Temp\proxy_vole3735512050020065073.dll
2017-02-10 15:31 - 2017-02-10 15:31 - 0040448 ____N () C:\Users\danie\AppData\Local\Temp\proxy_vole5825304206742508178.dll
2017-02-10 15:31 - 2017-02-10 15:31 - 0040448 ____N () C:\Users\danie\AppData\Local\Temp\proxy_vole6305030320323710800.dll
2016-09-19 18:47 - 2016-09-19 18:47 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\QD62A0GERA.DLL
2016-11-23 23:47 - 2016-11-23 23:47 - 14700056 _____ (Samsung Electronics ) C:\Users\danie\AppData\Local\Temp\Samsung_Magician_Installer.exe
2015-08-03 00:58 - 2015-08-03 00:58 - 0118784 _____ () C:\Users\danie\AppData\Local\Temp\xmlUpdater.exe
2016-09-19 18:46 - 2016-09-19 18:46 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\YJMCG40G3G.DLL
2016-09-19 18:54 - 2016-09-19 18:54 - 0034308 _____ () C:\Users\danie\AppData\Local\Temp\YR6884GKNC.DLL
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-02-09 22:03
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-02-2017 01
durchgeführt von danie (15-02-2017 16:06:50)
Gestartet von C:\Users\danie\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-04 19:21:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2044849159-1042748084-43516897-500 - Administrator - Disabled)
danie (S-1-5-21-2044849159-1042748084-43516897-1001 - Administrator - Enabled) => C:\Users\danie
DefaultAccount (S-1-5-21-2044849159-1042748084-43516897-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2044849159-1042748084-43516897-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-2044849159-1042748084-43516897-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ActivePerl 5.24.0 Build 2400 (64-bit) (HKLM\...\{C89FA3E7-29C4-4A60-AFB9-40E04715AE78}) (Version: 5.24.2400 - ActiveState)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.3 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Verifier x64 External Package (Version: 10.1.10586.212 - Microsoft) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0005 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Avogadro (HKLM-x32\...\Avogadro) (Version: 1.2.0 - Humanity)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-J870DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
calibre 64bit (HKLM\...\{35E6D951-3B09-4FF3-BE67-EAEC919ADCCF}) (Version: 2.77.0 - Kovid Goyal)
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
Embarcadero InterBase XE7 (HKLM-x32\...\Embarcadero InterBase XE7) (Version: Embarcadero InterBase XE7 - Embarcadero Technologies, Inc.)
Embarcadero RAD Studio 10.1 Berlin (HKLM-x32\...\Embarcadero RAD Studio 10.1 Berlin) (Version: 18.0 - Embarcadero Technologies, Inc.)
Embarcadero RAD Studio Berlin (x32 Version: 18.0 - Embarcadero Technologies, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FastReport 5 Embarcadero edition (HKLM-x32\...\{7FBAEA0A-5C1A-4a2e-8BD1-275A0C3755BB}) (Version: Embarcadero Edition - FastReports)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intellisense Lang Pack Mobile Extension SDK 10.0.10586.0 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
iTunes (HKLM\...\{F11677B7-0D8E-4F34-BEBB-6869FE861CDF}) (Version: 12.5.2.36 - Apple Inc.)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kits Configuration Installer (x32 Version: 10.1.10586.212 - Microsoft) Hidden
Logitech Gaming Software 8.84 (HKLM\...\Logitech Gaming Software) (Version: 8.84.15 - Logitech Inc.)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{BA62A9E2-7BB4-4D4A-8C5F-CC03C35491BD}) (Version: 4.6.00079 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{6C8591F8-C4FC-4A64-9E21-7F35F1D51D09}) (Version: 4.6.00079 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\OneDriveSetup.exe) (Version: 17.3.6764.0111 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows 10 SDK Installer (HKLM-x32\...\Microsoft Windows 10 SDK Installer) (Version: 18.0 - Embarcadero Technologies Inc.)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mp3tag v2.80 (HKLM-x32\...\Mp3tag) (Version: v2.80 - Florian Heidenreich)
MSI Development Tools (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.1.14 (HKLM\...\{6AE61854-0F78-49E3-ABCC-586FB43CE709}) (Version: 5.1.14 - Oracle Corporation)
Passbild-Generator v4.0b (HKLM-x32\...\Passbild-Generator_is1) (Version: - Passbild-Generator)
PeaZip 6.1.0 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 6.1.0 - Giorgio Tani)
PerkinElmer ChemOffice Professional 2015 (HKLM-x32\...\{83DBA37B-B24C-431B-9D7B-8331D28A067C}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PerkinElmer ChemScript 15.0 (HKLM-x32\...\{2623D946-2CA9-4E69-A6C1-DDFA46C87EFF}) (Version: 15.0 - PerkinElmer Informatics, Inc.)
PixelRuler v9.2.0.0 (HKLM-x32\...\PixelRuler_is1) (Version: - pixelruler.de)
Python 3.2 pywin32-217 (HKLM-x32\...\pywin32-py3.2) (Version: - )
Python 3.2.2 (HKLM-x32\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFD}) (Version: 3.2.2150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Remote Mouse version 3.002 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.002 - Remote Mouse)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version: - Roadkil.Net)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SDK Debuggers (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16121.3 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16121.3 - Samsung Electronics Co., Ltd.) Hidden
SpeedCommander 16 (x64) (HKLM\...\SpeedCommander 16 (x64)) (Version: 16.10.8200 - SWE Sven Ritter)
Spotify (HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.11.0 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
TeXstudio 2.11.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.11.2 - Benito van der Zander)
Ttf2Pt1-3.4.4 Complete package, except sources (GnuWin32) (HKLM-x32\...\Ttf2Pt1-3.4.4_is1) (Version: 3.4.4 - GnuWin32)
Universal CRT Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMD 1.9.2 (HKLM-x32\...\{089F161A-EFCE-44D8-8D38-C401835D93E4}) (Version: 1.9.2 - University of Illinois)
WinAppDeploy (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{75C39BA6-1D02-4BEA-844F-0EA6C4B7FA1B}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WPT Redistributables (x32 Version: 10.1.10586.212 - Microsoft) Hidden
WPTx64 (x32 Version: 10.1.10586.212 - Microsoft) Hidden
Zortam Mp3 Media Studio 21.35 (HKLM-x32\...\Zortam Mp3 Media Studio_is1) (Version: - Zortam)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2044849159-1042748084-43516897-1001_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll ()
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {192D2D98-33A9-4EC4-9896-6FF0C2F8F337} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-04] (Google Inc.)
Task: {21FAC54D-1678-4675-8BC9-4CFB8004D976} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-23] (Samsung Electronics Co. Ltd.)
Task: {2493413F-9C60-497D-8DA3-AE1DA66A2B3D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-09] (AVAST Software)
Task: {2A46A2EC-BEC1-4EF0-AB35-CF4026FF8DFC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation)
Task: {2F9B9EB7-8613-4AB6-89EA-193DCB9B5FB8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {32D51965-AA80-4FDA-8DB7-1781EB4FB623} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-*************************** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {43415A32-378E-4EB8-9888-7CC810B35503} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {7AB6AA19-0881-4D27-8734-95F1B6164C0B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation)
Task: {A0D5D4A8-1C95-4B18-95E6-3B7B9B03B510} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {A7A917FF-05B5-4013-AF77-89757CB96BF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-04] (Google Inc.)
Task: {B95FFCBA-EC40-4792-96F7-42EC9FCFB7F8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {BAC026DE-071D-4FA8-A31D-F272109D4A64} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10] (Realtek Semiconductor)
Task: {C77C0E0B-0D42-475D-BC83-4156B05B7D05} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation)
Task: {DA460F4D-3A1E-443A-A492-F52BA5AA3B65} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-19] (Dropbox, Inc.)
Task: {E1DB79CC-94D1-436F-8912-85669F1E4F76} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor)
Task: {E6A3C464-5455-47C3-B476-5E347A934207} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-19] (Dropbox, Inc.)
Task: {E90A764A-D783-42CA-9F23-796C2E800325} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-01] (AVAST Software)
Task: {EB55E557-F628-48AC-AEAC-F6E76FAC4A7A} - System32\Tasks\SafeZone scheduled Autoupdate 1470502893 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {EE42846D-A85E-4918-8320-349AF43E2871} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-08-04 23:41 - 2016-06-25 07:52 - 00018432 _____ () C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
2016-10-05 17:17 - 2016-10-05 17:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-04 23:14 - 2005-04-22 05:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-12-14 23:10 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-12-14 23:10 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-12-14 23:10 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-09-13 23:48 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 22:58 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 22:58 - 2016-12-21 08:08 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2017-01-11 22:58 - 2016-12-21 07:55 - 07843840 _____ () C:\Windows\ShellExperiences\QuickConnectUI.dll
2017-02-06 22:30 - 2017-02-01 10:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 22:30 - 2017-02-01 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-08-03 19:06 - 2016-08-03 19:06 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-08-03 19:06 - 2016-08-03 19:06 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-02-06 09:09 - 2017-02-06 09:09 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-06 09:09 - 2017-02-06 09:09 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-06 09:09 - 2017-02-06 09:09 - 42895872 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 09:09 - 2017-02-06 09:09 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\roottools.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 22:58 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 22:58 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 22:58 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-23 08:42 - 2016-11-23 08:42 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-23 08:42 - 2016-11-23 08:42 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-08-04 20:47 - 2016-08-04 20:47 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-23 08:42 - 2016-11-23 08:42 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-23 08:42 - 2016-11-23 08:42 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2016-07-17 00:01 - 2016-07-17 00:01 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-02-15 08:57 - 2017-02-15 08:58 - 03865088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-01-23 08:04 - 2017-01-23 08:04 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.25.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2016-09-09 20:30 - 2016-09-09 20:30 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-09 20:30 - 2016-09-09 20:30 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-02-14 19:11 - 2017-02-14 19:11 - 06350848 _____ () C:\Program Files\AVAST Software\Avast\defs\17021400\algo.dll
2017-02-15 11:12 - 2017-02-15 11:12 - 06350848 _____ () C:\Program Files\AVAST Software\Avast\defs\17021500\algo.dll
2016-08-04 23:14 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-08-04 23:41 - 2015-05-26 18:54 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2015-03-17 00:34 - 2015-03-17 00:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2016-08-04 23:14 - 2013-04-05 12:23 - 00954880 _____ () C:\Program Files (x86)\ControlCenter4\BrImgProc.dll
2016-08-06 18:00 - 2016-08-06 18:00 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-02-08 01:29 - 2017-02-07 05:48 - 00801600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2016-08-19 13:45 - 2017-01-14 00:53 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-08-19 13:45 - 2017-01-14 00:53 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-08-19 13:45 - 2017-01-14 00:53 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-08-19 13:45 - 2017-01-14 00:53 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-08-19 13:45 - 2017-01-14 00:54 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-02-08 01:29 - 2017-01-14 00:53 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-02-08 01:29 - 2017-01-14 00:54 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-02-08 01:29 - 2017-01-14 00:53 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-08-19 13:45 - 2017-01-14 00:56 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00052544 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-02-08 01:29 - 2017-01-14 00:53 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-02-08 01:29 - 2017-01-14 00:56 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-08-19 13:45 - 2017-01-14 00:56 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-19 13:45 - 2017-01-14 00:55 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-08-19 13:45 - 2017-01-14 00:54 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-24 08:40 - 2017-02-07 05:50 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-02-08 01:29 - 2017-01-14 00:51 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-02-08 01:29 - 2017-02-07 05:50 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-02-08 01:29 - 2016-12-22 07:58 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-02-08 01:29 - 2017-02-07 05:50 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-02-08 01:29 - 2017-01-14 01:02 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-02-08 01:29 - 2017-01-14 01:02 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-02-08 01:29 - 2017-02-07 05:50 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-08-19 13:45 - 2017-01-14 00:57 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-19 13:45 - 2017-02-07 05:50 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-02-08 01:29 - 2017-02-07 05:50 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\danie\Documents\Stefan Berger, Siegmar Braun 200 and More NMR Experiments.djvu:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\sharepoint.com -> hxxps://campussachsen-files.sharepoint.com
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 12:47 - 2016-08-04 22:48 - 00001050 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-2044849159-1042748084-43516897-1001\...\StartupApproved\StartupFolder: => "PixelRuler.lnk"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1E52F9A0-5820-47E5-8672-581F7A139665}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE
FirewallRules: [{C760F8E6-1F3E-4303-85A1-D7D7DB698AC7}] => (Allow) LPort=54925
FirewallRules: [{CDD216A4-B2B0-4EDA-AE45-F71EBAA4CD0C}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{119E2607-1EE9-40CF-B1BD-2C344119A791}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{1DF0FA43-BD46-4CA8-9B4F-1ADF0D4F4E4E}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{07EC27C9-3E14-433C-A2A0-C403AD5B5BAE}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{29D3A4D9-75EE-48E5-9E6B-9C58606AD4FE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F7BE5DE8-B108-4817-8518-4ED78E78DE22}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{542D9C41-4F9E-44AC-8520-DB38A6F29DF2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{A847E550-A2C4-4C24-B245-3C03AD9813FC}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{49841A41-40C0-4730-83B6-6DF320171517}C:\users\danie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\danie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5F130595-1397-4E60-A7CC-6AFC28052F4D}C:\users\danie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\danie\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{DB9B22F4-7909-489B-859B-BFD5764AAF13}C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe] => (Allow) C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe
FirewallRules: [UDP Query User{F2A88DBE-BFE0-4B54-9CBA-BEAC9A26F1E3}C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe] => (Allow) C:\program files (x86)\embarcadero\studio\18.0\bin\bds.exe
FirewallRules: [TCP Query User{E183CA1A-F191-4A9F-B161-DAFAD52679FC}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [UDP Query User{C668A88D-4CD0-498C-A458-7AAC9F0AFFC3}C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe] => (Allow) C:\program files (x86)\cambridgesoft\chemoffice2015\chemdraw\chemdraw.exe
FirewallRules: [{9186B335-8F0C-479A-A177-4B8FCE56AE09}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C35D2E0E-F8C4-4FCB-BFEE-C35010B929E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{09761B78-77BE-49E1-AAC8-C2D198097C5E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E84533B9-C293-426C-AE30-EE6021FADE42}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C17E3F4B-84A0-44A1-A35E-C579D68D3032}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{08503169-D484-4A9E-8BB1-E5FA2C814D3E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{DEBAD8D2-6378-49E7-A0CA-8D8CAB4B9F44}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4646391F-477D-4873-84C6-0EEE30A07566}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{3B66BF7C-967C-48C2-9A30-6D1CD1253433}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9DBFAEF7-75AF-4A58-9E8A-BFAA3F1712A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AA630F4F-BF9C-421A-8167-16690F5535B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{033A785A-04DF-4328-8713-FE0B4EE558B6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3780DA59-0B92-4A18-A096-DE153E950AFA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{51508A9E-D29B-40A9-85C5-F551CE724B2D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{5D15864C-AC2E-4DFB-83BC-92E57F81009A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
==================== Wiederherstellungspunkte =========================
23-01-2017 14:51:59 Installed calibre 64bit
02-02-2017 02:44:55 Geplanter Prüfpunkt
12-02-2017 16:09:16 Installed Smart Switch
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/15/2017 04:03:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "F:\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (02/15/2017 03:50:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (02/15/2017 03:50:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm\signtool.exe.Manifest".
Die abhängige Assemblierung "Microsoft.Windows.Build.Appx.AppxSip.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/15/2017 03:50:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm64\signtool.exe.Manifest".
Die abhängige Assemblierung "Microsoft.Windows.Build.Appx.AppxSip.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/15/2017 03:49:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm64\oleview.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/15/2017 03:49:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\arm64\filetypeverifier.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/15/2017 03:49:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\14.0\Debugger\target\armv4i\vsgraphicsremoteengine.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/15/2017 03:49:27 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (02/15/2017 03:49:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (02/15/2017 02:18:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Systemfehler:
=============
Error: (02/15/2017 03:53:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-9T9O37C)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/15/2017 03:51:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (02/15/2017 03:51:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-9T9O37C)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/15/2017 03:49:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (02/15/2017 03:46:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (02/15/2017 03:46:21 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\danie\AppData\Local\Temp\ehdrv.sys
Error: (02/15/2017 03:46:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (02/15/2017 03:46:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\danie\AppData\Local\Temp\ehdrv.sys
Error: (02/15/2017 03:46:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (02/15/2017 03:46:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\danie\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===================================
Date: 2016-12-07 16:02:25.976
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-07 16:02:25.973
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-01 10:03:52.930
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-01 10:03:52.928
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-25 14:43:23.529
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-25 14:43:23.527
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-18 13:06:10.559
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-18 13:06:10.557
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 52%
Installierter physikalischer RAM: 8116.55 MB
Verfügbarer physikalischer RAM: 3860.96 MB
Summe virtueller Speicher: 9396.55 MB
Verfügbarer virtueller Speicher: 3789.86 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:209.11 GB) (Free:57.85 GB) NTFS
Drive d: (OS) (Fixed) (Total:115.98 GB) (Free:7.11 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (DATA) (Fixed) (Total:329.79 GB) (Free:3.64 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=464 MB) - (Type=27)
Partition 4: (Not Active) - (Size=329.8 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 6B8C4C4B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=209.1 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
| Themen zu Avast - svchost geblockt Malware Link |
| adobe, antivirus, bonjour, converter, defender, device driver, downloader, google, home, installation, launch, malware, monitor, mozilla, office 365, popup, proxy, prozesse, realtek, rundll, security, software, svchost, svchost.exe, system, udp, warnung, windows, windowsapps |
Baum-Darstellung