| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Lavasoft EntfernungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
04.01.2019, 22:44
| #1 |
| |  Lavasoft Entfernung Hallo zusammen, beim Versuch das Spiel Factorio im Multiplayer zu spielen scheint es zu Komplikationen mit der LavasoftTcpService64.dll zu kommen. Keine Ahnung wo die herkommt ;-) Ich würde mich freuen, wenn Ihr mir dabei helfen könnt, das Ding loszuwerden. Ich habe mir FRST frisch runtergeladen, hier die Logs: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01.01.2019
durchgeführt von Admin (Administrator) auf DJ (04-01-2019 22:20:29)
Gestartet von C:\Users\Admin\Desktop
Geladene Profile: Admin & Fee-Jonas & Dirk (Verfügbare Profile: Admin & Fee-Jonas & Dirk)
Platform: Windows 8.1 Pro (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Device Health\DhMachineSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Device Health\PluginManager\DhPluginMgr.exe
(Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029576 2016-10-17] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-04] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Lync\communicator.exe [12120104 2017-08-15] (Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [527864 2012-12-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-04] (AVAST Software)
HKU\S-1-5-21-1220723716-4126832292-3965305388-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3113768 2018-12-04] (Electronic Arts)
HKU\S-1-5-21-1220723716-4126832292-3965305388-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd)
HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3113768 2018-12-04] (Electronic Arts)
HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\Run: [Amazon Music] => C:\Users\Fee-Jonas\AppData\Local\Amazon Music\Amazon Music.exe [23183848 2017-09-19] (Amazon Services LLC)
HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\Run: [MiPhoneManager] => C:\Users\Fee-Jonas\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe [449464 2016-04-07] ()
HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\Run: [Amazon Music Helper] => C:\Users\Fee-Jonas\AppData\Local\Amazon Music\Amazon Music Helper.exe [3977704 2017-09-19] (Amazon Services LLC)
HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49803112 2018-09-21] (Skype Technologies S.A.)
HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd)
HKU\S-1-5-21-1220723716-4126832292-3965305388-1115\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2011-02-18] (On2.com)
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2011-02-18] (On2.com)
HKLM\...\Drivers32-x32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [186368 2014-11-21] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files\Windows Mail\WinMail.exe [2014-11-21] (Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files (x86)\Windows Mail\WinMail.exe [2014-11-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-12-13]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2014-05-18]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\Fee-Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2016-12-21]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-07] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-07] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-07] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-07] (Lavasoft Limited)
Winsock: Catalog9-x64 05 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-07] (Lavasoft Limited)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{E84189D4-3B18-4181-AC1D-0B9941A551E5}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Internet Explorer:
==================
HKU\S-1-5-21-1220723716-4126832292-3965305388-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1220723716-4126832292-3965305388-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://startpage.com/
HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1377645329489&tguid=66920-6787-1377645329489-73988A8FA453A62848B9595AB8BC7DA3&st=chrome&q=
HKU\S-1-5-21-1220723716-4126832292-3965305388-1115\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.certified-toolbar.com?si=&st=bs&tid=6787&ver=4.4&ts=1377645329489&tguid=66920-6787-1377645329489-73988A8FA453A62848B9595AB8BC7DA3&q={searchTerms}
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1377645329489&tguid=66920-6787-1377645329489-73988A8FA453A62848B9595AB8BC7DA3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1220723716-4126832292-3965305388-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1220723716-4126832292-3965305388-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D100715-A166D148A50&form=CONBDF&conlogo=CT3334470&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1220723716-4126832292-3965305388-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1220723716-4126832292-3965305388-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1220723716-4126832292-3965305388-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dnldstr_14_37_ff&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyByCzyyE0EyByByB0DzytN0D0Tzu0SzyzzzztN1L2XzutAtFtAtFtAtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDzy0DtB0BzyyCyDtGzy0F0CtAtGtAtAtAyBtG0E0DzytDtGtBzzyC0C0CyDtC0B0CzytA0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0D0F0F0DtDyByCtGtByE0FtBtGyEyEzz0DtGzytAyCtAtGtA0CtBtCtD0EyDtCtBtBzytB2Q&cr=1404310169&ir=
SearchScopes: HKU\S-1-5-21-1220723716-4126832292-3965305388-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1377645329489&tguid=66920-6787-1377645329489-73988A8FA453A62848B9595AB8BC7DA3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1220723716-4126832292-3965305388-1002 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1377645329489&tguid=66920-6787-1377645329489-73988A8FA453A62848B9595AB8BC7DA3&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Lync\OCHelper.dll [2010-11-03] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-22] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-22] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T27L10NSP32EP5-14362/webex/ieatgpc.cab
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e1j5k7a3.default [2019-01-04]
FF Homepage: Mozilla\Firefox\Profiles\e1j5k7a3.default -> hxxps://startpage.com
FF NewTab: Mozilla\Firefox\Profiles\e1j5k7a3.default -> hxxps://startpage.com
FF Extension: (Avast Online Security) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e1j5k7a3.default\Extensions\wrc@avast.com.xpi [2018-11-19]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e1j5k7a3.default\searchplugins\bing-lavasoft.xml [2015-10-07]
FF HKU\S-1-5-21-1220723716-4126832292-3965305388-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-06] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-22] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1220723716-4126832292-3965305388-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2018-12-29] ()
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-10-17] (Advanced Micro Devices) [Datei ist nicht signiert]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-04] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-04] (AVAST Software)
R2 DeviceHealth; C:\Program Files (x86)\Microsoft Device Health\DhMachineSvc.exe [196760 2015-01-30] (Microsoft Corporation)
R2 DeviceHealthPluginMgr; C:\Program Files (x86)\Microsoft Device Health\PluginManager\DhPluginMgr.exe [244376 2015-01-30] (Microsoft Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe [405392 2018-12-11] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2270528 2018-12-04] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3131208 2018-12-04] (Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176632 2018-05-14] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305544 2016-10-18] (Advanced Micro Devices)
R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37304 2019-01-04] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [203488 2019-01-04] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [220688 2019-01-04] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196264 2019-01-04] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320888 2019-01-04] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58160 2019-01-04] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239808 2019-01-04] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46584 2019-01-04] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42488 2019-01-04] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166472 2019-01-04] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111992 2019-01-04] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88144 2019-01-04] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034056 2019-01-04] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474648 2019-01-04] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218056 2019-01-04] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380144 2019-01-04] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 vpnva; C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys [50128 2012-12-10] (Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
R1 {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}w64; C:\WINDOWS\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}w64.sys [44688 2014-09-19] (StdLib)
S2 APXACC; \SystemRoot\system32\DRIVERS\appexDrv.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2019-01-04 22:20 - 2019-01-04 22:20 - 000021634 _____ C:\Users\Admin\Desktop\FRST.txt
2019-01-04 22:19 - 2019-01-04 22:01 - 002426368 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2019-01-04 22:02 - 2019-01-04 22:03 - 000065511 _____ C:\Users\Fee-Jonas\Desktop\Addition.txt
2019-01-04 22:01 - 2019-01-04 22:20 - 000000000 ____D C:\FRST
2019-01-04 22:01 - 2019-01-04 22:03 - 000035312 _____ C:\Users\Fee-Jonas\Desktop\FRST.txt
2019-01-04 22:01 - 2019-01-04 22:01 - 002426368 _____ (Farbar) C:\Users\Fee-Jonas\Desktop\FRST64.exe
2019-01-04 21:51 - 2019-01-04 21:51 - 000361352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-01-04 21:51 - 2019-01-04 21:50 - 000320888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-01-04 21:51 - 2019-01-04 21:50 - 000220688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-01-04 21:51 - 2019-01-04 21:50 - 000196264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-01-04 21:51 - 2019-01-04 21:50 - 000058160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-01-04 21:51 - 2019-01-04 21:50 - 000037304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2018-12-28 00:30 - 2018-12-28 19:29 - 000000000 ____D C:\Users\Fee-Jonas\Documents\Shadow of the Tomb Raider
2018-12-28 00:30 - 2018-12-28 00:30 - 000000000 ____D C:\Users\Fee-Jonas\AppData\Roaming\Eidos Montreal
2018-12-28 00:30 - 2018-12-28 00:30 - 000000000 ____D C:\Users\Fee-Jonas\AppData\Local\NVIDIA Corporation
2018-12-20 13:53 - 2018-12-14 08:38 - 000790016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-20 13:53 - 2018-12-14 07:33 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-16 18:05 - 2018-12-16 18:05 - 000002115 _____ C:\Users\Public\Desktop\WISO steuer Sparbuch 2019.lnk
2018-12-16 18:05 - 2018-12-16 18:05 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Buhl
2018-12-16 18:05 - 2018-12-16 18:05 - 000000000 ____D C:\Users\Admin\AppData\Local\wmain19
2018-12-16 18:05 - 2018-12-16 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Sparbuch 2019
2018-12-14 16:08 - 2018-12-14 16:08 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2018-12-14 16:08 - 2018-12-14 16:08 - 000000000 ____D C:\Users\Fee-Jonas\AppData\Local\Notepad++
2018-12-14 16:08 - 2018-12-14 16:08 - 000000000 ____D C:\Users\Admin\AppData\Local\Notepad++
2018-12-14 11:06 - 2018-11-28 10:39 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2018-12-14 11:06 - 2018-11-28 09:08 - 015441408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-12-14 11:06 - 2018-11-28 09:04 - 013322240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-12-14 11:06 - 2018-11-15 04:00 - 025735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-12-14 11:06 - 2018-11-15 03:34 - 020281856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-12-14 11:06 - 2018-11-15 02:51 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-12-14 11:06 - 2018-11-15 02:50 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-12-14 11:06 - 2018-11-13 05:35 - 005778944 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-12-14 11:06 - 2018-11-13 05:00 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-12-14 11:06 - 2018-11-13 04:52 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-12-14 11:06 - 2018-11-13 04:51 - 015284736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-12-14 11:06 - 2018-11-13 04:43 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-12-14 11:06 - 2018-11-13 04:42 - 004494848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-12-14 11:06 - 2018-11-13 04:38 - 013681152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-12-14 11:06 - 2018-11-13 04:38 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-12-14 11:06 - 2018-11-13 04:37 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-12-14 11:06 - 2018-11-13 04:27 - 001555968 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-12-14 11:06 - 2018-11-13 04:18 - 004386816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-12-14 11:06 - 2018-11-13 04:16 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-12-14 11:06 - 2018-11-13 04:15 - 001330176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-12-14 11:06 - 2018-11-13 04:14 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-12-14 11:06 - 2018-11-10 20:42 - 001368584 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-12-14 11:06 - 2018-11-10 20:36 - 007371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-12-14 11:06 - 2018-11-10 20:25 - 000121288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-12-14 11:06 - 2018-11-10 19:54 - 001308456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-12-14 11:06 - 2018-11-10 19:53 - 000356088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-12-14 11:06 - 2018-11-10 17:34 - 001754112 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-12-14 11:06 - 2018-11-10 17:25 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2018-12-14 11:06 - 2018-11-10 17:22 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-12-14 11:06 - 2018-11-10 17:15 - 001491968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-12-14 11:06 - 2018-11-03 19:28 - 002532344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-12-14 11:06 - 2018-11-03 18:41 - 001903456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-12-14 11:06 - 2018-11-03 16:25 - 002348032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-12-14 11:06 - 2018-11-03 16:11 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-12-14 11:06 - 2018-10-06 17:43 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-12-14 11:06 - 2018-10-06 17:13 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-12-14 11:06 - 2018-10-05 18:06 - 001200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-12-14 11:06 - 2018-10-05 18:06 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-12-14 11:06 - 2018-10-05 17:20 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-12-14 11:06 - 2018-10-05 17:20 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2018-12-14 11:06 - 2018-10-05 16:18 - 000513376 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-12-14 11:06 - 2018-10-05 16:18 - 000513376 _____ C:\WINDOWS\system32\locale.nls
2018-12-13 11:42 - 2018-12-13 11:42 - 000001980 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2018-12-13 11:42 - 2018-12-13 11:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2018-12-13 11:41 - 2018-12-27 17:03 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2018-12-09 07:24 - 2019-01-03 22:37 - 000000000 ____D C:\Users\Fee-Jonas\AppData\Local\CrashDumps
2018-12-06 14:37 - 2018-12-06 14:37 - 006351872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2019-01-04 22:15 - 2012-12-30 06:25 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1220723716-4126832292-3965305388-1001
2019-01-04 22:10 - 2015-11-28 00:24 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Raptr
2019-01-04 21:55 - 2016-11-18 21:36 - 000000000 ____D C:\Users\Fee-Jonas\AppData\LocalLow\Mozilla
2019-01-04 21:54 - 2015-11-28 00:27 - 000000000 ____D C:\Users\Fee-Jonas\AppData\Roaming\Raptr
2019-01-04 21:54 - 2014-11-14 22:14 - 000000454 _____ C:\WINDOWS\Tasks\微软设备健康助手开机检测.job
2019-01-04 21:54 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-04 21:53 - 2015-11-28 00:44 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-01-04 21:52 - 2017-04-22 06:43 - 000003910 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-01-04 21:51 - 2018-05-05 05:58 - 000239808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-01-04 21:51 - 2018-05-05 05:58 - 000203488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-01-04 21:51 - 2016-03-28 23:42 - 000042488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-01-04 21:51 - 2014-05-04 20:22 - 000046584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2019-01-04 21:51 - 2013-12-23 16:20 - 000218056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-01-04 21:51 - 2013-04-11 21:56 - 000474648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-01-04 21:51 - 2013-04-11 21:56 - 000380144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-01-04 21:51 - 2013-04-11 21:56 - 000166472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-01-04 21:51 - 2013-04-11 21:56 - 000111992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-01-04 21:51 - 2013-04-11 21:56 - 000088144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-01-04 21:50 - 2013-04-11 21:56 - 001034056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-01-04 21:44 - 2014-08-11 20:22 - 000000470 _____ C:\WINDOWS\Tasks\微软设备健康助手自动更新.job
2019-01-04 21:30 - 2015-02-14 07:54 - 000000476 _____ C:\WINDOWS\Tasks\微软设备健康助手设备检查.job
2019-01-04 21:13 - 2018-09-06 17:06 - 000003870 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-01-04 21:13 - 2017-08-13 07:26 - 000002778 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-01-04 21:13 - 2016-10-25 21:21 - 000004238 _____ C:\WINDOWS\System32\Tasks\AMD Updater
2019-01-04 21:13 - 2016-10-25 18:55 - 000003906 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BCFF598A-9863-4AE8-8D7E-FDDA574760FE}
2019-01-04 21:13 - 2016-10-24 22:54 - 000003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{83FB303E-983C-49AF-9DF9-B4C660AC815C}
2019-01-04 21:13 - 2016-06-11 20:12 - 000000000 ____D C:\Users\Fee-Jonas\AppData\Roaming\Factorio
2019-01-04 21:13 - 2015-12-03 17:40 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-01-04 21:13 - 2015-02-14 07:54 - 000003386 _____ C:\WINDOWS\System32\Tasks\微软设备健康助手设备检查
2019-01-04 21:13 - 2014-11-14 22:14 - 000002790 _____ C:\WINDOWS\System32\Tasks\微软设备健康助手开机检测
2019-01-04 21:13 - 2014-09-14 16:48 - 000003290 _____ C:\WINDOWS\System32\Tasks\ASP
2019-01-04 21:13 - 2014-08-11 20:22 - 000003380 _____ C:\WINDOWS\System32\Tasks\微软设备健康助手自动更新
2019-01-04 21:13 - 2014-01-23 17:21 - 000004136 _____ C:\WINDOWS\System32\Tasks\Software Updater Ui
2019-01-04 21:13 - 2014-01-12 13:04 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1220723716-4126832292-3965305388-1115
2019-01-04 21:13 - 2013-08-28 00:15 - 000004196 _____ C:\WINDOWS\System32\Tasks\Software Updater
2019-01-04 21:13 - 2012-12-29 23:48 - 000004342 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-01-04 20:50 - 2013-12-28 13:55 - 000000000 ____D C:\Program Files (x86)\Steam
2019-01-04 14:18 - 2016-10-24 22:26 - 000433648 _____ C:\WINDOWS\system32\prfh0804.dat
2019-01-04 14:18 - 2016-10-24 22:26 - 000132582 _____ C:\WINDOWS\system32\prfc0804.dat
2019-01-04 14:18 - 2014-11-21 04:35 - 002335906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-04 14:18 - 2014-11-21 03:45 - 000758136 _____ C:\WINDOWS\system32\perfh007.dat
2019-01-04 14:18 - 2014-11-21 03:45 - 000156398 _____ C:\WINDOWS\system32\perfc007.dat
2019-01-04 14:18 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2019-01-03 23:14 - 2013-08-22 14:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2019-01-03 11:15 - 2013-07-22 18:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-12-30 00:07 - 2012-12-30 00:31 - 000000000 ____D C:\Users\Fee-Jonas\AppData\Local\Ubisoft Game Launcher
2018-12-20 14:38 - 2012-07-26 08:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-20 13:47 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-18 19:58 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\rescache
2018-12-18 18:47 - 2012-12-30 13:10 - 000000000 ____D C:\ProgramData\Origin
2018-12-18 18:47 - 2012-12-30 13:10 - 000000000 ____D C:\Program Files (x86)\Origin
2018-12-17 18:06 - 2012-12-30 06:29 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1220723716-4126832292-3965305388-1002
2018-12-16 18:05 - 2016-10-25 21:10 - 000000000 ____D C:\Users\Admin\AppData\Local\AMD
2018-12-16 18:05 - 2014-05-18 14:25 - 000000000 ____D C:\Users\Admin\AppData\Local\Buhl
2018-12-16 18:00 - 2014-05-18 14:23 - 000000000 ____D C:\Program Files (x86)\WISO
2018-12-16 18:00 - 2012-12-29 23:42 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-12-16 17:55 - 2014-05-18 14:22 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH
2018-12-16 15:31 - 2015-12-20 21:40 - 000000000 ____D C:\Users\Fee-Jonas\Documents\Paradox Interactive
2018-12-16 15:18 - 2016-11-17 20:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-12-16 15:18 - 2012-12-29 23:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-14 19:10 - 2012-12-29 23:44 - 000001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-12-14 16:34 - 2013-08-22 15:44 - 000527816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-14 16:08 - 2016-02-03 22:14 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Notepad++
2018-12-13 14:32 - 2012-12-29 23:38 - 137260640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-12-13 14:27 - 2012-07-26 06:26 - 000000269 _____ C:\WINDOWS\win.ini
2018-12-13 11:42 - 2015-11-25 19:16 - 000000000 ____D C:\Program Files\McAfee Security Scan
2018-12-06 14:37 - 2018-03-16 18:48 - 000004514 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-12-06 14:37 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-12-06 14:37 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-04-13 12:58 - 2014-04-13 12:58 - 000001078 _____ () C:\Users\Admin\AppData\Roaming\base64.cer
2016-10-24 20:48 - 2016-10-24 20:48 - 000000046 _____ () C:\Users\Admin\AppData\Roaming\WB.CFG
2013-06-03 15:18 - 2013-06-03 15:18 - 000001244 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2019-01-03 23:38
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01.01.2019
durchgeführt von Admin (04-01-2019 22:21:22)
Gestartet von C:\Users\Admin\Desktop
Windows 8.1 Pro (Update) (X64) (2016-10-24 21:38:50)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Admin (S-1-5-21-1220723716-4126832292-3965305388-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-1220723716-4126832292-3965305388-500 - Administrator - Disabled)
Dirk (S-1-5-21-1220723716-4126832292-3965305388-1115 - Limited - Enabled) => C:\Users\Dirk
Fee-Jonas (S-1-5-21-1220723716-4126832292-3965305388-1002 - Limited - Enabled) => C:\Users\Fee-Jonas
Gast (S-1-5-21-1220723716-4126832292-3965305388-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
ACP Application (HKLM\...\{7887FB96-80EA-BDAE-A5E4-A9C8C3ED7093}) (Version: 2016.1017.2209.52 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\Amazon Amazon Music) (Version: 6.0.1.1166 - Amazon Services LLC)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Angry Birds (HKLM-x32\...\{A353543A-B1EB-48E1-A719-A88A68BFA555}) (Version: 4.0.0 - Rovio Entertainment Ltd.)
Angry Birds (HKLM-x32\...\{DE96EDE7-7D0A-49D7-9C11-121BA91F84E0}) (Version: 3.3.0 - Rovio Entertainment Ltd.)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Catalyst Control Center Next Localization BR (HKLM\...\{30BEC4F9-FB2F-3C5D-FBB4-B47DB23271C9}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{9B9E3989-EB86-7D86-39C8-64795A9F30D9}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{E8316EE7-97E5-80F1-B8BE-DDCC225244AC}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{8D9B427F-697E-D95F-059A-1E3E669998A1}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{9DE7A3B1-4B80-8F11-1A0B-F92CC2B06781}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{84035ED3-8E29-59E2-F648-8F07212078C8}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{2A3AE3B3-4E31-A203-8D27-655D950805C1}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{FC32D676-C95A-01BE-037E-98E0259094CC}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{362F7ED0-CC19-BDDE-F804-A718C49797E0}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{88F8B3EF-6947-A693-BEA6-D6A51466371F}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{A0FD84CD-6E95-7D76-2D96-7233B58D0ABD}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{C5A8698A-F510-5BF3-538C-6721D373D274}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{FCC2674A-94F1-A4ED-2CE1-FC2401E559CC}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{F65E03FF-F1ED-D59A-507A-F3D3F1AEED43}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{BB4D999E-5199-D422-0B07-015E97E0E0A0}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{98E1DA10-0656-3266-C88E-1E2F49E9FE19}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{F8082754-11C3-F178-08BD-0F91E89C14C6}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{E3884E2A-224E-8238-EC3F-8F2850D5A1FF}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{BE4FCA73-4411-6FA9-DFA9-B29A8F1E4B36}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{8A63B449-330C-CE77-3D2C-1BC6FA9CD511}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{EC463366-E74D-2630-72D9-74228C2190D9}) (Version: 2016.1017.2223.38477 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.0.11042 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{4B3AF51F-830F-409F-AE05-FB67040C90B6}) (Version: 3.0.11042 - Cisco Systems, Inc.) Hidden
Cisco WebEx Meetings (HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Die Siedler 7 (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 70er, 80er & 90er Accessoires (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Inselparadies (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
Die Sims™ 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Katy Perry Süße Welt (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.13.1 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Die Sims™ 3 Stadt-Accessoires (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts)
Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.44.83.1020 - Electronic Arts Inc.)
Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000004}) (Version: 11.0.0 - Adobe Systems Incorporated)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
Greenshot 1.1.5.2643 (HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\Greenshot_is1) (Version: 1.1.5.2643 - Greenshot)
GSview 5.0 (HKLM\...\GSview 5.0) (Version: 5.0 - Ghostgum Software Pty Ltd)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
JabRef 2.9.2 (HKLM-x32\...\JabRef 2.9.2) (Version: 2.9.2 - JabRef Team)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
KODAK Create@Home Software (für dm) (HKLM-x32\...\{398AC289-E8BE-4FC2-99B5-AC6DB0640FC7}) (Version: 9.1.0392 - Kodak Alaris Inc.)
Leisure Suit Larry Reloaded (HKLM-x32\...\{E58E79EB-96BC-4BC2-A0E7-9CC28ECF4E1A}) (Version: 1.0.0.0 - Replay Games Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.895.1 - McAfee, Inc.)
Microsoft Lync 2010 (HKLM\...\{58A013B1-1613-4978-881A-FCA43710C84A}) (Version: 4.0.7577.4540 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 64.0 (x64 de) (HKLM\...\Mozilla Firefox 64.0 (x64 de)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.9 - Notepad++ Team)
Origin (HKLM-x32\...\Origin) (Version: 10.5.32.18460 - Electronic Arts, Inc.)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
R for Windows 3.0.0 (HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\R for Windows 3.0.0_is1) (Version: 3.0.0 - R Core Team)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games)
RollerCoaster Tycoon 2 Triple Thrill Pack (HKLM-x32\...\{4C5D15D2-5351-4F05-A96E-56C20554F977}) (Version: 1.00.000 - )
s3pe - Sims3 Package Editor (HKLM-x32\...\s3pe) (Version: 12-1225-1206 - Peter L Jones)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Secure Download Manager (HKLM-x32\...\{AA57D6F1-6360-4397-B2D9-B21C69863D97}) (Version: 3.1.0 - Kivuto Solutions Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Version 8.31 (HKLM-x32\...\Skype_is1) (Version: 8.31 - Skype Technologies S.A.)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeXnicCenter Version 2.0 Beta 1 (HKLM\...\TeXnicCenter_is1) (Version: 2.0 Beta 1 - The TeXnicCenter Team)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.5 - Electronic Arts)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 14.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.21.0 (HKLM\...\VulkanRT1.0.21.0) (Version: 1.0.21.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-10) (Version: 1.0.26.0 - LunarG, Inc.)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WISO steuer:Sparbuch 2016 (HKLM-x32\...\{08459FDC-0106-4B93-AD0F-4111DA9C4FD3}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2017 (HKLM-x32\...\{8B75DEB9-A7A3-4E7E-A80B-C982B8894E7F}) (Version: 24.05.1582 - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2018 (HKLM-x32\...\{061BEF8E-5B59-45C6-A598-EDB81FC38AFB}) (Version: 25.03.1550 - Buhl Data Service GmbH)
WISO steuer:Sparbuch 2019 (HKLM-x32\...\{42E59B2F-EA74-4898-AACF-A62F7C90EEE2}) (Version: 26.00.1560 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{8FDA5FAB-BF29-4744-B9BD-9C3F9A26F0B6}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{8A6497B9-EF0C-48F9-9D82-7EE4511FA6B4}) (Version: 22.08.9051 - Buhl Data Service GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
小米助手 (HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\MiPhoneManager) (Version: - 小米移动软件有限公司)
微软设备健康助手 (HKLM-x32\...\{2EAC4B0F-6E44-4FF6-AA5E-5D100F2BAA59}) (Version: 1.5.3.1 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-04] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-04] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2015-04-15] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-04] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-05] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-05] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-04] (AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-10-17] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-04] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-05] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-05] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {29BAEA52-F7C7-4A2E-94F9-4457AD0E5201} - System32\Tasks\微软设备健康助手设备检查 => C:\Program Files (x86)\Microsoft Device Health\PluginManager\DhPluginMgrScheduler.exe [2015-01-30] (Microsoft Corporation)
Task: {348188BD-B2FF-486F-847C-D14B5DEBAE16} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-06] (Piriform Ltd)
Task: {4CEBAF22-9EBD-4BD3-8E7C-B4991475DA89} - System32\Tasks\ASP => C:\Program Files (x86)\RCP\systweakasp.exe
Task: {5A26CFFB-388F-4F96-9B9E-DD8AF02DDA56} - System32\Tasks\微软设备健康助手开机检测 => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exe [2015-01-30] (Microsoft Corporation)
Task: {68D72534-72E8-46D6-989F-F78C44CED384} - \Microsoft\Windows\Setup\EOSNotify -> Keine Datei <==== ACHTUNG
Task: {7A986F2A-4B42-4A7E-9C90-0BD6BB8F3651} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-04] (AVAST Software)
Task: {853AEED7-EBAD-4FDC-824E-953303A9D6A0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-06] (Adobe Systems Incorporated)
Task: {AC885A5D-128A-4B56-88C9-01560593E036} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-06] (Piriform Ltd)
Task: {ACF07987-306C-4031-BFBC-04337D1AD8E8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-06] (Adobe Systems Incorporated)
Task: {BD7EB177-0D70-45AA-92F7-167D126E29C4} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-12-18] () <==== ACHTUNG
Task: {BD8F20F8-0DCA-46DD-A2E0-D7ABC9DEED39} - System32\Tasks\微软设备健康助手自动更新 => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exe [2015-01-30] (Microsoft Corporation)
Task: {D44489A7-7A11-4E92-B824-5AE24E839A69} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-12-19] () <==== ACHTUNG
Task: {D7616AB8-6967-47CE-BECD-AC3618293336} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-10-17] (Advanced Micro Devices, Inc.)
Task: {D9E770AE-466E-4AA7-BD27-8A2F4078C917} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe
Task: {E4493513-980A-4B9C-A25A-9A0AF78A26E3} - System32\Tasks\SafeZone scheduled Autoupdate 1459280326 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {F799ABC8-7C43-427E-8AE1-FB4AECFDDC42} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-11-18] (AVAST Software)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\微软设备健康助手开机检测.job => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exe/EnableDHWORKGROUP\DJ$H此任务用于微软设备健康助手的状态检测和自我修复。了解更多请查阅hxxp:/support.microsoft.com
Task: C:\WINDOWS\Tasks\微软设备健康助手自动更新.job => C:\Program Files (x86)\Microsoft Device Health\DhUpdate.exeWORKGROUP\DJ$Z此服务属于微软设备健康助手用于获取最新的版本有助于提高设备健康度及保障支付安全。了解更多请查阅hxxp:/support.microsoft.com
Task: C:\WINDOWS\Tasks\微软设备健康助手设备检查.job => C:\Program Files (x86)\Microsoft Device Health\PluginManager\DhPluginMgrScheduler.exeWORKGROUP\DJ$C此任务用于微软设备健康助手的设备检查。了解更多请查阅hxxp:/support.microsoft.com
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2018-11-20 04:46 - 2018-11-20 04:46 - 004310296 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-09-14 02:20 - 2016-09-14 02:20 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 02:20 - 2016-09-14 02:20 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 02:20 - 2016-09-14 02:20 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 02:20 - 2016-09-14 02:20 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:20 - 2016-09-14 02:20 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:20 - 2016-09-14 02:20 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-01-04 21:51 - 2019-01-04 21:51 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-04 21:51 - 2019-01-04 21:51 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2015-05-08 02:37 - 2015-05-08 02:37 - 000087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 005812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2017-05-04 20:01 - 2017-05-04 20:01 - 000067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 001662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2015-05-08 02:38 - 2015-05-08 02:38 - 000110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2015-05-08 02:37 - 2015-05-08 02:37 - 000010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2015-05-08 02:49 - 2015-05-08 02:49 - 000417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2015-05-08 02:39 - 2015-05-08 02:39 - 000167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-11-13 22:59 - 2015-11-13 22:59 - 000113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-11-13 22:59 - 2015-11-13 22:59 - 002396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2015-05-08 02:37 - 2015-05-08 02:37 - 000583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2015-05-08 02:38 - 2015-05-08 02:38 - 000354304 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pythoncom26.dll
2015-05-08 02:38 - 2015-05-08 02:38 - 000263168 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32com.shell.shell.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2017-05-04 18:33 - 2017-05-04 18:33 - 002717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2015-05-08 02:49 - 2015-05-08 02:49 - 001213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2015-05-08 02:55 - 2015-05-08 02:55 - 000055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 001183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 001306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 001640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 001053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Application Data:BDSDRMHK [64]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1220723716-4126832292-3965305388-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1220723716-4126832292-3965305388-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2012-07-26 06:26 - 2019-01-04 10:49 - 000000909 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1220723716-4126832292-3965305388-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img9.jpg
HKU\S-1-5-21-1220723716-4126832292-3965305388-1115\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img2.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.
HKLM\...\StartupApproved\StartupFolder: => "WISO Mein Steuer-Sparbuch heute.lnk"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
HKLM\...\StartupApproved\Run32: => "BingDesktop"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Communicator"
HKLM\...\StartupApproved\Run32: => "PowerDVD13Agent"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKU\S-1-5-21-1220723716-4126832292-3965305388-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\StartupApproved\Run: => "MiPhoneManager"
HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-1220723716-4126832292-3965305388-1002\...\StartupApproved\Run: => "Skype for Desktop"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{35C567F3-7CF1-40E9-89A3-31DB2F0F22D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe (Firaxis Games)
FirewallRules: [{9B1CDE4D-46BB-40BD-ACCA-1FCC1DA7C2E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe (Firaxis Games)
FirewallRules: [{4B85539D-04FF-4373-8389-93A64883293D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc)
FirewallRules: [{08A0A7E9-A27F-4F88-9DE1-DA2A2948CF9D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc)
FirewallRules: [{C2928E61-ADCE-4603-BEA9-986A8C202ED1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc)
FirewallRules: [{A3CC7995-FBBB-4162-8F12-F10A0FA8B125}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc)
FirewallRules: [{46376749-B120-44FC-913A-EA065B71DD23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe (Wube Software)
FirewallRules: [{849B267E-F9A0-47B1-87B7-21817D77BA4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe (Wube Software)
FirewallRules: [{5BE81491-6998-4C34-9E64-EF92A27F2ADF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe)
FirewallRules: [{6FDF3ACA-8CF0-41E7-9DB0-4D0D7A397044}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe)
FirewallRules: [{A6BCAB39-747D-4D57-B164-8D599C351E6B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe (Paradox Interactive)
FirewallRules: [{4F3ED3C0-90D8-4AC7-B724-675218A3923D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe (Paradox Interactive)
FirewallRules: [{CA34D051-FD94-49C8-A2F4-DE0BA452C4EF}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.)
FirewallRules: [{8CD08CC4-BBA5-4A01-B924-65203713203D}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.)
FirewallRules: [{7BCA1CD4-A960-408A-A410-9AC94575425F}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.)
FirewallRules: [{D0EF42A2-2798-4C49-B1BE-144C457E88D6}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.)
FirewallRules: [UDP Query User{8EE7D225-6D80-4194-89DF-A150FFD5999E}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games)
FirewallRules: [TCP Query User{6F8569D3-D981-4D79-8C6A-095D5087F3AE}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games)
FirewallRules: [{B80B4D8F-E2F9-4DA4-8AAA-6EBFA82632F1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games)
FirewallRules: [{A9A4CEDD-0AC2-447B-988D-4B69A57B0875}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games)
FirewallRules: [{D5F5886E-1899-437F-8B87-DC8F9D3B8A66}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe (Kalloc Studios)
FirewallRules: [{E765B512-B8D4-4104-A0CD-F848EB1F6DA4}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe (Kalloc Studios)
FirewallRules: [{A7D7F089-AB99-4C55-AEA5-CBA6C2D2BC99}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V SDK\Sid Meier's Civilization V SDK.exe (Firaxis Games)
FirewallRules: [{A0F4EDE8-C2A9-4FE9-9291-A988196EA9CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V SDK\Sid Meier's Civilization V SDK.exe (Firaxis Games)
FirewallRules: [{5180F337-DD43-4415-871B-8C980D3AEF16}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{A0F27069-F03B-4121-A36A-D74A7E0678EC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{2ABF4180-E2A2-40A2-B47D-B1054A159443}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{C0313060-1A1C-4784-BF6B-80A220C87559}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{98568E65-842B-4371-BE3E-DFEA03E61D8C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 2\rct2.exe ()
FirewallRules: [{69F3A20E-317C-4DB0-B9FB-B988F9374BA8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 2\rct2.exe ()
FirewallRules: [UDP Query User{59C4E3E5-70FC-4AEE-99B6-C815A020DB5D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{69B1CE15-78E9-4353-8539-86F7BC0C889B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{BF91454A-EDE4-42FB-A813-1AA3F41B586F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{2EC79FDE-76CE-4DE0-AEB6-D2758D7E951D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{6AC96074-B814-45A7-8905-8A995EC46A28}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Majesty 2 Collection\M2Editor.exe (Paradox Interactive)
FirewallRules: [{E27A6668-454C-429D-916C-E0CFBAFDA894}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Majesty 2 Collection\M2Editor.exe (Paradox Interactive)
FirewallRules: [{B4DBA89C-B59C-423C-B142-8AC74987D6B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Majesty 2 Collection\majesty2.exe (Paradox Interactive)
FirewallRules: [{C5892ABF-05F1-4857-8FC6-424ED98D75D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Majesty 2 Collection\majesty2.exe (Paradox Interactive)
FirewallRules: [{8A48104C-352A-4FC2-932E-6595BD3EAEE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games)
FirewallRules: [{49B1A5F7-94FE-434A-B558-65C879448A03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games)
FirewallRules: [{794C7B5F-CA7E-439A-A8AB-297DE4708F81}] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net)
FirewallRules: [{36A68294-606C-46AA-AB53-89EDFBDA3963}] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net)
FirewallRules: [{1ED55816-E41F-43C2-A22E-A5DB1401E3C4}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts Inc.)
FirewallRules: [{A8E8F4B9-DE35-47B8-BF7A-117C10B2A801}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts Inc.)
FirewallRules: [UDP Query User{5F33D9D7-60F2-4E22-BA1C-59C61822D158}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net)
FirewallRules: [TCP Query User{9DD4BE5B-DDFE-4751-9C8D-4600C40EB6B7}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net)
FirewallRules: [UDP Query User{EC323057-C2D8-4165-A426-859EBE0B2BD2}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net)
FirewallRules: [TCP Query User{9C6801B4-699A-4C80-9B46-1F1A4C557CCA}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net)
FirewallRules: [{517AB619-62F3-434E-A709-902C2C445003}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe ()
FirewallRules: [{7C40BB27-9C05-4F72-81EF-630C8B223C0A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe ()
FirewallRules: [UDP Query User{F6B506EB-3A67-4737-BA6F-15CD1F43D00F}C:\users\fee-jonas\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\fee-jonas\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (深圳市迅雷网络技术有限公司)
FirewallRules: [TCP Query User{62067B4F-63AC-4156-A3D8-0225F927DB27}C:\users\fee-jonas\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\fee-jonas\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (深圳市迅雷网络技术有限公司)
FirewallRules: [UDP Query User{2ADE8DB1-A6F0-4374-A72D-AF49ED685818}C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe (Firaxis Games)
FirewallRules: [TCP Query User{97AE8AB3-0709-41C0-8AD1-3A7B11AEE071}C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe (Firaxis Games)
FirewallRules: [{12011AD8-3027-435F-B83E-42523A317F08}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Sword 5\BS5.exe ()
FirewallRules: [{86B3EE9D-0FCA-448C-AFDC-B3A4E33C7EAB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Broken Sword 5\BS5.exe ()
FirewallRules: [{D04ECCE2-6300-4D86-9275-1791D9A16909}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Child of Light\ChildofLight.exe (Ubisoft Entertainment)
FirewallRules: [{FA4B3C7E-175D-406D-9583-63958ED4058A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Child of Light\ChildofLight.exe (Ubisoft Entertainment)
FirewallRules: [{2B07A67C-93A1-4DA9-8742-FF7C90630F69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Child of Light\ChildofLight.exe (Ubisoft Entertainment)
FirewallRules: [{8F60659D-F648-40C0-A6C5-3CC6AF18E177}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Child of Light\ChildofLight.exe (Ubisoft Entertainment)
FirewallRules: [{E8903BD4-DFC3-4C44-858A-5865B03C32C8}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment)
FirewallRules: [{3505F9AC-29FF-4E02-837C-39F54416209A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment)
FirewallRules: [{0158AC7C-B0D4-4980-94BC-C99D3702A9B7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment)
FirewallRules: [{5B7FC0E3-EF69-4777-A798-B3D0B8145BC7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment)
FirewallRules: [{8B957F90-B01B-4CC1-B5F1-00B970A6CFA4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe ()
FirewallRules: [{1F872B3F-64D8-4603-89FB-6DE719E229D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe ()
FirewallRules: [{95F6C533-BDD7-421A-8EE1-D0EF09320BB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe (© 2001-2004 Atari Inc.)
FirewallRules: [{D8391D95-77BC-4DE2-9AFE-DAED847D81D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe (© 2001-2004 Atari Inc.)
FirewallRules: [{E6E5D0E1-D522-4C4D-8D3F-572BA8A1EA23}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{7BA32A37-35FE-4F92-AC54-DAF315441905}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{77F6D77A-57E6-40F6-B43D-396572877D5F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Patrician III\Patrician3.exe ()
FirewallRules: [{8598849B-5692-44B1-A535-78F06DDC5860}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Patrician III\Patrician3.exe ()
FirewallRules: [{A51980E4-8EB7-48B8-8208-DFAC17790DCD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{A4903764-3E0B-4A45-9C36-11AC0DE3B404}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe (Square Enix)
FirewallRules: [{F92D22E8-AE53-4965-BC69-5570AC7C2FAA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe (Square Enix)
FirewallRules: [{6AAF5026-9A11-4C48-8370-F8A708A44D3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe (Square Enix)
FirewallRules: [{B27EB7EF-70C9-4B86-8276-35C629484CA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tomb Raider\TombRaider.exe (Square Enix)
FirewallRules: [{EE6DC100-0555-4055-A6EC-A0752D917554}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{5090822F-3D48-4AC5-9A5D-BC5B831936D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{5E730218-813F-4B82-8E0E-900A04DD231E}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe ()
FirewallRules: [{6FB6B92F-C350-4951-A646-104C0C9806EF}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe ()
FirewallRules: [{0497AD3F-437A-46D0-8F64-48F16D32BBF6}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe (Related Designs Software)
FirewallRules: [{E9AB5ACC-F372-4DB8-BC37-C9FBE8FE29E3}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe (Related Designs Software)
FirewallRules: [{D80FB71C-8FE3-44EF-9CBA-B2CF84A4CAA2}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe (Related Designs)
FirewallRules: [{0B311919-FB5F-418A-A7DA-90EB39A09F3E}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe (Related Designs)
FirewallRules: [{0440C23E-D2C1-4385-B451-C04B6DDC151E}] => (Allow) C:\Program Files (x86)\Origin Games\Leisure Suit Larry Reloaded\LarryReloaded.exe ()
FirewallRules: [{9807388E-9413-418A-8A48-49EB01F77C2C}] => (Allow) C:\Program Files (x86)\Origin Games\Leisure Suit Larry Reloaded\LarryReloaded.exe ()
FirewallRules: [{9EB501F7-35E2-41DE-9D76-EDB765F71D72}] => (Allow) C:\Program Files\Microsoft Lync\UcMapi64.exe (Microsoft Corporation)
FirewallRules: [{1197133B-F0B3-43D7-A0AF-629699D2E30C}] => (Allow) C:\Program Files (x86)\Microsoft Lync\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{B20E9C77-03EC-4606-82FE-557F147B2B68}] => (Allow) C:\Program Files (x86)\Microsoft Lync\communicator.exe (Microsoft Corporation)
FirewallRules: [{C1EADE61-F16F-4408-985E-1BEF2E829F3F}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe Keine Datei
FirewallRules: [{0EC2D455-E54A-4BCF-B47F-B38EE2DF3AA0}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe Keine Datei
FirewallRules: [{964592D3-7FD3-407B-BA6A-6417032DC3F1}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe (Blizzard Entertainment)
FirewallRules: [{D1F23160-5444-4D0C-A107-142709C0BF5A}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe (Blizzard Entertainment)
FirewallRules: [{3D8B7995-AC56-4231-B0BE-5E471B8CD67D}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe ()
FirewallRules: [{88A5029B-7699-4C8A-B5A6-1B325BF94EA1}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe ()
FirewallRules: [{CF5B8186-E0F9-48D8-92AE-022EBC68D5E6}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe (Blizzard Entertainment)
FirewallRules: [{49D218F6-2711-4B0F-BC6A-FE39852EE275}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe (Blizzard Entertainment)
FirewallRules: [{C6A2CE4C-4209-4BD0-9CF2-7FD805EA79B0}] => (Allow) C:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe (Blue Byte GmbH)
FirewallRules: [{475BA0BD-7941-48AF-9268-78013566E689}] => (Allow) C:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe (Blue Byte GmbH)
FirewallRules: [{450F3EB1-77B8-4087-8ADF-468FA4568D35}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft)
FirewallRules: [{A66BDF75-89AA-4C2C-ADEE-175A5319D3DA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft)
FirewallRules: [TCP Query User{A62A1FB7-6398-4CF6-B776-80EF377ED3CB}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net)
FirewallRules: [UDP Query User{4B0D32E9-D3CA-49A8-BB6C-6DCC50A61A07}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net)
FirewallRules: [{3E83A775-1350-4BB1-98C3-FEA43746BEEC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{07790045-0A6F-4450-B2BD-297C9E3807C3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{5F869C59-C40F-4BDA-A0D4-93B250BF4BA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe ()
FirewallRules: [{67EBC907-1667-4BDD-8847-C092E27276D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe ()
FirewallRules: [{D8940C63-C63D-4053-BD0C-B2F496484620}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold 2\Stronghold2.exe (Firefly Studios)
FirewallRules: [{9A44F270-2F93-47F4-B134-630F6FCAE0F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold 2\Stronghold2.exe (Firefly Studios)
FirewallRules: [{79904BBE-E3DC-427B-8EF6-87DE6DDED3EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry Primal\bin\FCPrimal.exe (Ubisoft Entertainment)
FirewallRules: [{971D8AA2-1646-4F03-9E5A-A4CA31D1B230}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry Primal\bin\FCPrimal.exe (Ubisoft Entertainment)
FirewallRules: [{5CEAAD65-E997-42CD-80EB-9F99CFA18863}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP_x64.exe ()
FirewallRules: [{7D0B70A0-4B8F-450C-B262-5D435DC3ED77}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP_x64.exe ()
FirewallRules: [{1BD335CB-ADCA-4D32-B508-952C8DFFDFCF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Civilization IV Colonization\Colonization.exe (Firaxis Games)
FirewallRules: [{7E9AC2C7-830A-4EFC-83EE-331ADFC2A662}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Civilization IV Colonization\Colonization.exe (Firaxis Games)
FirewallRules: [{576801E8-57B8-458E-8C3F-BA205ECE33B8}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe (Avast Software)
FirewallRules: [{89E26E6C-8F42-4BAB-962F-5CA2D24B4DFC}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts Inc.)
FirewallRules: [{F6A6A599-8DC2-4FBA-91C1-BFCD7AB7908E}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts Inc.)
FirewallRules: [TCP Query User{B2D35378-B363-40C7-8F76-8404D0BEC10A}C:\users\fee-jonas\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\fee-jonas\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC)
FirewallRules: [UDP Query User{02B22BAA-7FD4-41B0-B573-65DF8AF6AC31}C:\users\fee-jonas\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\fee-jonas\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC)
FirewallRules: [{CE356DD3-D434-4881-89D4-A0415812E92A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc)
FirewallRules: [{F890B59A-B5DB-46FE-A778-DE094CB5219B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc)
FirewallRules: [{5C03D892-6E13-4D58-88EE-528FEFDD4DF3}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc)
FirewallRules: [{787A07C5-957C-4DA5-9382-1C5BFF442268}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc)
FirewallRules: [{233FEF99-71E6-48C4-A57E-1B04FD007005}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red)
FirewallRules: [{5B5EEE6C-7D60-46EB-A19F-07BE6E711DA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red)
FirewallRules: [{627FE93D-D85B-4C17-A8ED-9F587F3475A6}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe (Avast Software)
FirewallRules: [TCP Query User{3FE76B17-EB49-40B9-9B95-7F2B9DC5FD2E}C:\program files\microsoft office\office14\groove.exe] => (Block) C:\program files\microsoft office\office14\groove.exe (Microsoft Corporation)
FirewallRules: [UDP Query User{183A6812-BB55-4F78-B970-55E2F6129711}C:\program files\microsoft office\office14\groove.exe] => (Block) C:\program files\microsoft office\office14\groove.exe (Microsoft Corporation)
FirewallRules: [{E9E564C7-C8D5-401D-B2E1-36B793E541E1}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe (Electronic Arts)
FirewallRules: [{BD4E96EF-7BC4-441B-B688-A43BF88300F9}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe (Electronic Arts)
FirewallRules: [{062E6668-167E-4D09-92E2-F774E7E6D4CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold 2\FFLauncher.exe ()
FirewallRules: [{19646928-DAF0-4C64-AE05-39D2F310001F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold 2\FFLauncher.exe ()
FirewallRules: [{8AF8A76F-BB04-450A-9465-469C710AC4A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry Primal\bin\FCPrimal.exe (Ubisoft Entertainment)
FirewallRules: [{C3C1F866-4FDF-4B32-82CC-D6CE69FFB248}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry Primal\bin\FCPrimal.exe (Ubisoft Entertainment)
FirewallRules: [TCP Query User{30584249-A8FA-4226-AC69-2A4201FCEFC2}C:\users\fee-jonas\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\fee-jonas\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC)
FirewallRules: [UDP Query User{E9ABB7B3-6642-45EB-B7CE-21FB2B16BB37}C:\users\fee-jonas\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\fee-jonas\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC)
FirewallRules: [{D0ADA9D1-C122-47B6-B722-04184A6F7693}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe ()
FirewallRules: [{93F522B6-50AB-4D3B-8E0C-4E03C4B666C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe ()
FirewallRules: [{73456120-CDD1-42EE-9BB0-BF6709711378}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Industry Giant 2\ig2_AddOn.exe (United Independent Entertainment GmbH)
FirewallRules: [{03F75FA7-2091-4580-97C8-80C7BFB27DB8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Industry Giant 2\ig2_AddOn.exe (United Independent Entertainment GmbH)
FirewallRules: [{10E28A7E-6051-4614-95AA-1A5EAD2C163B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe (Microsoft)
FirewallRules: [{E0EA1A40-EF6A-461C-90DD-B368A4D8D4A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe (Microsoft)
FirewallRules: [TCP Query User{B29151AA-2AEA-41BD-AAB4-966FCD3D83D9}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe (Firaxis Games)
FirewallRules: [UDP Query User{F2731B3F-E518-4C9F-8538-5A31E862C352}C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe (Firaxis Games)
FirewallRules: [{76320721-FC08-431C-AF44-2D5C9323F61A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe (Wube Software)
FirewallRules: [{E120D092-D08A-4DAE-9ADA-46BC0384CA75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Factorio\bin\x64\factorio.exe (Wube Software)
FirewallRules: [{6816B626-A16A-4562-B930-8EFD43484AF5}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.)
FirewallRules: [{E08FE17A-1A37-4F6F-B59E-A9BCEA24A41C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.)
FirewallRules: [{B8CC5228-73D5-4F19-9249-E95F336DAB1E}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.)
FirewallRules: [{19B5E915-9B64-4C59-ACE5-7731A9E33E49}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.)
FirewallRules: [{C4EE90AA-431D-4ABE-ADF6-BA6C89D723D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe (Firaxis Games)
FirewallRules: [{B88C9348-0BF0-4B9C-874C-347987BEA66A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe (Firaxis Games)
FirewallRules: [{3EEF874E-2AA2-4B37-A6A8-5AAE1F2251A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe (Firaxis Games)
FirewallRules: [{AECEE5ED-8F87-434F-8356-C2ACFA6F0B51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe (Firaxis Games)
FirewallRules: [TCP Query User{44994FA2-6831-4594-AA9E-031D4A03BB8A}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Allow) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe (Blue Byte GmbH)
FirewallRules: [UDP Query User{9293AADF-43E1-4D71-9FB0-88247235307D}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Allow) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe (Blue Byte GmbH)
FirewallRules: [{A215A324-37FF-4595-996D-1348A8FEC10E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{E32948F0-4FAD-4704-B9AA-C7BA6B1142E3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{3B764539-BF20-4835-A39E-598AF9CEF614}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive)
FirewallRules: [{A853CB92-E45C-46B8-A6D6-EB21004E08EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive)
FirewallRules: [{58C31393-E9DF-43D0-83FA-2DC53CB24324}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{14F66FEA-611F-49B1-957B-3F7353E1C26D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{F0E7DB56-AD76-4858-9069-06D0FF5B387E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe ()
FirewallRules: [{2EF7B2EA-1A8D-49D6-9EC0-C5F5C2E8BE2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe ()
FirewallRules: [{F3657BD6-5E02-4A9B-AAFB-8BC8A5485B06}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe ()
FirewallRules: [{70F4E1CE-8B97-47D0-BA3F-181AB0098393}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe ()
FirewallRules: [{DE4AB790-4C40-4417-98AE-F8FA9164A0C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe (Paradox Interactive)
FirewallRules: [{3D136507-38B0-4AAA-9675-8B60E3A49C03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe (Paradox Interactive)
FirewallRules: [{DFCF60D1-B8D5-4B8E-B0AE-20A68292D725}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{74869600-35E5-4379-A1D6-3CD72BB9C925}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
==================== Wiederherstellungspunkte =========================
13-12-2018 14:26:13 Windows Update
16-12-2018 17:59:56 Installiert WISO steuer:Sparbuch 2019
20-12-2018 14:36:14 Windows Update
03-01-2019 23:38:34 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/03/2019 11:40:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 4.83.53.91 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 980
Startzeit: 01d4a3b2ea85c727
Endzeit: 15
Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe
Berichts-ID: 91353099-0fa8-11e9-8132-bc5ff47694e7
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/03/2019 11:38:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/03/2019 11:14:09 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2118-12-10T22:14:09Z. Fehlercode: 0x80040154.
Error: (01/03/2019 11:13:39 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2118-12-10T22:13:39Z. Fehlercode: 0x80040154.
Error: (01/03/2019 11:13:09 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2118-12-10T22:13:09Z. Fehlercode: 0x80040154.
Error: (01/03/2019 11:12:39 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2118-12-10T22:12:39Z. Fehlercode: 0x80040154.
Error: (01/03/2019 11:12:09 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2118-12-10T22:12:09Z. Fehlercode: 0x80040154.
Error: (01/03/2019 11:11:39 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2118-12-10T22:11:39Z. Fehlercode: 0x80040154.
Systemfehler:
=============
Error: (01/04/2019 10:21:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: microsoft.windowscommunicationsapps
Error: (01/04/2019 10:21:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Microsoft.Reader
Error: (01/04/2019 10:18:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/04/2019 09:54:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (01/04/2019 09:54:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (01/04/2019 09:54:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AppEx Networks Accelerator LWF" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (01/04/2019 09:53:05 PM) (Source: DCOM) (EventID: 10010) (User: DJ)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/04/2019 09:24:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AppEx Networks Accelerator LWF" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Windows Defender:
===================================
Date: 2013-03-08 12:48:06.137
Description:
Die Windows Defender-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {CE77E50C-6F4F-4C63-B1C2-181706E9A2C7}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2013-02-02 17:16:31.827
Description:
Die Windows Defender-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {6D0A8998-6BEF-48F9-A25D-8B839C367F24}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2013-01-05 00:12:33.150
Description:
Die Windows Defender-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {02CC17D8-2F71-49EB-8574-410B230987B5}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2016-10-07 16:44:03.697
Description:
Fehler von Windows Defender beim Laden von Signaturen. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen.
Betroffene Signaturen: Sicherung
Fehlercode: 0x80073aba
Fehlerbeschreibung: Die Ressource ist zu alt und daher nicht mehr kompatibel.
Signaturversion: 1.147.1246.0;1.147.1246.0
Modulversion: 1.1.9302.0
Date: 2016-10-07 16:44:01.825
Description:
Fehler von Windows Defender beim Laden von Signaturen. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen.
Betroffene Signaturen: Aktuell
Fehlercode: 0x80073aba
Fehlerbeschreibung: Die Ressource ist zu alt und daher nicht mehr kompatibel.
Signaturversion: 1.147.1631.0;1.147.1631.0
Modulversion: 1.1.9302.0
Date: 2013-04-11 21:40:15.013
Description:
Fehler von Windows Defender beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.147.1246.0
Updatequelle: Microsoft Update-Server
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.9302.0
Fehlercode: 0x80240016
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Date: 2013-04-11 21:40:15.013
Description:
Fehler von Windows Defender beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.147.1246.0
Updatequelle: Microsoft Update-Server
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.9302.0
Fehlercode: 0x80240016
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Date: 2013-04-11 21:40:15.013
Description:
Fehler von Windows Defender beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.147.1246.0
Updatequelle: Microsoft Update-Server
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.9302.0
Fehlercode: 0x80240016
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
==================== Speicherinformationen ===========================
Prozessor: AMD A10-5800K APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8146.26 MB
Verfügbarer physikalischer RAM: 5900.02 MB
Summe virtueller Speicher: 10002.26 MB
Verfügbarer virtueller Speicher: 7739.33 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:1667.7 GB) (Free:913.51 GB) NTFS
Drive d: (Daten) (Fixed) (Total:97.31 GB) (Free:92.6 GB) NTFS
\\?\Volume{95d81160-523f-11e2-be65-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.34 GB) (Free:0.29 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: B3AEF03F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=06)
Partition 4: (Not Active) - (Size=1667.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
| Themen zu Lavasoft Entfernung |
| .dll, adobe, alert, antivirus, avast, defender, explorer, flash player, google, homepage, installation, lavasofttcpservice64.dll, mozilla, prozesse, registry, scan, security, services.exe, software, svchost.exe, system, udp, usb, windows, winlogon.exe, wiso |
Baum-Darstellung