| |
| |||||||
Log-Analyse und Auswertung: Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem TabWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
13.12.2017, 10:47
| #1 |
 |  Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem Tab Hallo liebes Trojaner-board Team, ich habe seit etwa zwei Monaten folgendes Problem: Firefox öffnet ungefragt/unerlaubt Webseiten in einem neuen Tab. Dabei handelt es sich um unseriöse Gewinnspiele oder Werbung. Leider kann ich dieses Problem nicht auf das Installieren einer bestimmten Software oder das Besuchen einer verdächtigen Webseite zurückführen. Bisher habe ich mehrere Virenscans ausgeführt (hitmanpro, Malwarebytes, Zemana AntiMalware, Emisoft Antimalware und Kaspersky Antimalware). Leider habe ich erst jetzt von diesem Forum erfahren und habe daher keine logfiles mehr, aber ich kann den PC gerne nochmal mit einem bestimmten Programm scannen. Bei sämtlichen Scans gab es keine Befunde, mit Ausnahme von Malwarebytes. Folgende Bedrohung wurde beim Zugang meiner Freundin angezeigt: PUP.Optional.DownloadSponsor - Ort: C:\Users\Name der Freundin\Downloads\Bluestacks App Player -Chip-Installer.exe Diesen Befund habe ich über Malwarebytes entfernt und den Zugang meiner Freundin gelöscht. Sie selbst kann sich leider nicht mehr an den Bluestacks App Player erinnern. Außerdem habe ich Firefox mehrmals zurückgesetzt, deinstalliert, manuell alles gelöscht, jedoch ohne Erfolg. Bei der Verwendung der Kaspersky-Testversion werden übrigens keine Webseiten mit Werbung/Gewinnspielen unerlaubt geöffnet und kaspersky zeigt an, dass eine Webseite blockiert wurde (siehe File Kaspersky, https://rtb-useast.kobenetwork.com...). Leider sind die logfiles zu groß, weshalb ich sie in zwei Posts aufteile. Ich kann sie aber beim nächsten mal auch anhängen. Ich hoffe ihr könnt mir helfen. Viele Grüße Julian Kaspersky File Code:
ATTFilter 13.12.2017 09.55.27 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 212,34 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 92,89 KB Gesamtdauer: 11 Sekunden Zeitpunkt: 13.12.2017 09:55
13.12.2017 09.32.53 Es wurde entweder eine Webadresse blockiert, mit der Angreifer den Computer oder persönliche Daten beschädigen können, oder eine Reklame-Website wurde blockiert. "https://rtb-useast.kobenetwork.com/acquire?impressionid=hp-de39cce154&partnerid=rk1mbxhfmjazmjy4&rel=https://9gag.com/&fa=00&gdo=00&sl=4587777.499831972&pageref=https://9gag.com/&clicktrack=https://i.w55c.net/cl%3ft%3d1%26btid%3dmze3n2e4m2ffoty4yzcwywmtzda3os00ytg0ltgxmmetnjq4mdvhogywmdeyfezgy215sjhuqmr8mtuxmze1mzk2odm0mhwxffhtc3vuuulxc1l8mfj0r2lsmk1jyxxacnj0agmwztffb0tvntv8mjkzotuzfhx8fde3ljbqffvtra%26ei%3dfmx%26tpc%3d%26rurl%3dhttps://track.adform.net/c/%3fbn%3d20361422;adfibeg%3d0;cdata%3degobkwbprmekkfafnask8xsuwzexypqij4d79m2uzyzp98ntnyamtfnyvbeb7hd8snywksuezkem0tpoa_ptzls5vr64-xpzwymhpqr20ls724s2ct4l78xxjl8mrmhl5ncai6mjnzfvp4vkfpkerdvyi3kjxetcwk5xtq9pfcqvpcrssv5_lzt_wxusm5qv0;;crefurl%3dhttps%253a%252f%252f9gag.com%252f;c%3d1" "Objekt: https://rtb-useast.kobenetwork.com/acquire?impressionid=hp-de39cce154&partnerid=rk1mbxhfmjazmjy4&rel=https://9gag.com/&fa=00&gdo=00&sl=4587777.499831972&pageref=https://9gag.com/&clicktrack=https://i.w55c.net/cl%3ft%3d1%26btid%3dmze3n2e4m2ffoty4yzcwywmtzda3os00ytg0ltgxmmetnjq4mdvhogywmdeyfezgy215sjhuqmr8mtuxmze1mzk2odm0mhwxffhtc3vuuulxc1l8mfj0r2lsmk1jyxxacnj0agmwztffb0tvntv8mjkzotuzfhx8fde3ljbqffvtra%26ei%3dfmx%26tpc%3d%26rurl%3dhttps://track.adform.net/c/%3fbn%3d20361422;adfibeg%3d0;cdata%3degobkwbprmekkfafnask8xsuwzexypqij4d79m2uzyzp98ntnyamtfnyvbeb7hd8snywksuezkem0tpoa_ptzls5vr64-xpzwymhpqr20ls724s2ct4l78xxjl8mrmhl5ncai6mjnzfvp4vkfpkerdvyi3kjxetcwk5xtq9pfcqvpcrssv5_lzt_wxusm5qv0;;crefurl%3dhttps%253a%252f%252f9gag.com%252f;c%3d1" Objekttyp: Webadresse Programm: Firefox Zeitpunkt: 13.12.2017 09:32
13.12.2017 09.32.52 Es wurde entweder eine Webadresse blockiert, mit der Angreifer den Computer oder persönliche Daten beschädigen können, oder eine Reklame-Website wurde blockiert. "https://rtb-useast.kobenetwork.com/acquire?impressionid=hp-de39cce154&partnerid=rk1mbxhfmjazmjy4&rel=https://9gag.com/gag/aooq6ex&fa=00&gdo=00&sl=2714752.172453061&pageref=https://tpc.googlesyndication.com/safeframe/1-0-2/html/container.html%23p%3dhttps%253a%252f%252f9gag.com%252fgag%252faooq6ex&clicktrack=https://i.w55c.net/cl%3ft%3d1%26btid%3dm2uymgm1zmjfmwflmmu4ywytzjy1yi00ztm5lwi2owitnzi5mjkxntc1mtm3fezgnlb6c3qzuu58mtuxmze1mzk2otcwm3wxffhtc3vuuulxc1l8mfj0r2lsmk1jyxxacnj0agmwztffb0tvntv8mjkzotuzfhx8fde3ljbqffvtra%26ei%3dfmx%26tpc%3d%26rurl%3dhttps://track.adform.net/c/%3fbn%3d20361422;adfibeg%3d0;cdata%3degobkwbprmekkfafnask8rfd7sh45o87twkxlq_8o_6jglofrwpbsvnyvbeb7hd8snywksuezkem0tpoa_ptzls5vr64-xpzwymhpqr20lvvhzxdjxizabbxf6jr2rnh6lx9zlj3jjkzfgblwy8hqkkinkdyzfaik_dhvsauzk0yz7hx_zixakkm38ov5fdhj3yjgxrxzblb4skzkgrnxw2;;crefurl%3dhttps%253a%252f%252f9gag.com%252fgag%252faooq6ex;c%3d1" "Objekt: https://rtb-useast.kobenetwork.com/acquire?impressionid=hp-de39cce154&partnerid=rk1mbxhfmjazmjy4&rel=https://9gag.com/gag/aooq6ex&fa=00&gdo=00&sl=2714752.172453061&pageref=https://tpc.googlesyndication.com/safeframe/1-0-2/html/container.html%23p%3dhttps%253a%252f%252f9gag.com%252fgag%252faooq6ex&clicktrack=https://i.w55c.net/cl%3ft%3d1%26btid%3dm2uymgm1zmjfmwflmmu4ywytzjy1yi00ztm5lwi2owitnzi5mjkxntc1mtm3fezgnlb6c3qzuu58mtuxmze1mzk2otcwm3wxffhtc3vuuulxc1l8mfj0r2lsmk1jyxxacnj0agmwztffb0tvntv8mjkzotuzfhx8fde3ljbqffvtra%26ei%3dfmx%26tpc%3d%26rurl%3dhttps://track.adform.net/c/%3fbn%3d20361422;adfibeg%3d0;cdata%3degobkwbprmekkfafnask8rfd7sh45o87twkxlq_8o_6jglofrwpbsvnyvbeb7hd8snywksuezkem0tpoa_ptzls5vr64-xpzwymhpqr20lvvhzxdjxizabbxf6jr2rnh6lx9zlj3jjkzfgblwy8hqkkinkdyzfaik_dhvsauzk0yz7hx_zixakkm38ov5fdhj3yjgxrxzblb4skzkgrnxw2;;crefurl%3dhttps%253a%252f%252f9gag.com%252fgag%252faooq6ex;c%3d1" Objekttyp: Webadresse Programm: Firefox Zeitpunkt: 13.12.2017 09:32
13.12.2017 09.14.07 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 178,66 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 847,06 KB Gesamtdauer: 59 Sekunden Zeitpunkt: 13.12.2017 09:14
13.12.2017 09.07.30 Gefunden: SSL-Verbindung mit ungültigem Zertifikat. Verbindung wurde erlaubt. Zeitpunkt: 13.12.2017 09:07 Zertifikatfehler: Dieses Zertifikat oder ein Zertifikat in der Kette ist nicht aktuell.
12.12.2017 18.53.53 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 139,90 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 295,79 KB Gesamtdauer: 41 Sekunden Zeitpunkt: 12.12.2017 18:53
12.12.2017 18.05.42 Gefunden: SSL-Verbindung mit ungültigem Zertifikat. Verbindung wurde getrennt. Zeitpunkt: 12.12.2017 18:05 Zertifikatfehler: Dieses Zertifikat oder ein Zertifikat in der Kette ist nicht aktuell.
12.12.2017 16.52.44 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 434,16 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 420,71 KB Gesamtdauer: 32 Sekunden Zeitpunkt: 12.12.2017 16:52
12.12.2017 14.51.55 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 232,06 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 1,68 MB Gesamtdauer: 1 Minute 10 Sekunden Zeitpunkt: 12.12.2017 14:51
12.12.2017 14.50.45 Rootkit-Suche Keine Bedrohungen gefunden Gefunden: 0 Gelöscht: 0 Nicht desinfiziert: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 10.12.2017 12:51 Gesamtdauer: 25 Minuten 44 Sekunden Ende: 12.12.2017 15:16
12.12.2017 14.47.27 Es wurde entweder eine Webadresse blockiert, mit der Angreifer den Computer oder persönliche Daten beschädigen können, oder eine Reklame-Website wurde blockiert. "https://rtb-useast.kobenetwork.com/acquire?impressionid=hp-de39cce154&partnerid=rk1mbxhfmjazmjy4&rel=https://9gag.com/&fa=00&gdo=00&sl=6133368.632311379&pageref=https://tpc.googlesyndication.com/safeframe/1-0-2/html/container.html%23p%3dhttps%253a%252f%252f9gag.com%252f&clicktrack=https://i.w55c.net/cl%3ft%3d1%26btid%3dzgq2odg4zjlfnjbingizzjytmmmwyi00mzdklwi5odatowuwyja1nwi2mje1fezgttvpuhv0r0d8mtuxmza4njq0mjczmhwxffhtc3vuuulxc1l8mfj0r2lsmk1jyxxnrdffmfvnatffbhcxrdv8mjk0mjgxfhx8fde3ljbqffvtra%26ei%3dfmx%26tpc%3d%26rurl%3dhttps://track.adform.net/c/%3fbn%3d20361422;adfibeg%3d0;cdata%3degobkwbprmekkfafnask8tau-au0kttqsizyfzqyinlbbpgfll4y9vnyvbeb7hd8snywksuezkem0tpoa_ptzls5vr64-xpzwymhpqr20ls724s2ct4l78xxjl8mrmhl_8qykg0rl7kvz-8oe08unk6c2hmvnecthe1swcmbuxlb81ifihuscajjdfnoll1k0;;crefurl%3dhttps%253a%252f%252f9gag.com%252f;c%3d1" "Objekt: https://rtb-useast.kobenetwork.com/acquire?impressionid=hp-de39cce154&partnerid=rk1mbxhfmjazmjy4&rel=https://9gag.com/&fa=00&gdo=00&sl=6133368.632311379&pageref=https://tpc.googlesyndication.com/safeframe/1-0-2/html/container.html%23p%3dhttps%253a%252f%252f9gag.com%252f&clicktrack=https://i.w55c.net/cl%3ft%3d1%26btid%3dzgq2odg4zjlfnjbingizzjytmmmwyi00mzdklwi5odatowuwyja1nwi2mje1fezgttvpuhv0r0d8mtuxmza4njq0mjczmhwxffhtc3vuuulxc1l8mfj0r2lsmk1jyxxnrdffmfvnatffbhcxrdv8mjk0mjgxfhx8fde3ljbqffvtra%26ei%3dfmx%26tpc%3d%26rurl%3dhttps://track.adform.net/c/%3fbn%3d20361422;adfibeg%3d0;cdata%3degobkwbprmekkfafnask8tau-au0kttqsizyfzqyinlbbpgfll4y9vnyvbeb7hd8snywksuezkem0tpoa_ptzls5vr64-xpzwymhpqr20ls724s2ct4l78xxjl8mrmhl_8qykg0rl7kvz-8oe08unk6c2hmvnecthe1swcmbuxlb81ifihuscajjdfnoll1k0;;crefurl%3dhttps%253a%252f%252f9gag.com%252f;c%3d1" Objekttyp: Webadresse Programm: Firefox Zeitpunkt: 12.12.2017 14:47
10.12.2017 18.10.39 Vollständige Untersuchung des Computers Keine Bedrohungen gefunden Gefunden: 0 Gelöscht: 0 Nicht desinfiziert: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 10.12.2017 12:51 Gesamtdauer: 35 Minuten 52 Sekunden Ende: 10.12.2017 18:46
10.12.2017 18.10.10 Die Aufgabe wurde gestartet. Mail-Anti-Virus Zeitpunkt: 10.12.2017 18:10
10.12.2017 18.10.10 Die Aufgabe wurde gestartet. IM-Anti-Virus Zeitpunkt: 10.12.2017 18:10
10.12.2017 18.10.10 Die Aufgabe wurde gestartet. Aktivitätsmonitor Zeitpunkt: 10.12.2017 18:10
10.12.2017 18.10.10 Die Aufgabe wurde gestartet. Web-Anti-Virus Zeitpunkt: 10.12.2017 18:10
10.12.2017 18.10.09 Die Aufgabe wurde gestartet. Datei-Anti-Virus Zeitpunkt: 10.12.2017 18:10
10.12.2017 18.09.11 Update der Datenbanken und Programm-Module Es sind keine Update-Pakete verfügbar. Durchschnittliche Übertragungsrate:: 40,94 KB/s Status:: Es sind keine Update-Pakete verfügbar. Heruntergeladen und aktualisiert:: 5,35 KB Gesamtdauer: 8 Sekunden Zeitpunkt: 10.12.2017 18:09
10.12.2017 18.08.50 Update der Datenbanken und Programm-Module Es sind keine Update-Pakete verfügbar. Durchschnittliche Übertragungsrate:: 44,32 KB/s Status:: Es sind keine Update-Pakete verfügbar. Heruntergeladen und aktualisiert:: 5,35 KB Gesamtdauer: 8 Sekunden Zeitpunkt: 10.12.2017 18:08
10.12.2017 18.07.19 Gefunden: SSL-Verbindung mit ungültigem Zertifikat. Verbindung wurde erlaubt. Zeitpunkt: 10.12.2017 18:07 Zertifikatfehler: Dieses Zertifikat oder ein Zertifikat in der Kette ist nicht aktuell.
10.12.2017 17.54.41 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 284,74 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 599,36 KB Gesamtdauer: 51 Sekunden Zeitpunkt: 10.12.2017 17:54
10.12.2017 14.28.06 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 146,87 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 322,95 KB Gesamtdauer: 43 Sekunden Zeitpunkt: 10.12.2017 14:28
10.12.2017 12.55.24 Rootkit-Suche Keine Bedrohungen gefunden Gefunden: 0 Gelöscht: 0 Nicht desinfiziert: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 10.12.2017 09:31 Gesamtdauer: 33 Minuten 56 Sekunden Ende: 10.12.2017 13:29
10.12.2017 12.26.26 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 189,34 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 947,30 KB Gesamtdauer: 1 Minute 2 Sekunden Zeitpunkt: 10.12.2017 12:26
09.12.2017 16.16.55 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 125,78 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 213,74 KB Gesamtdauer: 42 Sekunden Zeitpunkt: 09.12.2017 16:16
09.12.2017 14.16.00 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 86,57 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 248,04 KB Gesamtdauer: 49 Sekunden Zeitpunkt: 09.12.2017 14:16
09.12.2017 13.05.49 Rootkit-Suche Keine Bedrohungen gefunden Gefunden: 0 Gelöscht: 0 Nicht desinfiziert: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 09.12.2017 06:24 Gesamtdauer: 16 Minuten 47 Sekunden Ende: 09.12.2017 14:18
09.12.2017 12.25.16 Die Aufgabe wurde gestartet. Web-Anti-Virus Zeitpunkt: 09.12.2017 12:25
09.12.2017 12.25.16 Die Aufgabe wurde gestartet. Aktivitätsmonitor Zeitpunkt: 09.12.2017 12:25
09.12.2017 12.25.16 Die Aufgabe wurde gestartet. Mail-Anti-Virus Zeitpunkt: 09.12.2017 12:25
09.12.2017 12.25.16 Die Aufgabe wurde gestartet. IM-Anti-Virus Zeitpunkt: 09.12.2017 12:25
09.12.2017 12.25.13 Die Aufgabe wurde gestartet. Datei-Anti-Virus Zeitpunkt: 09.12.2017 12:25
09.12.2017 12.22.25 Es wurde entweder eine Webadresse blockiert, mit der Angreifer den Computer oder persönliche Daten beschädigen können, oder eine Reklame-Website wurde blockiert. "https://rtb-useast.kobenetwork.com/acquire?impressionid=hp-de39cce154&partnerid=rk1mbxhfmjm3nzu0&rel=hxxp://na.op.gg/summoner/username=jg is top&fa=00&gdo=00&sl=5640130.684625868&pageref=hxxp://na.op.gg/summoner/username%3djg+is+top&clicktrack=hxxp://i.w55c.net/cl%3ft%3d1%26btid%3dmzg3nwe4otzfntrhzmvkmdetzgyzos00zdiyltlinwetzmzkngvjztq0m2e2fezgmxgxwtlanjv8mtuxmjgxodu0mjc2n3wxffhtc3vuuulxc1l8mfj0r2lsmk1jyxxkmgpacee2dtffbmhxzdv8mjkzotuxfhx8fde3ljbqffvtra%26ei%3dfmx%26tpc%3d%26rurl%3dhttps://track.adform.net/c/%3fbn%3d20361422;adfibeg%3d0;cdata%3degobkwbprmhqu-dx7k8x25fv34qyzpodppiphhjo9_r9-mgdpmv5lfnyvbeb7hd8bilcpn-7uj9n_2jwrn7ivystdmprg7phx1nui0_flzf6vb83xghq1sg7zhb8lkmhg-0wq3tl6hdmccjrcjvefzminuflyiwzdctg-y7ig-jdwlogi05yoenddxljudcjj5xpab_sznp--neqs-u60vtcczxrz_rc8ydefwcjgivdeijrsacyfw2;;crefurl%3dhttp%253a%252f%252fna.op.gg%252fsummoner%252fusername%253djg%252bis%252btop;c%3d1" "Objekt: https://rtb-useast.kobenetwork.com/acquire?impressionid=hp-de39cce154&partnerid=rk1mbxhfmjm3nzu0&rel=hxxp://na.op.gg/summoner/username=jg is top&fa=00&gdo=00&sl=5640130.684625868&pageref=hxxp://na.op.gg/summoner/username%3djg+is+top&clicktrack=hxxp://i.w55c.net/cl%3ft%3d1%26btid%3dmzg3nwe4otzfntrhzmvkmdetzgyzos00zdiyltlinwetzmzkngvjztq0m2e2fezgmxgxwtlanjv8mtuxmjgxodu0mjc2n3wxffhtc3vuuulxc1l8mfj0r2lsmk1jyxxkmgpacee2dtffbmhxzdv8mjkzotuxfhx8fde3ljbqffvtra%26ei%3dfmx%26tpc%3d%26rurl%3dhttps://track.adform.net/c/%3fbn%3d20361422;adfibeg%3d0;cdata%3degobkwbprmhqu-dx7k8x25fv34qyzpodppiphhjo9_r9-mgdpmv5lfnyvbeb7hd8bilcpn-7uj9n_2jwrn7ivystdmprg7phx1nui0_flzf6vb83xghq1sg7zhb8lkmhg-0wq3tl6hdmccjrcjvefzminuflyiwzdctg-y7ig-jdwlogi05yoenddxljudcjj5xpab_sznp--neqs-u60vtcczxrz_rc8ydefwcjgivdeijrsacyfw2;;crefurl%3dhttp%253a%252f%252fna.op.gg%252fsummoner%252fusername%253djg%252bis%252btop;c%3d1" Objekttyp: Webadresse Programm: Firefox Zeitpunkt: 09.12.2017 12:22
09.12.2017 12.21.22 Gefunden: SSL-Verbindung mit ungültigem Zertifikat. Verbindung wurde getrennt. Zeitpunkt: 09.12.2017 12:21 Zertifikatfehler: Dieses Zertifikat oder ein Zertifikat in der Kette ist nicht aktuell.
09.12.2017 12.21.16 Es wurde entweder eine Webadresse blockiert, mit der Angreifer den Computer oder persönliche Daten beschädigen können, oder eine Reklame-Website wurde blockiert. "https://rtb-useast.kobenetwork.com/acquire?impressionid=hp-de39cce154&partnerid=rk1mbxhfmjm3nzu0&rel=hxxp://na.op.gg/summoner/username=jg is top&fa=00&gdo=00&sl=5018457.261061074&pageref=hxxp://na.op.gg/summoner/username%3djg+is+top&clicktrack=hxxp://i.w55c.net/cl%3ft%3d1%26btid%3dn2y2nwrkzgjfmtg5odhhy2qtmtuwms00zmrhltk0nzatodyzzmewyjy1ywq0fezgefkxvhf2u2x8mtuxmjgxodq3mjc3mxwxffhtc3vuuulxc1l8mfj0r2lsmk1jyxwxnjm5odaynzu1x0vyfdi5mzk1mxx8fhwxny4wuhxvu0q%26ei%3dfmx%26tpc%3d%26rurl%3dhttps://track.adform.net/c/%3fbn%3d20361422;adfibeg%3d0;cdata%3degobkwbprmhqu-dx7k8x24etzrzwtw5qq0qfj7omimxngzsy9nvcepnyvbeb7hd8bilcpn-7uj9n_2jwrn7ivystdmprg7phx1nui0_flzf6vb83xghq1sg7zhb8lkmhg-0wq3tl6hdmccjrcjvefzminuflyiwzdctg-y7ig-jmiwubjk0zsvixxd-bo27uj5xpab_sznp--neqs-u60vtcczxrz_rc8ydefwcjgivdeijrsacyfw2;;crefurl%3dhttp%253a%252f%252fna.op.gg%252fsummoner%252fusername%253djg%252bis%252btop;c%3d1" "Objekt: https://rtb-useast.kobenetwork.com/acquire?impressionid=hp-de39cce154&partnerid=rk1mbxhfmjm3nzu0&rel=hxxp://na.op.gg/summoner/username=jg is top&fa=00&gdo=00&sl=5018457.261061074&pageref=hxxp://na.op.gg/summoner/username%3djg+is+top&clicktrack=hxxp://i.w55c.net/cl%3ft%3d1%26btid%3dn2y2nwrkzgjfmtg5odhhy2qtmtuwms00zmrhltk0nzatodyzzmewyjy1ywq0fezgefkxvhf2u2x8mtuxmjgxodq3mjc3mxwxffhtc3vuuulxc1l8mfj0r2lsmk1jyxwxnjm5odaynzu1x0vyfdi5mzk1mxx8fhwxny4wuhxvu0q%26ei%3dfmx%26tpc%3d%26rurl%3dhttps://track.adform.net/c/%3fbn%3d20361422;adfibeg%3d0;cdata%3degobkwbprmhqu-dx7k8x24etzrzwtw5qq0qfj7omimxngzsy9nvcepnyvbeb7hd8bilcpn-7uj9n_2jwrn7ivystdmprg7phx1nui0_flzf6vb83xghq1sg7zhb8lkmhg-0wq3tl6hdmccjrcjvefzminuflyiwzdctg-y7ig-jmiwubjk0zsvixxd-bo27uj5xpab_sznp--neqs-u60vtcczxrz_rc8ydefwcjgivdeijrsacyfw2;;crefurl%3dhttp%253a%252f%252fna.op.gg%252fsummoner%252fusername%253djg%252bis%252btop;c%3d1" Objekttyp: Webadresse Programm: Firefox Zeitpunkt: 09.12.2017 12:21
09.12.2017 12.01.19 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 17,75 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 154,02 KB Gesamtdauer: 56 Sekunden Zeitpunkt: 09.12.2017 12:01
09.12.2017 10.00.04 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 173,20 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 1,30 MB Gesamtdauer: 1 Minute 10 Sekunden Zeitpunkt: 09.12.2017 10:00
09.12.2017 09.17.52 Gefunden: SSL-Verbindung mit ungültigem Zertifikat. Verbindung wurde getrennt. Zeitpunkt: 09.12.2017 09:17 Zertifikatfehler: Ungültiger Name des Zertifikats. Der Name gehört nicht zur Zulassungsliste oder ist explizit aus der Liste ausgeschlossen.
08.12.2017 20.10.35 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 236,76 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 835,22 KB Gesamtdauer: 48 Sekunden Zeitpunkt: 08.12.2017 20:10
08.12.2017 17.10.09 Gefunden: SSL-Verbindung mit ungültigem Zertifikat. Verbindung wurde erlaubt. Zeitpunkt: 08.12.2017 17:10 Zertifikatfehler: Dieses Zertifikat oder ein Zertifikat in der Kette ist nicht aktuell.
08.12.2017 15.14.25 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 148,21 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 380,74 KB Gesamtdauer: 44 Sekunden Zeitpunkt: 08.12.2017 15:14
08.12.2017 14.11.14 Gefunden: SSL-Verbindung mit ungültigem Zertifikat. Verbindung wurde erlaubt. Zeitpunkt: 08.12.2017 14:11 Zertifikatfehler: Dieses Zertifikat oder ein Zertifikat in der Kette ist nicht aktuell.
08.12.2017 13.34.19 Rootkit-Suche Keine Bedrohungen gefunden Gefunden: 0 Gelöscht: 0 Nicht desinfiziert: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 08.12.2017 09:38 Gesamtdauer: 26 Minuten 3 Sekunden Ende: 08.12.2017 14:00
08.12.2017 13.13.40 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 168,03 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 1,27 MB Gesamtdauer: 59 Sekunden Zeitpunkt: 08.12.2017 13:13
08.12.2017 13.08.47 Gefunden: SSL-Verbindung mit ungültigem Zertifikat. Verbindung wurde getrennt. Zeitpunkt: 08.12.2017 13:08 Zertifikatfehler: Dieses Zertifikat oder ein Zertifikat in der Kette ist nicht aktuell.
08.12.2017 13.06.31 Es wurde entweder eine Webadresse blockiert, mit der Angreifer den Computer oder persönliche Daten beschädigen können, oder eine Reklame-Website wurde blockiert. "https://rtb-useast.kobenetwork.com/acquire?impressionid=hp-de39cce154&partnerid=rk1mbxhfmjazmjy4&rel=https://9gag.com/gag/ap9b45w&fa=00&gdo=00&sl=2680560.1901098774&pageref=https://tpc.googlesyndication.com/safeframe/1-0-2/html/container.html%23p%3dhttps%253a%252f%252f9gag.com%252fgag%252fap9b45w&clicktrack=https://i.w55c.net/cl%3ft%3d1%26btid%3dmzyxmzq2y2nfzmqxm2mwymqtzdm1zc00njrilwi4zdgtnwy5n2q2mjy2nzzkfezgzvpuau5dehb8mtuxmjczndc4nza3nhwxffhtc3vuuulxc1l8mfj0r2lsmk1jyxxlemzhs01nrzffbvuznjv8mjeymzg5fhx8fde3ljbqffvtra%26ei%3dfmx%26tpc%3d%26rurl%3dhttps://track.adform.net/c/%3fbn%3d20361422;adfibeg%3d0;cdata%3degobkwbprmekkfafnask8rsfunjd7w7jkyyvqjwx-rbpnnwpm9vmt_nyvbeb7hd8snywksuezkem0tpoa_ptzls5vr64-xpzwymhpqr20lvvhzxdjxizaxyfnuwt44xa6lx9zlj3jjkzfgblwy8hqsuwiqtnrzbyltempswd4nyyz7hx_zixakkm38ov5fdhj3yjgxrxzblb4skzkgrnxw2;;crefurl%3dhttps%253a%252f%252f9gag.com%252fgag%252fap9b45w;c%3d1" "Objekt: https://rtb-useast.kobenetwork.com/acquire?impressionid=hp-de39cce154&partnerid=rk1mbxhfmjazmjy4&rel=https://9gag.com/gag/ap9b45w&fa=00&gdo=00&sl=2680560.1901098774&pageref=https://tpc.googlesyndication.com/safeframe/1-0-2/html/container.html%23p%3dhttps%253a%252f%252f9gag.com%252fgag%252fap9b45w&clicktrack=https://i.w55c.net/cl%3ft%3d1%26btid%3dmzyxmzq2y2nfzmqxm2mwymqtzdm1zc00njrilwi4zdgtnwy5n2q2mjy2nzzkfezgzvpuau5dehb8mtuxmjczndc4nza3nhwxffhtc3vuuulxc1l8mfj0r2lsmk1jyxxlemzhs01nrzffbvuznjv8mjeymzg5fhx8fde3ljbqffvtra%26ei%3dfmx%26tpc%3d%26rurl%3dhttps://track.adform.net/c/%3fbn%3d20361422;adfibeg%3d0;cdata%3degobkwbprmekkfafnask8rsfunjd7w7jkyyvqjwx-rbpnnwpm9vmt_nyvbeb7hd8snywksuezkem0tpoa_ptzls5vr64-xpzwymhpqr20lvvhzxdjxizaxyfnuwt44xa6lx9zlj3jjkzfgblwy8hqsuwiqtnrzbyltempswd4nyyz7hx_zixakkm38ov5fdhj3yjgxrxzblb4skzkgrnxw2;;crefurl%3dhttps%253a%252f%252f9gag.com%252fgag%252fap9b45w;c%3d1" Objekttyp: Webadresse Programm: Firefox Zeitpunkt: 08.12.2017 13:06
07.12.2017 22.53.07 Gefunden: SSL-Verbindung mit ungültigem Zertifikat. Verbindung wurde getrennt. Zeitpunkt: 07.12.2017 22:53 Zertifikatfehler: Dieses Zertifikat oder ein Zertifikat in der Kette ist nicht aktuell.
07.12.2017 22.34.15 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 205,50 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 342,97 KB Gesamtdauer: 36 Sekunden Zeitpunkt: 07.12.2017 22:34
07.12.2017 20.30.40 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 304,20 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 311,08 KB Gesamtdauer: 31 Sekunden Zeitpunkt: 07.12.2017 20:30
07.12.2017 20.28.43 Gefunden: SSL-Verbindung mit ungültigem Zertifikat. Verbindung wurde erlaubt. Zeitpunkt: 07.12.2017 20:28 Zertifikatfehler: Dieses Zertifikat oder ein Zertifikat in der Kette ist nicht aktuell.
07.12.2017 17.58.32 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 106,06 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 476,28 KB Gesamtdauer: 52 Sekunden Zeitpunkt: 07.12.2017 17:58
07.12.2017 16.32.32 Benutzerdefinierte Untersuchung Keine Bedrohungen gefunden Gefunden: 0 Gelöscht: 0 Nicht desinfiziert: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 07.12.2017 05:17 Gesamtdauer: 1 Minute 17 Sekunden Ende: 07.12.2017 16:33
07.12.2017 15.57.27 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 70,81 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 114,40 KB Gesamtdauer: 48 Sekunden Zeitpunkt: 07.12.2017 15:57
07.12.2017 13.56.25 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 52,45 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 104,79 KB Gesamtdauer: 45 Sekunden Zeitpunkt: 07.12.2017 13:56
07.12.2017 12.37.58 Gefunden: SSL-Verbindung mit ungültigem Zertifikat. Verbindung wurde getrennt. Zeitpunkt: 07.12.2017 12:37 Zertifikatfehler: Dieses Zertifikat oder ein Zertifikat in der Kette ist nicht aktuell.
07.12.2017 12.09.05 Es wurde entweder eine Webadresse blockiert, mit der Angreifer den Computer oder persönliche Daten beschädigen können, oder eine Reklame-Website wurde blockiert. "https://rtb-useast.kobenetwork.com/acquire?impressionid=hp-de39cce154&partnerid=rk1mbxhfmjazmjy4&rel=https://9gag.com/gag/apqze7w&fa=00&gdo=00&sl=9111523.819809081&pageref=https://tpc.googlesyndication.com/safeframe/1-0-2/html/container.html%23p%3dhttps%253a%252f%252f9gag.com%252fgag%252fapqze7w&clicktrack=https://i.w55c.net/cl%3ft%3d1%26btid%3dzdywmdzkyjbfowizn2jmzmqtnmnknc00mtyylthingutodrjzde5ndeznjk4fezgymszczjryxz8mtuxmjy0ndk0mtkwnnwxffhtc3vuuulxc1l8mfj0r2lsmk1jyxwxnjm5odaynzu1x0vyfdi3ntc3nhx8fhwxny4wuhxvu0q%26ei%3dfmx%26tpc%3d%26rurl%3dhttps://track.adform.net/c/%3fbn%3d20361422;adfibeg%3d0;cdata%3degobkwbprmekkfafnask8ffb2xgorgfciyp98gzosde3ouvpfjlyd_nyvbeb7hd8snywksuezkem0tpoa_ptzls5vr64-xpzwymhpqr20lvvhzxdjxizassyh957qv1_6lx9zlj3jjkzfgblwy8hqlosollwdirtltempswd4nyyz7hx_zixakkm38ov5fdhj3yjgxrxzblb4skzkgrnxw2;;crefurl%3dhttps%253a%252f%252f9gag.com%252fgag%252fapqze7w;c%3d1" "Objekt: https://rtb-useast.kobenetwork.com/acquire?impressionid=hp-de39cce154&partnerid=rk1mbxhfmjazmjy4&rel=https://9gag.com/gag/apqze7w&fa=00&gdo=00&sl=9111523.819809081&pageref=https://tpc.googlesyndication.com/safeframe/1-0-2/html/container.html%23p%3dhttps%253a%252f%252f9gag.com%252fgag%252fapqze7w&clicktrack=https://i.w55c.net/cl%3ft%3d1%26btid%3dzdywmdzkyjbfowizn2jmzmqtnmnknc00mtyylthingutodrjzde5ndeznjk4fezgymszczjryxz8mtuxmjy0ndk0mtkwnnwxffhtc3vuuulxc1l8mfj0r2lsmk1jyxwxnjm5odaynzu1x0vyfdi3ntc3nhx8fhwxny4wuhxvu0q%26ei%3dfmx%26tpc%3d%26rurl%3dhttps://track.adform.net/c/%3fbn%3d20361422;adfibeg%3d0;cdata%3degobkwbprmekkfafnask8ffb2xgorgfciyp98gzosde3ouvpfjlyd_nyvbeb7hd8snywksuezkem0tpoa_ptzls5vr64-xpzwymhpqr20lvvhzxdjxizassyh957qv1_6lx9zlj3jjkzfgblwy8hqlosollwdirtltempswd4nyyz7hx_zixakkm38ov5fdhj3yjgxrxzblb4skzkgrnxw2;;crefurl%3dhttps%253a%252f%252f9gag.com%252fgag%252fapqze7w;c%3d1" Objekttyp: Webadresse Programm: Firefox Zeitpunkt: 07.12.2017 12:09
07.12.2017 11.55.24 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 81,00 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 130,02 KB Gesamtdauer: 44 Sekunden Zeitpunkt: 07.12.2017 11:55
07.12.2017 09.31.53 Rootkit-Suche Keine Bedrohungen gefunden Gefunden: 0 Gelöscht: 0 Nicht desinfiziert: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 07.12.2017 05:17 Gesamtdauer: 27 Minuten 24 Sekunden Ende: 07.12.2017 11:53
07.12.2017 09.16.29 Update der Datenbanken und Programm-Module Abgeschlossen. Durchschnittliche Übertragungsrate:: 111,62 KB/s Status:: Abgeschlossen. Heruntergeladen und aktualisiert:: 1,89 MB Gesamtdauer: 1 Minute 36 Sekunden Zeitpunkt: 07.12.2017 09:16
|
|
13.12.2017, 10:48
| #2 |
| | Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem Tab 2. Teil Addition
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-12-2017
durchgeführt von Julian ***** (13-12-2017 09:43:14)
Gestartet von C:\Users\Julian *****\Downloads
Windows 7 Ultimate (X64) (2017-11-08 20:04:41)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3927489186-1300593664-4163706390-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3927489186-1300593664-4163706390-503 - Limited - Disabled)
Gast (S-1-5-21-3927489186-1300593664-4163706390-501 - Limited - Disabled)
Julian ***** (S-1-5-21-3927489186-1300593664-4163706390-1000 - Administrator - Enabled) => C:\Users\Julian *****
WDAGUtilityAccount (S-1-5-21-3927489186-1300593664-4163706390-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Anti-Virus (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ACP Application (HKLM\...\{08524C4D-56DD-188E-ECD8-4D3F976AA3CF}) (Version: 2017.0424.2109.30 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Anno 1404 - Gold Edition (HKLM-x32\...\1440426004_is1) (Version: 2.0.0.2 - GOG.com)
APP Shop v1.0.20 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.20 - ASRock Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock Restart to UEFI v1.0.5 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.5 - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Brother MFL-Pro Suite MFC-J5320DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
ChemDoodle (HKLM\...\ChemDoodle) (Version: - )
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.1.04011 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{0FC5E486-6EA0-4665-A39D-DCC016D88632}) (Version: 4.1.04011 - Cisco Systems, Inc.) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.0.661 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.661 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{B86D7255-2418-45F1-A36F-7E1FF617550C}) (Version: 18.1.661 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.4.245 - Corel corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (HKLM\...\{1253ED86-69FD-4A7B-BDF2-96A522583A88}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (HKLM\...\{72922AB6-F920-4C98-985D-EC90CE0918D4}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (HKLM\...\{9782A612-03A7-488F-A598-33558163D8F8}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (HKLM\...\{02C85FBD-87D3-4352-BF2E-AFE897CD5559}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (x64) (HKLM\...\{4AA43BE3-D21B-44D7-B9CD-86692DEF3706}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (HKLM\...\{A66E09BB-9892-421D-9EB9-311D12AA5244}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (HKLM\...\{6E6D1438-33CC-413B-BC96-3497B1271CDD}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (HKLM\...\{5FB5FF89-0938-49D9-850B-53B78B84A7E4}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (HKLM\...\{FB081BA0-08D2-4C8C-9E55-788A90430BE3}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM T (x64) (HKLM\...\{A040C72A-0ADC-4FB9-9DB4-19B18F6053F1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (HKLM\...\{04D8C47E-C0FE-4CA5-8878-91ECD9552109}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (HKLM\...\{50D1BD2D-6D8C-45A8-9DB5-CDAB7227DB36}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (HKLM\...\{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (HKLM\...\{48DD8181-A983-447B-9660-A55A935CA751}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (HKLM\...\{81EBD8D4-9142-4D33-BF34-D99EFC1180F5}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (HKLM\...\{1D4B870D-A5A8-4B88-9520-ED8EFD545AA1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (HKLM\...\{23A2ABD8-8231-48AD-AD71-FF0566A7DD8F}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.1.0.661 - Corel Corporation)
CorelDRAW Graphics Suite X8 (HKLM\...\{AFBFA0AC-1173-4C13-B9DC-5CF211EB50DF}) (Version: 18.1 - Corel Corporation) Hidden
CPUID CPU-Z 1.79 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\Discord) (Version: 0.0.298 - Discord Inc.)
DisplayFusion 9.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 9.1.0.0 - Binary Fortress Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 40.4.46 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Dungeon Keeper (HKLM-x32\...\{B9E79070-56B6-4980-A7E9-C28D6480D050}) (Version: 1.0.0.1 - Electronic Arts)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.4.19695 - Landesfinanzdirektion Thüringen)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.88.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.88.0000 - GIGABYTE Technology Co.,Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.0.16 - Riot Games, Inc.)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1147 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JLUbox (HKLM-x32\...\JLUbox) (Version: 11.0.206.0 - Universitaet Musterstadt)
Kaspersky Anti-Virus (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
League of Legends (HKLM-x32\...\{517CC397-B22F-4593-8DCB-DE72CC541E9A}) (Version: 3.0.1 - Riot Games ) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.8625.2139 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 57.0.2 (x64 de) (HKLM\...\Mozilla Firefox 57.0.2 (x64 de)) (Version: 57.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.1 - Mozilla)
Mozilla Thunderbird 52.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.5.0 (x86 de)) (Version: 52.5.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.1.1.35466 - Electronic Arts, Inc.)
PerkinElmer ChemDraw Prime 16.0 (HKLM-x32\...\{BDB47404-8E8B-4327-A9B3-B4B457716924}) (Version: 16.0 - PerkinElmer Informatics, Inc.)
PerkinElmer ChemOffice 64-bit Support for ChemDraw Prime 16.0 (HKLM\...\{03963B0B-6132-4D9E-840A-FC38347D08CD}) (Version: 16.0 - PerkinElmer Informatics, Inc.)
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.9.0.15 - GOG.com)
Pillars of Eternity Kickstarter Item (HKLM-x32\...\Pillars of Eternity Kickstarter Item_is1) (Version: 2.7.0.13 - GOG.com)
Pillars of Eternity Preorder Item and Pet (HKLM-x32\...\Pillars of Eternity Preorder Item and Pet_is1) (Version: 2.7.0.13 - GOG.com)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\Spotify) (Version: 1.0.65.320.gac7a8e02 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold HD (HKLM-x32\...\1207658712_is1) (Version: 1.4 - GOG.com)
Synology Cloud Station Backup (remove only) (HKLM\...\Synology Cloud Station Backup) (Version: 4.1.4224 - Synology, Inc.)
Synology Cloud Station Drive (remove only) (HKLM\...\Synology Cloud Station Drive) (Version: 4.1.4224 - Synology, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.10.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.21.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.0.0.0 - GOG.com)
Wolfram Extras 10.4 (5489702) (HKLM\...\A-WIN-Extras 10.4.0 5489702_is1) (Version: 10.4.0 - Wolfram Research, Inc.)
Wolfram Mathematica 10.4 (M-WIN-L 10.4.0 5489839) (HKLM\...\M-WIN-L 10.4.0 5489839_is1) (Version: 10.4.0 - Wolfram Research, Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3927489186-1300593664-4163706390-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-3927489186-1300593664-4163706390-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3927489186-1300593664-4163706390-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3927489186-1300593664-4163706390-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3927489186-1300593664-4163706390-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3927489186-1300593664-4163706390-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2017-03-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2017-03-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2017-03-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2017-03-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2017-03-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ PowerFolderIgnored] -> {0800cf35-8302-4030-8add-40ac1e3f8834} => C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\IgnoredOverlay_x64.dll [2016-08-25] ()
ShellIconOverlayIdentifiers: [ PowerFolderLocked] -> {0800cf35-8302-4030-8add-40ac1e3f8835} => C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\LockedOverlay_x64.dll [2016-08-25] ()
ShellIconOverlayIdentifiers: [ PowerFolderOK] -> {0800cf35-8302-4030-8add-40ac1e3f8831} => C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\OKOverlay_x64.dll [2016-08-25] ()
ShellIconOverlayIdentifiers: [ PowerFolderSyncing] -> {0800cf35-8302-4030-8add-40ac1e3f8832} => C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\SyncingOverlay_x64.dll [2016-08-25] ()
ShellIconOverlayIdentifiers: [ PowerFolderWarning] -> {0800cf35-8302-4030-8add-40ac1e3f8833} => C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\WarningOverlay_x64.dll [2016-08-25] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2017-12-02] (AO Kaspersky Lab)
ContextMenuHandlers1: [LiferayNativityContextMenus] -> {0800cf35-8302-4030-8add-40ac1e3f8830} => C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\LiferayNativityContextMenus_x64.dll [2016-08-25] ()
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2017-12-02] (AO Kaspersky Lab)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2017-12-02] (AO Kaspersky Lab)
ContextMenuHandlers4: [LiferayNativityContextMenus] -> {0800cf35-8302-4030-8add-40ac1e3f8830} => C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\LiferayNativityContextMenus_x64.dll [2016-08-25] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-22] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2017-12-02] (AO Kaspersky Lab)
ContextMenuHandlers1_S-1-5-21-3927489186-1300593664-4163706390-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll [2017-03-15] ()
ContextMenuHandlers6_S-1-5-21-3927489186-1300593664-4163706390-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll [2017-03-15] ()
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0013CAE6-DB00-4DB8-B7B5-0004D37A1D4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-20] (Google Inc.)
Task: {0183E1CF-13B4-496A-B704-9FFF90BF4D28} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {0460132B-CD7A-4EBD-9C22-9CAD5CFA68E5} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B61F07B-13EE-4F6A-8010-EFE9F39E079B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-28] ()
Task: {1F18A482-883D-4DA6-8C01-FA7C16E7087A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {21AE3A1C-0265-4BF3-808C-BA1BED6B3556} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\WSCStub.exe
Task: {24C3865E-AC79-4630-9E71-2EBF33EA1820} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {27F97C0A-DD7D-4542-AD6D-C91D4324CE43} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\SymErr.exe
Task: {2CBE132C-BEC8-4F89-8F3C-CD5C4054C802} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3448EA7B-6247-41D7-9BAA-51E8B889524B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-09-22] (Advanced Micro Devices, Inc.)
Task: {38513898-465E-4F15-B1AF-46204DDA27A5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4C469262-0BA5-4795-81AE-9177ABBE6F45} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-22] (Microsoft Corporation)
Task: {5F8F7A2C-8BD2-45B0-B1B2-251580BE98D0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {66E42762-104B-4408-AF79-5D069EAE50E1} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\SymErr.exe
Task: {6D3206DE-1609-43A8-8CE9-9451B1C2D8AF} - System32\Tasks\CorelUpdateHelperTask => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-09-26] (Corel Corporation)
Task: {757A337A-51E7-407F-A757-7B0589A80186} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {78174A14-A5BA-462F-B5BB-129255B03298} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7B0C9C79-245E-4476-8B0E-76D1FAE7065D} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8A76D2AC-BF07-4C58-AFAD-986A0EDDBF30} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-28] ()
Task: {8D7BA2E9-0475-414B-99DF-01CC528BBA55} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {94592E02-3ADB-49BD-8082-0E18707F5D71} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {982C488C-2126-4F2F-B480-B55EC0AFAFF1} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9F3AB071-E2FA-4A1B-9903-D95C9D8DF938} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-20] (Google Inc.)
Task: {A32DE110-367B-4462-9E60-556E12699ABD} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {ADE052DF-4937-42F6-BFE0-6F6C58016476} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0F64144-FF95-4FF2-9446-A6A54DB1824A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8FA2BB4-61A6-4C54-BF42-E6D78AF5540C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {BC81CA18-FAB2-485F-9B09-64C314E0614E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {BDA62D07-8107-4F88-9804-5E6E51E384AF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C020C835-9946-4445-981F-D9A54F0D61FE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-20] (Dropbox, Inc.)
Task: {C29EFCF5-355C-4118-A2C6-AB6B2A2A7255} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-22] (Microsoft Corporation)
Task: {C3B33E71-D8C7-4E7D-8D20-C0A7923AEF79} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C8B9B482-104F-4318-879B-079F14ED2BFD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CE8E5101-0A10-4247-9A02-C21EF19AAE25} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CF7F3C35-FC7F-4372-A0C9-00B796270EE6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {DBC29142-0601-4E6B-ABC2-7C0C7A7E3A1F} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-09-26] (Corel Corporation)
Task: {DC7174DA-1534-4DD7-A1C1-36D3EC2FE264} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-20] (Dropbox, Inc.)
Task: {E0CB232F-9665-4A24-9230-9D7EAF3EDB08} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {EA45612D-C2D5-41A3-86F8-7036ABBA55DA} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-11-03 10:04 - 2012-10-31 17:01 - 000061952 _____ () C:\WINDOWS\system32\BRUNVPRNPS64.EXE
2016-07-04 06:01 - 2016-07-04 06:01 - 000287256 _____ () C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
2016-07-04 03:16 - 2016-07-04 03:16 - 000287256 _____ () C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
2016-01-25 18:32 - 2016-01-25 18:31 - 000076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2016-05-17 17:59 - 2005-04-22 05:36 - 000143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-08-25 13:54 - 2016-08-25 13:54 - 000395264 _____ () C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\IgnoredOverlay_x64.dll
2016-08-25 13:54 - 2016-08-25 13:54 - 000169984 _____ () C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\LiferayNativityUtil_x64.dll
2016-08-25 13:54 - 2016-08-25 13:54 - 000395264 _____ () C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\LockedOverlay_x64.dll
2016-08-25 13:54 - 2016-08-25 13:54 - 000395264 _____ () C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\OKOverlay_x64.dll
2016-08-25 13:54 - 2016-08-25 13:54 - 000395264 _____ () C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\SyncingOverlay_x64.dll
2016-08-25 13:54 - 2016-08-25 13:54 - 000395264 _____ () C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\WarningOverlay_x64.dll
2017-09-29 14:42 - 2017-09-30 15:36 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-09-29 14:42 - 2017-09-30 15:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-12-07 09:02 - 2017-12-07 09:02 - 004698848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-12 14:19 - 2017-12-12 14:19 - 000477184 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-12-12 14:19 - 2017-12-12 14:19 - 058590720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-05 07:54 - 2017-10-05 07:55 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2017-11-11 11:27 - 2017-11-11 11:27 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2017-10-05 07:54 - 2017-10-05 07:55 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2017-12-12 14:19 - 2017-12-12 14:19 - 003727360 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-12-12 14:19 - 2017-12-12 14:19 - 002270720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2017-12-12 14:19 - 2017-12-12 14:19 - 016395264 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-12-12 14:19 - 2017-12-12 14:19 - 003579904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-12-12 14:19 - 2017-12-12 14:19 - 003204096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-08-29 15:58 - 2017-08-29 15:58 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-12 14:19 - 2017-12-12 14:19 - 000043520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-12-12 14:19 - 2017-12-12 14:19 - 004038144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll
2017-12-12 14:19 - 2017-12-12 14:19 - 001367040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-12-12 14:19 - 2017-12-12 14:19 - 000214528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\SKU.dll
2015-07-24 13:34 - 2015-07-24 13:34 - 000063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2017-12-02 13:41 - 2017-12-02 13:41 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\kpcengine.2.3.dll
2016-10-07 08:34 - 2016-10-07 08:33 - 002493440 _____ () E:\Origin\libGLESv2.dll
2017-12-07 09:00 - 2017-12-05 02:06 - 000725312 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-12-07 09:00 - 2017-12-05 02:06 - 002075456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2015-12-20 10:23 - 2017-12-05 02:06 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-20 10:23 - 2017-12-05 02:08 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000130512 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 001856848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-12-07 09:00 - 2017-12-05 02:06 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-12-07 09:00 - 2017-12-05 02:06 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-20 10:23 - 2017-12-05 02:06 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-07 08:56 - 2017-12-05 02:08 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-12-07 09:00 - 2017-12-05 02:06 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-12-07 09:00 - 2017-12-05 02:06 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-20 10:23 - 2017-12-05 02:08 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-08-07 08:56 - 2017-12-05 02:08 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-09-21 10:24 - 2017-12-05 02:06 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000021824 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-18 17:07 - 2017-12-05 02:09 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000022856 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-05-17 18:56 - 2017-12-05 02:08 - 000066392 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 001796920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 001956152 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 003859264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000155464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000521024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000050496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000042304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000131384 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000218944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000204096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-20 10:23 - 2017-12-05 02:09 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-02-28 08:46 - 2017-12-05 02:09 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-01-24 08:15 - 2017-12-05 02:09 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-04-15 07:30 - 2017-12-05 02:08 - 000100688 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-01-24 08:15 - 2017-12-05 02:08 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-24 08:15 - 2017-12-05 02:09 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-24 08:15 - 2017-12-05 02:09 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000101184 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-02-12 09:02 - 2017-12-05 02:09 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000025424 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-12-07 09:00 - 2017-12-05 02:06 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-12-07 09:00 - 2017-12-05 02:07 - 000032600 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-12-07 09:00 - 2017-12-05 02:06 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-12-07 09:00 - 2017-12-05 02:07 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-07-08 20:31 - 2017-12-05 02:08 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2017-12-07 09:00 - 2017-12-05 02:07 - 001638200 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-08-07 08:56 - 2017-12-05 02:09 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000545080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000359224 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000038208 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
2017-03-15 09:07 - 2017-03-15 09:07 - 000123918 _____ () C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\libgcc_s_dw2-1.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000524460 _____ () C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\libcurl-4.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 001026062 _____ () C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\libstdc++-6.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 003036430 _____ () C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\libsqlite3-0.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000115214 _____ () C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\zlib1.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 001798570 _____ () C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\icuuc53.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 021565192 _____ () C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\icudt53.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 003095505 _____ () C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\icuin53.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000712704 _____ () C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\platforms\qwindows.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000031744 _____ () C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qgif.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000046080 _____ () C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qicns.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000032768 _____ () C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qico.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000516608 _____ () C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjp2.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000243200 _____ () C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjpeg.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000431616 _____ () C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qtiff.dll
2017-11-27 22:03 - 2017-11-27 22:03 - 023970800 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2017-11-04 21:57 - 2017-11-04 21:57 - 000323152 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2017-11-04 21:57 - 2017-11-04 21:57 - 072940016 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
2017-01-14 18:02 - 2017-12-02 10:14 - 001452728 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ClientTelemetry.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Julian *****\AppData\Local\DisplayFusion\Wallpaper_2.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\StartupFolder: => "GIGABYTE OC_GURU.lnk"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "USB3MON"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "BrHelp"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "PDF5 Registry Controller"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\StartupApproved\Run: => "Discord"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{B3BF8131-9294-4CBB-9596-7078CEE9DC3A}C:\users\Julian *****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Julian *****\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C13E4266-F0A3-4263-8CF6-3452BA6A2E78}C:\users\Julian *****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Julian *****\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{FEF2AB9A-01D1-4ABC-83A3-3BBAA8F17DA1}E:\program files (x86)\perkinelmerinformatics\chemoffice2016\chemdraw\chemdraw.exe] => (Allow) E:\program files (x86)\perkinelmerinformatics\chemoffice2016\chemdraw\chemdraw.exe
FirewallRules: [TCP Query User{1B492FA0-4F23-40FB-AC96-5A212612F1AC}E:\program files (x86)\perkinelmerinformatics\chemoffice2016\chemdraw\chemdraw.exe] => (Allow) E:\program files (x86)\perkinelmerinformatics\chemoffice2016\chemdraw\chemdraw.exe
FirewallRules: [{3A003C25-6951-45D1-B31D-86A407D33CFF}] => (Allow) C:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{249E3793-1960-4C5E-A3F5-A148C281BB6A}] => (Allow) C:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{4D6238D9-3517-4727-8527-C5940B2781A5}] => (Allow) C:\SteamLibrary\steamapps\common\Life is Strange - Before the Storm\Life is Strange - Before the Storm.exe
FirewallRules: [{9212D993-A927-469C-B397-6B44C61A05B5}] => (Allow) C:\SteamLibrary\steamapps\common\Life is Strange - Before the Storm\Life is Strange - Before the Storm.exe
FirewallRules: [{EA1AB122-0644-4FE2-B0FF-8FA2B5F01D54}] => (Allow) C:\Users\Julian *****\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{35465CA3-DF36-4255-A6B9-A53546CA2260}] => (Allow) C:\Users\Julian *****\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2F0DF109-5373-4FC2-8908-DDD504046770}] => (Allow) C:\SteamLibrary\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{8F064E5E-D0AD-49D1-9A50-A92EF5F949F7}] => (Allow) C:\SteamLibrary\steamapps\common\Terraria\Terraria.exe
FirewallRules: [UDP Query User{D975DBFE-D1B6-4F0C-B6AE-0F6CB865191E}C:\program files (x86)\universitaet Musterstadt\jlubox\jre\launch4j-tmp\jlubox.exe] => (Allow) C:\program files (x86)\universitaet Musterstadt\jlubox\jre\launch4j-tmp\jlubox.exe
FirewallRules: [TCP Query User{D0168C6B-80C7-4959-96EA-7E6C95EC9DEE}C:\program files (x86)\universitaet Musterstadt\jlubox\jre\launch4j-tmp\jlubox.exe] => (Allow) C:\program files (x86)\universitaet Musterstadt\jlubox\jre\launch4j-tmp\jlubox.exe
FirewallRules: [{C9CA91FA-F32A-49A5-9F23-3EEED5511258}] => (Allow) E:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{A7A09148-DF88-48F5-BC50-5619190F3CE1}] => (Allow) E:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{BA79A8B9-0A3B-480D-8051-1E5FDC063010}] => (Allow) E:\Steam\steamapps\common\The Curious Expedition\electron.exe
FirewallRules: [{6C94C797-DDE3-438F-B7AE-5A1A07CF648A}] => (Allow) E:\Steam\steamapps\common\The Curious Expedition\electron.exe
FirewallRules: [{01E2679D-0B0E-4680-92CB-43AFE4773A37}] => (Allow) E:\Steam\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [{5A91B395-C6DD-4712-8092-84462085A64B}] => (Allow) E:\Steam\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [UDP Query User{B57402E7-315C-40C4-BB1A-1FEBDE17FB29}E:\program files (x86)\origin games\command and conquer red alert ii\game.exe] => (Allow) E:\program files (x86)\origin games\command and conquer red alert ii\game.exe
FirewallRules: [TCP Query User{57636D2C-474A-4B2A-B0D1-64A1FE765B4B}E:\program files (x86)\origin games\command and conquer red alert ii\game.exe] => (Allow) E:\program files (x86)\origin games\command and conquer red alert ii\game.exe
FirewallRules: [UDP Query User{F714567E-2773-49CC-B747-D0C8522FCA15}C:\users\Julian *****\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\Julian *****\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe
FirewallRules: [TCP Query User{3F4FD8B1-88DD-468A-A51C-DD7E6FAE04FA}C:\users\Julian *****\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\Julian *****\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe
FirewallRules: [{9733ADD4-59F8-4603-9E3E-F8A804F53FDE}] => (Allow) E:\Steam\steamapps\common\HyperLightDrifter\HyperLightDrifter.exe
FirewallRules: [{65537166-3F44-4808-B30D-B91706BD6E9C}] => (Allow) E:\Steam\steamapps\common\HyperLightDrifter\HyperLightDrifter.exe
FirewallRules: [UDP Query User{5D836D15-164C-45B8-8527-C5548712581C}C:\gog games\anno 1404 gold edition\tools\addonweb.exe] => (Allow) C:\gog games\anno 1404 gold edition\tools\addonweb.exe
FirewallRules: [TCP Query User{5614F028-FDFB-4EC1-8AC6-2A9F4BC9EE02}C:\gog games\anno 1404 gold edition\tools\addonweb.exe] => (Allow) C:\gog games\anno 1404 gold edition\tools\addonweb.exe
FirewallRules: [UDP Query User{AA3A9454-9054-4F1A-852C-73C9AB24B48E}C:\gog games\anno 1404 gold edition\addon.exe] => (Allow) C:\gog games\anno 1404 gold edition\addon.exe
FirewallRules: [TCP Query User{CA5FAAF2-5F89-4C67-963F-1B3E6ED0E936}C:\gog games\anno 1404 gold edition\addon.exe] => (Allow) C:\gog games\anno 1404 gold edition\addon.exe
FirewallRules: [UDP Query User{3FE3363F-98AD-4DBA-BF9B-DF41D44DAC58}C:\gog games\anno 1404 gold edition\tools\addonweb.exe] => (Allow) C:\gog games\anno 1404 gold edition\tools\addonweb.exe
FirewallRules: [TCP Query User{36BC451A-9489-4983-A594-FCEBFCA94FBE}C:\gog games\anno 1404 gold edition\tools\addonweb.exe] => (Allow) C:\gog games\anno 1404 gold edition\tools\addonweb.exe
FirewallRules: [UDP Query User{68E814B5-2056-4AB7-AFE8-33DFA8F7D329}C:\gog games\anno 1404 gold edition\tools\anno4web.exe] => (Allow) C:\gog games\anno 1404 gold edition\tools\anno4web.exe
FirewallRules: [TCP Query User{317C8C2D-C913-40CC-BEEB-36ABB0DB5D11}C:\gog games\anno 1404 gold edition\tools\anno4web.exe] => (Allow) C:\gog games\anno 1404 gold edition\tools\anno4web.exe
FirewallRules: [{CB8F67A4-5D64-4C46-B074-BF363AA9B843}] => (Allow) LPort=54925
FirewallRules: [{E468F9DA-57D3-46F5-87E6-C63F52529366}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14e\FAXRX.EXE
FirewallRules: [{EDAF3146-5A7C-496D-A515-73027F18E1F5}] => (Allow) E:\Steam\steamapps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe
FirewallRules: [{E8931BCC-8AA5-44E0-90AD-56F31CD68680}] => (Allow) E:\Steam\steamapps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe
FirewallRules: [{007C95E6-8D28-46A2-B9B0-F56E2F96019D}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{B5D5C55A-396A-4DFC-B961-80A7C2E63023}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{26F7EE1E-60CC-44C4-AC71-0B6729352C06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{61B91623-28AF-4AA4-9857-AD9913F7546F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1DB540DD-A915-4A8B-93D2-0822EEA96100}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{12E96FF6-56F0-413D-BCF6-D9BBC7531D2D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{C0C978E2-D3EE-4350-A670-8EA499631D81}E:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{C40AB9D9-3F89-4E38-A803-3FC3D928C71C}E:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{205649D1-75FB-40DE-B90B-6065BF219B37}E:\diablo iii\diablo iii.exe] => (Allow) E:\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{26EC3D7F-FFCE-40D6-B680-B1AB2520DBF1}E:\diablo iii\diablo iii.exe] => (Allow) E:\diablo iii\diablo iii.exe
FirewallRules: [{DD0696C0-6194-41A8-A060-1A23A5A2B76E}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{FC5ED373-F787-4E05-8B79-D2EA04FB356A}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{DFD4D613-53A9-4B61-8735-047388D05F3C}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{DDF67D51-7932-4A1C-871B-CA11D902F601}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{4B22F1A3-076E-47EB-B179-E83AACE4E5BB}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{6DB77181-F239-49C4-B62F-BAC945CA4FDB}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{70FB2A70-C438-4B06-9BAF-4CC5A65324E6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2743B42F-C416-4E42-B76E-5060D018925A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BC68DC76-3DDE-4940-AA2C-FFF3AA916A50}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{46D75A17-288B-4BF0-B5C4-1E9724FE8563}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{480C2DB8-FB55-4126-A01D-236B3426D579}C:\program files (x86)\displayfusion\displayfusion.exe] => (Allow) C:\program files (x86)\displayfusion\displayfusion.exe
FirewallRules: [TCP Query User{FFC8E51B-3066-4223-9D78-27DD37E943B3}C:\program files (x86)\displayfusion\displayfusion.exe] => (Allow) C:\program files (x86)\displayfusion\displayfusion.exe
FirewallRules: [{6297DDD7-E9E9-4E19-8C61-1160662E7040}] => (Allow) E:\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{5CCBDEA9-DF79-40DD-BD69-22AD56CDBF8C}] => (Allow) E:\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{6F233D5D-1676-405D-9C03-93CC44343073}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{0B552122-36FD-425C-992B-297067C79FED}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{BD2232E1-B387-4871-B236-A6913EBBDFE8}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{8372C339-F67E-4C14-AE7F-DAA240C29C14}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{4CFE1EFF-BA2D-44BE-939E-F5FE6E3C1258}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{CB7ECD0D-0DDA-430C-9177-5AE7AF10F7B4}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{28F238DD-035E-4D3F-BA2B-978050813853}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{92A9E1AC-DBD5-483A-A752-FE507947760E}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{ADCCF3B1-92A4-4BAF-B86B-8F764369C0B7}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A84168E4-3433-4A10-9E52-7F7DF13DC60E}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{4C692A45-771A-4459-81B9-A4C0D2D1902C}] => (Allow) E:\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{9A91FDC6-D6A0-4C9D-98FB-9C9AD984DB11}] => (Allow) E:\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{01043634-BC87-46FE-81DB-FDE362AD30C8}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\Mathematica.exe
FirewallRules: [{65912B29-B37F-4D95-A14D-9EB292EC0B2D}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\Mathematica.exe
FirewallRules: [{650DD88A-7A80-46D3-9B9D-DAC07A9A9213}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\MathKernel.exe
FirewallRules: [{962107D6-3538-4D41-94DB-F0BDB05FA864}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\MathKernel.exe
FirewallRules: [{1EE9C106-3BC1-4CC4-BDAA-DD26C325490E}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\math.exe
FirewallRules: [{0DD35011-476B-406E-8BFC-B3D8B39D650F}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\math.exe
FirewallRules: [TCP Query User{BC8AAEA8-25EC-4E19-BA8B-BA757D047BD4}C:\users\Julian *****\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\Julian *****\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe
FirewallRules: [UDP Query User{2F59EE2A-459F-40E7-9637-C1F3BC0A0F2B}C:\users\Julian *****\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\Julian *****\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe
FirewallRules: [{F1C02A49-529B-432F-BF61-599D2AFA7508}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{905FEE9C-D877-4D18-8EA7-70C04DC88964}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{B4A7670D-49A7-4C90-A243-057DFBC34BA1}E:\program files\chemdoodle\jre\bin\javaw.exe] => (Allow) E:\program files\chemdoodle\jre\bin\javaw.exe
FirewallRules: [UDP Query User{03F5DE5D-42C9-4993-951C-D9B24318F2A9}E:\program files\chemdoodle\jre\bin\javaw.exe] => (Allow) E:\program files\chemdoodle\jre\bin\javaw.exe
FirewallRules: [{732D9DFD-799B-47B7-8CCB-F38CA2269F38}] => (Allow) E:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{859E1A0D-BC38-47E1-8F23-E8DC4894F27C}] => (Allow) E:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{89B586F1-0ECA-4384-80A8-79C54800E421}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe
FirewallRules: [{806071A8-977C-4202-BB78-F7541144BEBE}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe
FirewallRules: [{7095066F-69A3-4B52-9C73-D8D97C89A504}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5B5BD668-7992-4F90-B8A9-64E1320FB12A}] => (Allow) C:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{7A030AC5-ED6C-4332-894E-A1B0A9D07B0D}] => (Allow) C:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{68094972-9F3F-4BCE-8CBA-CD7EEC460C2C}] => (Allow) C:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{55C78325-013E-405A-AD76-55251741C8EC}] => (Allow) C:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{8C204D79-1204-4980-B96F-931DFFC4DB1E}] => (Allow) C:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{6E5B925B-5C40-4B75-86D7-17827E133F20}] => (Allow) C:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [TCP Query User{C0090035-9675-4283-BDD3-3ED46D473767}C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{82F6B4B1-7377-4C29-B3C2-7862EFA4D947}C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{99AD768B-1DBD-48C7-994B-E4ED6E2813F8}C:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{2F285CF1-8A04-4454-BA61-E84308C51CC6}C:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{21069D90-FB08-4A64-8B61-36BA3D4F2CB6}C:\users\Julian *****\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => (Block) C:\users\Julian *****\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe
FirewallRules: [UDP Query User{E06FBEA4-0ACA-4147-99C2-2232D453F568}C:\users\Julian *****\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => (Block) C:\users\Julian *****\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe
FirewallRules: [TCP Query User{95022559-5B1A-4F90-9ABD-A1EAA73E13F1}C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{5B06A172-3AD0-4FFC-8F12-F7DF4078C6D2}C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{82E10310-E3F8-470A-8051-A65016B74DD9}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{9568F464-8853-4AFA-9574-04DCE53263B4}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{045A9516-25A5-4D02-B388-30CAC365A6FC}] => (Allow) C:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{28FF9961-6926-48AC-8DE3-9BE9480D38CE}] => (Allow) C:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{0D286827-7B3E-4EB3-9EF6-BCB773F17BAB}] => (Allow) C:\SteamLibrary\steamapps\common\Night in the Woods\Night in the Woods.exe
FirewallRules: [{0F838742-BBFD-4E0E-A89D-7A7494F967F6}] => (Allow) C:\SteamLibrary\steamapps\common\Night in the Woods\Night in the Woods.exe
FirewallRules: [{525FCB7A-38A4-4DD7-B213-A738F231FBD4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A211B901-5AEF-4118-B776-3C89961A19FC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{46408F58-99D7-465D-A78F-685F84A0A5EC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{ED36576F-183E-4A1C-A018-7005F8A3BBCB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
24-11-2017 18:31:27 Geplanter Prüfpunkt
02-12-2017 10:22:40 Removed Bonjour
03-12-2017 12:44:04 Removed EpsonNet Print
09-12-2017 13:07:48 Removed Apple Application Support (32-Bit)
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/10/2017 06:12:14 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_OFF.
Error: (12/09/2017 01:08:41 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: JulianSchaaf-PC)
Description: Die Anwendung oder der Dienst "Apple Mobile Device Service" konnte nicht neu gestartet werden.
Error: (12/09/2017 12:25:13 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_OFF.
Error: (12/08/2017 01:47:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2017/12/08 13:47:56.472]: [00007832]: Initialize TwdsMain Class failed!
Error: (12/08/2017 01:47:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2017/12/08 13:47:56.472]: [00007832]: ##### Fatal ERROR!! Create STI-device failed! #####
Error: (12/08/2017 01:47:36 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2017/12/08 13:47:36.738]: [00007832]: Initialize TwdsMain Class failed!
Error: (12/08/2017 01:47:36 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2017/12/08 13:47:36.738]: [00007832]: ##### Fatal ERROR!! Create STI-device failed! #####
Error: (12/08/2017 01:47:12 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2017/12/08 13:47:12.873]: [00007832]: Initialize TwdsMain Class failed!
Error: (12/08/2017 01:47:12 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2017/12/08 13:47:12.873]: [00007832]: ##### Fatal ERROR!! Create STI-device failed! #####
Error: (12/08/2017 01:46:52 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2017/12/08 13:46:52.223]: [00007832]: Initialize TwdsMain Class failed!
Systemfehler:
=============
Error: (12/13/2017 08:57:39 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/13/2017 08:57:39 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/13/2017 08:57:39 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/13/2017 08:57:39 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/12/2017 02:15:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/12/2017 02:15:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/12/2017 02:15:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/12/2017 02:15:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/10/2017 07:14:19 PM) (Source: DCOM) (EventID: 10010) (User: JulianSchaaf-PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (12/10/2017 06:10:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "amdacpksd" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
CodeIntegrity:
===================================
Date: 2017-12-03 16:11:09.288
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-03 16:10:48.267
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-03 16:10:13.017
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-03 16:09:51.999
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-12-03 16:09:51.996
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-03 15:53:51.075
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-12-03 15:53:50.053
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-12-03 15:47:34.603
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-12-03 15:42:09.138
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-12-03 15:36:33.905
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-6600 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 16319 MB
Verfügbarer physikalischer RAM: 10982.96 MB
Summe virtueller Speicher: 17343 MB
Verfügbarer virtueller Speicher: 11188.14 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.35 GB) (Free:45.81 GB) NTFS
Drive e: (Volume) (Fixed) (Total:931.51 GB) (Free:661.88 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: FD49AB9A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F982A441)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
13.12.2017, 10:49
| #3 |
| | Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem Tab 3. Teil
__________________FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-12-2017
durchgeführt von Julian ***** (Administrator) auf JULIANSCHAAF-PC (13-12-2017 09:40:23)
Gestartet von C:\Users\Julian *****\Downloads
Geladene Profile: Julian ***** (Verfügbare Profile: Julian *****)
Platform: Windows 7 Ultimate (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
() C:\Windows\System32\BRUNVPRNPS64.EXE
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avp.exe
() C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
() C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Windows\System32\PnkBstrA.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Electronic Arts) E:\Origin\OriginWebHelperService.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avpui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Spotify Ltd) C:\Users\Julian *****\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookApp64.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookApp32.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Synology Inc.) C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-ui.exe
(Synology Inc.) C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-connect.exe
(Synology Inc.) C:\Users\Julian *****\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-daemon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-12-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [975248 2015-07-24] (Cisco Systems, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\Run: [Steam] => E:\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [8626064 2017-11-14] (Binary Fortress Software)
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27742168 2017-06-07] (Skype Technologies S.A.)
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\Run: [Spotify Web Helper] => C:\Users\Julian *****\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-10-09] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-12-18]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\Julian *****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Drive.lnk [2017-12-13]
ShortcutTarget: Synology Cloud Station Drive.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{aa9b7e04-c856-403a-bceb-75886dfbc552}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{de2e52cd-796d-4685-a072-51848460bee8}: [DhcpNameServer] 192.168.178.1
ManualProxies:
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-11-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-19] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-19] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-02] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 43k55wgd.default
FF ProfilePath: C:\Users\Julian *****\AppData\Roaming\Mozilla\Firefox\Profiles\43k55wgd.default [2017-12-13]
FF HKLM\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-12-03]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-12-02] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-19] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-12-02] ()
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=16.0 -> E:\Program Files (x86)\PerkinElmerInformatics\ChemOffice2016\ChemDraw\npcdp32.dll [2017-01-06] (PerkinElmer)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.4.0.5489702\npmathplugin.dll [2016-02-25] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Julian *****\AppData\Local\Google\Chrome\User Data\Default [2017-12-03]
CHR Extension: (Präsentationen) - C:\Users\Julian *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-03]
CHR Extension: (Docs) - C:\Users\Julian *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-03]
CHR Extension: (Google Drive) - C:\Users\Julian *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-18]
CHR Extension: (YouTube) - C:\Users\Julian *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-18]
CHR Extension: (Google-Suche) - C:\Users\Julian *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-18]
CHR Extension: (Tabellen) - C:\Users\Julian *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-03]
CHR Extension: (Google Docs Offline) - C:\Users\Julian *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-16]
CHR Extension: (Kaspersky Protection) - C:\Users\Julian *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2017-12-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Julian *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-20]
CHR Extension: (Google Mail) - C:\Users\Julian *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-18]
CHR Extension: (Chrome Media Router) - C:\Users\Julian *****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-03]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-04-24] (Advanced Micro Devices) [Datei ist nicht signiert]
R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6998536 2017-12-08] ()
R2 BrUnvPrnPort; C:\WINDOWS\system32\\BRUNVPRNPS64.EXE [61952 2012-10-31] ()
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8063664 2017-11-22] (Microsoft Corporation)
R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [287256 2016-07-04] ()
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287256 2016-07-04] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-20] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-20] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51016 2017-12-05] (Dropbox, Inc.)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5291424 2017-11-14] (Binary Fortress Software)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [207360 2015-02-13] (Intel Corporation) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\vssbridge64.exe [426416 2017-12-02] (AO Kaspersky Lab)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2142728 2016-10-07] (Electronic Arts)
R2 Origin Web Helper Service; E:\Origin\OriginWebHelperService.exe [2209296 2016-10-07] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-01-25] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-01-13] ()
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-05-22] (Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc.)
S3 AsrDrv101; C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys [22280 2016-01-10] (ASRock Incorporation)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-07-24] (Advanced Micro Devices)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-01-03] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [46392 2016-01-03] (Disc Soft Ltd)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-12-18] (Symantec Corporation)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70872 2017-10-15] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [89952 2017-10-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29816 2016-10-14] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [207576 2017-12-02] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [594144 2017-12-02] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1055448 2017-12-02] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-10-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-10-15] (AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [44768 2017-01-20] (AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [230312 2017-12-02] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-12-10] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [253200 2017-12-02] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [107680 2017-12-12] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173664 2017-12-02] (AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93920 2016-12-20] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136176 2017-10-15] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199360 2017-10-15] (AO Kaspersky Lab)
S3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Datei ist nicht signiert]
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2015-07-24] (Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-12-03] (Zemana Ltd.)
S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X]
U4 aspnet_state; kein ImagePath
S1 epp; \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-12-13 09:40 - 2017-12-13 09:41 - 000022157 _____ C:\Users\Julian *****\Downloads\FRST.txt
2017-12-13 09:40 - 2017-12-13 09:40 - 000000000 ____D C:\FRST
2017-12-13 09:39 - 2017-12-13 09:39 - 002392064 _____ (Farbar) C:\Users\Julian *****\Downloads\FRST64.exe
2017-12-12 16:20 - 2017-12-12 16:20 - 005160779 _____ C:\Users\Julian *****\Downloads\3_Titantriade.pdf
2017-12-12 16:08 - 2017-12-12 16:08 - 004075139 _____ C:\Users\Julian *****\Downloads\4_Vanadiumtriade.pdf
2017-12-12 16:08 - 2017-12-12 16:08 - 000017935 _____ C:\Users\Julian *****\Downloads\Übung_6_-_WiSe2017.pdf
2017-12-12 14:51 - 2017-12-12 14:51 - 000107680 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2017-12-09 13:11 - 2017-12-10 14:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-12-09 10:00 - 2017-12-10 17:54 - 000087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2017-12-07 11:56 - 2017-12-07 11:56 - 000000000 _____ C:\Users\Julian *****\Desktop\Bafög Rückzahlung Antrag.cdr
2017-12-07 09:00 - 2017-12-07 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-12-05 02:06 - 2017-12-05 02:06 - 000051016 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-12-05 02:06 - 2017-12-05 02:06 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-12-05 02:06 - 2017-12-05 02:06 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-12-05 02:06 - 2017-12-05 02:06 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-12-04 15:11 - 2017-12-04 15:11 - 000092161 _____ C:\Users\Julian *****\Downloads\Übung_08_Allg_Chem_NF_WiSe2017_18_20171214.pdf
2017-12-03 16:10 - 2017-12-10 18:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-03 16:10 - 2017-12-10 18:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-03 16:10 - 2017-12-09 15:38 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-12-03 16:10 - 2017-12-03 16:10 - 000000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-12-03 15:28 - 2017-12-03 15:28 - 000311232 _____ (Mozilla) C:\Users\Julian *****\Downloads\Firefox Installer.exe
2017-12-03 15:17 - 2017-12-03 16:11 - 000000000 ____D C:\ProgramData\Emsisoft
2017-12-03 15:15 - 2017-12-03 15:16 - 295212528 _____ (Emsisoft Ltd. ) C:\Users\Julian *****\Downloads\EmsisoftAntiMalwareSetup.exe
2017-12-03 13:09 - 2017-12-03 13:09 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\1774C292.sys
2017-12-03 13:08 - 2017-12-03 13:18 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-12-03 13:08 - 2017-12-03 13:08 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Julian *****\Downloads\mbar-1.10.3.1001.exe
2017-12-03 13:04 - 2017-12-03 13:06 - 000000000 ____D C:\ProgramData\HitmanPro
2017-12-03 13:01 - 2017-12-03 15:01 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-12-03 12:47 - 2017-12-03 12:47 - 011584088 _____ (SurfRight B.V.) C:\Users\Julian *****\Downloads\hitmanpro_x64.exe
2017-12-03 12:46 - 2017-12-03 12:46 - 078346672 _____ (Malwarebytes ) C:\Users\Julian *****\Downloads\mb3-setup-consumer-3.3.1.2183.exe
2017-12-03 12:45 - 2017-12-13 09:40 - 000182574 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-12-03 12:45 - 2017-12-03 15:01 - 000049029 _____ C:\WINDOWS\ZAM.krnl.trace
2017-12-03 12:45 - 2017-12-03 12:45 - 006625600 _____ (Zemana Ltd. ) C:\Users\Julian *****\Downloads\Zemana.AntiMalware.Setup.exe
2017-12-03 12:45 - 2017-12-03 12:45 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-12-03 12:45 - 2017-12-03 12:45 - 000000000 ____D C:\Users\Julian *****\AppData\Local\Zemana
2017-12-03 10:27 - 2017-12-03 10:27 - 011104019 _____ C:\Users\Julian *****\Downloads\Gössner_1958_Esteraseaktivität_Reaktion.pdf
2017-12-03 10:27 - 2017-12-03 10:27 - 002765088 _____ C:\Users\Julian *****\Downloads\Löffler_1961_Esteraseaktivität.pdf
2017-12-03 10:27 - 2017-12-03 10:27 - 000738555 _____ C:\Users\Julian *****\Downloads\BC05_-_Bestimmung_der_Esterase-Aktivität_in_Tierfleisch_-_2016-11-15.pdf
2017-12-03 10:27 - 2017-12-03 10:27 - 000559305 _____ C:\Users\Julian *****\Downloads\BC03_-_Nachweis_der_Tierart_mittels_halbnativer_SDS-PAGE_-_2016-11-30.pdf
2017-12-03 10:27 - 2017-12-03 10:27 - 000542090 _____ C:\Users\Julian *****\Downloads\BC04_-_Nachweis_der_Tierart_mittels_IEF_-_2016-12-14.pdf
2017-12-03 10:27 - 2017-12-03 10:27 - 000463322 _____ C:\Users\Julian *****\Downloads\BC03_-_Manual_Mini_PROTEAN_Tetra_Cell.pdf
2017-12-03 10:27 - 2017-12-03 10:27 - 000206301 _____ C:\Users\Julian *****\Downloads\BC00_-_Allgemeine_Bemerkungen_Biochemiepraktikum_-_2016_11_30.pdf
2017-12-03 10:27 - 2017-12-03 10:27 - 000151994 _____ C:\Users\Julian *****\Downloads\BC99_-_Roti-Nanoquant.pdf
2017-12-03 10:27 - 2017-12-03 10:27 - 000123584 _____ C:\Users\Julian *****\Downloads\BC02_-_Tierartendifferenzierung_mittels_PCR_Analyse_-_2017-11-17.pdf
2017-12-03 10:26 - 2017-12-03 10:26 - 000276496 _____ C:\Users\Julian *****\Downloads\BC00_-_Ergaenzendes_Skript_-_2016-12-02.pdf
2017-12-03 10:26 - 2017-12-03 10:26 - 000235474 _____ C:\Users\Julian *****\Downloads\BC00_-_Puffer_und_Co_-_2015-10-06.pdf
2017-12-02 13:42 - 2017-12-02 13:42 - 000253200 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2017-12-02 13:41 - 2017-12-02 13:46 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2017-12-02 13:41 - 2017-12-02 13:41 - 001055448 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2017-12-02 13:41 - 2017-12-02 13:41 - 000594144 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2017-12-02 13:41 - 2017-12-02 13:41 - 000230312 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2017-12-02 13:41 - 2017-12-02 13:41 - 000207576 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2017-12-02 13:41 - 2017-12-02 13:41 - 000173664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2017-12-02 13:41 - 2017-12-02 13:41 - 000149304 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\klhkum.dll
2017-12-02 13:41 - 2017-12-02 13:41 - 000002164 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2017-12-02 13:41 - 2017-12-02 13:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2017-12-02 13:41 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2017-12-01 14:54 - 2017-12-01 14:56 - 000000000 ____D C:\AdwCleaner
2017-11-30 16:48 - 2017-11-30 16:48 - 000000000 ____D C:\Users\Julian *****\AppData\LocalLow\Infinite Fall
2017-11-26 09:57 - 2017-11-26 09:57 - 000120732 _____ C:\Users\Julian *****\Downloads\2017-11-20_-_BLC-22_-_Eingangsvoraussetzungen_LC_Praktika.pdf
2017-11-25 15:48 - 2017-11-25 16:17 - 000000202 _____ C:\Users\Julian *****\Desktop\Night in the Woods.url
2017-11-15 18:13 - 2017-10-25 10:11 - 017083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-11-15 18:13 - 2017-10-25 10:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-11-15 18:13 - 2017-10-25 10:09 - 021753344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-11-15 18:13 - 2017-10-25 09:57 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-11-15 18:13 - 2017-10-25 09:57 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-11-15 18:13 - 2017-10-25 09:56 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-11-15 18:13 - 2017-10-25 07:36 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-11-15 18:13 - 2017-10-25 05:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-11-15 18:13 - 2017-10-25 05:40 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-15 18:13 - 2017-10-25 05:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-15 18:13 - 2017-10-25 05:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-11-15 18:13 - 2017-10-25 05:39 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-11-15 18:13 - 2017-10-25 05:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-15 18:13 - 2017-10-25 05:39 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-11-15 18:13 - 2017-10-25 05:37 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-11-15 18:13 - 2017-10-25 05:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-15 18:13 - 2017-10-25 05:36 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-15 18:13 - 2017-10-25 05:36 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-15 18:13 - 2017-10-25 05:36 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-11-15 18:13 - 2017-10-25 05:34 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-15 18:13 - 2017-10-25 05:34 - 000839928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-11-15 18:13 - 2017-10-25 05:34 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-15 18:13 - 2017-10-25 05:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-15 18:13 - 2017-10-25 05:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-11-15 18:13 - 2017-10-25 05:31 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-11-15 18:13 - 2017-10-25 05:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-11-15 18:13 - 2017-10-25 05:30 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-11-15 18:13 - 2017-10-25 05:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-11-15 18:13 - 2017-10-25 05:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-11-15 18:13 - 2017-10-25 05:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-11-15 18:13 - 2017-10-25 05:29 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-11-15 18:13 - 2017-10-25 05:28 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-11-15 18:13 - 2017-10-25 05:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-15 18:13 - 2017-10-25 05:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-11-15 18:13 - 2017-10-25 05:27 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-11-15 18:13 - 2017-10-25 05:27 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-11-15 18:13 - 2017-10-25 05:24 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-11-15 18:13 - 2017-10-25 05:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-11-15 18:13 - 2017-10-25 04:52 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-11-15 18:13 - 2017-10-25 04:50 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-15 18:13 - 2017-10-25 04:36 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-15 18:13 - 2017-10-25 04:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-11-15 18:13 - 2017-10-25 04:30 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-11-15 18:13 - 2017-10-25 04:28 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-11-15 18:13 - 2017-10-25 04:28 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-11-15 18:13 - 2017-10-25 04:28 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-11-15 18:13 - 2017-10-25 04:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-11-15 18:13 - 2017-10-25 04:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-11-15 18:13 - 2017-10-25 04:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-11-15 18:13 - 2017-10-25 04:24 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-11-15 18:13 - 2017-10-25 04:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-15 18:13 - 2017-10-25 04:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-11-15 18:13 - 2017-10-25 04:19 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-15 18:13 - 2017-10-25 04:19 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-11-15 18:13 - 2017-10-25 04:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-11-15 18:13 - 2017-10-25 04:18 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-11-15 18:13 - 2017-10-25 04:18 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-11-15 18:13 - 2017-10-25 04:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-11-15 18:13 - 2017-10-25 04:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-11-15 18:13 - 2017-10-25 04:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-11-15 18:13 - 2017-10-25 04:16 - 023658496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-15 18:13 - 2017-10-25 04:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-11-15 18:13 - 2017-10-25 04:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-11-15 18:13 - 2017-10-25 04:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-15 18:13 - 2017-10-25 04:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-15 18:13 - 2017-10-25 04:14 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-11-15 18:13 - 2017-10-25 04:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-11-15 18:13 - 2017-10-25 04:13 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-15 18:13 - 2017-10-25 04:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-11-15 18:13 - 2017-10-25 04:12 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-11-15 18:13 - 2017-10-25 04:12 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-15 18:13 - 2017-10-25 04:12 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-11-15 18:13 - 2017-10-25 04:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-15 18:13 - 2017-10-25 04:10 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-15 18:13 - 2017-10-25 04:10 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-15 18:13 - 2017-10-25 04:10 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-11-15 18:13 - 2017-10-25 04:09 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-11-15 18:13 - 2017-10-25 04:09 - 002106368 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-15 18:13 - 2017-10-25 04:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-11-15 18:13 - 2017-10-25 04:09 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-15 18:13 - 2017-10-25 04:08 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-15 18:13 - 2017-10-25 04:08 - 002781696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-15 18:13 - 2017-10-25 04:08 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-15 18:13 - 2017-10-25 04:08 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-11-15 18:13 - 2017-10-25 04:08 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-11-15 18:13 - 2017-10-25 04:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-11-15 18:13 - 2017-10-25 04:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-11-15 18:13 - 2017-10-25 04:08 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-15 18:13 - 2017-10-25 04:07 - 018914304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-15 18:13 - 2017-10-25 04:07 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-11-15 18:13 - 2017-10-25 04:07 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-11-15 18:13 - 2017-10-25 04:07 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-11-15 18:13 - 2017-10-25 04:07 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-11-15 18:13 - 2017-10-25 04:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-11-15 18:13 - 2017-10-25 04:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-15 18:13 - 2017-10-25 04:05 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-15 18:13 - 2017-10-25 04:05 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-15 18:13 - 2017-10-25 04:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-11-15 18:13 - 2017-10-25 04:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-15 18:13 - 2017-10-25 04:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-11-15 18:13 - 2017-10-25 04:03 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-11-15 18:13 - 2017-10-25 04:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-15 18:13 - 2017-10-25 04:01 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-15 18:13 - 2017-10-25 04:01 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-15 18:13 - 2017-10-25 03:59 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-15 18:13 - 2017-10-25 03:59 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-15 18:13 - 2017-10-25 03:58 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-11-15 18:13 - 2017-10-25 03:58 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-11-15 18:13 - 2017-10-25 03:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-11-15 18:13 - 2017-10-25 03:57 - 006035968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-15 18:13 - 2017-10-25 03:55 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-11-15 18:13 - 2017-10-25 03:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-11-15 18:13 - 2017-10-21 13:25 - 003313968 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-11-15 18:13 - 2017-10-20 15:17 - 002474584 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-11-15 18:13 - 2017-10-20 06:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-12-13 09:32 - 2017-11-08 20:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-13 09:13 - 2016-02-12 13:18 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-12-13 08:59 - 2016-11-18 21:22 - 000000000 ____D C:\Users\Julian *****\AppData\LocalLow\Mozilla
2017-12-13 08:57 - 2017-11-08 20:59 - 000000000 ____D C:\Users\Julian *****
2017-12-12 16:14 - 2016-05-17 17:59 - 000026940 _____ C:\WINDOWS\BRRBCOM.INI
2017-12-12 14:20 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-12-12 14:19 - 2017-11-08 21:00 - 000000000 ____D C:\Users\Julian *****\AppData\Local\Packages
2017-12-12 14:19 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-12 14:19 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-12 14:17 - 2015-12-20 10:42 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-10 18:16 - 2017-11-08 20:59 - 002342434 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-10 18:16 - 2017-09-30 15:35 - 001042020 _____ C:\WINDOWS\system32\perfh007.dat
2017-12-10 18:16 - 2017-09-30 15:35 - 000239598 _____ C:\WINDOWS\system32\perfc007.dat
2017-12-10 18:10 - 2017-11-08 21:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-10 18:09 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-12-10 18:09 - 2017-06-09 07:47 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-12-09 13:13 - 2016-02-18 18:29 - 000000000 ____D C:\Program Files\Common Files\Apple
2017-12-09 13:11 - 2017-11-08 21:03 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-12-09 13:11 - 2016-02-13 17:14 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-12-09 13:11 - 2016-01-26 10:11 - 000000000 ____D C:\Users\Julian *****\AppData\Local\Adobe
2017-12-09 13:11 - 2015-12-20 12:44 - 000000000 ____D C:\Users\Julian *****\Desktop\Verknüpfungen
2017-12-09 13:08 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2017-12-09 13:08 - 2016-02-18 18:29 - 000000000 ____D C:\ProgramData\Apple
2017-12-07 16:17 - 2017-10-16 12:38 - 000005470 _____ C:\Users\Julian *****\Desktop\HiWi Arbeitszeiten.ods
2017-12-07 09:01 - 2015-12-20 10:23 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-12-05 20:30 - 2015-12-28 00:10 - 000000000 ____D C:\Users\Julian *****\AppData\Roaming\TS3Client
2017-12-03 16:12 - 2017-11-08 20:58 - 000519792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-03 16:10 - 2015-12-18 16:59 - 000000000 ____D C:\Users\Julian *****\AppData\Roaming\Mozilla
2017-12-03 16:10 - 2015-12-18 16:59 - 000000000 ____D C:\Users\Julian *****\AppData\Local\Mozilla
2017-12-03 15:42 - 2015-12-30 12:13 - 000000000 ____D C:\Program Files\VideoLAN
2017-12-03 14:05 - 2016-01-02 10:12 - 000000000 ____D C:\Users\Julian *****\AppData\Local\CrashDumps
2017-12-03 12:42 - 2015-12-20 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-12-03 12:42 - 2015-12-20 10:57 - 000000000 ____D C:\Program Files (x86)\epson
2017-12-03 12:42 - 2015-12-20 10:54 - 000000000 ____D C:\ProgramData\Epson
2017-12-02 13:41 - 2017-09-29 14:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-12-02 13:41 - 2017-06-13 17:45 - 000000000 ____D C:\Program Files\Common Files\AV
2017-12-02 13:40 - 2017-06-13 17:43 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-12-02 11:24 - 2015-12-18 20:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-02 11:21 - 2017-10-11 10:28 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-02 11:21 - 2015-12-18 20:39 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-02 11:03 - 2016-05-17 17:50 - 000000000 ____D C:\ProgramData\ScanSoft
2017-12-02 11:03 - 2016-05-17 17:50 - 000000000 ____D C:\ProgramData\Nuance
2017-12-02 10:51 - 2016-07-19 16:36 - 000000000 ____D C:\Users\Julian *****\AppData\Local\CloudStation
2017-12-02 10:25 - 2017-09-29 14:49 - 000803328 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-02 10:25 - 2017-09-29 14:49 - 000144896 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-02 10:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-02 10:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-02 10:14 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-12-02 10:14 - 2016-01-05 09:48 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-11-30 09:12 - 2017-11-08 21:03 - 000003286 _____ C:\WINDOWS\System32\Tasks\CorelUpdateHelperTask
2017-11-25 15:29 - 2016-01-01 10:54 - 000000000 ____D C:\Users\Julian *****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-11-25 11:01 - 2015-12-27 23:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-11-23 19:47 - 2017-10-09 15:10 - 000000000 ____D C:\Users\Julian *****\AppData\Local\Spotify
2017-11-23 19:45 - 2017-10-09 15:10 - 000000000 ____D C:\Users\Julian *****\AppData\Roaming\Spotify
2017-11-22 16:23 - 2015-12-18 18:17 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-11-20 13:12 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2017-11-20 12:31 - 2017-11-08 20:57 - 000000000 ____D C:\Windows.old
2017-11-16 21:02 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-16 21:02 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-16 21:02 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-11-16 21:02 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-11-16 21:02 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-11-16 21:02 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-16 21:02 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-11-16 12:23 - 2016-09-27 07:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion
2017-11-16 12:23 - 2016-01-01 10:57 - 000000000 ____D C:\Users\Julian *****\Documents\DisplayFusion Backups
2017-11-16 12:23 - 2016-01-01 10:55 - 000000000 ____D C:\Users\Julian *****\AppData\Local\DisplayFusion
2017-11-16 12:23 - 2016-01-01 10:55 - 000000000 ____D C:\Program Files (x86)\DisplayFusion
2017-11-16 12:20 - 2017-11-08 21:03 - 000003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-16 12:20 - 2017-11-08 21:03 - 000003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-15 18:14 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
Einige Dateien in TEMP:
====================
2017-12-09 13:19 - 2017-12-09 13:19 - 000000000 _____ () C:\Users\Julian *****\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll
2017-12-09 13:19 - 2017-12-09 13:19 - 000000017 _____ () C:\Users\Julian *****\AppData\Local\Temp\3597d7930cb5d2a8d0ab0328d278e249.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\wininit.exe FEHLT <==== ACHTUNG
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-12-10 18:49
==================== Ende von FRST.txt ============================
|
|
21.12.2017, 12:51
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem TabZitat:
 Und warum noch Windows 7 bei dieser dicken Kiste?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
21.12.2017, 12:59
| #5 |
| | Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem Tab Das ist eigentlich Windows 10, jedoch von Windows 7 upgegradet, als man als Windows 7 Besitzer Windows 10 umsont bekommen hat. Bei System steht: Windows 10 Home Version 1709 Betriebssystembuild 16299.64 Ist SP1 das Service Pack? Kann ich das irgendwo nachschauen? Ich hoffe das hilft. |
|
21.12.2017, 13:14
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem Tab Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.
__________________ --> Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem Tab |
|
21.12.2017, 13:22
| #7 |
| | Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem Tab FRST Logfile Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2017
durchgeführt von Julian S (Administrator) auf JULIANS-PC (21-12-2017 13:19:04)
Gestartet von C:\Users\Julian S\Downloads
Geladene Profile: Julian S (Verfügbare Profile: Julian S)
Platform: Windows 10 Home Version 1709 16299.64 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
() C:\Windows\System32\BRUNVPRNPS64.EXE
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
() C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Windows\System32\PnkBstrA.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Electronic Arts) E:\Origin\OriginWebHelperService.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avpui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Spotify Ltd) C:\Users\Julian S\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Synology Inc.) C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-ui.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookApp32.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookApp64.exe
(Synology Inc.) C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-connect.exe
(Synology Inc.) C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-daemon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-12-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [975248 2015-07-24] (Cisco Systems, Inc.)
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\Run: [Steam] => E:\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [8626064 2017-11-14] (Binary Fortress Software)
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27742168 2017-06-07] (Skype Technologies S.A.)
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\Run: [Spotify Web Helper] => C:\Users\Julian S\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-10-09] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-12-18]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\Julian S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Drive.lnk [2017-12-21]
ShortcutTarget: Synology Cloud Station Drive.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{aa9b7e04-c856-403a-bceb-75886dfbc552}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{de2e52cd-796d-4685-a072-51848460bee8}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-12-15] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-19] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-19] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-15] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-15] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 43k55wgd.default
FF ProfilePath: C:\Users\Julian S\AppData\Roaming\Mozilla\Firefox\Profiles\43k55wgd.default [2017-12-21]
FF HKLM\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-12-14]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-12-02] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-19] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-12-02] ()
FF Plugin-x32: @cambridgesoft.com/ChemDraw,version=16.0 -> E:\Program Files (x86)\PerkinElmerInformatics\ChemOffice2016\ChemDraw\npcdp32.dll [2017-01-06] (PerkinElmer)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-12-15] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.4.0.5489702\npmathplugin.dll [2016-02-25] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Julian S\AppData\Local\Google\Chrome\User Data\Default [2017-12-03]
CHR Extension: (Präsentationen) - C:\Users\Julian S\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-03]
CHR Extension: (Docs) - C:\Users\Julian S\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-03]
CHR Extension: (Google Drive) - C:\Users\Julian S\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-18]
CHR Extension: (YouTube) - C:\Users\Julian S\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-18]
CHR Extension: (Google-Suche) - C:\Users\Julian S\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-18]
CHR Extension: (Tabellen) - C:\Users\Julian S\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-03]
CHR Extension: (Google Docs Offline) - C:\Users\Julian S\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-16]
CHR Extension: (Kaspersky Protection) - C:\Users\Julian S\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2017-12-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Julian S\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-20]
CHR Extension: (Google Mail) - C:\Users\Julian S\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-18]
CHR Extension: (Chrome Media Router) - C:\Users\Julian S\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-03]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-04-24] (Advanced Micro Devices) [Datei ist nicht signiert]
R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6998536 2017-12-08] ()
R2 BrUnvPrnPort; C:\WINDOWS\system32\\BRUNVPRNPS64.EXE [61952 2012-10-31] ()
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7760552 2017-12-07] (Microsoft Corporation)
R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [287256 2016-07-04] ()
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287256 2016-07-04] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-20] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-20] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51016 2017-12-05] (Dropbox, Inc.)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5291424 2017-11-14] (Binary Fortress Software)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [207360 2015-02-13] (Intel Corporation) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\vssbridge64.exe [426416 2017-12-02] (AO Kaspersky Lab)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2142728 2016-10-07] (Electronic Arts)
R2 Origin Web Helper Service; E:\Origin\OriginWebHelperService.exe [2209296 2016-10-07] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-01-25] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-01-13] ()
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-05-22] (Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc.)
S3 AsrDrv101; C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys [22280 2016-01-10] (ASRock Incorporation)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-07-24] (Advanced Micro Devices)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-01-03] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [46392 2016-01-03] (Disc Soft Ltd)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-12-18] (Symantec Corporation)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-14] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [117984 2017-12-14] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29816 2016-10-14] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [207576 2017-12-02] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [594144 2017-12-02] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1055424 2017-12-15] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-10-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-10-15] (AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [44768 2017-01-20] (AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [230312 2017-12-02] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-12-10] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [253200 2017-12-02] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [107680 2017-12-12] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173664 2017-12-02] (AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93920 2016-12-20] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [135904 2017-12-14] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-12-14] (AO Kaspersky Lab)
S3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Datei ist nicht signiert]
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2015-07-24] (Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-12-03] (Zemana Ltd.)
S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X]
U4 aspnet_state; kein ImagePath
S1 epp; \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-12-21 13:19 - 2017-12-21 13:19 - 000021854 _____ C:\Users\Julian S\Downloads\FRST.txt
2017-12-21 13:18 - 2017-12-21 13:18 - 000000000 ____D C:\Users\Julian S\Downloads\FRST-OlderVersion
2017-12-20 09:27 - 2017-12-20 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-12-20 09:27 - 2017-12-20 09:27 - 000000000 ____D C:\Program Files\7-Zip
2017-12-18 13:49 - 2017-12-18 13:49 - 006830863 _____ C:\Users\Julian S\Downloads\Dateiordner_Übungen.zip
2017-12-15 14:13 - 2017-12-15 14:13 - 000000000 ____D C:\Users\Julian S\Desktop\Biochemie_Praktikum
2017-12-13 09:56 - 2017-12-13 09:56 - 000025247 _____ C:\Users\Julian S\Desktop\Kaspersky export der Ereignisse.txt
2017-12-13 09:55 - 2017-12-13 09:55 - 000037723 _____ C:\Users\Julian S\Documents\tq6.txt
2017-12-13 09:43 - 2017-12-13 09:51 - 000099456 _____ C:\Users\Julian S\Desktop\Addition.txt
2017-12-13 09:40 - 2017-12-21 13:19 - 000000000 ____D C:\FRST
2017-12-13 09:40 - 2017-12-13 09:50 - 000050838 _____ C:\Users\Julian S\Desktop\FRST.txt
2017-12-13 09:39 - 2017-12-21 13:18 - 002392064 _____ (Farbar) C:\Users\Julian S\Downloads\FRST64.exe
2017-12-12 14:51 - 2017-12-12 14:51 - 000107680 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2017-12-09 13:11 - 2017-12-10 14:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-12-09 10:00 - 2017-12-10 17:54 - 000087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2017-12-07 11:56 - 2017-12-07 11:56 - 000000000 _____ C:\Users\Julian S\Desktop\Bafög Rückzahlung Antrag.cdr
2017-12-07 09:00 - 2017-12-07 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-12-05 02:06 - 2017-12-05 02:06 - 000051016 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-12-05 02:06 - 2017-12-05 02:06 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-12-05 02:06 - 2017-12-05 02:06 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-12-05 02:06 - 2017-12-05 02:06 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-12-04 15:11 - 2017-12-04 15:11 - 000092161 _____ C:\Users\Julian S\Downloads\Übung_08_Allg_Chem_NF_WiSe2017_18_20171214.pdf
2017-12-03 23:44 - 2017-12-03 23:44 - 000641696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2017-12-03 23:44 - 2017-12-03 23:44 - 000389296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2017-12-03 23:44 - 2017-12-03 23:44 - 000331432 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2017-12-03 23:44 - 2017-12-03 23:44 - 000087728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
2017-12-03 23:38 - 2017-12-03 23:38 - 000440128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
2017-12-03 23:38 - 2017-12-03 23:38 - 000263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll
2017-12-03 23:38 - 2017-12-03 23:38 - 000242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll
2017-12-03 23:38 - 2017-12-03 23:38 - 000083792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll
2017-12-03 16:10 - 2017-12-10 18:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-03 16:10 - 2017-12-10 18:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-03 16:10 - 2017-12-09 15:38 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-12-03 16:10 - 2017-12-03 16:10 - 000000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-12-03 15:28 - 2017-12-03 15:28 - 000311232 _____ (Mozilla) C:\Users\Julian S\Downloads\Firefox Installer.exe
2017-12-03 15:17 - 2017-12-03 16:11 - 000000000 ____D C:\ProgramData\Emsisoft
2017-12-03 15:15 - 2017-12-03 15:16 - 295212528 _____ (Emsisoft Ltd. ) C:\Users\Julian S\Downloads\EmsisoftAntiMalwareSetup.exe
2017-12-03 13:09 - 2017-12-03 13:09 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\1774C292.sys
2017-12-03 13:08 - 2017-12-03 13:18 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-12-03 13:08 - 2017-12-03 13:08 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Julian S\Downloads\mbar-1.10.3.1001.exe
2017-12-03 13:04 - 2017-12-03 13:06 - 000000000 ____D C:\ProgramData\HitmanPro
2017-12-03 13:01 - 2017-12-03 15:01 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-12-03 12:47 - 2017-12-03 12:47 - 011584088 _____ (SurfRight B.V.) C:\Users\Julian S\Downloads\hitmanpro_x64.exe
2017-12-03 12:46 - 2017-12-03 12:46 - 078346672 _____ (Malwarebytes ) C:\Users\Julian S\Downloads\mb3-setup-consumer-3.3.1.2183.exe
2017-12-03 12:45 - 2017-12-21 13:19 - 001005720 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-12-03 12:45 - 2017-12-03 15:01 - 000049029 _____ C:\WINDOWS\ZAM.krnl.trace
2017-12-03 12:45 - 2017-12-03 12:45 - 006625600 _____ (Zemana Ltd. ) C:\Users\Julian S\Downloads\Zemana.AntiMalware.Setup.exe
2017-12-03 12:45 - 2017-12-03 12:45 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-12-03 12:45 - 2017-12-03 12:45 - 000000000 ____D C:\Users\Julian S\AppData\Local\Zemana
2017-12-03 10:27 - 2017-12-03 10:27 - 011104019 _____ C:\Users\Julian S\Downloads\Gössner_1958_Esteraseaktivität_Reaktion.pdf
2017-12-03 10:27 - 2017-12-03 10:27 - 002765088 _____ C:\Users\Julian S\Downloads\Löffler_1961_Esteraseaktivität.pdf
2017-12-03 10:27 - 2017-12-03 10:27 - 000738555 _____ C:\Users\Julian S\Downloads\BC05_-_Bestimmung_der_Esterase-Aktivität_in_Tierfleisch_-_2016-11-15.pdf
2017-12-03 10:27 - 2017-12-03 10:27 - 000559305 _____ C:\Users\Julian S\Downloads\BC03_-_Nachweis_der_Tierart_mittels_halbnativer_SDS-PAGE_-_2016-11-30.pdf
2017-12-03 10:27 - 2017-12-03 10:27 - 000542090 _____ C:\Users\Julian S\Downloads\BC04_-_Nachweis_der_Tierart_mittels_IEF_-_2016-12-14.pdf
2017-12-03 10:27 - 2017-12-03 10:27 - 000463322 _____ C:\Users\Julian S\Downloads\BC03_-_Manual_Mini_PROTEAN_Tetra_Cell.pdf
2017-12-03 10:27 - 2017-12-03 10:27 - 000206301 _____ C:\Users\Julian S\Downloads\BC00_-_Allgemeine_Bemerkungen_Biochemiepraktikum_-_2016_11_30.pdf
2017-12-03 10:27 - 2017-12-03 10:27 - 000151994 _____ C:\Users\Julian S\Downloads\BC99_-_Roti-Nanoquant.pdf
2017-12-03 10:27 - 2017-12-03 10:27 - 000123584 _____ C:\Users\Julian S\Downloads\BC02_-_Tierartendifferenzierung_mittels_PCR_Analyse_-_2017-11-17.pdf
2017-12-03 10:26 - 2017-12-03 10:26 - 000276496 _____ C:\Users\Julian S\Downloads\BC00_-_Ergaenzendes_Skript_-_2016-12-02.pdf
2017-12-03 10:26 - 2017-12-03 10:26 - 000235474 _____ C:\Users\Julian S\Downloads\BC00_-_Puffer_und_Co_-_2015-10-06.pdf
2017-12-02 13:42 - 2017-12-02 13:42 - 000253200 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2017-12-02 13:41 - 2017-12-15 10:44 - 001055424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2017-12-02 13:41 - 2017-12-02 13:46 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2017-12-02 13:41 - 2017-12-02 13:41 - 000594144 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2017-12-02 13:41 - 2017-12-02 13:41 - 000230312 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2017-12-02 13:41 - 2017-12-02 13:41 - 000207576 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2017-12-02 13:41 - 2017-12-02 13:41 - 000173664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2017-12-02 13:41 - 2017-12-02 13:41 - 000149304 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\klhkum.dll
2017-12-02 13:41 - 2017-12-02 13:41 - 000002164 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2017-12-02 13:41 - 2017-12-02 13:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2017-12-02 13:41 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2017-12-01 14:54 - 2017-12-01 14:56 - 000000000 ____D C:\AdwCleaner
2017-11-30 16:48 - 2017-11-30 16:48 - 000000000 ____D C:\Users\Julian S\AppData\LocalLow\Infinite Fall
2017-11-25 15:48 - 2017-11-25 16:17 - 000000202 _____ C:\Users\Julian S\Desktop\Night in the Woods.url
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-12-21 12:57 - 2016-11-18 21:22 - 000000000 ____D C:\Users\Julian S\AppData\LocalLow\Mozilla
2017-12-21 11:59 - 2016-05-17 17:59 - 000026940 _____ C:\WINDOWS\BRRBCOM.INI
2017-12-21 11:41 - 2016-02-12 13:18 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-12-21 11:15 - 2017-11-08 20:59 - 000000000 ____D C:\Users\Julian S
2017-12-21 09:22 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-12-21 09:21 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-21 09:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-21 09:17 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-12-17 15:03 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-15 17:07 - 2017-11-08 20:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-15 14:25 - 2016-12-29 10:55 - 000000000 ____D C:\Users\Julian S\Documents\Corel
2017-12-15 12:53 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2017-12-15 10:39 - 2017-04-14 12:34 - 000002277 _____ C:\Users\Julian S\Desktop\Discord.lnk
2017-12-15 10:39 - 2017-04-14 12:34 - 000000000 ____D C:\Users\Julian S\AppData\Roaming\discord
2017-12-15 10:39 - 2017-04-14 12:34 - 000000000 ____D C:\Users\Julian S\AppData\Local\Discord
2017-12-15 10:31 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-12-15 10:30 - 2016-01-05 09:48 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-12-14 19:26 - 2017-10-15 06:42 - 000199392 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kneps.sys
2017-12-14 19:26 - 2017-10-15 06:42 - 000135904 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2017-12-14 19:26 - 2017-10-15 06:42 - 000117984 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupflt.sys
2017-12-14 19:26 - 2017-10-15 06:42 - 000070880 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupdisk.sys
2017-12-13 19:19 - 2015-12-18 20:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-13 19:18 - 2017-10-11 10:28 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-13 19:18 - 2015-12-18 20:39 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-12 14:19 - 2017-11-08 21:00 - 000000000 ____D C:\Users\Julian S\AppData\Local\Packages
2017-12-12 14:17 - 2015-12-20 10:42 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-10 18:16 - 2017-11-08 20:59 - 002342434 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-10 18:16 - 2017-09-30 15:35 - 001042020 _____ C:\WINDOWS\system32\perfh007.dat
2017-12-10 18:16 - 2017-09-30 15:35 - 000239598 _____ C:\WINDOWS\system32\perfc007.dat
2017-12-10 18:10 - 2017-11-08 21:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-10 18:09 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-12-10 18:09 - 2017-06-09 07:47 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-12-09 13:13 - 2016-02-18 18:29 - 000000000 ____D C:\Program Files\Common Files\Apple
2017-12-09 13:11 - 2017-11-08 21:03 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-12-09 13:11 - 2016-02-13 17:14 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-12-09 13:11 - 2016-01-26 10:11 - 000000000 ____D C:\Users\Julian S\AppData\Local\Adobe
2017-12-09 13:11 - 2015-12-20 12:44 - 000000000 ____D C:\Users\Julian S\Desktop\Verknüpfungen
2017-12-09 13:08 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2017-12-09 13:08 - 2016-02-18 18:29 - 000000000 ____D C:\ProgramData\Apple
2017-12-07 16:17 - 2017-10-16 12:38 - 000005470 _____ C:\Users\Julian S\Desktop\HiWi Arbeitszeiten.ods
2017-12-07 09:01 - 2015-12-20 10:23 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-12-05 20:30 - 2015-12-28 00:10 - 000000000 ____D C:\Users\Julian S\AppData\Roaming\TS3Client
2017-12-03 16:12 - 2017-11-08 20:58 - 000519792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-03 16:10 - 2015-12-18 16:59 - 000000000 ____D C:\Users\Julian S\AppData\Roaming\Mozilla
2017-12-03 16:10 - 2015-12-18 16:59 - 000000000 ____D C:\Users\Julian S\AppData\Local\Mozilla
2017-12-03 15:42 - 2015-12-30 12:13 - 000000000 ____D C:\Program Files\VideoLAN
2017-12-03 14:05 - 2016-01-02 10:12 - 000000000 ____D C:\Users\Julian S\AppData\Local\CrashDumps
2017-12-03 12:42 - 2015-12-20 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-12-03 12:42 - 2015-12-20 10:57 - 000000000 ____D C:\Program Files (x86)\epson
2017-12-03 12:42 - 2015-12-20 10:54 - 000000000 ____D C:\ProgramData\Epson
2017-12-02 13:41 - 2017-09-29 14:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-12-02 13:41 - 2017-06-13 17:45 - 000000000 ____D C:\Program Files\Common Files\AV
2017-12-02 13:40 - 2017-06-13 17:43 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-12-02 11:03 - 2016-05-17 17:50 - 000000000 ____D C:\ProgramData\ScanSoft
2017-12-02 11:03 - 2016-05-17 17:50 - 000000000 ____D C:\ProgramData\Nuance
2017-12-02 10:51 - 2016-07-19 16:36 - 000000000 ____D C:\Users\Julian S\AppData\Local\CloudStation
2017-12-02 10:25 - 2017-09-29 14:49 - 000803328 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-02 10:25 - 2017-09-29 14:49 - 000144896 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-02 10:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-02 10:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-11-30 09:12 - 2017-11-08 21:03 - 000003286 _____ C:\WINDOWS\System32\Tasks\CorelUpdateHelperTask
2017-11-25 15:29 - 2016-01-01 10:54 - 000000000 ____D C:\Users\Julian S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-11-25 11:01 - 2015-12-27 23:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-11-23 19:47 - 2017-10-09 15:10 - 000000000 ____D C:\Users\Julian S\AppData\Local\Spotify
2017-11-23 19:45 - 2017-10-09 15:10 - 000000000 ____D C:\Users\Julian S\AppData\Roaming\Spotify
2017-11-22 16:23 - 2015-12-18 18:17 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-12-10 18:49
==================== Ende von FRST.txt ============================
|
|
21.12.2017, 13:24
| #8 |
| | Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem Tab Addition Logfile - Seltsamerweise wird hier jetzt die korrekte Windowsversion angezeigt. Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-12-2017
durchgeführt von Julian S (21-12-2017 13:19:33)
Gestartet von C:\Users\Julian S\Downloads
Windows 10 Home Version 1709 16299.64 (X64) (2017-11-08 20:04:41)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3927489186-1300593664-4163706390-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3927489186-1300593664-4163706390-503 - Limited - Disabled)
Gast (S-1-5-21-3927489186-1300593664-4163706390-501 - Limited - Disabled)
Julian S (S-1-5-21-3927489186-1300593664-4163706390-1000 - Administrator - Enabled) => C:\Users\Julian S
WDAGUtilityAccount (S-1-5-21-3927489186-1300593664-4163706390-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Anti-Virus (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
ACP Application (HKLM\...\{08524C4D-56DD-188E-ECD8-4D3F976AA3CF}) (Version: 2017.0424.2109.30 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Anno 1404 - Gold Edition (HKLM-x32\...\1440426004_is1) (Version: 2.0.0.2 - GOG.com)
APP Shop v1.0.20 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.20 - ASRock Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock Restart to UEFI v1.0.5 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.5 - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Brother MFL-Pro Suite MFC-J5320DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
ChemDoodle (HKLM\...\ChemDoodle) (Version: - )
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.1.04011 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{0FC5E486-6EA0-4665-A39D-DCC016D88632}) (Version: 4.1.04011 - Cisco Systems, Inc.) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.0.661 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{340C451C-F2FD-4309-B259-580FD5E44025}) (Version: 18.1.661 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{B86D7255-2418-45F1-A36F-7E1FF617550C}) (Version: 18.1.661 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.4.245 - Corel corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (HKLM\...\{1253ED86-69FD-4A7B-BDF2-96A522583A88}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (HKLM\...\{72922AB6-F920-4C98-985D-EC90CE0918D4}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (HKLM\...\{9782A612-03A7-488F-A598-33558163D8F8}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (HKLM\...\{02C85FBD-87D3-4352-BF2E-AFE897CD5559}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (x64) (HKLM\...\{4AA43BE3-D21B-44D7-B9CD-86692DEF3706}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (HKLM\...\{A66E09BB-9892-421D-9EB9-311D12AA5244}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (HKLM\...\{6E6D1438-33CC-413B-BC96-3497B1271CDD}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (HKLM\...\{5FB5FF89-0938-49D9-850B-53B78B84A7E4}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (HKLM\...\{FB081BA0-08D2-4C8C-9E55-788A90430BE3}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM T (x64) (HKLM\...\{A040C72A-0ADC-4FB9-9DB4-19B18F6053F1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (HKLM\...\{04D8C47E-C0FE-4CA5-8878-91ECD9552109}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (HKLM\...\{50D1BD2D-6D8C-45A8-9DB5-CDAB7227DB36}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (HKLM\...\{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (HKLM\...\{48DD8181-A983-447B-9660-A55A935CA751}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (HKLM\...\{81EBD8D4-9142-4D33-BF34-D99EFC1180F5}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (HKLM\...\{1D4B870D-A5A8-4B88-9520-ED8EFD545AA1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (HKLM\...\{23A2ABD8-8231-48AD-AD71-FF0566A7DD8F}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.1.0.661 - Corel Corporation)
CorelDRAW Graphics Suite X8 (HKLM\...\{AFBFA0AC-1173-4C13-B9DC-5CF211EB50DF}) (Version: 18.1 - Corel Corporation) Hidden
CPUID CPU-Z 1.79 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\Discord) (Version: 0.0.299 - Discord Inc.)
DisplayFusion 9.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 9.1.0.0 - Binary Fortress Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 40.4.46 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Dungeon Keeper (HKLM-x32\...\{B9E79070-56B6-4980-A7E9-C28D6480D050}) (Version: 1.0.0.1 - Electronic Arts)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.4.19695 - Landesfinanzdirektion Thüringen)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.88.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.88.0000 - GIGABYTE Technology Co.,Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.0.16 - Riot Games, Inc.)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1147 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JLUbox (HKLM-x32\...\JLUbox) (Version: 11.0.206.0 - Universitaet Musterstadt)
Kaspersky Anti-Virus (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
League of Legends (HKLM-x32\...\{517CC397-B22F-4593-8DCB-DE72CC541E9A}) (Version: 3.0.1 - Riot Games ) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.8730.2127 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 57.0.2 (x64 de) (HKLM\...\Mozilla Firefox 57.0.2 (x64 de)) (Version: 57.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.1 - Mozilla)
Mozilla Thunderbird 52.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.5.0 (x86 de)) (Version: 52.5.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8730.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8730.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8730.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8730.2127 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.1.1.35466 - Electronic Arts, Inc.)
PerkinElmer ChemDraw Prime 16.0 (HKLM-x32\...\{BDB47404-8E8B-4327-A9B3-B4B457716924}) (Version: 16.0 - PerkinElmer Informatics, Inc.)
PerkinElmer ChemOffice 64-bit Support for ChemDraw Prime 16.0 (HKLM\...\{03963B0B-6132-4D9E-840A-FC38347D08CD}) (Version: 16.0 - PerkinElmer Informatics, Inc.)
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.9.0.15 - GOG.com)
Pillars of Eternity Kickstarter Item (HKLM-x32\...\Pillars of Eternity Kickstarter Item_is1) (Version: 2.7.0.13 - GOG.com)
Pillars of Eternity Preorder Item and Pet (HKLM-x32\...\Pillars of Eternity Preorder Item and Pet_is1) (Version: 2.7.0.13 - GOG.com)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\Spotify) (Version: 1.0.65.320.gac7a8e02 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold HD (HKLM-x32\...\1207658712_is1) (Version: 1.4 - GOG.com)
Synology Cloud Station Backup (remove only) (HKLM\...\Synology Cloud Station Backup) (Version: 4.1.4224 - Synology, Inc.)
Synology Cloud Station Drive (remove only) (HKLM\...\Synology Cloud Station Drive) (Version: 4.1.4224 - Synology, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.10.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.21.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.0.0.0 - GOG.com)
Wolfram Extras 10.4 (5489702) (HKLM\...\A-WIN-Extras 10.4.0 5489702_is1) (Version: 10.4.0 - Wolfram Research, Inc.)
Wolfram Mathematica 10.4 (M-WIN-L 10.4.0 5489839) (HKLM\...\M-WIN-L 10.4.0 5489839_is1) (Version: 10.4.0 - Wolfram Research, Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3927489186-1300593664-4163706390-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-3927489186-1300593664-4163706390-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3927489186-1300593664-4163706390-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3927489186-1300593664-4163706390-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3927489186-1300593664-4163706390-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3927489186-1300593664-4163706390-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2017-03-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2017-03-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2017-03-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2017-03-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2017-03-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ PowerFolderIgnored] -> {0800cf35-8302-4030-8add-40ac1e3f8834} => C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\IgnoredOverlay_x64.dll [2016-08-25] ()
ShellIconOverlayIdentifiers: [ PowerFolderLocked] -> {0800cf35-8302-4030-8add-40ac1e3f8835} => C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\LockedOverlay_x64.dll [2016-08-25] ()
ShellIconOverlayIdentifiers: [ PowerFolderOK] -> {0800cf35-8302-4030-8add-40ac1e3f8831} => C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\OKOverlay_x64.dll [2016-08-25] ()
ShellIconOverlayIdentifiers: [ PowerFolderSyncing] -> {0800cf35-8302-4030-8add-40ac1e3f8832} => C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\SyncingOverlay_x64.dll [2016-08-25] ()
ShellIconOverlayIdentifiers: [ PowerFolderWarning] -> {0800cf35-8302-4030-8add-40ac1e3f8833} => C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\WarningOverlay_x64.dll [2016-08-25] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2017-12-02] (AO Kaspersky Lab)
ContextMenuHandlers1: [LiferayNativityContextMenus] -> {0800cf35-8302-4030-8add-40ac1e3f8830} => C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\LiferayNativityContextMenus_x64.dll [2016-08-25] ()
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2017-12-02] (AO Kaspersky Lab)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2017-12-02] (AO Kaspersky Lab)
ContextMenuHandlers4: [LiferayNativityContextMenus] -> {0800cf35-8302-4030-8add-40ac1e3f8830} => C:\Program Files (x86)\Universitaet Musterstadt\JLUbox\LiferayNativityContextMenus_x64.dll [2016-08-25] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-22] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-12-05] (Dropbox, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2017-12-02] (AO Kaspersky Lab)
ContextMenuHandlers1_S-1-5-21-3927489186-1300593664-4163706390-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll [2017-03-15] ()
ContextMenuHandlers6_S-1-5-21-3927489186-1300593664-4163706390-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll [2017-03-15] ()
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0013CAE6-DB00-4DB8-B7B5-0004D37A1D4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-20] (Google Inc.)
Task: {0183E1CF-13B4-496A-B704-9FFF90BF4D28} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {0460132B-CD7A-4EBD-9C22-9CAD5CFA68E5} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1F18A482-883D-4DA6-8C01-FA7C16E7087A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {21AE3A1C-0265-4BF3-808C-BA1BED6B3556} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\WSCStub.exe
Task: {24C3865E-AC79-4630-9E71-2EBF33EA1820} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {27F97C0A-DD7D-4542-AD6D-C91D4324CE43} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\SymErr.exe
Task: {2CBE132C-BEC8-4F89-8F3C-CD5C4054C802} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3448EA7B-6247-41D7-9BAA-51E8B889524B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-09-22] (Advanced Micro Devices, Inc.)
Task: {38513898-465E-4F15-B1AF-46204DDA27A5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3D2C3FA1-A3E7-4E93-BB8C-8444DD97B429} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-07] (Microsoft Corporation)
Task: {53F4552D-A2AF-4B5D-A977-8EDE7BCFDF5A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-12-15] (Microsoft Corporation)
Task: {5F8F7A2C-8BD2-45B0-B1B2-251580BE98D0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {66E42762-104B-4408-AF79-5D069EAE50E1} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.0.0.100\SymErr.exe
Task: {6D3206DE-1609-43A8-8CE9-9451B1C2D8AF} - System32\Tasks\CorelUpdateHelperTask => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-09-26] (Corel Corporation)
Task: {757A337A-51E7-407F-A757-7B0589A80186} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {78174A14-A5BA-462F-B5BB-129255B03298} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7B0C9C79-245E-4476-8B0E-76D1FAE7065D} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8D7BA2E9-0475-414B-99DF-01CC528BBA55} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {94592E02-3ADB-49BD-8082-0E18707F5D71} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {982C488C-2126-4F2F-B480-B55EC0AFAFF1} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9F3AB071-E2FA-4A1B-9903-D95C9D8DF938} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-20] (Google Inc.)
Task: {A32DE110-367B-4462-9E60-556E12699ABD} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {ADE052DF-4937-42F6-BFE0-6F6C58016476} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0F64144-FF95-4FF2-9446-A6A54DB1824A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8FA2BB4-61A6-4C54-BF42-E6D78AF5540C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B9FC962B-4B32-4B52-82BB-82C7829A02AF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-12-07] (Microsoft Corporation)
Task: {BC81CA18-FAB2-485F-9B09-64C314E0614E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {BDA62D07-8107-4F88-9804-5E6E51E384AF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C020C835-9946-4445-981F-D9A54F0D61FE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-20] (Dropbox, Inc.)
Task: {C3B33E71-D8C7-4E7D-8D20-C0A7923AEF79} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C8B9B482-104F-4318-879B-079F14ED2BFD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CE8E5101-0A10-4247-9A02-C21EF19AAE25} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CF7F3C35-FC7F-4372-A0C9-00B796270EE6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {DBC29142-0601-4E6B-ABC2-7C0C7A7E3A1F} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-09-26] (Corel Corporation)
Task: {DC7174DA-1534-4DD7-A1C1-36D3EC2FE264} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-20] (Dropbox, Inc.)
Task: {E0CB232F-9665-4A24-9230-9D7EAF3EDB08} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {EA45612D-C2D5-41A3-86F8-7036ABBA55DA} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FB2B2DC8-2A06-40EB-B030-2F16DB7E0582} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-12-15] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-11-03 10:04 - 2012-10-31 17:01 - 000061952 _____ () C:\WINDOWS\system32\BRUNVPRNPS64.EXE
2016-07-04 06:01 - 2016-07-04 06:01 - 000287256 _____ () C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
2016-07-04 03:16 - 2016-07-04 03:16 - 000287256 _____ () C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
2016-01-25 18:32 - 2016-01-25 18:31 - 000076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2016-05-17 17:59 - 2005-04-22 05:36 - 000143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-29 14:42 - 2017-09-30 15:36 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-09-29 14:42 - 2017-09-30 15:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-12-12 14:19 - 2017-12-12 14:19 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-12-12 14:19 - 2017-12-12 14:19 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-12-12 14:19 - 2017-12-12 14:19 - 024735744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-12-12 14:19 - 2017-12-12 14:19 - 002551808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\skypert.dll
2015-07-24 13:34 - 2015-07-24 13:34 - 000063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-10-07 08:34 - 2016-10-07 08:33 - 002493440 _____ () E:\Origin\libGLESv2.dll
2016-05-17 17:58 - 2009-02-27 15:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-12-02 13:41 - 2017-12-02 13:41 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\kpcengine.2.3.dll
2017-12-07 09:00 - 2017-12-05 02:06 - 000725312 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-12-07 09:00 - 2017-12-05 02:06 - 002075456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2015-12-20 10:23 - 2017-12-05 02:06 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-20 10:23 - 2017-12-05 02:08 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000130512 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 001856848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-12-07 09:00 - 2017-12-05 02:06 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-12-07 09:00 - 2017-12-05 02:06 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-20 10:23 - 2017-12-05 02:06 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-07 08:56 - 2017-12-05 02:08 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-12-07 09:00 - 2017-12-05 02:06 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-12-07 09:00 - 2017-12-05 02:06 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-20 10:23 - 2017-12-05 02:08 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-08-07 08:56 - 2017-12-05 02:08 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-09-21 10:24 - 2017-12-05 02:06 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000021824 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-18 17:07 - 2017-12-05 02:09 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000022856 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-05-17 18:56 - 2017-12-05 02:08 - 000066392 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 001796920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 001956152 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 003859264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000155464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000521024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000050496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000042304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000131384 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000218944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000204096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-20 10:23 - 2017-12-05 02:09 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-02-28 08:46 - 2017-12-05 02:09 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-01-24 08:15 - 2017-12-05 02:09 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-04-15 07:30 - 2017-12-05 02:08 - 000100688 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-01-24 08:15 - 2017-12-05 02:08 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-24 08:15 - 2017-12-05 02:09 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-24 08:15 - 2017-12-05 02:09 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-20 10:23 - 2017-12-05 02:06 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000101184 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-02-12 09:02 - 2017-12-05 02:09 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000025424 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-12-07 09:00 - 2017-12-05 02:06 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-12-07 09:00 - 2017-12-05 02:07 - 000032600 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-12-07 09:00 - 2017-12-05 02:06 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-12-07 09:00 - 2017-12-05 02:07 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-07-08 20:31 - 2017-12-05 02:08 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2017-12-07 09:00 - 2017-12-05 02:07 - 001638200 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-08-07 08:56 - 2017-12-05 02:09 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000545080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000359224 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-12-07 09:00 - 2017-12-05 02:07 - 000038208 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
2017-03-15 09:07 - 2017-03-15 09:07 - 000123918 _____ () C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\libgcc_s_dw2-1.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 001026062 _____ () C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\libstdc++-6.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000524460 _____ () C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\libcurl-4.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 001798570 _____ () C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\icuuc53.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000115214 _____ () C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\zlib1.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 003036430 _____ () C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\libsqlite3-0.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 021565192 _____ () C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\icudt53.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 003095505 _____ () C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\icuin53.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000712704 _____ () C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\platforms\qwindows.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000031744 _____ () C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qgif.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000046080 _____ () C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qicns.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000032768 _____ () C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qico.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000516608 _____ () C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjp2.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000243200 _____ () C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjpeg.dll
2017-03-15 09:07 - 2017-03-15 09:07 - 000431616 _____ () C:\Users\Julian S\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qtiff.dll
2017-11-27 22:03 - 2017-11-27 22:03 - 023970800 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2017-11-04 21:57 - 2017-11-04 21:57 - 000323152 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2017-11-04 21:57 - 2017-11-04 21:57 - 072940016 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
2017-01-14 18:02 - 2017-12-02 10:14 - 001452728 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ClientTelemetry.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Julian S\Desktop\BC06 Anhang RFLP Gel bearbeitet (Lars).docx:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Julian S\AppData\Local\DisplayFusion\Wallpaper_2.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\StartupFolder: => "GIGABYTE OC_GURU.lnk"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "USB3MON"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "BrHelp"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "PDF5 Registry Controller"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3927489186-1300593664-4163706390-1000\...\StartupApproved\Run: => "Discord"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{B3BF8131-9294-4CBB-9596-7078CEE9DC3A}C:\users\julian S\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julian S\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C13E4266-F0A3-4263-8CF6-3452BA6A2E78}C:\users\julian S\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julian S\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{FEF2AB9A-01D1-4ABC-83A3-3BBAA8F17DA1}E:\program files (x86)\perkinelmerinformatics\chemoffice2016\chemdraw\chemdraw.exe] => (Allow) E:\program files (x86)\perkinelmerinformatics\chemoffice2016\chemdraw\chemdraw.exe
FirewallRules: [TCP Query User{1B492FA0-4F23-40FB-AC96-5A212612F1AC}E:\program files (x86)\perkinelmerinformatics\chemoffice2016\chemdraw\chemdraw.exe] => (Allow) E:\program files (x86)\perkinelmerinformatics\chemoffice2016\chemdraw\chemdraw.exe
FirewallRules: [{3A003C25-6951-45D1-B31D-86A407D33CFF}] => (Allow) C:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{249E3793-1960-4C5E-A3F5-A148C281BB6A}] => (Allow) C:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{4D6238D9-3517-4727-8527-C5940B2781A5}] => (Allow) C:\SteamLibrary\steamapps\common\Life is Strange - Before the Storm\Life is Strange - Before the Storm.exe
FirewallRules: [{9212D993-A927-469C-B397-6B44C61A05B5}] => (Allow) C:\SteamLibrary\steamapps\common\Life is Strange - Before the Storm\Life is Strange - Before the Storm.exe
FirewallRules: [{EA1AB122-0644-4FE2-B0FF-8FA2B5F01D54}] => (Allow) C:\Users\Julian S\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{35465CA3-DF36-4255-A6B9-A53546CA2260}] => (Allow) C:\Users\Julian S\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2F0DF109-5373-4FC2-8908-DDD504046770}] => (Allow) C:\SteamLibrary\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{8F064E5E-D0AD-49D1-9A50-A92EF5F949F7}] => (Allow) C:\SteamLibrary\steamapps\common\Terraria\Terraria.exe
FirewallRules: [UDP Query User{D975DBFE-D1B6-4F0C-B6AE-0F6CB865191E}C:\program files (x86)\universitaet Musterstadt\jlubox\jre\launch4j-tmp\jlubox.exe] => (Allow) C:\program files (x86)\universitaet Musterstadt\jlubox\jre\launch4j-tmp\jlubox.exe
FirewallRules: [TCP Query User{D0168C6B-80C7-4959-96EA-7E6C95EC9DEE}C:\program files (x86)\universitaet Musterstadt\jlubox\jre\launch4j-tmp\jlubox.exe] => (Allow) C:\program files (x86)\universitaet Musterstadt\jlubox\jre\launch4j-tmp\jlubox.exe
FirewallRules: [{C9CA91FA-F32A-49A5-9F23-3EEED5511258}] => (Allow) E:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{A7A09148-DF88-48F5-BC50-5619190F3CE1}] => (Allow) E:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{BA79A8B9-0A3B-480D-8051-1E5FDC063010}] => (Allow) E:\Steam\steamapps\common\The Curious Expedition\electron.exe
FirewallRules: [{6C94C797-DDE3-438F-B7AE-5A1A07CF648A}] => (Allow) E:\Steam\steamapps\common\The Curious Expedition\electron.exe
FirewallRules: [{01E2679D-0B0E-4680-92CB-43AFE4773A37}] => (Allow) E:\Steam\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [{5A91B395-C6DD-4712-8092-84462085A64B}] => (Allow) E:\Steam\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [UDP Query User{B57402E7-315C-40C4-BB1A-1FEBDE17FB29}E:\program files (x86)\origin games\command and conquer red alert ii\game.exe] => (Allow) E:\program files (x86)\origin games\command and conquer red alert ii\game.exe
FirewallRules: [TCP Query User{57636D2C-474A-4B2A-B0D1-64A1FE765B4B}E:\program files (x86)\origin games\command and conquer red alert ii\game.exe] => (Allow) E:\program files (x86)\origin games\command and conquer red alert ii\game.exe
FirewallRules: [UDP Query User{F714567E-2773-49CC-B747-D0C8522FCA15}C:\users\julian S\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\julian S\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe
FirewallRules: [TCP Query User{3F4FD8B1-88DD-468A-A51C-DD7E6FAE04FA}C:\users\julian S\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\julian S\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe
FirewallRules: [{9733ADD4-59F8-4603-9E3E-F8A804F53FDE}] => (Allow) E:\Steam\steamapps\common\HyperLightDrifter\HyperLightDrifter.exe
FirewallRules: [{65537166-3F44-4808-B30D-B91706BD6E9C}] => (Allow) E:\Steam\steamapps\common\HyperLightDrifter\HyperLightDrifter.exe
FirewallRules: [UDP Query User{5D836D15-164C-45B8-8527-C5548712581C}C:\gog games\anno 1404 gold edition\tools\addonweb.exe] => (Allow) C:\gog games\anno 1404 gold edition\tools\addonweb.exe
FirewallRules: [TCP Query User{5614F028-FDFB-4EC1-8AC6-2A9F4BC9EE02}C:\gog games\anno 1404 gold edition\tools\addonweb.exe] => (Allow) C:\gog games\anno 1404 gold edition\tools\addonweb.exe
FirewallRules: [UDP Query User{AA3A9454-9054-4F1A-852C-73C9AB24B48E}C:\gog games\anno 1404 gold edition\addon.exe] => (Allow) C:\gog games\anno 1404 gold edition\addon.exe
FirewallRules: [TCP Query User{CA5FAAF2-5F89-4C67-963F-1B3E6ED0E936}C:\gog games\anno 1404 gold edition\addon.exe] => (Allow) C:\gog games\anno 1404 gold edition\addon.exe
FirewallRules: [UDP Query User{3FE3363F-98AD-4DBA-BF9B-DF41D44DAC58}C:\gog games\anno 1404 gold edition\tools\addonweb.exe] => (Allow) C:\gog games\anno 1404 gold edition\tools\addonweb.exe
FirewallRules: [TCP Query User{36BC451A-9489-4983-A594-FCEBFCA94FBE}C:\gog games\anno 1404 gold edition\tools\addonweb.exe] => (Allow) C:\gog games\anno 1404 gold edition\tools\addonweb.exe
FirewallRules: [UDP Query User{68E814B5-2056-4AB7-AFE8-33DFA8F7D329}C:\gog games\anno 1404 gold edition\tools\anno4web.exe] => (Allow) C:\gog games\anno 1404 gold edition\tools\anno4web.exe
FirewallRules: [TCP Query User{317C8C2D-C913-40CC-BEEB-36ABB0DB5D11}C:\gog games\anno 1404 gold edition\tools\anno4web.exe] => (Allow) C:\gog games\anno 1404 gold edition\tools\anno4web.exe
FirewallRules: [{CB8F67A4-5D64-4C46-B074-BF363AA9B843}] => (Allow) LPort=54925
FirewallRules: [{E468F9DA-57D3-46F5-87E6-C63F52529366}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14e\FAXRX.EXE
FirewallRules: [{EDAF3146-5A7C-496D-A515-73027F18E1F5}] => (Allow) E:\Steam\steamapps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe
FirewallRules: [{E8931BCC-8AA5-44E0-90AD-56F31CD68680}] => (Allow) E:\Steam\steamapps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe
FirewallRules: [{007C95E6-8D28-46A2-B9B0-F56E2F96019D}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{B5D5C55A-396A-4DFC-B961-80A7C2E63023}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{26F7EE1E-60CC-44C4-AC71-0B6729352C06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{61B91623-28AF-4AA4-9857-AD9913F7546F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1DB540DD-A915-4A8B-93D2-0822EEA96100}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{12E96FF6-56F0-413D-BCF6-D9BBC7531D2D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{C0C978E2-D3EE-4350-A670-8EA499631D81}E:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{C40AB9D9-3F89-4E38-A803-3FC3D928C71C}E:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{205649D1-75FB-40DE-B90B-6065BF219B37}E:\diablo iii\diablo iii.exe] => (Allow) E:\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{26EC3D7F-FFCE-40D6-B680-B1AB2520DBF1}E:\diablo iii\diablo iii.exe] => (Allow) E:\diablo iii\diablo iii.exe
FirewallRules: [{DD0696C0-6194-41A8-A060-1A23A5A2B76E}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{FC5ED373-F787-4E05-8B79-D2EA04FB356A}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{DFD4D613-53A9-4B61-8735-047388D05F3C}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{DDF67D51-7932-4A1C-871B-CA11D902F601}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{4B22F1A3-076E-47EB-B179-E83AACE4E5BB}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{6DB77181-F239-49C4-B62F-BAC945CA4FDB}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{70FB2A70-C438-4B06-9BAF-4CC5A65324E6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2743B42F-C416-4E42-B76E-5060D018925A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BC68DC76-3DDE-4940-AA2C-FFF3AA916A50}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{46D75A17-288B-4BF0-B5C4-1E9724FE8563}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{480C2DB8-FB55-4126-A01D-236B3426D579}C:\program files (x86)\displayfusion\displayfusion.exe] => (Allow) C:\program files (x86)\displayfusion\displayfusion.exe
FirewallRules: [TCP Query User{FFC8E51B-3066-4223-9D78-27DD37E943B3}C:\program files (x86)\displayfusion\displayfusion.exe] => (Allow) C:\program files (x86)\displayfusion\displayfusion.exe
FirewallRules: [{6297DDD7-E9E9-4E19-8C61-1160662E7040}] => (Allow) E:\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{5CCBDEA9-DF79-40DD-BD69-22AD56CDBF8C}] => (Allow) E:\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{6F233D5D-1676-405D-9C03-93CC44343073}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{0B552122-36FD-425C-992B-297067C79FED}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{BD2232E1-B387-4871-B236-A6913EBBDFE8}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{8372C339-F67E-4C14-AE7F-DAA240C29C14}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{4CFE1EFF-BA2D-44BE-939E-F5FE6E3C1258}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{CB7ECD0D-0DDA-430C-9177-5AE7AF10F7B4}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{28F238DD-035E-4D3F-BA2B-978050813853}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{92A9E1AC-DBD5-483A-A752-FE507947760E}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{ADCCF3B1-92A4-4BAF-B86B-8F764369C0B7}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A84168E4-3433-4A10-9E52-7F7DF13DC60E}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{4C692A45-771A-4459-81B9-A4C0D2D1902C}] => (Allow) E:\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{9A91FDC6-D6A0-4C9D-98FB-9C9AD984DB11}] => (Allow) E:\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{01043634-BC87-46FE-81DB-FDE362AD30C8}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\Mathematica.exe
FirewallRules: [{65912B29-B37F-4D95-A14D-9EB292EC0B2D}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\Mathematica.exe
FirewallRules: [{650DD88A-7A80-46D3-9B9D-DAC07A9A9213}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\MathKernel.exe
FirewallRules: [{962107D6-3538-4D41-94DB-F0BDB05FA864}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\MathKernel.exe
FirewallRules: [{1EE9C106-3BC1-4CC4-BDAA-DD26C325490E}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\math.exe
FirewallRules: [{0DD35011-476B-406E-8BFC-B3D8B39D650F}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\math.exe
FirewallRules: [TCP Query User{BC8AAEA8-25EC-4E19-BA8B-BA757D047BD4}C:\users\julian S\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\julian S\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe
FirewallRules: [UDP Query User{2F59EE2A-459F-40E7-9637-C1F3BC0A0F2B}C:\users\julian S\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => (Allow) C:\users\julian S\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe
FirewallRules: [{F1C02A49-529B-432F-BF61-599D2AFA7508}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{905FEE9C-D877-4D18-8EA7-70C04DC88964}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{B4A7670D-49A7-4C90-A243-057DFBC34BA1}E:\program files\chemdoodle\jre\bin\javaw.exe] => (Allow) E:\program files\chemdoodle\jre\bin\javaw.exe
FirewallRules: [UDP Query User{03F5DE5D-42C9-4993-951C-D9B24318F2A9}E:\program files\chemdoodle\jre\bin\javaw.exe] => (Allow) E:\program files\chemdoodle\jre\bin\javaw.exe
FirewallRules: [{732D9DFD-799B-47B7-8CCB-F38CA2269F38}] => (Allow) E:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{859E1A0D-BC38-47E1-8F23-E8DC4894F27C}] => (Allow) E:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{89B586F1-0ECA-4384-80A8-79C54800E421}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe
FirewallRules: [{806071A8-977C-4202-BB78-F7541144BEBE}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe
FirewallRules: [{7095066F-69A3-4B52-9C73-D8D97C89A504}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5B5BD668-7992-4F90-B8A9-64E1320FB12A}] => (Allow) C:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{7A030AC5-ED6C-4332-894E-A1B0A9D07B0D}] => (Allow) C:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{68094972-9F3F-4BCE-8CBA-CD7EEC460C2C}] => (Allow) C:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{55C78325-013E-405A-AD76-55251741C8EC}] => (Allow) C:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{8C204D79-1204-4980-B96F-931DFFC4DB1E}] => (Allow) C:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{6E5B925B-5C40-4B75-86D7-17827E133F20}] => (Allow) C:\SteamLibrary\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [TCP Query User{C0090035-9675-4283-BDD3-3ED46D473767}C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{82F6B4B1-7377-4C29-B3C2-7862EFA4D947}C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{99AD768B-1DBD-48C7-994B-E4ED6E2813F8}C:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{2F285CF1-8A04-4454-BA61-E84308C51CC6}C:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{21069D90-FB08-4A64-8B61-36BA3D4F2CB6}C:\users\julian S\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => (Block) C:\users\julian S\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe
FirewallRules: [UDP Query User{E06FBEA4-0ACA-4147-99C2-2232D453F568}C:\users\julian S\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => (Block) C:\users\julian S\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe
FirewallRules: [TCP Query User{95022559-5B1A-4F90-9ABD-A1EAA73E13F1}C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{5B06A172-3AD0-4FFC-8F12-F7DF4078C6D2}C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{82E10310-E3F8-470A-8051-A65016B74DD9}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{9568F464-8853-4AFA-9574-04DCE53263B4}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{045A9516-25A5-4D02-B388-30CAC365A6FC}] => (Allow) C:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{28FF9961-6926-48AC-8DE3-9BE9480D38CE}] => (Allow) C:\SteamLibrary\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{0D286827-7B3E-4EB3-9EF6-BCB773F17BAB}] => (Allow) C:\SteamLibrary\steamapps\common\Night in the Woods\Night in the Woods.exe
FirewallRules: [{0F838742-BBFD-4E0E-A89D-7A7494F967F6}] => (Allow) C:\SteamLibrary\steamapps\common\Night in the Woods\Night in the Woods.exe
FirewallRules: [{525FCB7A-38A4-4DD7-B213-A738F231FBD4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A211B901-5AEF-4118-B776-3C89961A19FC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{46408F58-99D7-465D-A78F-685F84A0A5EC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{ED36576F-183E-4A1C-A018-7005F8A3BBCB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
24-11-2017 18:31:27 Geplanter Prüfpunkt
02-12-2017 10:22:40 Removed Bonjour
03-12-2017 12:44:04 Removed EpsonNet Print
09-12-2017 13:07:48 Removed Apple Application Support (32-Bit)
13-12-2017 19:15:53 Windows Update
17-12-2017 15:02:45 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/19/2017 09:28:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm dllhost.exe, Version 10.0.16299.15 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 232c
Startzeit: 01d378a334543e00
Beendigungszeit: 5190
Anwendungspfad: C:\Windows\System32\dllhost.exe
Berichts-ID: c6facd13-0e92-454d-b176-1c626d65fcc4
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (12/17/2017 03:00:31 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_OFF.
Error: (12/15/2017 10:34:33 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2017/12/15 10:34:33.386]: [00012020]: Initialize TwdsMain Class failed!
Error: (12/15/2017 10:34:33 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2017/12/15 10:34:33.386]: [00012020]: ##### Fatal ERROR!! Create STI-device failed! #####
Error: (12/15/2017 10:34:10 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2017/12/15 10:34:10.756]: [00012020]: Initialize TwdsMain Class failed!
Error: (12/15/2017 10:34:10 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2017/12/15 10:34:10.756]: [00012020]: ##### Fatal ERROR!! Create STI-device failed! #####
Error: (12/15/2017 10:29:14 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_OFF.
Error: (12/13/2017 07:19:31 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL W3SVC kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (12/13/2017 07:19:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (12/13/2017 07:19:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "aspnet_state" in der DLL "C:\Windows\System32\aspnet_counters.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Systemfehler:
=============
Error: (12/21/2017 11:15:34 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/21/2017 11:15:34 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/21/2017 11:15:34 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/21/2017 11:15:33 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/21/2017 09:17:38 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/21/2017 09:17:38 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/21/2017 09:17:38 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/21/2017 09:17:38 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/20/2017 03:43:01 PM) (Source: DCOM) (EventID: 10016) (User: JulianS-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "JulianS-PC\Julian S" (SID: S-1-5-21-3927489186-1300593664-4163706390-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/20/2017 09:21:20 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-12-15 12:53:51.445
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-15 12:53:51.426
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-15 12:53:51.404
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-15 12:53:51.362
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-15 12:53:51.354
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-15 12:53:51.347
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-15 12:53:50.739
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-15 12:53:50.651
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-15 12:53:31.337
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-12-15 12:53:31.324
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-6600 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 16319 MB
Verfügbarer physikalischer RAM: 11827.38 MB
Summe virtueller Speicher: 17343 MB
Verfügbarer virtueller Speicher: 11363.09 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.35 GB) (Free:32.56 GB) NTFS
Drive e: (Volume) (Fixed) (Total:931.51 GB) (Free:660.71 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: FD49AB9A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F982A441)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Geändert von JulianS (21.12.2017 um 13:34 Uhr) |
|
21.12.2017, 13:36
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem Tab Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.12.2017, 13:57
| #10 |
| | Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem TabCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org
Database version:
main: v2017.12.21.05
rootkit: v2017.10.14.01
Windows 10 x64 NTFS
Internet Explorer 11.64.16299.0
Julian Schaaf :: JULIANS-PC [administrator]
21.12.2017 13:45:33
mbar-log-2017-12-21 (13-45-33).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 256135
Time elapsed: 6 minute(s), 42 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
21.12.2017, 14:29
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem Tab Gabs keine Funde oder hast du nur das letzte Log ohne Funde gepostest?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.12.2017, 14:32
| #12 |
| | Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem Tab Es gab leider oder zum Glück keine Befunde :/ |
|
21.12.2017, 14:33
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem Tab Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! adwCleaner v7.x Downloade Dir bitte  AdwCleaner auf Deinen Desktop (Bebilderte Anleitung).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.12.2017, 14:42
| #14 |
| | Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem Tab Auch keine Befunde Code:
ATTFilter # AdwCleaner 7.0.5.0 - Logfile created on Thu Dec 21 13:40:10 2017
# Updated on 2017/29/11 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
No malicious registry entries deleted.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [945 B] - [2017/12/1 13:56:3]
C:/AdwCleaner/AdwCleaner[S1].txt - [1011 B] - [2017/12/21 13:39:45]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
|
|
21.12.2017, 14:45
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem Tab Bitte erstelle erstelle im Firefox ein neues Profil und lösche das alte siehe --> http://support.mozilla.com/de/kb/Profile%20verwalten Sichere - falls wichtig - vorher wichtige Lesezeichen, gespeicherte Passwörter etc.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Firefox öffnet automatisch unseriöse Gewinnspielseiten/Werbung in neuem Tab |
| antimalware, automatisch, bestimmte, blockiert, code, computer, fehler, firefox, folge, forum, kaspersky, logfiles, malwarebytes, neue, neuen, nicht mehr, odg, problem, programm, software, spiele, tab, version, webseiten, öffnet |
Linear-Darstellung
