| |
| |||||||
Log-Analyse und Auswertung: langsamer systemstart ohne grund und 2 cmd.exe fenster bei startWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
09.05.2017, 21:21
| #1 |
 |  langsamer systemstart ohne grund und 2 cmd.exe fenster bei start So hallo zusammen... seit ca einer woche ist mein pc ultralangsam beim start und heute hab ich gesehen dass 2 cmd fenster geöffnet und sehr schnell wieder geschlossen wurden. Ich hab einen Windows 10 rechner, seit januar Asus x556u und hab avira drüberlaufen lassen, wurde aber nix gefunden (deswegen keine logs) ich hab schon den otl log drüber laufen lassen ... Code:
ATTFilter OTL logfile created on: 09.05.2017 21:45:52 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\****\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.14393.0) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,88 Gb Total Physical Memory | 2,69 Gb Available Physical Memory | 34,07% Memory free 15,13 Gb Paging File | 9,92 Gb Available in Paging File | 65,55% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 930,75 Gb Total Space | 764,21 Gb Free Space | 82,11% Space Free | Partition Type: NTFS Computer Name: DESKTOP | User Name: **** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - C:\Users\****\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe (Glarysoft Ltd) PRC - C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Glarysoft Ltd) PRC - C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Skype Technologies) PRC - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.) PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Intel Corporation) PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe (ASUS Cloud Corporation) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) ========== Modules (No Company Name) ========== MOD - C:\Programme\AVAST Software\Avast\libcef.dll () MOD - C:\Programme\AVAST Software\Avast\AvChrome.dll () MOD - C:\Programme\AVAST Software\Avast\ffl2.dll () MOD - C:\Programme\AVAST Software\Avast\tasks_core.dll () MOD - C:\Programme\AVAST Software\Avast\event_routing_rpc.dll () MOD - C:\Programme\AVAST Software\Avast\JsonRpcServer.dll () MOD - C:\Programme\AVAST Software\Avast\gaming_mode_ui.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Avira.Systef2d068c3#\d11861a6188cb51585bd4d491ac72108\Avira.SystemSpeedup.UI.Views.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\b4e7afd633df87b8b6fc9755469689ed\System.Data.Linq.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Avira.Syste639b4fe3#\5c714f32edac5a5a451284ab8f1f8562\Avira.SystemSpeedup.Core.Client.Services.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Avira.Systea666a8d1#\71fc4c87a167317e06a7279aba1c4447\Avira.SystemSpeedup.Infrastructure.Exception.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\5802392cd3e3a6f3921aabc3241bb561\System.IdentityModel.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Avira.Systecb66536c#\f5a07e00e1224cc7d9f9ff39f64ee9f8\Avira.SystemSpeedup.UI.ViewModels.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Avira.Syste029d7e0c#\55954b374f5ce2eac870d1ee8737e4de\Avira.SystemSpeedup.UI.Styles.Standard.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Avira.Syste3138d277#\b26719e08da2a63d0674bd4aacda75a0\Avira.SystemSpeedup.Infrastructure.Communication.Pipes.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Avira.Systed5a24264#\1fc3ae5254eb3407c14bcc1a09ed8902\Avira.SystemSpeedup.UI.Resources.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Avira.Syste768be01f#\24ee70b0f0e40a49672451b605ec2f05\Avira.SystemSpeedup.Core.Services.Interface.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Avira.Systecd1ad9ed#\25adf3a47838bde197ab919fb8f16e41\Avira.SystemSpeedup.Infrastructure.Communication.Interface.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Pcfd8586c#\d1fe0a2213ff0a826be34132470faf6e\Microsoft.Practices.Prism.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Pd001c906#\654ad4e737bc48e32ee321cfda54f39e\Microsoft.Practices.Unity.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Avira.Syste78a60bd0#\b8bf4f5d7331f2500c3d650948c12ea7\Avira.SystemSpeedup.UI.Common.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Avira.Systebb8c882b#\c27897a90a27ad964b6d1ed25549e93f\Avira.SystemSpeedup.Infrastructure.Common.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Avira.Systea5256926#\e57c78f571d6f77b44317960ecfb417c\Avira.SystemSpeedup.Core.Common.Library.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\a390fa28b40e5b0bfd357371211f470d\System.ServiceModel.ni.dll () MOD - C:\Program Files (x86)\Skype\Phone\skypert.dll () MOD - C:\Program Files (x86)\Steam\video.dll () MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL () MOD - C:\Program Files (x86)\Steam\steam.dll () MOD - C:\Program Files (x86)\Glary Utilities 5\zlib1.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.28b9ef5a#\de1c8aa4b6ee264210be85f51f2b1521\System.Web.Extensions.ni.dll () MOD - C:\Program Files (x86)\Steam\SDL2.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\1b144b0155aa14719ac0b83f038abbd5\SMDiagnostics.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\d842ac6dc0b94d7516b2d43a62b8f4d7\System.ServiceModel.Internals.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\3d2a29307752e54b838204883ff642fa\System.ComponentModel.Composition.ni.dll () MOD - C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\720259e39ef1331fa96a3242ad50f25a\System.Data.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\010ca03bc4ce0e90aba17cf53dfaa3b0\System.ServiceProcess.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web\31891cda2f40006af1f149bf856c17ca\System.Web.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c02fbf560e52a1aab432a90d4c613af4\System.Windows.Forms.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\c2abcda8f96d67fa6ff5665fd21dddff\System.Drawing.ni.dll () MOD - C:\Program Files (x86)\Steam\v8.dll () MOD - C:\Program Files (x86)\Steam\icui18n.dll () MOD - C:\Program Files (x86)\Steam\icuuc.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\40571abae9422cd2ca6fafbbde1c3cdc\mscorlib.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\08da6b6698b412866e6910ae9b84f363\System.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\f6ebd52be27fe627fed0d185c6a9c0d5\System.Core.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\7532301b00fac8def2f526ca8b480e11\System.Xml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\5751e969e4789e60d3ad463cb6024006\WindowsBase.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\04c4f83e0b62ff553abff98943e45f42\System.Xaml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\6e975e2acfc33e1c706f00bf2942e187\System.Xml.Linq.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\213003369298faf75651a6b8981dce12\System.Runtime.Serialization.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\aa9c29b70b4cceab890eb841f89d73e9\System.Configuration.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\5272cb4aeec65bec2fffb45e9cb22910\PresentationFramework.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\051a282e157a228405b2e0d867c3ce1d\PresentationCore.ni.dll () MOD - C:\Program Files (x86)\Steam\openvr_api.dll () MOD - C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll () MOD - C:\Program Files (x86)\Steam\libavcodec-56.dll () MOD - C:\Program Files (x86)\Steam\libavformat-56.dll () MOD - C:\Program Files (x86)\Steam\libswscale-3.dll () MOD - C:\Program Files (x86)\Steam\libavutil-54.dll () MOD - C:\Program Files (x86)\Steam\libavresample-2.dll () ========== Services (SafeList) ========== SRV:64bit: - (mccspsvc) -- C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe () SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (mcpltsvc) -- C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McBootDelayStartSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (HomeNetSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (mfemms) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe () SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.) SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe () SRV:64bit: - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation) SRV:64bit: - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation) SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation) SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation) SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation) SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation) SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation) SRV:64bit: - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation) SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation) SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation) SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation) SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation) SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation) SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation) SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation) SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation) SRV:64bit: - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation) SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation) SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation) SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation) SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation) SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation) SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation) SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation) SRV:64bit: - (cphs) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHeciSvc.exe (Intel Corporation) SRV:64bit: - (cplspcon) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHDCPSvc.exe (Intel Corporation) SRV:64bit: - (igfxCUIService2.0.0.0) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe (Intel Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation) SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation) SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (DcpSvc) -- C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation) SRV:64bit: - (WpnUserService_6dda03) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (UserDataSvc_6dda03) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (UnistoreSvc_6dda03) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (PimIndexMaintenanceSvc_6dda03) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (OneSyncSvc_6dda03) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (MessagingService_6dda03) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (CDPUserSvc_6dda03) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation) SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation) SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation) SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation) SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation) SRV:64bit: - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation) SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation) SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation) SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation) SRV:64bit: - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation) SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation) SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation) SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation) SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation) SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation) SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation) SRV:64bit: - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation) SRV:64bit: - (esifsvc) -- C:\Windows\SysNative\Intel\DPTF\esif_uf.exe (Intel Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (aswbIDSAgent) -- C:\Programme\AVAST Software\Avast\x64\aswidsagenta.exe (AVAST Software s.r.o.) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (ose64) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (McAfee SiteAdvisor Service) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) SRV - (Avira.ServiceHost) -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) SRV - (SpeedupService) -- C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe (Avira Operations GmbH & Co. KG) SRV - (ClientAnalyticsService) -- C:\Programme\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe (Intel Security) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (McAPExe) -- C:\Programme\Common Files\McAfee\VSCore_15_6\mcapexe.exe (McAfee, Inc.) SRV - (ModuleCoreService) -- C:\Programme\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (McAfee, Inc.) SRV - (McODS) -- C:\Programme\mcafee\virusscan\mcods.exe (McAfee, Inc.) SRV - (AviraPhantomVPN) -- C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (Avira Operations GmbH & Co. KG) SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation) SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation) SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation) SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation) SRV - (dbupdatem) -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.) SRV - (dbupdate) -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.) SRV - (cphs) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHeciSvc.exe (Intel Corporation) SRV - (cplspcon) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHDCPSvc.exe (Intel Corporation) SRV - (igfxCUIService2.0.0.0) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe (Intel Corporation) SRV - (PEFService) -- C:\Programme\Common Files\Intel Security\PEF\CORE\PEFService.exe (Intel Security, Inc.) SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.) SRV - (VSStandardCollectorService140) -- C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe (Microsoft Corporation) SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation) SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (AtherosSvc) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe (Windows (R) Win 7 DDK provider) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) SRV - (GfExperienceService) -- C:\Programme\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) SRV - (NvStreamSvc) -- C:\Programme\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation) SRV - (NvStreamNetworkSvc) -- C:\Programme\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) SRV - (McAWFwk) -- C:\Programme\Common Files\McAfee\ActWiz\McAWFwk.exe (McAfee, Inc.) SRV - (Kingsoft_WPS_UpdateService) -- C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe (Zhuhai Kingsoft Office Software Co.,Ltd) SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Intel Corporation) SRV - (isaHelperSvc) -- C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe (Intel Corporation) SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation) SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUSTek Computer Inc.) SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTek Computer Inc.) SRV - (Asus WebStorage Windows Service) -- C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe (ASUS Cloud Corporation) SRV - (TeamViewer) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH) ========== Driver Services (SafeList) ========== DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys (AVAST Software) DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software) DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software) DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys (AVAST Software) DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswbuniv) -- C:\Windows\SysNative\drivers\aswbuniva.sys (AVAST Software s.r.o.) DRV:64bit: - (aswblog) -- C:\Windows\SysNative\drivers\aswbloga.sys (AVAST Software s.r.o.) DRV:64bit: - (aswbidsdriver) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys (AVAST Software s.r.o.) DRV:64bit: - (aswbidsh) -- C:\Windows\SysNative\drivers\aswbidsha.sys (AVAST Software s.r.o.) DRV:64bit: - (GUBootStartup) -- C:\Windows\SysNative\drivers\GUBootStartup.sys (Glarysoft Ltd) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avnetflt) -- C:\Windows\SysNative\drivers\avnetflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avusbflt) -- C:\Windows\SysNative\drivers\avusbflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (mfeelamk) -- C:\Windows\SysNative\drivers\mfeelamk.sys (McAfee, Inc.) DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.) DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.) DRV:64bit: - (mfeaack) -- C:\Windows\SysNative\drivers\mfeaack.sys (McAfee, Inc.) DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.) DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.) DRV:64bit: - (mfeplk) -- C:\Windows\SysNative\drivers\mfeplk.sys (McAfee, Inc.) DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.) DRV:64bit: - (mfencbdc) -- C:\Windows\SysNative\drivers\mfencbdc.sys (McAfee, Inc.) DRV:64bit: - (mfencrk) -- C:\Windows\SysNative\drivers\mfencrk.sys (McAfee, Inc.) DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation) DRV:64bit: - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation) DRV:64bit: - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation) DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation) DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation) DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igdkmd64.sys (Intel Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (nvlddmkm) -- C:\Windows\SysNative\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys (NVIDIA Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation) DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation) DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation) DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation) DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation) DRV:64bit: - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation) DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation) DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation) DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (clreg) -- C:\Windows\SysNative\drivers\registry.sys (Microsoft Corporation) DRV:64bit: - (wcnfs) -- C:\Windows\SysNative\drivers\wcnfs.sys (Microsoft Corporation) DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys () DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation) DRV:64bit: - (tsusbflt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation) DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation) DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation) DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation) DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation) DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation) DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation) DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation) DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation) DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation) DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications) DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra) DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox) DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation) DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox) DRV:64bit: - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (scmdisk0101) -- C:\Windows\SysNative\drivers\scmdisk0101.sys (Microsoft Corporation) DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox) DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI) DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation) DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies) DRV:64bit: - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies) DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation) DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation) DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (bcmfn) -- C:\Windows\SysNative\drivers\bcmfn.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation) DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation) DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation) DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation) DRV:64bit: - (Qcamain10x64) -- C:\Windows\SysNative\drivers\Qcamain10x64.sys (Qualcomm Atheros, Inc.) DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros) DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation) DRV:64bit: - (esif_lf) -- C:\Windows\SysNative\drivers\esif_lf.sys (Intel Corporation) DRV:64bit: - (dptf_acpi) -- C:\Windows\SysNative\drivers\dptf_acpi.sys (Intel Corporation) DRV:64bit: - (dptf_cpu) -- C:\Windows\SysNative\drivers\dptf_cpu.sys (Intel Corporation) DRV:64bit: - (RTSUER) -- C:\Windows\SysNative\drivers\RtsUer.sys (Realsil Semiconductor Corporation) DRV:64bit: - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek ) DRV:64bit: - (AsusSGDrv) -- C:\Windows\SysNative\drivers\AsusSGDrv.sys (ASUS Corporation) DRV:64bit: - (iaLPSS2_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2_I2C.sys (Intel Corporation) DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys (Intel Corporation) DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys (McAfee, Inc.) DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.) DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation) DRV:64bit: - (HIDSwitch) -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys (ASUS) DRV:64bit: - (farmntio) -- C:\Windows\SysNative\drivers\farmntio.sys () DRV - (igfx) -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igdkmd64.sys (Intel Corporation) DRV - (nvlddmkm) -- C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys (NVIDIA Corporation) DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys (Microsoft Corporation) DRV - (mfesapsn) -- C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys (McAfee, Inc.) DRV - (NvStreamKms) -- C:\Programme\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation) DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS) DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUSTek Computer Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.countryCode: "DE" FF - prefs.js..browser.search.region: "DE" FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:5.0.540.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:53.0.2 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_171.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp: C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf: C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\SAFFPLG.XPI [2017.05.07 11:15:31 | 000,133,247 | ---- | M] () FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017.05.07 11:15:31 | 000,133,247 | ---- | M] () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 53.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 53.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2017.04.15 22:38:55 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 53.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 53.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016.12.28 14:41:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions [2016.12.28 15:32:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\4sq311hs.default\browser-extension-data [2016.12.28 15:32:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\4sq311hs.default\browser-extension-data\abs@avira.com [2017.05.09 20:15:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\4sq311hs.default\extensions [2017.04.06 09:09:07 | 001,143,453 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\4sq311hs.default\extensions\abs@avira.com.xpi [2017.05.09 20:02:27 | 000,692,271 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\4sq311hs.default\extensions\wrc@avast.com.xpi [2016.12.28 14:50:01 | 001,055,311 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\4sq311hs.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017.05.07 15:22:21 | 000,044,954 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\4sq311hs.default\features\{81e5b577-737f-4be9-983a-c09fd51e121c}\shield-recipe-client@mozilla.org.xpi [2017.05.06 22:55:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2017.05.07 11:15:31 | 000,133,247 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\SAFFPLG.XPI ========== Chrome ========== CHR - Extension: No name found = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\ CHR - Extension: No name found = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\ CHR - Extension: No name found = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\ CHR - Extension: No name found = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\ CHR - Extension: No name found = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\ CHR - Extension: No name found = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\5.0.532.0_0\ CHR - Extension: No name found = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\2.1.0_0\ CHR - Extension: No name found = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\ CHR - Extension: No name found = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\ CHR - Extension: No name found = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\ CHR - Extension: No name found = C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.3_0\ O1 HOSTS File: ([2015.10.30 09:21:30 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (McAfee WebAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation) O2 - BHO: (McAfee WebAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O2 - BHO: (Microsoft OneDrive for Business Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL (Microsoft Corporation) O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Avira System Speedup User Starter] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Avira SystrayStartTrigger] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe (Avira Operations GmbH & Co. KG) O4 - HKCU..\Run: [GUDelayStartup] C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe (Glarysoft Ltd) O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O9:64bit: - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html File not found O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html File not found O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation) O9 - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O9 - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97e7966f-dff7-4965-8930-fe49dae4bde9}: DhcpNameServer = 10.66.24.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{f189fe97-9d10-4978-a1f2-449ea9402475}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Programme\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Programme\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Programme\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Programme\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Programme\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Programme\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Programme\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Programme\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\mcafee\msc\McSnIePl64.dll (McAfee, Inc.) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2017.05.09 21:29:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2017.05.09 20:50:16 | 000,000,000 | ---D | C] -- C:\ProgramData\SWCUTemp [2017.05.09 20:40:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2017.05.09 20:12:01 | 000,032,600 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswKbd.sys [2017.05.09 20:09:00 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\AVAST Software [2017.05.09 20:07:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AV [2017.05.09 20:06:28 | 001,007,160 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys [2017.05.09 20:06:28 | 000,569,192 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys [2017.05.09 20:06:28 | 000,339,696 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys [2017.05.09 20:06:28 | 000,334,576 | ---- | C] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbloga.sys [2017.05.09 20:06:28 | 000,311,808 | ---- | C] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsdrivera.sys [2017.05.09 20:06:28 | 000,190,256 | ---- | C] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsha.sys [2017.05.09 20:06:28 | 000,158,368 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys [2017.05.09 20:06:28 | 000,128,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys [2017.05.09 20:06:28 | 000,101,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys [2017.05.09 20:06:28 | 000,075,704 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys [2017.05.09 20:06:28 | 000,049,016 | ---- | C] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbuniva.sys [2017.05.09 20:06:28 | 000,038,296 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHwid.sys [2017.05.09 20:04:48 | 000,400,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe [2017.05.09 19:59:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2017.05.09 19:56:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2017.05.08 22:08:57 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\WildTangent [2017.05.07 15:21:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 [2017.05.07 15:21:27 | 000,020,160 | ---- | C] (Glarysoft Ltd) -- C:\WINDOWS\SysNative\drivers\GUBootStartup.sys [2017.05.07 15:21:24 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\GlarySoft [2017.05.07 15:21:24 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\DiskDefrag [2017.05.07 15:21:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 5 [2017.05.06 16:07:17 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Avira [2017.04.29 19:28:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [12 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2017.05.09 21:26:52 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2017.05.09 20:14:48 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\Avast SafeZone Browser.lnk [2017.05.09 20:11:35 | 000,032,600 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswKbd.sys [2017.05.09 20:07:53 | 000,001,969 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk [2017.05.09 20:04:12 | 000,569,192 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys [2017.05.09 20:04:12 | 000,339,696 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys [2017.05.09 20:04:12 | 000,158,368 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys [2017.05.09 20:04:12 | 000,075,704 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys [2017.05.09 20:04:11 | 000,400,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe [2017.05.09 20:04:11 | 000,128,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys [2017.05.09 20:04:11 | 000,101,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys [2017.05.09 20:04:11 | 000,038,296 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswHwid.sys [2017.05.09 20:02:25 | 001,007,160 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys [2017.05.09 20:01:39 | 000,049,016 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbuniva.sys [2017.05.09 20:01:38 | 000,334,576 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbloga.sys [2017.05.09 20:01:38 | 000,311,808 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsdrivera.sys [2017.05.09 20:01:38 | 000,190,256 | ---- | M] (AVAST Software s.r.o.) -- C:\WINDOWS\SysNative\drivers\aswbidsha.sys [2017.05.09 19:42:26 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Avira Phantom VPN.lnk [2017.05.09 19:41:06 | 000,001,254 | ---- | M] () -- C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job [2017.05.09 19:41:06 | 000,001,250 | ---- | M] () -- C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job [2017.05.09 19:40:27 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2017.05.09 19:40:26 | 3385,868,288 | -HS- | M] () -- C:\hiberfil.sys [2017.05.08 21:26:07 | 000,000,200 | ---- | M] () -- C:\Users\****\AppData\Roaming\sp_data.sys [2017.05.08 21:20:44 | 000,004,608 | RH-- | M] () -- C:\farstone_pe.letter [2017.05.07 16:15:21 | 000,001,211 | ---- | M] () -- C:\Users\Public\Desktop\Avira Connect.lnk [2017.05.07 15:35:58 | 000,001,218 | ---- | M] () -- C:\Users\Public\Desktop\Avira System Speedup.lnk [2017.05.07 15:21:31 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Glary Utilities 5.lnk [2017.05.07 15:21:27 | 000,020,160 | ---- | M] (Glarysoft Ltd) -- C:\WINDOWS\SysNative\drivers\GUBootStartup.sys [2017.05.03 19:32:13 | 000,002,254 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2017.04.29 21:45:43 | 000,163,976 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\SysNative\drivers\avipbb.sys [2017.04.29 21:45:43 | 000,161,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\SysNative\drivers\avgntflt.sys [2017.04.29 21:45:43 | 000,088,488 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\SysNative\drivers\avnetflt.sys [2017.04.29 21:45:43 | 000,048,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\SysNative\drivers\avusbflt.sys [2017.04.29 21:45:43 | 000,044,488 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\SysNative\drivers\avkmgr.sys [2017.04.15 20:19:41 | 001,725,842 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2017.04.15 20:19:41 | 000,790,412 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2017.04.15 20:19:41 | 000,633,544 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat [2017.04.15 20:19:41 | 000,182,306 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2017.04.15 20:19:41 | 000,126,796 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat [12 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ] ========== Files Created - No Company Name ========== [2017.05.09 20:14:48 | 000,001,090 | ---- | C] () -- C:\Users\Public\Desktop\Avast SafeZone Browser.lnk [2017.05.09 20:14:48 | 000,001,090 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk [2017.05.09 20:07:53 | 000,001,981 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk [2017.05.09 20:07:53 | 000,001,969 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk [2017.05.08 21:20:29 | 000,004,608 | RH-- | C] () -- C:\farstone_pe.letter [2017.05.07 16:15:21 | 000,001,211 | ---- | C] () -- C:\Users\Public\Desktop\Avira Connect.lnk [2017.05.07 15:35:58 | 000,001,218 | ---- | C] () -- C:\Users\Public\Desktop\Avira System Speedup.lnk [2017.05.07 15:21:31 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk [2017.05.07 15:21:31 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Glary Utilities 5.lnk [2016.12.29 08:16:30 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl [2016.12.29 08:16:08 | 000,104,456 | ---- | C] () -- C:\WINDOWS\SysWow64\OpenCL.DLL [2016.12.29 07:47:41 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2016.12.29 07:25:28 | 002,048,496 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll [2016.12.29 07:25:16 | 000,265,728 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll [2016.12.28 14:36:02 | 000,000,200 | ---- | C] () -- C:\Users\****\AppData\Roaming\sp_data.sys [2016.11.02 00:05:56 | 000,141,320 | ---- | C] () -- C:\WINDOWS\SysWow64\libEGL.dll [2016.11.02 00:05:56 | 000,112,144 | ---- | C] () -- C:\WINDOWS\SysWow64\libGLESv2.dll [2016.11.02 00:05:56 | 000,101,384 | ---- | C] () -- C:\WINDOWS\SysWow64\libGLESv1_CM.dll [2016.09.12 22:15:20 | 035,133,376 | ---- | C] () -- C:\WINDOWS\SysWow64\nvcompiler.dll [2016.09.12 22:10:00 | 008,916,512 | ---- | C] () -- C:\WINDOWS\SysWow64\nvptxJitCompiler.dll [2016.09.12 22:10:00 | 000,611,608 | ---- | C] () -- C:\WINDOWS\SysWow64\nvfatbinaryLoader.dll [2016.07.16 13:47:57 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2016.07.16 13:47:57 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2016.07.16 13:43:04 | 000,055,296 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2016.07.16 13:43:00 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll [2016.07.16 13:42:55 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat [2016.07.16 13:42:53 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2016.07.16 13:42:49 | 000,304,640 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll [2016.07.16 13:42:48 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2016.07.16 13:42:43 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini [2016.07.16 13:42:12 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin ========== ZeroAccess Check ========== [2017.01.13 23:56:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\windows.storage.dll -- [2016.12.29 07:25:16 | 007,219,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\windows.storage.dll -- [2016.12.29 07:25:16 | 005,722,832 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2016.07.16 13:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2016.07.16 13:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016.07.16 13:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report >  oh und ich meine mit logfiles müsste ich ja hier richtig sein :hoff: Geändert von Melaya (09.05.2017 um 21:33 Uhr) |
|
10.05.2017, 13:03
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | langsamer systemstart ohne grund und 2 cmd.exe fenster bei startHallo und  +++ WICHTIGE HINWEISE +++ 1. Während der Analyse und Bereinigung nimmst du keine Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache! 2. Du veränderst keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du nur auf Anweisung. 3. Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben. 4. Während der Analyse bitte keine Nebenfragen wie zB welcher Virenscanner etc. - das wird alles zum Schluss geklärt damit die Analyse nicht unterbrochen wird. Gelesen und verstanden? Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
10.05.2017, 17:57
| #3 |
| | langsamer systemstart ohne grund und 2 cmd.exe fenster bei start nee es wurde absolut nix gefunden, ahb seperat 3 virenscanner drüber laufen lassen alle meinten alles ist okay. sonst hätte ich was gepostet
__________________ hier die frst.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017
durchgeführt von **** (Administrator) auf DESKTOP-2O6MT9T (10-05-2017 18:50:00)
Gestartet von C:\Users\****\Desktop
Geladene Profile: **** (Verfügbare Profile: ****)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHDCPSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHeciSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe
(Microsoft Corporation) C:\Windows\System32\TieringEngineService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\McCSPServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\mcsvchost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\core\mchost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\mcods.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(McAfee, Inc.) C:\Program Files\mcafee\VUL\McVulCtr.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-09] (AVAST Software)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-12-29] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61944 2017-04-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [67168 2017-04-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [912768 2017-04-29] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-989146339-2281053843-1147515449-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-989146339-2281053843-1147515449-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27793888 2017-05-05] (Skype Technologies S.A.)
HKU\S-1-5-21-989146339-2281053843-1147515449-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [46080 2017-04-24] (Glarysoft Ltd)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-09] (AVAST Software)
BootExecute: autocheck autochk *
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{97e7966f-dff7-4965-8930-fe49dae4bde9}: [DhcpNameServer] 10.66.24.1
Tcpip\..\Interfaces\{f189fe97-9d10-4978-a1f2-449ea9402475}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-989146339-2281053843-1147515449-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-989146339-2281053843-1147515449-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-02-28] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-02-28] (McAfee, Inc.)
FireFox:
========
FF DefaultProfile: 4sq311hs.default
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4sq311hs.default [2017-05-10]
FF Extension: (Avira Browser Safety) - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4sq311hs.default\Extensions\abs@avira.com.xpi [2017-04-06]
FF Extension: (Avast Online Security) - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4sq311hs.default\Extensions\wrc@avast.com.xpi [2017-05-09]
FF Extension: (Adblock Plus) - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4sq311hs.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-28]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-05-07]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-04-15] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-28] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-28] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-989146339-2281053843-1147515449-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-10-26] (Unity Technologies ApS)
Chrome:
=======
CHR Profile: C:\Users\****\AppData\Local\Google\Chrome\User Data\Default [2017-05-09]
CHR Extension: (Google Präsentationen) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-27]
CHR Extension: (Google Docs) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-27]
CHR Extension: (Google Drive) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-27]
CHR Extension: (YouTube) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-27]
CHR Extension: (Google Tabellen) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-27]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-03-22]
CHR Extension: (Avira Browserschutz) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-02-27]
CHR Extension: (Google Docs Offline) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-22]
CHR Extension: (Google Mail) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-27]
CHR Extension: (Chrome Media Router) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1119712 2017-04-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [488920 2017-04-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [488920 2017-04-29] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1520680 2017-04-29] (Avira Operations GmbH & Co. KG)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [75264 2015-12-24] (ASUS Cloud Corporation) [Datei ist nicht signiert]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-09] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [338312 2016-06-17] (Windows (R) Win 7 DDK provider)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-09] (AVAST Software)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350120 2017-04-11] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [299968 2017-01-03] (Avira Operations GmbH & Co. KG)
R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security)
R3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHeciSvc.exe [301536 2016-11-30] (Intel Corporation)
R2 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHDCPSvc.exe [480224 2016-11-30] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-28] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-28] (Dropbox, Inc.)
S2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1585784 2016-05-23] (Intel Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe [341984 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [215328 2016-05-16] (Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188264 2017-04-18] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [994312 2017-03-13] (McAfee, Inc.)
R2 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [419096 2016-04-01] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe [2054080 2017-02-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [1344472 2017-02-24] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2017-01-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [385112 2017-01-18] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [343792 2017-01-18] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1551512 2017-02-26] (McAfee, Inc.)
R3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7986816 2016-11-06] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R2 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [74800 2017-04-07] (Avira Operations GmbH & Co. KG)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer GmbH)
R2 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [142328 2016-05-17] (ASUS Corporation)
S3 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-09] (AVAST Software s.r.o.)
S3 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-09] (AVAST Software s.r.o.)
S3 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-09] (AVAST Software s.r.o.)
S3 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-09] (AVAST Software)
S3 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-05-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-09] (AVAST Software)
S3 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-09] (AVAST Software)
S0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-09] (AVAST Software)
S3 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-09] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-09] (AVAST Software)
S3 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158368 2017-05-09] (AVAST Software)
S3 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-09] (AVAST Software)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-04-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-04-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-04-29] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-04-29] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [48584 2017-04-29] (Avira Operations GmbH & Co. KG)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88464 2017-01-20] (McAfee, Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [70208 2016-05-23] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [65088 2016-05-23] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [343608 2016-05-23] (Intel Corporation)
S3 farmntio; C:\Windows\system32\drivers\farmntio.sys [25144 2014-03-25] () [Datei ist nicht signiert]
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2017-05-07] (Glarysoft Ltd)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
R3 iaLPSS2_I2C; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [185144 2016-05-16] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igdkmd64.sys [11039712 2016-11-30] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [487184 2017-01-20] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [366328 2017-01-20] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85048 2017-01-23] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518704 2017-01-20] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [923640 2017-01-20] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [498648 2017-01-19] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109320 2017-01-19] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110256 2017-01-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254800 2017-01-20] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\system32\DRIVERS\Qcamain10x64.sys [2399672 2016-06-17] (Qualcomm Atheros, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-05-17] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-05-17] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 aswbdisk; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-10 18:50 - 2017-05-10 18:50 - 00029070 _____ C:\Users\****\Desktop\FRST.txt
2017-05-10 18:49 - 2017-05-10 18:50 - 00000000 ____D C:\FRST
2017-05-10 18:48 - 2017-05-10 18:48 - 02429440 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2017-05-10 18:40 - 2017-05-10 18:40 - 00024284 _____ C:\Users\****\Documents\Ereignisse.txt
2017-05-09 23:28 - 2017-05-09 23:28 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-09 22:18 - 2017-05-09 22:25 - 00000000 ____D C:\Users\****\AppData\Roaming\Notepad++
2017-05-09 22:18 - 2017-05-09 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-05-09 22:18 - 2017-05-09 22:18 - 00000000 ____D C:\Program Files (x86)\Notepad++
2017-05-09 22:07 - 2017-05-09 22:07 - 00125142 _____ C:\Users\****\Downloads\Extras.Txt
2017-05-09 22:06 - 2017-05-09 22:06 - 00153800 _____ C:\Users\****\Downloads\OTL.Txt
2017-05-09 21:45 - 2017-05-09 21:45 - 00602112 _____ (OldTimer Tools) C:\Users\****\Downloads\OTL.exe
2017-05-09 21:37 - 2017-05-09 21:37 - 00004466 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-09 21:29 - 2017-05-09 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-05-09 20:14 - 2017-05-09 20:14 - 00004044 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1494353674
2017-05-09 20:14 - 2017-05-09 20:14 - 00001090 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2017-05-09 20:14 - 2017-05-09 20:14 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-05-09 20:12 - 2017-05-09 20:11 - 00032600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-05-09 20:09 - 2017-05-09 20:09 - 00000000 ____D C:\Users\****\AppData\Roaming\AVAST Software
2017-05-09 20:07 - 2017-05-09 20:07 - 00003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-05-09 20:07 - 2017-05-09 20:07 - 00001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-05-09 20:07 - 2017-05-09 20:07 - 00001969 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-05-09 20:07 - 2017-05-09 20:07 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-05-09 20:06 - 2017-05-09 20:04 - 00569192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-05-09 20:06 - 2017-05-09 20:04 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-05-09 20:06 - 2017-05-09 20:04 - 00158368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-05-09 20:06 - 2017-05-09 20:04 - 00128648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-05-09 20:06 - 2017-05-09 20:04 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-05-09 20:06 - 2017-05-09 20:04 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-05-09 20:06 - 2017-05-09 20:04 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-05-09 20:06 - 2017-05-09 20:02 - 01007160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-05-09 20:06 - 2017-05-09 20:01 - 00334576 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-05-09 20:06 - 2017-05-09 20:01 - 00311808 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-05-09 20:06 - 2017-05-09 20:01 - 00190256 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-05-09 20:06 - 2017-05-09 20:01 - 00049016 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-05-09 20:04 - 2017-05-09 20:04 - 00400456 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-05-09 19:59 - 2017-05-09 20:11 - 00000000 ____D C:\Program Files\AVAST Software
2017-05-09 19:56 - 2017-05-09 22:08 - 00000000 ____D C:\ProgramData\AVAST Software
2017-05-08 22:08 - 2017-05-08 22:08 - 00000000 ____D C:\Users\****\AppData\Roaming\WildTangent
2017-05-08 22:07 - 2017-05-09 20:00 - 00002648 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-05-07 16:15 - 2017-05-07 16:15 - 00001211 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-05-07 15:35 - 2017-05-09 19:50 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-05-07 15:35 - 2017-05-07 15:35 - 00003782 _____ C:\WINDOWS\System32\Tasks\AviraSystemSpeedupUpdate
2017-05-07 15:35 - 2017-05-07 15:35 - 00001218 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2017-05-07 15:21 - 2017-05-09 19:55 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2017-05-07 15:21 - 2017-05-07 15:21 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2017-05-07 15:21 - 2017-05-07 15:21 - 00003396 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2017-05-07 15:21 - 2017-05-07 15:21 - 00003040 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC
2017-05-07 15:21 - 2017-05-07 15:21 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2017-05-07 15:21 - 2017-05-07 15:21 - 00001151 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2017-05-07 15:21 - 2017-05-07 15:21 - 00000000 ____D C:\Users\****\AppData\Roaming\GlarySoft
2017-05-07 15:21 - 2017-05-07 15:21 - 00000000 ____D C:\Users\****\AppData\Roaming\DiskDefrag
2017-05-07 15:21 - 2017-05-07 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2017-05-06 16:07 - 2017-05-06 16:07 - 00000000 ____D C:\Users\****\AppData\Roaming\Avira
2017-04-23 12:18 - 2017-05-09 23:14 - 00000000 ____D C:\Users\****\Downloads\Neuer Ordner
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-10 18:51 - 2016-12-28 14:39 - 00000000 ____D C:\Users\****\AppData\Roaming\Skype
2017-05-10 18:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-09 23:31 - 2016-12-29 07:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-09 23:28 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-09 23:19 - 2016-12-28 14:41 - 00000000 ____D C:\Users\****\AppData\LocalLow\Mozilla
2017-05-09 22:33 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-09 22:33 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-09 21:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-09 21:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-09 21:34 - 2016-12-29 08:38 - 00002830 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-09 21:33 - 2016-12-29 08:38 - 00002322 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2017-05-09 20:40 - 2017-04-04 21:20 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-09 20:40 - 2017-01-03 02:52 - 00000000 ____D C:\ProgramData\Skype
2017-05-09 20:26 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-09 20:07 - 2016-11-27 10:38 - 00000000 ____D C:\Program Files\Common Files\AV
2017-05-09 19:56 - 2016-12-28 15:09 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-09 19:49 - 2016-12-28 14:33 - 00000000 __SHD C:\Users\****\IntelGraphicsProfiles
2017-05-09 19:42 - 2016-12-28 15:04 - 00001115 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2017-05-09 19:42 - 2016-12-28 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-05-09 19:41 - 2016-12-29 08:38 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-09 19:41 - 2016-03-24 14:06 - 00001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-05-09 19:41 - 2016-03-24 14:06 - 00001250 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-05-08 22:10 - 2016-12-28 14:39 - 00000000 ___RD C:\Users\****\OneDrive
2017-05-08 22:09 - 2016-03-24 14:05 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-05-08 22:08 - 2016-12-31 00:51 - 00000000 ____D C:\Program Files (x86)\Wondershare
2017-05-08 22:06 - 2016-12-28 14:33 - 00000000 ____D C:\Users\****\AppData\Local\ASUS GIFTBOX
2017-05-08 21:55 - 2017-04-07 21:57 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-05-08 21:55 - 2017-03-10 23:35 - 00000000 ____D C:\Users\****\AppData\Local\Ryzom
2017-05-08 21:47 - 2016-12-29 08:38 - 00002044 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2017-05-08 21:46 - 2016-12-29 08:38 - 00003828 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-05-08 21:46 - 2016-12-29 08:38 - 00003604 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-05-08 21:46 - 2016-12-29 08:38 - 00002922 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2017-05-08 21:26 - 2016-12-28 14:36 - 00000200 _____ C:\Users\****\AppData\Roaming\sp_data.sys
2017-05-07 16:15 - 2016-03-24 14:04 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-07 15:35 - 2016-12-28 15:03 - 00000000 ____D C:\Program Files (x86)\Avira
2017-05-07 15:07 - 2016-12-28 14:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-07 15:07 - 2016-12-28 14:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-07 12:00 - 2017-02-19 14:25 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-05-07 12:00 - 2016-12-29 08:38 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-05-07 11:16 - 2017-01-28 20:55 - 00000000 ____D C:\Users\****\AppData\Roaming\.minecraft
2017-05-06 20:00 - 2016-12-29 08:23 - 00000000 ____D C:\Users\****
2017-05-06 19:53 - 2016-11-27 10:38 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-05-06 19:49 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-05-06 15:35 - 2017-01-28 20:54 - 00000000 ____D C:\Program Files (x86)\Minecraft
2017-05-06 15:00 - 2017-02-23 16:26 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-03 21:48 - 2016-12-29 08:38 - 00003126 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2017-05-03 21:48 - 2016-12-29 08:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-05-03 19:32 - 2017-02-27 21:26 - 00002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-03 19:32 - 2017-02-27 21:26 - 00002254 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-30 12:20 - 2017-02-27 21:26 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-30 12:20 - 2017-02-27 21:26 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-29 21:45 - 2016-12-28 15:06 - 00163976 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-04-29 21:45 - 2016-12-28 15:06 - 00161824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-04-29 21:45 - 2016-12-28 15:06 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-04-29 21:45 - 2016-12-28 15:06 - 00048584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-04-29 21:45 - 2016-12-28 15:06 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-04-23 09:59 - 2016-11-27 10:38 - 00000000 ____D C:\ProgramData\McAfee
2017-04-21 23:56 - 2016-12-31 16:40 - 00000000 ____D C:\Users\****\Knuddels-Stapp
2017-04-20 18:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-15 22:37 - 2016-11-27 10:38 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-04-15 22:35 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-04-15 20:19 - 2016-07-17 00:51 - 00633544 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-15 20:19 - 2016-07-17 00:51 - 00126796 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-15 20:19 - 2016-03-24 13:50 - 01725842 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-14 16:23 - 2017-02-23 16:25 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-13 19:59 - 2016-12-28 19:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-13 19:48 - 2016-12-28 19:01 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-12-28 14:36 - 2017-05-08 21:26 - 0000200 _____ () C:\Users\****\AppData\Roaming\sp_data.sys
2016-12-29 08:16 - 2016-12-29 08:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-07 00:06
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-05-2017
durchgeführt von **** (10-05-2017 18:51:58)
Gestartet von C:\Users\****\Desktop
Windows 10 Home Version 1607 (X64) (2016-12-29 06:49:01)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-989146339-2281053843-1147515449-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-989146339-2281053843-1147515449-503 - Limited - Disabled)
Gast (S-1-5-21-989146339-2281053843-1147515449-501 - Limited - Disabled)
**** (S-1-5-21-989146339-2281053843-1147515449-1001 - Administrator - Enabled) => C:\Users\****
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Skybox Labs)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.4.223 - ASUSTek Computer Inc)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.19.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.7 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0043 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.2.9 - ICEpower a/s)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.26.48 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{897e4d08-9554-48e9-ba07-ce6040867fa3}) (Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.2.2.20973 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 3.5.0.5091 - Avira Operations GmbH & Co. KG)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Cubic Castles (HKLM\...\Steam App 317470) (Version: - Cosmic Cow LLC)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.3 - ASUSTek Computer Inc.)
Don't Starve Together (HKLM\...\Steam App 322330) (Version: - Klei Entertainment)
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Foxit PhantomPDF (HKLM-x32\...\{39263796-F296-43AF-909C-FCF99592BAC4}) (Version: 7.2.52.1209 - Foxit Software Inc.)
Glary Utilities 5.74 (HKLM-x32\...\Glary Utilities 5) (Version: 5.74.0.95 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.96 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Intel Security Software Manager (HKLM\...\Intel Security Software Manager) (Version: 1.1.106.0 - Intel Security)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.27 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1015 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1620.3 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
Knuddels Standalone App (HKU\S-1-5-21-989146339-2281053843-1147515449-1001\...\Knuddels App ) (Version: "2015.12.6.0" - "Knuddels App")
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
LEGO Batman 2 (HKLM\...\Steam App 213330) (Version: - TT Games)
LEGO Batman: The Videogame (HKLM\...\Steam App 21000) (Version: - Traveller's Tales)
LEGO® Batman™ 3: Beyond Gotham (HKLM\...\Steam App 313690) (Version: - TT Games Ltd)
LibreOffice 5.1.6.2 (HKLM-x32\...\{3D18F833-5EEE-4221-96CE-BC9488780EE3}) (Version: 5.1.6.2 - The Document Foundation)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0 R13 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.127 - McAfee, Inc.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 362.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 362.60 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Ori and the Blind Forest (HKLM\...\Steam App 261570) (Version: - Moon Studios GmbH)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.10373 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7824 - Realtek Semiconductor Corp.)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
Ryzom (HKU\S-1-5-21-989146339-2281053843-1147515449-1001\...\Ryzom) (Version: 3.1.0.8709 - Winch Gate Property Limited)
SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.35 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.35.103 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25619 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.3 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer)
Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Cave (HKLM\...\Steam App 221810) (Version: - Double Fine Productions)
Trove (HKLM\...\Steam App 304050) (Version: - Trion Worlds)
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Unity (HKLM-x32\...\Unity) (Version: 5.5.2f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-989146339-2281053843-1147515449-1001\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VS Update core components (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.6.547 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (AsusSGDrv) Mouse (05/16/2016 8.1.0.25) (HKLM\...\D89F0D5D3B27F2341D1C13A1033A3DCE3DCCA9EC) (Version: 05/16/2016 8.1.0.25 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5247 - Kingsoft Corp.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {06FCE2E5-5DD4-47B1-BDA3-5021F6112C65} - System32\Tasks\SafeZone scheduled Autoupdate 1494353674 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software)
Task: {0BCC4B52-B7EA-4C22-A9A0-207B0CB83B99} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2017-04-07] (Avira Operations GmbH & Co. KG)
Task: {148C2F9C-7B77-4B8B-AB53-83F7E88D12B9} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2016-02-23] (ASUSTek Computer Inc.)
Task: {2DB83AE7-974E-4E29-AF96-6373D1FC35A9} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {312604E1-FAD3-4716-B087-1FA2CF856FDB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-05-20] (Realtek Semiconductor)
Task: {39CD21EB-35CB-4512-AA79-269F27FC6E2F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-28] (Dropbox, Inc.)
Task: {40C16C89-5B22-4B8C-9C81-473B802B8152} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-28] (Dropbox, Inc.)
Task: {497F03FD-9777-4746-87AA-1D941C42748F} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-05-20] (Realtek Semiconductor)
Task: {518A5B5E-2B0A-4A3E-A628-3EA81E19DD6E} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2016-05-17] (AsusTek)
Task: {5365D1B5-E050-4D5E-B386-8A29115A0649} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe [2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {5A7F0530-F379-469E-93FC-61E7EA5CF2E3} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2017-02-22] (McAfee, Inc.)
Task: {60722270-B277-48F6-A2D9-74FDBD1BEEE2} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2017-05-07] (Avira Operations GmbH & Co. KG )
Task: {6430CC72-EBF8-4F8C-AF87-2CCE1878ED23} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2016-01-19] (ASUSTek Computer Inc.)
Task: {650DCEA0-E1FC-411A-99E8-A8F31E60B0B7} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2016-10-13] (ASUS)
Task: {6569C250-06FB-4B28-91F0-FE0D998C2F0D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-27] (Google Inc.)
Task: {68576DB7-D544-40CC-9877-9AB64BF54A46} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-05-09] (AVAST Software)
Task: {714F7E86-AA04-48A3-A2E2-8DECD6DBA589} - System32\Tasks\OneDrive Standalone Update Task v2 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {751032FB-518B-42B1-84EC-DAFF4695A73D} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe [2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {809414E7-143B-4A02-8D98-2C2B0FAD47B0} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-09] (AVAST Software)
Task: {8186D752-26D8-4128-BC65-37FE73AC21EB} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-09-21] ()
Task: {98E125B2-6C19-499D-8A4A-EEF268DB16BB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {A2AB61D5-D872-47C1-967A-EAD1E3C91A7B} - System32\Tasks\ASUS\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [2017-03-22] (ASUSTek Computer Inc)
Task: {A6C281A2-A501-40BB-B11B-0294E48D9C08} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {A7FE1546-2A4B-48CC-9751-55C4642FCA0B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {AC2304FB-99B2-4D55-A400-C586E59CA3F2} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {AE31580C-AD43-4982-A6A3-37A7710FC56A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {AF80A95A-398D-4C73-BA50-B907EBFE1F85} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {B23B3427-000F-4DA4-A7C7-4331E1813173} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {B413ECFB-C9D0-44CE-8E34-B4B52D2E0664} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {BE89887D-DADC-418C-AFC2-320A69289CD4} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2017-04-24] (Glarysoft Ltd)
Task: {C3A23137-E76F-4252-AD62-E36951D303DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-27] (Google Inc.)
Task: {C5C48E81-27CA-42D4-BADD-C4CA2E3A275A} - System32\Tasks\Avira\System Speedup\SpeedupSysTray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2017-04-07] (Avira Operations GmbH & Co. KG)
Task: {D2402DDD-87CA-4AC3-977E-A5B69E742ECC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {D930870B-1262-4A0C-804B-130EA2EDB220} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {DD85C311-929F-4CD3-B8B0-4EAD2D361550} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {DD85F698-EDA3-4B41-A4EC-05EB40A8C8D5} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2017-04-24] (Glarysoft Ltd)
Task: {DE86FFE6-F104-487E-B6A0-7EB5CD32282A} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {E4910D13-4DBA-41D0-B7A0-9DB0C2873B56} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {EA139637-D476-43D7-AD3B-C1E04DE9B72C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {FB73E451-3F25-4368-B0E1-0E27B2663C23} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-29 07:25 - 2016-12-29 07:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-29 08:17 - 2016-08-01 14:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-27 10:14 - 2016-05-02 07:55 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-11-27 10:14 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-11-27 10:14 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-11-27 10:14 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-11-27 10:14 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-11-27 10:14 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-11-27 10:14 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-11-27 10:14 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-12-29 07:25 - 2016-12-29 07:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2017-01-10 22:42 - 2016-12-21 08:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-10 22:42 - 2016-12-21 08:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-10 22:43 - 2016-12-21 08:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-10 22:42 - 2016-12-21 08:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-10 22:43 - 2016-12-21 08:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-29 19:58 - 2016-12-29 19:59 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-29 19:58 - 2016-12-29 19:59 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-29 19:58 - 2016-12-29 19:59 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-29 19:58 - 2016-12-29 19:58 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-12-29 07:25 - 2016-12-29 07:25 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-10 22:44 - 2016-12-21 09:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-10 22:44 - 2016-12-21 09:08 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2016-11-27 10:14 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-11-27 10:14 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-05-16 23:50 - 2016-05-16 23:50 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-11-27 10:14 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-28 15:23 - 2017-03-10 02:13 - 00674592 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-12-28 15:23 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-12-28 15:23 - 2017-04-26 01:55 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
2016-12-28 15:22 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-12-28 15:22 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-12-28 15:22 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-12-28 15:22 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-12-28 15:22 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-12-28 15:23 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-12-28 15:23 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-12-28 15:23 - 2017-04-26 01:55 - 00848672 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-12-28 15:22 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-04-24 03:45 - 2017-04-24 03:45 - 00089088 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
2016-12-28 15:24 - 2017-01-30 23:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-12-28 15:23 - 2017-04-26 01:55 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2017-05-09 20:03 - 2017-05-09 20:03 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-05-09 20:03 - 2017-05-09 20:03 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-05-09 20:03 - 2017-05-09 20:03 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-05-09 20:03 - 2017-05-09 20:03 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-05-09 20:03 - 2017-05-09 20:03 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-05-09 20:01 - 2017-05-09 20:01 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-05-09 20:03 - 2017-05-09 20:03 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-12-29 07:25 - 2016-12-29 07:25 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-03-01 21:08 - 2017-03-01 21:08 - 00731648 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Vbeb7089b#\7a184655b23d7611593de34438f70de3\Microsoft.VisualStudio.Threading.ni.dll
2017-03-01 21:08 - 2017-03-01 21:08 - 00046080 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Vd43b287e#\44fb6154e1e1d835cc782915fbc68c69\Microsoft.VisualStudio.Validation.ni.dll
2016-08-01 12:35 - 2016-08-01 12:35 - 00017920 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-989146339-2281053843-1147515449-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\****\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{256134D3-629D-4B64-A508-766BBF44E9CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{E64409D4-B26B-4E0A-AA40-5959AB7280B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{864B9E0A-9465-43E0-8161-9C6C55E81CE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{71D5DD2B-8248-4ACF-9131-523B2DEBA85B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{7F271022-DBA3-493F-BB65-82947E4A10B0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2788FD60-CC27-4A08-BCFD-4AB36A242D7C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D4B9DEAD-0107-4FCC-8606-576F2D068C7E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C800D3F4-6BB8-4A16-8F6F-38D50D4E30E5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5C3FCDD9-F694-4460-A49E-53C8E1838EAB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B10C6AEB-3492-43D8-8679-28127375DB57}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D5A300DF-AD3F-45B7-A2BF-0C0969E62D2B}] => (Allow) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe
FirewallRules: [{C48017FE-EF71-4B9D-B2CC-874D06F912F0}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{FA6F00CC-1880-4B95-870B-53D6FECA35F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2496DAF5-74EF-4ABC-B25C-DD26740115AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{71F091D6-4C0C-4B81-8411-43A8C48F161F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{88B522CD-0296-47A2-8D21-57D0F47E0F76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6FA2BBF9-E709-44A2-AA80-A0E60BBD5BF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6F9B300F-02EC-4669-9619-D1F32BA62663}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{22F4FEEB-D45A-400F-AA61-9AAB83A5E643}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{758D054B-9FA2-42FE-B36D-18B365AD32D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B51601E2-B10D-4327-AE6C-4F475F92CAD4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A6D932F2-78BF-45F3-A0C2-1DD9C5341971}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{97471493-F33B-4D83-9779-7816B3A596CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3D236FA9-E0AB-462C-80FE-177DF8F34325}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{72BAE796-3A0A-4B77-B787-8F3FB57BDD98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{EA9D588D-0F03-4A94-A105-09F3F4F82A90}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AE9AC958-BC22-4CEC-9A01-E1CA58EC12C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lego Batman\LEGOBatman.exe
FirewallRules: [{54CF17F3-5B10-4FBB-9ED9-AD9CF190E5F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lego Batman\LEGOBatman.exe
FirewallRules: [{FC9EA7DA-96B5-4B0F-A0A9-1B7489F24C74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Batman 2\LEGOBatman2.exe
FirewallRules: [{7E23AF41-9C79-4EE1-B6CC-4E70AB85810D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Batman 2\LEGOBatman2.exe
FirewallRules: [{5CBDF23E-E0D4-4D1D-AAB8-F7FAA6A6FF3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori\ori.exe
FirewallRules: [{BA532E38-02AC-405A-861E-7C7992D0841A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori\ori.exe
FirewallRules: [{791D9E08-37C4-4921-A92D-3715987E06B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{9E47398B-9789-4700-BE67-E1FC00145208}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{4FBE29BB-DB7E-4566-9D7D-CDE6111ABAD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheCave\Cave.exe
FirewallRules: [{735737F5-649F-458A-A521-6745AFBF4AAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheCave\Cave.exe
FirewallRules: [{00406F4D-8EB8-440D-A853-64FF14972BF0}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{21A7AB3D-36C2-404D-820B-E226687F5CFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cubic Castles\Cubic.exe
FirewallRules: [{DC72A69A-4B25-484C-85C3-B434633D00BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cubic Castles\Cubic.exe
FirewallRules: [{F5A7EBA8-D697-4B7A-841F-592734742157}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C3A25084-7229-483A-8183-64489B1B3AF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{EC7169C9-7873-4EE6-83BA-E6E9C1867B96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{7039C109-4D02-4B9C-8D8C-E851493BF501}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/10/2017 06:43:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: UpdateChecker.exe, Version: 0.0.0.0, Zeitstempel: 0x576b4ce8
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x58256ca0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00045b0e
ID des fehlerhaften Prozesses: 0x3340
Startzeit der fehlerhaften Anwendung: 0x01d2c9ab8a092335
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: f06d3cbe-ce68-4d89-9040-7860bebb3e8a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/09/2017 09:57:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: UpdateChecker.exe, Version: 0.0.0.0, Zeitstempel: 0x576b4ce8
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x58256ca0
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000d9d11
ID des fehlerhaften Prozesses: 0x4f8
Startzeit der fehlerhaften Anwendung: 0x01d2c8fdc24088f7
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 8b4d2774-a2ba-4f8d-90e4-7d7160232fd9
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/09/2017 09:28:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: McSvHost.exe, Version: 6.4.4016.0, Zeitstempel: 0x58adafbf
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002f7db
ID des fehlerhaften Prozesses: 0xbe4
Startzeit der fehlerhaften Anwendung: 0x01d2c8eb6fd30180
Pfad der fehlerhaften Anwendung: C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 29f2f79f-978e-4d50-8304-d53e2c1653d5
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/09/2017 08:41:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TiWorker.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899b54
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.14393.479, Zeitstempel: 0x582588e6
Ausnahmecode: 0x80000003
Fehleroffset: 0x00000000000c6142
ID des fehlerhaften Prozesses: 0x6bc
Startzeit der fehlerhaften Anwendung: 0x01d2c8f1c2195b78
Pfad der fehlerhaften Anwendung: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 28c9d6bb-f36f-4fcf-a5d3-159e70ad3374
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/09/2017 08:08:06 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll".
Die abhängige Assemblierung "Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/09/2017 07:49:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2O6MT9T)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/09/2017 07:49:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: DESKTOP-2O6MT9T)
Description: Die App „Microsoft.Windows.ShellExperienceHost_10.0.14393.576_neutral_neutral_cw5n1h2txyewy+App“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (05/09/2017 07:49:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2O6MT9T)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/08/2017 09:57:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (05/08/2017 09:56:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TiWorker.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899b54
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.14393.479, Zeitstempel: 0x582588e6
Ausnahmecode: 0x80000003
Fehleroffset: 0x00000000000c6142
ID des fehlerhaften Prozesses: 0x29bc
Startzeit der fehlerhaften Anwendung: 0x01d2c8315e6b5dcf
Pfad der fehlerhaften Anwendung: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 676482b6-916e-4632-bb6a-2ff140284a22
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (05/09/2017 11:31:13 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/09/2017 09:57:12 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
und der APPID
{7006698D-2974-4091-A424-85DD0B909E23}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/09/2017 09:28:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee Proxy Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/09/2017 09:28:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee Platform Services" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/09/2017 09:28:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee VirusScan Announcer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/09/2017 09:28:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee Personal Firewall Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/09/2017 09:28:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "McAfee Boot Delay Start Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/09/2017 09:28:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee Home Network" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/09/2017 09:22:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/09/2017 09:11:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 8072.54 MB
Verfügbarer physikalischer RAM: 3682.07 MB
Summe virtueller Speicher: 15496.54 MB
Verfügbarer virtueller Speicher: 10732.89 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:930.75 GB) (Free:766.92 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7117A7F1)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
10.05.2017, 22:25
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | langsamer systemstart ohne grund und 2 cmd.exe fenster bei startZitat:
 Bitte ALLE Virenscanner deinstallieren. Die Dinger sind kontraproduktiv. Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.05.2017, 09:10
| #5 |
| | langsamer systemstart ohne grund und 2 cmd.exe fenster bei start alle deinstalliert, würde dann einmal neu starten damit auch alles weg ist, okay? |
|
11.05.2017, 10:07
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | langsamer systemstart ohne grund und 2 cmd.exe fenster bei start neu starten und neue FRST Logs posten
__________________ --> langsamer systemstart ohne grund und 2 cmd.exe fenster bei start |
|
11.05.2017, 12:19
| #7 |
| | langsamer systemstart ohne grund und 2 cmd.exe fenster bei start neue logs.. frst Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017
durchgeführt von **** (Administrator) auf DESKTOP-2O6MT9T (11-05-2017 13:09:29)
Gestartet von C:\Users\****\Desktop
Geladene Profile: **** (Verfügbare Profile: ****)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHDCPSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\TieringEngineService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHeciSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-12-29] (Microsoft Corporation)
HKU\S-1-5-21-989146339-2281053843-1147515449-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-989146339-2281053843-1147515449-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27793888 2017-05-05] (Skype Technologies S.A.)
HKU\S-1-5-21-989146339-2281053843-1147515449-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [46080 2017-04-24] (Glarysoft Ltd)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
BootExecute: autocheck autochk *
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 10.0.1.130 10.0.1.120
Tcpip\..\Interfaces\{97e7966f-dff7-4965-8930-fe49dae4bde9}: [DhcpNameServer] 10.66.24.1
Tcpip\..\Interfaces\{f189fe97-9d10-4978-a1f2-449ea9402475}: [DhcpNameServer] 10.0.1.130 10.0.1.120
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-989146339-2281053843-1147515449-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-989146339-2281053843-1147515449-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
FireFox:
========
FF DefaultProfile: 4sq311hs.default
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4sq311hs.default [2017-05-11]
FF Extension: (Avira Browser Safety) - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4sq311hs.default\Extensions\abs@avira.com.xpi [2017-04-06]
FF Extension: (Adblock Plus) - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4sq311hs.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-28]
FF Extension: (Kein Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [nicht gefunden]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-989146339-2281053843-1147515449-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-10-26] (Unity Technologies ApS)
Chrome:
=======
CHR Profile: C:\Users\****\AppData\Local\Google\Chrome\User Data\Default [2017-05-09]
CHR Extension: (Google Präsentationen) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-27]
CHR Extension: (Google Docs) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-27]
CHR Extension: (Google Drive) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-27]
CHR Extension: (YouTube) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-27]
CHR Extension: (Google Tabellen) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-27]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-03-22]
CHR Extension: (Avira Browserschutz) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-02-27]
CHR Extension: (Google Docs Offline) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-22]
CHR Extension: (Google Mail) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-27]
CHR Extension: (Chrome Media Router) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-07]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [75264 2015-12-24] (ASUS Cloud Corporation) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [338312 2016-06-17] (Windows (R) Win 7 DDK provider)
R3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHeciSvc.exe [301536 2016-11-30] (Intel Corporation)
R2 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHDCPSvc.exe [480224 2016-11-30] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-28] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-28] (Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1585784 2016-05-23] (Intel Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe [341984 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [Datei ist nicht signiert]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [215328 2016-05-16] (Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7986816 2016-11-06] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R2 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer GmbH)
R2 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [142328 2016-05-17] (ASUS Corporation)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [70208 2016-05-23] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [65088 2016-05-23] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [343608 2016-05-23] (Intel Corporation)
S3 farmntio; C:\Windows\system32\drivers\farmntio.sys [25144 2014-03-25] () [Datei ist nicht signiert]
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2017-05-07] (Glarysoft Ltd)
R3 iaLPSS2_I2C; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [185144 2016-05-16] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igdkmd64.sys [11039712 2016-11-30] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\system32\DRIVERS\Qcamain10x64.sys [2399672 2016-06-17] (Qualcomm Atheros, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-05-17] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-05-17] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 aswbdisk; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-11 09:45 - 2017-05-11 09:45 - 00001081 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-11 09:45 - 2017-05-11 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-11 09:45 - 2017-05-11 09:45 - 00000000 ____D C:\Program Files\VS Revo Group
2017-05-11 09:44 - 2017-05-11 09:44 - 07178424 _____ (VS Revo Group ) C:\Users\****\Downloads\revosetup_v2.0.3.exe
2017-05-10 18:51 - 2017-05-10 18:53 - 00053686 _____ C:\Users\****\Desktop\Addition.txt
2017-05-10 18:50 - 2017-05-11 13:13 - 00017941 _____ C:\Users\****\Desktop\FRST.txt
2017-05-10 18:49 - 2017-05-11 13:09 - 00000000 ____D C:\FRST
2017-05-10 18:48 - 2017-05-10 18:48 - 02429440 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2017-05-10 18:40 - 2017-05-10 18:40 - 00024284 _____ C:\Users\****\Documents\Ereignisse.txt
2017-05-09 23:28 - 2017-05-09 23:28 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-09 22:18 - 2017-05-09 22:25 - 00000000 ____D C:\Users\****\AppData\Roaming\Notepad++
2017-05-09 22:18 - 2017-05-09 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-05-09 22:18 - 2017-05-09 22:18 - 00000000 ____D C:\Program Files (x86)\Notepad++
2017-05-09 22:07 - 2017-05-09 22:07 - 00125142 _____ C:\Users\****\Downloads\Extras.Txt
2017-05-09 22:06 - 2017-05-09 22:06 - 00153800 _____ C:\Users\****\Downloads\OTL.Txt
2017-05-09 21:45 - 2017-05-09 21:45 - 00602112 _____ (OldTimer Tools) C:\Users\****\Downloads\OTL.exe
2017-05-09 21:37 - 2017-05-09 21:37 - 00004466 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-09 19:59 - 2017-05-11 13:04 - 00000000 ____D C:\Program Files\AVAST Software
2017-05-09 19:56 - 2017-05-11 13:04 - 00000000 ____D C:\ProgramData\AVAST Software
2017-05-08 22:08 - 2017-05-08 22:08 - 00000000 ____D C:\Users\****\AppData\Roaming\WildTangent
2017-05-08 22:07 - 2017-05-09 20:00 - 00002648 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-05-07 15:21 - 2017-05-09 19:55 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2017-05-07 15:21 - 2017-05-07 15:21 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2017-05-07 15:21 - 2017-05-07 15:21 - 00003396 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2017-05-07 15:21 - 2017-05-07 15:21 - 00003040 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC
2017-05-07 15:21 - 2017-05-07 15:21 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2017-05-07 15:21 - 2017-05-07 15:21 - 00001151 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2017-05-07 15:21 - 2017-05-07 15:21 - 00000000 ____D C:\Users\****\AppData\Roaming\GlarySoft
2017-05-07 15:21 - 2017-05-07 15:21 - 00000000 ____D C:\Users\****\AppData\Roaming\DiskDefrag
2017-05-07 15:21 - 2017-05-07 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2017-04-23 12:18 - 2017-05-09 23:14 - 00000000 ____D C:\Users\****\Downloads\Neuer Ordner
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-11 13:11 - 2016-12-28 14:39 - 00000000 ____D C:\Users\****\AppData\Roaming\Skype
2017-05-11 13:09 - 2016-12-29 08:23 - 00000000 ____D C:\Users\****
2017-05-11 13:06 - 2016-12-28 15:09 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-11 13:06 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-11 13:05 - 2016-12-28 14:33 - 00000000 __SHD C:\Users\****\IntelGraphicsProfiles
2017-05-11 13:04 - 2016-12-29 08:38 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-11 13:04 - 2016-12-28 15:03 - 00000000 ____D C:\Program Files (x86)\Avira
2017-05-11 13:04 - 2016-11-27 10:38 - 00000000 ____D C:\Program Files\mcafee
2017-05-11 13:03 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-05-11 13:02 - 2016-12-29 07:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-11 10:08 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-05-11 10:08 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-11 10:06 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2017-05-11 10:03 - 2016-12-28 15:03 - 00000000 ____D C:\ProgramData\Avira
2017-05-11 10:03 - 2016-03-24 14:04 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-11 10:02 - 2017-02-27 21:26 - 00002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-11 10:02 - 2017-02-27 21:26 - 00002254 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-11 09:58 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-10 18:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-09 23:19 - 2016-12-28 14:41 - 00000000 ____D C:\Users\****\AppData\LocalLow\Mozilla
2017-05-09 22:33 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-09 22:33 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-09 21:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-09 21:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-09 21:34 - 2016-12-29 08:38 - 00002830 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-09 21:33 - 2016-12-29 08:38 - 00002322 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2017-05-09 20:40 - 2017-04-04 21:20 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-09 20:40 - 2017-01-03 02:52 - 00000000 ____D C:\ProgramData\Skype
2017-05-09 19:41 - 2016-03-24 14:06 - 00001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-05-09 19:41 - 2016-03-24 14:06 - 00001250 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-05-08 22:10 - 2016-12-28 14:39 - 00000000 ___RD C:\Users\****\OneDrive
2017-05-08 22:09 - 2016-03-24 14:05 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-05-08 22:08 - 2016-12-31 00:51 - 00000000 ____D C:\Program Files (x86)\Wondershare
2017-05-08 22:06 - 2016-12-28 14:33 - 00000000 ____D C:\Users\****\AppData\Local\ASUS GIFTBOX
2017-05-08 21:55 - 2017-04-07 21:57 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-05-08 21:55 - 2017-03-10 23:35 - 00000000 ____D C:\Users\****\AppData\Local\Ryzom
2017-05-08 21:47 - 2016-12-29 08:38 - 00002044 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2017-05-08 21:46 - 2016-12-29 08:38 - 00003828 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-05-08 21:46 - 2016-12-29 08:38 - 00003604 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-05-08 21:46 - 2016-12-29 08:38 - 00002922 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2017-05-08 21:26 - 2016-12-28 14:36 - 00000200 _____ C:\Users\****\AppData\Roaming\sp_data.sys
2017-05-07 15:07 - 2016-12-28 14:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-07 15:07 - 2016-12-28 14:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-07 12:00 - 2017-02-19 14:25 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-05-07 12:00 - 2016-12-29 08:38 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-05-07 11:16 - 2017-01-28 20:55 - 00000000 ____D C:\Users\****\AppData\Roaming\.minecraft
2017-05-06 15:35 - 2017-01-28 20:54 - 00000000 ____D C:\Program Files (x86)\Minecraft
2017-05-06 15:00 - 2017-02-23 16:26 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-30 12:20 - 2017-02-27 21:26 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-30 12:20 - 2017-02-27 21:26 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-21 23:56 - 2016-12-31 16:40 - 00000000 ____D C:\Users\****\Knuddels-Stapp
2017-04-20 18:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-15 20:19 - 2016-07-17 00:51 - 00633544 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-15 20:19 - 2016-07-17 00:51 - 00126796 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-15 20:19 - 2016-03-24 13:50 - 01725842 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-14 16:23 - 2017-02-23 16:25 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-13 19:59 - 2016-12-28 19:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-13 19:48 - 2016-12-28 19:01 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-12-28 14:36 - 2017-05-08 21:26 - 0000200 _____ () C:\Users\****\AppData\Roaming\sp_data.sys
2016-12-29 08:16 - 2016-12-29 08:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-07 00:06
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-05-2017
durchgeführt von **** (11-05-2017 13:14:13)
Gestartet von C:\Users\****\Desktop
Windows 10 Home Version 1607 (X64) (2016-12-29 06:49:01)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-989146339-2281053843-1147515449-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-989146339-2281053843-1147515449-503 - Limited - Disabled)
Gast (S-1-5-21-989146339-2281053843-1147515449-501 - Limited - Disabled)
**** (S-1-5-21-989146339-2281053843-1147515449-1001 - Administrator - Enabled) => C:\Users\****
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Skybox Labs)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.4.223 - ASUSTek Computer Inc)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.19.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.7 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0043 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.2.9 - ICEpower a/s)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Cubic Castles (HKLM\...\Steam App 317470) (Version: - Cosmic Cow LLC)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.3 - ASUSTek Computer Inc.)
Don't Starve Together (HKLM\...\Steam App 322330) (Version: - Klei Entertainment)
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Foxit PhantomPDF (HKLM-x32\...\{39263796-F296-43AF-909C-FCF99592BAC4}) (Version: 7.2.52.1209 - Foxit Software Inc.)
Glary Utilities 5.74 (HKLM-x32\...\Glary Utilities 5) (Version: 5.74.0.95 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.27 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1015 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1620.3 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
Knuddels Standalone App (HKU\S-1-5-21-989146339-2281053843-1147515449-1001\...\Knuddels App ) (Version: "2015.12.6.0" - "Knuddels App")
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
LEGO Batman 2 (HKLM\...\Steam App 213330) (Version: - TT Games)
LEGO Batman: The Videogame (HKLM\...\Steam App 21000) (Version: - Traveller's Tales)
LEGO® Batman™ 3: Beyond Gotham (HKLM\...\Steam App 313690) (Version: - TT Games Ltd)
LibreOffice 5.1.6.2 (HKLM-x32\...\{3D18F833-5EEE-4221-96CE-BC9488780EE3}) (Version: 5.1.6.2 - The Document Foundation)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 362.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 362.60 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Ori and the Blind Forest (HKLM\...\Steam App 261570) (Version: - Moon Studios GmbH)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.10373 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7824 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
Ryzom (HKU\S-1-5-21-989146339-2281053843-1147515449-1001\...\Ryzom) (Version: 3.1.0.8709 - Winch Gate Property Limited)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.35 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.35.103 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25619 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.3 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer)
Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Cave (HKLM\...\Steam App 221810) (Version: - Double Fine Productions)
Trove (HKLM\...\Steam App 304050) (Version: - Trion Worlds)
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Unity (HKLM-x32\...\Unity) (Version: 5.5.2f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-989146339-2281053843-1147515449-1001\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VS Update core components (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.6.547 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (AsusSGDrv) Mouse (05/16/2016 8.1.0.25) (HKLM\...\D89F0D5D3B27F2341D1C13A1033A3DCE3DCCA9EC) (Version: 05/16/2016 8.1.0.25 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5247 - Kingsoft Corp.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {148C2F9C-7B77-4B8B-AB53-83F7E88D12B9} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2016-02-23] (ASUSTek Computer Inc.)
Task: {312604E1-FAD3-4716-B087-1FA2CF856FDB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-05-20] (Realtek Semiconductor)
Task: {39CD21EB-35CB-4512-AA79-269F27FC6E2F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-28] (Dropbox, Inc.)
Task: {40C16C89-5B22-4B8C-9C81-473B802B8152} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-28] (Dropbox, Inc.)
Task: {497F03FD-9777-4746-87AA-1D941C42748F} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-05-20] (Realtek Semiconductor)
Task: {518A5B5E-2B0A-4A3E-A628-3EA81E19DD6E} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2016-05-17] (AsusTek)
Task: {5365D1B5-E050-4D5E-B386-8A29115A0649} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe [2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {6430CC72-EBF8-4F8C-AF87-2CCE1878ED23} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2016-01-19] (ASUSTek Computer Inc.)
Task: {650DCEA0-E1FC-411A-99E8-A8F31E60B0B7} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2016-10-13] (ASUS)
Task: {6569C250-06FB-4B28-91F0-FE0D998C2F0D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-27] (Google Inc.)
Task: {714F7E86-AA04-48A3-A2E2-8DECD6DBA589} - System32\Tasks\OneDrive Standalone Update Task v2 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {751032FB-518B-42B1-84EC-DAFF4695A73D} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe [2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {8186D752-26D8-4128-BC65-37FE73AC21EB} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-09-21] ()
Task: {98E125B2-6C19-499D-8A4A-EEF268DB16BB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {A2AB61D5-D872-47C1-967A-EAD1E3C91A7B} - System32\Tasks\ASUS\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [2017-03-22] (ASUSTek Computer Inc)
Task: {A6C281A2-A501-40BB-B11B-0294E48D9C08} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {A7FE1546-2A4B-48CC-9751-55C4642FCA0B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {AE31580C-AD43-4982-A6A3-37A7710FC56A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {AF80A95A-398D-4C73-BA50-B907EBFE1F85} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {B23B3427-000F-4DA4-A7C7-4331E1813173} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {B413ECFB-C9D0-44CE-8E34-B4B52D2E0664} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {BE89887D-DADC-418C-AFC2-320A69289CD4} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2017-04-24] (Glarysoft Ltd)
Task: {C3A23137-E76F-4252-AD62-E36951D303DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-27] (Google Inc.)
Task: {D2402DDD-87CA-4AC3-977E-A5B69E742ECC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {D930870B-1262-4A0C-804B-130EA2EDB220} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {DD85C311-929F-4CD3-B8B0-4EAD2D361550} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {DD85F698-EDA3-4B41-A4EC-05EB40A8C8D5} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2017-04-24] (Glarysoft Ltd)
Task: {DE86FFE6-F104-487E-B6A0-7EB5CD32282A} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {E4910D13-4DBA-41D0-B7A0-9DB0C2873B56} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {EA139637-D476-43D7-AD3B-C1E04DE9B72C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {FB73E451-3F25-4368-B0E1-0E27B2663C23} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-29 07:25 - 2016-12-29 07:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-29 08:17 - 2016-08-01 14:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-27 10:14 - 2016-05-02 07:55 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-11-27 10:14 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-11-27 10:14 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-11-27 10:14 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-11-27 10:14 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-11-27 10:14 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-11-27 10:14 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-11-27 10:14 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-11-27 10:14 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-11-27 10:14 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-12-29 07:25 - 2016-12-29 07:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-29 07:25 - 2016-12-29 07:25 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-10 22:44 - 2016-12-21 09:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-10 22:42 - 2016-12-21 08:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-10 22:42 - 2016-12-21 08:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-10 22:43 - 2016-12-21 08:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-10 22:42 - 2016-12-21 08:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-10 22:43 - 2016-12-21 08:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-28 16:15 - 2016-12-28 16:16 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2016-08-01 12:35 - 2016-08-01 12:35 - 00017920 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
2016-05-16 23:50 - 2016-05-16 23:50 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-03-22 20:04 - 2017-03-22 20:04 - 01937408 _____ () C:\Program Files (x86)\ASUS\Giftbox\ffmpeg.dll
2016-11-27 10:14 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-04-24 03:45 - 2017-04-24 03:45 - 00089088 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
2017-03-22 20:04 - 2017-03-22 20:04 - 02177536 _____ () C:\Program Files (x86)\ASUS\Giftbox\libglesv2.dll
2017-03-22 20:04 - 2017-03-22 20:04 - 00079360 _____ () C:\Program Files (x86)\ASUS\Giftbox\libegl.dll
2017-03-22 20:04 - 2017-03-22 20:04 - 03561984 _____ () C:\Program Files (x86)\ASUS\Giftbox\node.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-989146339-2281053843-1147515449-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\****\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 10.0.1.130 - 10.0.1.120
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{256134D3-629D-4B64-A508-766BBF44E9CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{E64409D4-B26B-4E0A-AA40-5959AB7280B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{864B9E0A-9465-43E0-8161-9C6C55E81CE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{71D5DD2B-8248-4ACF-9131-523B2DEBA85B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{7F271022-DBA3-493F-BB65-82947E4A10B0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2788FD60-CC27-4A08-BCFD-4AB36A242D7C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D4B9DEAD-0107-4FCC-8606-576F2D068C7E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C800D3F4-6BB8-4A16-8F6F-38D50D4E30E5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5C3FCDD9-F694-4460-A49E-53C8E1838EAB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B10C6AEB-3492-43D8-8679-28127375DB57}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D5A300DF-AD3F-45B7-A2BF-0C0969E62D2B}] => (Allow) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe
FirewallRules: [{FA6F00CC-1880-4B95-870B-53D6FECA35F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2496DAF5-74EF-4ABC-B25C-DD26740115AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{71F091D6-4C0C-4B81-8411-43A8C48F161F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{88B522CD-0296-47A2-8D21-57D0F47E0F76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6FA2BBF9-E709-44A2-AA80-A0E60BBD5BF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6F9B300F-02EC-4669-9619-D1F32BA62663}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{22F4FEEB-D45A-400F-AA61-9AAB83A5E643}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{758D054B-9FA2-42FE-B36D-18B365AD32D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B51601E2-B10D-4327-AE6C-4F475F92CAD4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A6D932F2-78BF-45F3-A0C2-1DD9C5341971}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{97471493-F33B-4D83-9779-7816B3A596CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3D236FA9-E0AB-462C-80FE-177DF8F34325}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{72BAE796-3A0A-4B77-B787-8F3FB57BDD98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{EA9D588D-0F03-4A94-A105-09F3F4F82A90}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AE9AC958-BC22-4CEC-9A01-E1CA58EC12C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lego Batman\LEGOBatman.exe
FirewallRules: [{54CF17F3-5B10-4FBB-9ED9-AD9CF190E5F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lego Batman\LEGOBatman.exe
FirewallRules: [{FC9EA7DA-96B5-4B0F-A0A9-1B7489F24C74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Batman 2\LEGOBatman2.exe
FirewallRules: [{7E23AF41-9C79-4EE1-B6CC-4E70AB85810D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Batman 2\LEGOBatman2.exe
FirewallRules: [{5CBDF23E-E0D4-4D1D-AAB8-F7FAA6A6FF3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori\ori.exe
FirewallRules: [{BA532E38-02AC-405A-861E-7C7992D0841A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori\ori.exe
FirewallRules: [{791D9E08-37C4-4921-A92D-3715987E06B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{9E47398B-9789-4700-BE67-E1FC00145208}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{4FBE29BB-DB7E-4566-9D7D-CDE6111ABAD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheCave\Cave.exe
FirewallRules: [{735737F5-649F-458A-A521-6745AFBF4AAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheCave\Cave.exe
FirewallRules: [{00406F4D-8EB8-440D-A853-64FF14972BF0}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{21A7AB3D-36C2-404D-820B-E226687F5CFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cubic Castles\Cubic.exe
FirewallRules: [{DC72A69A-4B25-484C-85C3-B434633D00BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cubic Castles\Cubic.exe
FirewallRules: [{C3A25084-7229-483A-8183-64489B1B3AF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{EC7169C9-7873-4EE6-83BA-E6E9C1867B96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{4D184147-F30B-4BE9-AEA3-03E9B2435429}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/11/2017 01:12:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TiWorker.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899b54
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.14393.479, Zeitstempel: 0x582588e6
Ausnahmecode: 0x80000003
Fehleroffset: 0x00000000000c6142
ID des fehlerhaften Prozesses: 0x1df8
Startzeit der fehlerhaften Anwendung: 0x01d2ca46ae4432da
Pfad der fehlerhaften Anwendung: C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 3cb855a6-ab9a-45f9-997d-b8e1e57017e9
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/11/2017 01:11:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2O6MT9T)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/11/2017 01:10:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2O6MT9T)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/11/2017 10:05:17 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007001f, Ein an das System angeschlossenes Gerät funktioniert nicht.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (05/11/2017 10:04:35 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (05/11/2017 10:04:35 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (05/11/2017 10:04:35 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (05/11/2017 10:04:35 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (05/11/2017 10:04:35 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/11/2017 10:02:49 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007001f, Ein an das System angeschlossenes Gerät funktioniert nicht.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Systemfehler:
=============
Error: (05/11/2017 01:12:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Sicherheitscenter" wurde nicht richtig gestartet.
Error: (05/11/2017 01:11:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2O6MT9T)
Description: Der Server "App.AppX8nrbv53bn39r31x29ht05thp7rde7ecc.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/11/2017 01:10:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2O6MT9T)
Description: Der Server "App.AppX8nrbv53bn39r31x29ht05thp7rde7ecc.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/11/2017 01:05:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/11/2017 01:05:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/11/2017 01:05:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/11/2017 01:05:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/11/2017 01:04:59 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "WiaRpc" wurde mit dem folgenden dienstspezifischen Fehler beendet:
Der RPC-Server ist nicht verfügbar.
Error: (05/11/2017 01:04:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "shpamsvc" wurde mit folgendem Fehler beendet:
Schwerwiegender Fehler
Error: (05/11/2017 01:04:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WEPHOSTSVC" wurde mit folgendem Fehler beendet:
Bei der Verarbeitung der Steuerungsanforderung ist ein Ausnahmefehler im Dienst aufgetreten.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 8072.54 MB
Verfügbarer physikalischer RAM: 5516.81 MB
Summe virtueller Speicher: 15496.54 MB
Verfügbarer virtueller Speicher: 13023.79 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:930.75 GB) (Free:769.98 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7117A7F1)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
11.05.2017, 15:08
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | langsamer systemstart ohne grund und 2 cmd.exe fenster bei start FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
FF Extension: (Avira Browser Safety) - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4sq311hs.default\Extensions\abs@avira.com.xpi [2017-04-06]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-03-22]
CHR Extension: (Avira Browserschutz) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-02-27]
C:\Program Files (x86)\Avira
C:\Program Files\mcafee
C:\ProgramData\Avira
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.05.2017, 21:12
| #9 |
| | langsamer systemstart ohne grund und 2 cmd.exe fenster bei start und der fixlist log Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-05-2017
durchgeführt von **** (11-05-2017 22:00:47) Run:1
Gestartet von C:\Users\****\Desktop
Geladene Profile: **** (Verfügbare Profile: ****)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
FF Extension: (Avira Browser Safety) - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4sq311hs.default\Extensions\abs@avira.com.xpi [2017-04-06]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-03-22]
CHR Extension: (Avira Browserschutz) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-02-27]
C:\Program Files (x86)\Avira
C:\Program Files\mcafee
C:\ProgramData\Avira
emptytemp:
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => Schlüssel erfolgreich entfernt
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Schlüssel nicht gefunden.
C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4sq311hs.default\Extensions\abs@avira.com.xpi => erfolgreich verschoben
C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho => erfolgreich verschoben
C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => erfolgreich verschoben
C:\Program Files (x86)\Avira => erfolgreich verschoben
C:\Program Files\mcafee => erfolgreich verschoben
C:\ProgramData\Avira => erfolgreich verschoben
=========== EmptyTemp: ==========
BITS transfer queue => 2223849 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 42548208 B
Java, Flash, Steam htmlcache => 91764579 B
Windows/system/drivers => 112748909 B
Edge => 1927030 B
Chrome => 125023305 B
Firefox => 377077330 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 148410 B
systemprofile32 => 128 B
LocalService => 2025890 B
NetworkService => 0 B
**** => 40597552 B
RecycleBin => 710455511 B
EmptyTemp: => 1.4 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 22:02:46 ====
|
|
12.05.2017, 08:48
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | langsamer systemstart ohne grund und 2 cmd.exe fenster bei start Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.05.2017, 17:08
| #11 |
| | langsamer systemstart ohne grund und 2 cmd.exe fenster bei startCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.05.12.04
rootkit: v2017.04.02.01
Windows 10 x64 NTFS
Internet Explorer 11.576.14393.0
**** :: DESKTOP-2O6MT9T [administrator]
12.05.2017 17:41:01
mbar-log-2017-05-12 (17-41-01).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 311730
Time elapsed: 21 minute(s), 52 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
12.05.2017, 19:22
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | langsamer systemstart ohne grund und 2 cmd.exe fenster bei start Dein Problem ist: du redest dir ein: "Da ist etwas was ich nicht kenne. Das muss bösartig sein." CMD-Fenster sind aber nicht grundsätzlich da weil da ein böser Virus werkelt. Überleg mal. Schädlinge wollen wo wenig wie möglich auffallen. Da ist ein CMD-Fenster als Indikator nun wirklich deppert. Bisher war da garnix. Das einzig schädliche waren die drei Virenscanner auf einmal  Wir schauen noch nach Adware aber dann sollten wir hier durch sein. Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.05.2017, 20:01
| #13 |
| | langsamer systemstart ohne grund und 2 cmd.exe fenster bei start ich hatte nur ein antiviren programm- bis die probleme starteten... ich wollt nur gucken ob nicht ein andres was findet ._. Code:
ATTFilter # AdwCleaner v6.046 - Bericht erstellt am 12/05/2017 um 20:44:21
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-12.1 [Lokal]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : **** - DESKTOP-2O6MT9T
# Gestartet von : C:\Users\****\Desktop\AdwCleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1038 Bytes] - [12/05/2017 20:34:11]
C:\AdwCleaner\AdwCleaner[C2].txt - [1036 Bytes] - [12/05/2017 20:44:21]
C:\AdwCleaner\AdwCleaner[S0].txt - [1344 Bytes] - [12/05/2017 20:33:53]
C:\AdwCleaner\AdwCleaner[S1].txt - [1489 Bytes] - [12/05/2017 20:43:16]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1255 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home x64
Ran by Laya (Administrator) on 12.05.2017 at 20:58:23,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.05.2017 at 21:01:55,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
12.05.2017, 20:04
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | langsamer systemstart ohne grund und 2 cmd.exe fenster bei start auch da ist nix  
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.05.2017, 20:07
| #15 |
| | langsamer systemstart ohne grund und 2 cmd.exe fenster bei start hmm dann wollte sonic nur mal so 5 min brauchen zum starten..  (sonic ist mein laptop ) |
|
| Themen zu langsamer systemstart ohne grund und 2 cmd.exe fenster bei start |
| adobe, antivirus, autorun, avast, avg, avira, bho, browser, converter, cpu, desktop, explorer, firefox, format, home, logfile, mozilla, nvidia, realtek, scan, security, siteadvisor, software, svchost.exe, webadvisor, windows |
dann auf 
und dann auf 
. 
Linear-Darstellung
