Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 10: Spakassen Trojaner leitet auf Demo-Überweisung um

Windows 10: Spakassen Trojaner leitet auf Demo-Überweisung um


Log-Analyse und Auswertung: Windows 10: Spakassen Trojaner leitet auf Demo-Überweisung um

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 13.11.2020, 14:47   #3
Coniene
 
Windows 10: Spakassen Trojaner leitet auf Demo-Überweisung um - Standard

Windows 10: Spakassen Trojaner leitet auf Demo-Überweisung um


Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-11-2020
durchgeführt von Spatz (13-11-2020 13:44:23)
Gestartet von C:\Users\Spatz\Desktop
Windows 10 Home Version 2004 19041.572 (X64) (2020-09-20 18:56:01)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3244250915-2757434988-1918216499-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3244250915-2757434988-1918216499-503 - Limited - Disabled)
Gast (S-1-5-21-3244250915-2757434988-1918216499-501 - Limited - Disabled)
Spatz (S-1-5-21-3244250915-2757434988-1918216499-1001 - Administrator - Enabled) => C:\Users\Spatz
WDAGUtilityAccount (S-1-5-21-3244250915-2757434988-1918216499-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Spybot - Search and Destroy (Disabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\Amazon Kindle) (Version: 1.17.1.44183 - Amazon)
Amazon Music (HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\Amazon Amazon Music) (Version: 7.12.0.2203 - Amazon.com Services LLC)
Audials (HKLM-x32\...\{B9378412-7156-466E-9A62-FB9E69C3650B}) (Version: 18.2.6.0 - Audials AG)
Avira (HKLM-x32\...\{73A62580-2408-4055-B370-6DBE5434AC6E}) (Version: 1.2.152.1479 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{fe9700ea-db9c-48bd-9561-b7d053321d04}) (Version: 1.2.152.1479 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2011.2016 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.36.1.29260 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.39.12408 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version:  - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{073825B9-FF06-4690-8CE4-3C0B72036122}) (Version: 2.0.6.37231 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.7.0.11017 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{ED468F84-6B55-4FFD-A0C2-3C2064696A88}) (Version: 3.40.1 - Kovid Goyal)
CDex extraction audio (HKLM-x32\...\CDex) (Version:  - )
CEWE Fotowelt (HKLM-x32\...\CEWE Fotowelt) (Version: 7.1.0 - CEWE Stiftung u Co. KGaA)
CyberLink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - Ihr Firmenname) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - CyberLink Corp.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.8827 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - Ihr Firmenname) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2.4627 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Deaktivierungs-Add-on für Browser von Google Analytics (HKLM\...\{84FC2167-2A94-4D4D-9DA6-9C6FAC4D7610}) (Version: 0.9.7.0 - Google Inc.)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
ePUBee DRM Removal (HKLM-x32\...\{642A2F98-4BF5-4844-9614-899DDBA0C01A}) (Version: 2.02 - ePUBee)
Evernote v. 5.8.13 (HKLM-x32\...\{A229420E-204B-11E5-B844-0050569584E9}) (Version: 5.8.13.8152 - Evernote Corp.)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Gigaset QuickSync (HKLM\...\{5f46d2d1-51d8-4682-8092-c7d8964f9cfc}) (Version: 8.6.0881.1 - Gigaset Communications GmbH)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.193 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
HP CoolSense (HKLM-x32\...\{69D30761-C220-4DD6-9BCB-6559FC4A4C8C}) (Version: 2.21.2 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version:  - HP)
HP Dropbox Plugin (HKLM-x32\...\{1E18E86D-632C-48B5-962C-B60C2E53A478}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{039DDA62-50CC-4E7F-9D54-7CF032A2D362}) (Version: 36.0.41.58587 - HP)
HP Officejet 6600 - Grundlegende Software für das Gerät (HKLM\...\{F58934BD-F483-43EB-B307-CFFD88B18455}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6600 Hilfe (HKLM-x32\...\{2FA81482-5570-4CF0-9A10-D61D2F164916}) (Version: 140.0.2.2 - Hewlett Packard)
HP OfficeJet 6950 - Grundlegende Software für das Gerät (HKLM\...\{1FBC0E55-8E1B-4317-8722-31CAF301F428}) (Version: 40.7.1094.16327 - HP Inc.)
HP OfficeJet 6950 Hilfe (HKLM-x32\...\{B68B0E4B-C699-4056-9648-BFE4CA8A24BB}) (Version: 40.0.0 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8305.5282 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.18.34.21 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{025C1573-2F1D-46AF-BAB8-594EBF56A889}) (Version: 1.4.11 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)
I.R.I.S. OCR (HKLM-x32\...\{77374D45-3BBF-4633-A2DF-188CD2106A67}) (Version: 12.3.7.0 - HP)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4360 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) WiDi (HKLM\...\{6C02A234-7A14-4737-9D89-B0C47A64F94E}) (Version: 6.0.52.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{AC8973AF-7F4C-40F4-BFE1-C02FE95ED2C2}) (Version: 3.2.1184 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{D4090A45-7F76-4446-A4FA-D8B02E9CA582}) (Version: 18.1.1605.3087 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Intel® Software Guard Extensions Platform Software (HKLM\...\{10307C17-F7FD-405D-9F3B-0BF66EA43857}) (Version: 1.0.26920.1393 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MakeMKV v1.14.2 (HKLM-x32\...\MakeMKV) (Version: v1.14.2 - GuinpinSoft inc)
MEmu (HKLM-x32\...\MEmu) (Version: 2.8.5.1 - Microvirt)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.13328.20356 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 82.0.3 (x64 de) (HKLM\...\Mozilla Firefox 82.0.3 (x64 de)) (Version: 82.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Grafiktreiber 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.94 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7730 - Realtek Semiconductor Corp.)
Rossmann Fotowelt Software (HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\{ffb96b31-a577-499f-96fd-935394ba5886}) (Version: 5.6.4-3409 - ORWO Net GmbH Bitterfeld-Wolfen)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Sweet Home 3D version 5.4 (HKLM\...\Sweet Home 3D_is1) (Version: 5.4 - eTeks)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Synaptics WBF DDK (HKLM\...\{244C6825-00E4-4AC1-8A1C-96B8911399C6}) (Version: 4.5.327.0 - Synaptics)
TomTom MyDrive Connect 4.2.4.3691 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.4.3691 - TomTom)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
WD My Cloud (HKLM\...\{4B86F896-11DC-4711-BB60-81104832FA44}) (Version: 1.0.7.17 - Western Digital Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WISO steuer:Start 2017 (HKLM-x32\...\{C70304F0-911B-4483-A722-85FC09644C57}) (Version: 24.00.1375 - Buhl Data Service GmbH)
WISO steuer:Start 2018 (HKLM-x32\...\{77E6C41F-4E20-434C-A186-4CFA83171F9E}) (Version: 25.00.1359 - Buhl Data Service GmbH)
WISO steuer:Start 2019 (HKLM-x32\...\{1D0A173A-01EF-4D58-BDA1-B7556CA10297}) (Version: 26.00.1560 - Buhl Data Service GmbH)
WISO steuer:Start 2020 (HKLM-x32\...\{813BA27A-636C-49B0-876E-708177799A1C}) (Version: 27.00.1484 - Buhl Data Service GmbH)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-03-10] (Amazon.com)
Audible - Hörbuch und Hörspiel App -> C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.64.0_x64__xns73kv1ymhp2 [2020-10-13] (Audible Inc)
Hearts Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_6.7.33.0_x64__kx24dqmazqk8j [2020-07-15] (Random Salad Games LLC)
HP LOUNGE -> C:\Program Files\WindowsApps\UniversalMusicMobile.HPLOUNGE_2.1.1.0_x64__3ms5eyejfeart [2017-04-02] (Universal Music Mobile)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_121.1.193.0_x64__v10z8vjag6ke6 [2020-11-05] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-29] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-17] (Netflix, Inc.)
PhotoScape X -> C:\Program Files\WindowsApps\MooiiTech.PhotoScapeX_4.1.1.0_x64__f5eddttrpssna [2020-11-05] (Mooii Tech)
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_6.1.736.0_x86__v10z8vjag6ke6 [2018-08-05] (Snapfish)
Solitär -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.20.87.0_x64__kx24dqmazqk8j [2020-09-07] (Random Salad Games LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-10] (Twitter Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Spatz\AppData\Local\Microsoft\OneDrive\20.143.0716.0003\amd64\FileCoAuthLib64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Datei ist nicht signiert]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-07-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-09-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Spatz\OneDrive\WDMyCloudMirror - Verknüpfung.lnk -> hxxp://192.168.0.10

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============


==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COS2&ptag=D121119-A6B219395BABB4E59ADF&form=CONMHP&conlogo=CT3332005
HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM-x32 -> {45CB2E7E-989F-414B-96B4-847F7295123D} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COS2&ptag=D121119-N0700A6B219395BABB4E59ADF&form=CONBDF&conlogo=CT3332005&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COS2&ptag=D121119-N0700A6B219395BABB4E59ADF&form=CONBDF&conlogo=CT3332005&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001 -> {45CB2E7E-989F-414B-96B4-847F7295123D} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Deaktivierungs-Add-on für Browser von Google Analytics -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files\Google\Google Analytics Opt-Out\gaoptout_x64.dll [2019-04-04] (Google LLC -> Google, Inc.)
BHO-x32: Deaktivierungs-Add-on für Browser von Google Analytics -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files (x86)\Google\Google Analytics Opt-Out\gaoptout.dll [2019-04-04] (Google LLC -> Google, Inc.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-07-01] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-01] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7936 mehr Seiten.


==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2018-04-12 00:38 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Calibre2\;C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\;C:\Program Files\Intel\IntelSGXPSW\bin\win32\Release\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\Control Panel\Desktop\\Wallpaper -> D:\Spatz\Maria\fotos\2005 Gran Canaria 21.09.-28.09\IMGP1503.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
 ist aktiviert.

Network Binding:
=============
WLAN: HTC NDIS Protocol Driver -> MS_NDISPROT (enabled) 
WLAN: RadioRip Filter Driver -> RrNetCapFilterDriver (enabled) 
Ethernet 2: HTC NDIS Protocol Driver -> MS_NDISPROT (enabled) 
Ethernet 2: RadioRip Filter Driver -> RrNetCapFilterDriver (enabled) 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "PowerDVD14Agent"
HKLM\...\StartupApproved\Run32: => "HPRadioMgr"
HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\StartupApproved\StartupFolder: => "Tintenwarnungen überwachen - HP Officejet 6600.lnk"
HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3244250915-2757434988-1918216499-1001\...\StartupApproved\Run: => "Amazon Music"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{0A07CC4A-2702-4C34-9B1B-3146B4B0455C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8ABD566E-6865-4A0C-A0DC-073E5653D2DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4703C49A-959E-434E-B3EC-163040EE0941}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{245D4837-FCDD-47AC-AD25-1F187BC0643C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8FC0E5CE-5816-4DD8-AFB7-00580364A885}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{95E4EAB9-6267-47E4-B512-F49F0CD4A259}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FE0E373B-8EE1-469C-90E9-8D1FF4E829CF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1442FE82-DEF0-4EC4-AC9D-81AEB47ABE27}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{15DF700C-D145-4F7F-BE9A-6552412139B1}C:\users\spatz\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\spatz\appdata\local\amazon music\amazon music helper.exe (Amazon.com Services LLC -> Amazon.com Services LLC)
FirewallRules: [TCP Query User{CDAC5D66-D872-4AF2-B53A-52F2CB0BB8CA}C:\users\spatz\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\spatz\appdata\local\amazon music\amazon music helper.exe (Amazon.com Services LLC -> Amazon.com Services LLC)
FirewallRules: [{B06FFA06-3935-4728-B9C3-D466BFF2EDE6}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{D061F4D0-5745-4A17-AB19-17C3C19956FD}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C191BDAB-ACF8-4817-BE68-84C8A9155DB8}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{BFEC5AED-228E-4061-A688-93DD35A4B2F0}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{73F41052-F2B8-4797-B7C1-541AB26A4973}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{FFCEA2BB-7FD9-4D09-A3A4-16AE1B5C2CC6}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C1A10285-8C8E-4E2B-A44D-C6D76923ECC4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6E2BA6DB-E0EA-4726-B2B2-43FBA3A7F0C5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5C3D203A-57A2-48E9-82B8-5CFA540DDFDB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7165A2E8-204F-491F-B452-C68BAD6430E4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7B5D2880-6D23-4ECA-B4CB-E8109022EC05}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AB1D891C-1DB9-4880-B507-69B20B7BD7A0}] => (Allow) LPort=2869
FirewallRules: [{0114611D-CB94-4347-82BC-7CA4CCBC71DC}] => (Allow) LPort=1900
FirewallRules: [{29B5C1CF-642C-466D-9691-A4E222141C51}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => Keine Datei
FirewallRules: [{23299A24-F1EE-493E-94B9-364151420624}] => (Allow) LPort=12972
FirewallRules: [{D5ADBA29-EAFB-4045-9692-48860076A2AA}] => (Allow) LPort=14714
FirewallRules: [{A594B6E9-392F-4330-9B8D-867E15F8FBC8}] => (Allow) LPort=31931
FirewallRules: [{996BF574-B6DC-43B6-8802-B9DDC725465E}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International BV -> TomTom)
FirewallRules: [{F924F3FD-48E0-4430-9594-F8E8C921ABAC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9BE3F190-931F-4868-A9A0-30C63A0475C0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{EC062933-A3CE-4CD1-A706-5DE85EB21CDC}] => (Allow) C:\Program Files\HP\HP OfficeJet 6950\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{867F80FA-A092-4049-A2C9-6C50E743F209}] => (Allow) C:\Program Files\HP\HP OfficeJet 6950\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{9264A8CA-3911-4275-B945-70D3AC5C6E1F}] => (Allow) C:\Program Files\HP\HP OfficeJet 6950\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{94D4C2AD-5B33-4B2A-B10E-EE859AF69E68}] => (Allow) C:\Program Files\HP\HP OfficeJet 6950\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{CE75C922-C8A8-4C1A-A421-C75170B1F14C}] => (Allow) C:\Program Files\HP\HP OfficeJet 6950\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7D6A40D1-D8FE-46EE-B016-F0CE46B2B7D7}] => (Allow) LPort=5357
FirewallRules: [{B794794F-21A0-41B5-8984-500FC64315CB}] => (Allow) C:\Program Files\HP\HP OfficeJet 6950\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{9E42A614-7977-439A-BBCB-AF4C580F2783}] => (Allow) C:\Program Files (x86)\Audials\Audials 2018\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [{DF6CBD40-4B40-4E7B-860A-8F3DB112BAC6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{BFD5C666-C922-4D5D-8FA4-E11FC7E1AE0C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F695CAE5-4DAA-4D85-893C-A6B5D0ECEC62}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{13300390-E2FB-4670-B4C4-9E34F9634411}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4F202A33-D03F-4236-B525-29E8CA8FC8A7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F34BE6AB-5FA4-4160-80E0-A4F0D33880E7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{60865990-2537-4E30-9A8B-C1ABD656353F}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{CD2DF31F-8067-42B6-8337-C71342C3DC48}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{EACDE545-6B2F-49DD-B7F9-D58556626431}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:118.03 GB) (Free:46.22 GB) (39%)

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (11/13/2020 01:20:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Hasi.local already in use; will try Hasi-2.local instead

Error: (11/13/2020 01:20:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 Hasi.local. Addr 192.168.0.105

Error: (11/13/2020 01:20:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.105:5353   16 Hasi.local. AAAA 2A02:8109:0ABF:FC54:0000:0000:0000:7AF4

Error: (11/13/2020 01:20:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 Hasi.local. AAAA FE80:0000:0000:0000:1514:6B25:59FE:E428

Error: (11/13/2020 01:20:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.105:5353   16 Hasi.local. AAAA 2A02:8109:0ABF:FC54:0000:0000:0000:7AF4

Error: (11/13/2020 01:20:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 Hasi.local. AAAA 2A02:8109:0ABF:FC54:78FA:952A:19AB:3473

Error: (11/13/2020 01:20:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.105:5353   16 Hasi.local. AAAA 2A02:8109:0ABF:FC54:0000:0000:0000:7AF4

Error: (11/13/2020 01:20:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 Hasi.local. AAAA 2A02:8109:0ABF:FC54:1514:6B25:59FE:E428


Systemfehler:
=============
Error: (11/13/2020 01:03:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SDWSCService" wurde aufgrund folgenden Fehlers nicht gestartet: 
Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (11/13/2020 01:03:32 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5

Error: (11/13/2020 01:03:12 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (11/13/2020 01:03:12 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (11/13/2020 01:03:05 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (11/13/2020 01:02:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/13/2020 01:02:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Touchpoint Analytics" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/13/2020 01:02:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HPWMISVC" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================

Date: 2020-11-13 13:43:39.0350000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-11-13 13:43:39.0320000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-11-13 13:43:39.0030000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-11-13 13:43:39.0000000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-11-13 13:24:15.4070000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-11-13 13:24:15.4020000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-11-13 13:03:50.1980000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-11-13 13:03:50.1080000Z
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Speicherinformationen =========================== 

BIOS: Insyde F.35 03/04/2016
Hauptplatine: HP 80EE
Prozessor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 16220.78 MB
Verfügbarer physikalischer RAM: 11189.05 MB
Summe virtueller Speicher: 18652.78 MB
Verfügbarer virtueller Speicher: 13249.95 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:118.03 GB) (Free:46.22 GB) NTFS
Drive d: (DATA) (Fixed) (Total:917.15 GB) (Free:725.96 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:14.36 GB) (Free:1.51 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

\\?\Volume{24c91438-a353-4c04-bacf-da59bf927a36}\ () (Fixed) (Total:0.94 GB) (Free:0.38 GB) NTFS
\\?\Volume{efe13d94-b8a7-480f-b27e-8ec6739adde5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: E789D294)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 7E6EBB63)

Partition: GPT.

==================== Ende von Addition.txt =======================
__________________
 

Themen zu Windows 10: Spakassen Trojaner leitet auf Demo-Überweisung um
.dll, administrator, adobe, antivirus, avg, avira, bonjour, defender, firefox, google, home, homepage, internet, mozilla, nvcontainer.exe, nvidia, prozesse, realtek, registry, rundll, scan, security, system, trojaner, updates, windows


« Win10 - Illegaler Zugriff auf emailkonten von meiner IP aus --> Mailzugriff von Provider gesperrt | Malwarebytes zeigt ein Trojaner in einem Pfad an, welcher nicht zu finden ist! »


Ähnliche Themen: Windows 10: Spakassen Trojaner leitet auf Demo-Überweisung um


  1. Windows 10 Pro - mehrere Trojaner Funde Avira TR/Dldr.Agent, Firefox leitet auf "Rambler" weiter
    Log-Analyse und Auswertung - 31.12.2016 (15)
  2. Express Zip Demo Popup
    Plagegeister aller Art und deren Bekämpfung - 03.10.2016 (26)
  3. Milliarden-Coup in NY: Zentralbank-Konto per Überweisung geleert
    Nachrichten - 10.03.2016 (0)
  4. Fenster, Express Zip Demo
    Plagegeister aller Art und deren Bekämpfung - 31.07.2015 (28)
  5. Paypal 400Euro Überweisung ? Avast kann Virus nicht löschen.
    Plagegeister aller Art und deren Bekämpfung - 20.04.2014 (15)
  6. Bundeskriminalpolizei, 100 Euro Ucash Überweisung
    Plagegeister aller Art und deren Bekämpfung - 06.04.2012 (19)
  7. Battlefield 2 Bad Company Demo???
    Alles rund um Windows - 23.01.2011 (0)
  8. Antispyware Soft Demo
    Plagegeister aller Art und deren Bekämpfung - 27.05.2010 (4)
  9. Antispyware Soft Demo VIRUS!
    Plagegeister aller Art und deren Bekämpfung - 08.05.2010 (2)
  10. Antivir Soft Demo entfernen
    Plagegeister aller Art und deren Bekämpfung - 02.02.2010 (1)
  11. Demo / Test - Rootkit
    Plagegeister aller Art und deren Bekämpfung - 26.09.2009 (8)
  12. Machiavelli: Demo-Rootkit für Mac OS X
    Nachrichten - 31.07.2009 (0)
  13. Gibt es ein MS EXCEL Demo Version?
    Alles rund um Windows - 03.06.2008 (2)
  14. Online-Überweisung mit meiner IP vom fremden Rechner aus möglich?
    Plagegeister aller Art und deren Bekämpfung - 16.10.2007 (1)
  15. Anti AV v1.2 Demo antivirus Undetecter
    Plagegeister aller Art und deren Bekämpfung - 16.08.2007 (4)
  16. Rechnung für NOD32 v2 trotz Überweisung?
    Antiviren-, Firewall- und andere Schutzprogramme - 04.04.2004 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 10: Spakassen Trojaner leitet auf Demo-Überweisung um - Addition Code: Alles auswählen Aufklappen ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-11-2020 durchgeführt von Spatz (13-11-2020 13:44:23) Gestartet von C:\Users\Spatz\Desktop Windows 10 Home Version 2004 19041.572 - Windows 10: Spakassen Trojaner leitet auf Demo-Überweisung um...
Archiv
Du betrachtest: Windows 10: Spakassen Trojaner leitet auf Demo-Überweisung um auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131