| |
| |||||||
Log-Analyse und Auswertung: Windows 8.1 Probleme nach Windows Update Log-Files zu groß - Teil 1Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
11.10.2022, 15:14
| #1 |
 |  Windows 8.1 Probleme nach Windows Update : MBAM und AdwCleaner Hallo Matthias vielen Dank, dass du mir hilfst mein Notebook wieder flott zu bekommen. Ich heiße Jürgen. Malwarebytes hatte ich schon auf dem Rechner. Ich hoffe die Version ist nicht zu alt für den scann. Wenn doch muss ich dann die alte Version deinstallieren und das neuste Update aufspielen? Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 11.10.22
Scan-Zeit: 07:22
Protokolldatei: a97a97b0-4924-11ed-90b5-b8763ffb80fe.json
-Softwaredaten-
Version: 4.5.2.157
Komponentenversion: 1.0.1562
Version des Aktualisierungspakets: 1.0.60899
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Yogi_Sony\Juergen
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 411951
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 41 Min., 58 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-11-2022
# Duration: 00:00:15
# OS: Windows 8.1
# Cleaned: 117
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\GreenTree Applications
Deleted C:\Program Files (x86)\globalUpdate
Deleted C:\Program Files (x86)\wow search
Deleted C:\ProgramData\7D903D8DBB3A1445
Deleted C:\ProgramData\7b24ec7cc000461ebe26d116b88142c8
Deleted C:\Users\Juergen\AppData\LocalLow\Minibar
Deleted C:\Users\Juergen\AppData\Local\DOWNLOADED INSTALLATIONS\{31AD8258-894C-48D5-8149-C47506092754}
Deleted C:\Users\Juergen\AppData\Local\Temp\DMR
Deleted C:\Users\Juergen\AppData\Local\globalUpdate
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Windows\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}
***** [ Files ] *****
Deleted C:\Windows\System32\drivers\swdumon.sys
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\Tasks\AQWLULMTU1.job
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14686926-E02-493E-A65B-DD77C52FA45E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{196C0F36-3A81-4859-919E-605FF304CA3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DC9BB58-D21B-4E88-8BBE-F4F58EAC921A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{24E00077-FC1-4C90-BAF8-99A0E6C2294D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25105633-E097-40E1-93EE-53DDF13CC44}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26045A8-77A1-423A-B992-C721BD9A9410}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28162626-64E8-4751-B83F-61E5D1E85DD6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28164E7E-4E28-4A48-918C-9EDC239FE8AD}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{293DD0FE-CECD-4740-A466-8F5E679E6BA4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E828F1D-9C13-4176-AFEE-21F1E99CEAA4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35471EEB-5AC0-4F86-9862-973B56BD4D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A5C0B5B-2041-43A3-838-57A4D39C3ECC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BE5E11C-9550-43AF-9AA9-4E80954365A5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C5D94CC-1E8-44D6-A56C-DEFBA1C6E28}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D26A39B-6FBA-4555-9E71-E4C54DA6D44}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F3CEF4-DC8A-4A4B-972-A86532A1517}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3FC28D02-F3F4-48D2-94CD-236D7AEEF5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4693891A-1C51-49BB-92C8-D89339B9B79}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E7173-D0A5-4008-995E-29CA124B25C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FE6768E-D137-4579-AFBE-523BB985B3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53AFBEBD-4C38-416F-8C72-DABD4F7F360}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B370870-AE97-4705-A080-125721C14D7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{631AA1F-B9EB-4768-A97C-6B2C8C0E7B0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68319503-BFD6-4474-9267-194FAC44F4B3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68E19A7F-30F0-42AE-B43E-B599A26EAD5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B0C0338-32A1-43DF-AEC5-28AEC3689AD4}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E21B98C-BB5D-434F-9686-54516261C87}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7727E9B5-127-4E47-8948-39D25BD33051}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7979B43E-3E-46BA-973B-2CF863436547}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CD4231F-40C0-4DBC-9C3-B6FE6E3E9C7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7EF73869-40E0-4C6F-A6B0-D2D3D3B39A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FDC3447-6942-4BD9-B528-BD4A11841995}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{820F3372-12E7-4240-9B1E-6C71E7171164}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82C2C882-1CE4-4DC8-817C-5245E6EBD76A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87CE8722-A437-4E0B-9F86-1A3C21DD277}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BB66548-E2AF-4444-B7B-E10B7871E19}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C5A9D81-2E7B-44A0-89B-F2FE211D7D8C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E4EB0C4-121B-4424-BB9A-4F5420AA5FDF}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{987C035D-2BD3-435B-8641-2B59C248BC80}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{999AB9AA-2706-4E2C-8C98-E1646ADAD5CC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CD4BE1-96FC-4E4C-8D7E-834B3D772254}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A40C5959-46A9-479B-9D34-2E447BF96F78}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4402900-FC6E-4A0C-96AC-7B47451D8963}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A49D8A3B-A8E8-4BBD-8EC7-4D211F81828B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5C6AD81-DEF2-4DEE-916F-612A1792A0C0}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFBB510C-5A50-4E78-B17E-CC2DEF6E091}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBF74050-1478-4E9B-9DC7-4A753349163}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC6F26EC-6EAE-4F2E-8070-9E736435DB3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD843E3F-973C-4483-B1F-39908F9D4562}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C077DB91-E0A8-40F8-ABCD-24E9242553D}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C304D2FC-BC6E-42F1-8859-78304F8A8581}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3687C48-F28E-4F67-977E-29F329CFEB3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D176C9C6-F663-4094-91E3-E1D3E3A1A6A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3D72C19-ED83-4FBB-BFF-69EA591D2418}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB24D17E-6FC-4EF5-AF1C-1EDA3861EA76}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD26442E-A66E-4506-AFD-75A8F517DED}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6342093-AE7-4019-829F-5E55ABC0332}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E9C76602-DAFE-4DA9-AA98-CAEA5768B86A}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDB5E3CE-3ED7-4339-A45-614754EEED20}
Deleted HKCU\Software\Appscion
Deleted HKCU\Software\GlobalUpdate
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Browser Extensions
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|FLV Player
Deleted HKCU\Software\Search Extensions
Deleted HKCU\Software\SecuredDownload
Deleted HKCU\Software\Store
Deleted HKLM\Software\Classes\Installer\Features\E49AC3054380EEC4DA29AB71FAE408A9
Deleted HKLM\Software\Classes\Installer\Products\E49AC3054380EEC4DA29AB71FAE408A9
Deleted HKLM\Software\Classes\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1672163f-8651-4c0d-9c05-4ba941123972}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61db39d5-034c-45c0-8bb2-daf857edcf3b}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|MalwareProtectionLive
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E61B1AB66C44604797AC56F6BC3B0FF
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5B90A3D3F68EADC47B40D2D572B76E62
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\884DF2290FDFBE9408D20E763774932B
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E49AC3054380EEC4DA29AB71FAE408A9
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Deleted HKLM\Software\TBID
Deleted HKLM\Software\Wow6432Node\GlobalUpdate
Deleted HKLM\Software\Wow6432Node\TBID
Deleted HKLM\Software\Wow6432Node\Wpm
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1672163f-8651-4c0d-9c05-4ba941123972}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61db39d5-034c-45c0-8bb2-daf857edcf3b}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90E4CD0C-426F-4207-805B-7885AB32D43F}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAE9BEC8-4723-4347-AFC6-25EE3326BA5B}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A2616871-3463-BCEE-5AFA-73773317A381}
Deleted HKLM\Software\Wow6432Node\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\WindowsProtectManger
Deleted HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\V-bates
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDBFEA30-EC51-4B8D-B4F0-8CA4F7253C0A}
Deleted HKU\.DEFAULT\Software\SecurityUpdatesService
Deleted HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDBFEA30-EC51-4B8D-B4F0-8CA4F7253C0A}
Deleted HKU\S-1-5-18\Software\SecurityUpdatesService
Deleted HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDBFEA30-EC51-4B8D-B4F0-8CA4F7253C0A}
Deleted HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDBFEA30-EC51-4B8D-B4F0-8CA4F7253C0A}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [22683 octets] - [11/10/2022 10:49:00]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-10-2022 01
durchgeführt von Juergen (Administrator) auf YOGI_SONY (Sony Corporation SVE1713Y1EB) (11-10-2022 11:31:28)
Gestartet von C:\Users\Juergen\Downloads
Geladene Profile: Juergen
Plattform: Microsoft Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Notepad++ -> Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(services.exe ->) (Atheros) [Datei ist nicht signiert] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Software Products -> Intel Corporation) C:\Program Files\PTC\Creo 3.0\M040\Common Files\x86e_win64\cma\Bin\IntelMPI\smpd-intel-4.0.3.009-x64.exe
(services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(services.exe ->) (Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" (Keine Datei)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-11-28] (Qualcomm Atheros -> Atheros Communications) [Datei ist nicht signiert]
HKU\S-1-5-21-1111762605-3097862284-2369679256-1001\...\Run: [VLC Plus Player Updater] => C:\Users\Juergen\AppData\Local\VLC Plus Player Updater\Updater.exe [202056 2022-01-23] (Aller Media e.K. -> ) <==== ACHTUNG
HKU\S-1-5-21-1111762605-3097862284-2369679256-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5491880 2022-09-08] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1111762605-3097862284-2369679256-1001\...\Run: [] => [X]
HKU\S-1-5-21-1111762605-3097862284-2369679256-1001\...\MountPoints2: {48a07732-32e9-11e4-be9e-5453ed3b9661} - "G:\launcher.exe"
HKU\S-1-5-21-1111762605-3097862284-2369679256-1001\...\MountPoints2: {ab02f377-672b-11e6-bf40-5453ed3b9661} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\RunOnce: [{90140000-001C-0000-1000-0000000FF1CE}] => C:\WINDOWS\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H (Keine Datei)
HKLM\...\Windows x64\Print Processors\Epson Laser01: C:\Windows\System32\spool\prtprocs\x64\EP0LPP01.DLL [41472 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\Epson Inbox Language Monitor01: C:\WINDOWS\system32\EP0SLM01.DLL [77824 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\HP C211 Status Monitor: C:\WINDOWS\system32\hpinkstsC211LM.dll [333496 2013-01-08] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 2540 series): C:\WINDOWS\system32\HPDiscoPMC211.dll [763912 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\PDFill Writer Monitor: C:\Program Files (x86)\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll [38824 2021-06-12] (PlotSoft LLC -> Windows (R) Codename Longhorn DDK provider)
HKLM\Software\...\AppCompatFlags\InstalledSDB\{ad846bae-d44b-4722-abad-f7420e08bcd9}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb [2016-11-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\105.0.5195.102\Installer\chrmstp.exe [2022-09-10] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-11-28] (Qualcomm Atheros -> Qualcomm®Atheros®) [Datei ist nicht signiert]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-11-28] (Qualcomm Atheros -> Qualcomm®Atheros®) [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk [2017-09-13]
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Amazon Services LLC -> Audible, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2020-03-15]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) [Datei ist nicht signiert]
Startup: C:\Users\Juergen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-10-10]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Juergen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 2540 series (Netzwerk).lnk [2022-02-12]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03F1D300-9A1E-49CB-85A2-FA303CBB09AE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [141646296 2022-09-30] (Microsoft Windows -> Microsoft Corporation)
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0AA0D8DC-B687-40A3-8E45-27ADD1D9E67D} - \Microsoft_Hardware_Launch_rundll32_exe -> Keine Datei <==== ACHTUNG
Task: {0CE6A45C-874F-40BF-9084-74F9E1228310} - System32\Tasks\{85B9C296-77C4-4AE6-B883-8CB1BE430945} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Juergen\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=smt
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {12219B30-FA6B-4682-A893-F6B14A984E6A} - kein Dateipfad
Task: {20B485A3-0A3A-4453-B690-E95C320547B1} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [18272 2020-06-23] (Sony Corporation -> Sony Corporation)
Task: {2117D3EC-917E-4605-B1E1-EFAB781E13FF} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [806048 2020-06-23] (Sony Corporation -> Sony Corporation)
Task: {227054CF-C98F-4700-BD62-B905034F53DE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [141646296 2022-09-30] (Microsoft Windows -> Microsoft Corporation)
Task: {251B68B5-4450-4EE2-B884-823F47FD49BD} - System32\Tasks\{87CB7A52-DB6D-4BE7-8FF7-0B4C0B311A49} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Wajam\uninstall.exe"
Task: {26EB4F0D-FC76-4B31-89B5-B36F0B286391} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [806048 2020-06-23] (Sony Corporation -> Sony Corporation)
Task: {2E042AB2-7A1C-4EAC-999B-A934FA0D9D34} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe [1688152 2013-09-28] (Sony Corporation -> Sony Corporation)
Task: {2F7B7C41-0A57-4F7D-95AA-31566194C5E4} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [806048 2020-06-23] (Sony Corporation -> Sony Corporation)
Task: {2FFACF0F-AD2C-41F5-A105-D42026728035} - \ASVCI -> Keine Datei <==== ACHTUNG
Task: {30F996CD-45C6-439D-9706-6D7EB90BA7F8} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [806048 2020-06-23] (Sony Corporation -> Sony Corporation)
Task: {350ED5DE-4EE2-4DBA-9EB4-FE53DD0BEC35} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [71936 2021-02-23] (Oracle America, Inc. -> Oracle Corporation)
Task: {41DE800D-17C9-4F00-8A2E-25857AA9C404} - System32\Tasks\Opera scheduled Autoupdate 1550940934 => C:\Users\Juergen\AppData\Local\Programs\Opera\launcher.exe [2534856 2022-10-06] (Opera Norway AS -> Opera Software)
Task: {469C8111-29B1-4278-AB13-E004A3341636} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {482FA95D-9F13-4629-96BF-CD20EF1ED8C5} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [1210856 2019-11-08] (Sony Corporation -> Sony Corporation)
Task: {4991721A-0A49-486C-BD3F-4CFB625CBE83} - System32\Tasks\Mozilla\Firefox Developer Edition Background Update CA9422711AE1A81C => C:\Program Files\Firefox Developer Edition\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\CA9422711AE1A81C\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4CBD7446-7DF4-420D-A537-3739CCD6A875} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4EBB534C-4293-43DC-AC7D-FC41F973BDFD} - System32\Tasks\Sony Corporation\Store App Support Utility\Store App Support Utility Logon Start => C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe [219736 2014-02-25] (Sony Corporation -> Sony Corporation)
Task: {4F018A46-9622-478C-BACE-2A54F397365D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {514B1ED1-6D85-4386-9F8C-A5FCFA91A7E0} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {5372CF92-7996-4A56-8B7F-76D44C981D27} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [806048 2020-06-23] (Sony Corporation -> Sony Corporation)
Task: {5603BFFF-E5EE-4AB7-BDC5-75191C927480} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [976552 2012-08-14] (Sony Corporation -> Sony Corporation)
Task: {5BD1416B-577C-4081-B68F-DECD90B305E6} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [503424 2014-11-17] (Sony Corporation -> Sony Corporation)
Task: {651714CC-CB20-4270-8BEC-0DE47ADE13CD} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [1005144 2016-03-04] (Sony Corporation -> Sony Corporation)
Task: {66CE1983-AF36-420A-908A-0C0AA9F1A30E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D17A1AD-D299-4CAE-A0EA-64E20BD676DD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {6F1CA3AD-5528-4243-A9D6-EB2D954B25B8} - System32\Tasks\{2ABB38EA-2992-4993-ACC7-1101A1D5FE9F} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Juergen\Downloads\AudibleDM_iTunesSetup (2).exe" -d C:\Users\Juergen\Downloads
Task: {744182D8-D005-4D10-B0BA-A66AB855E40D} - System32\Tasks\Health-Check-deep => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe -deepscan (Keine Datei)
Task: {7DDD67C4-E682-454E-8978-884EDC4067FF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_pepper.exe [1454136 2020-04-14] (Adobe Inc. -> Adobe)
Task: {86C86E65-ADCE-4A77-97E8-0C583D36979B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {87AF006E-39F4-4D18-A6A9-0ED623046A0F} - System32\Tasks\AupAvUpdate => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\updAvTask.exe -UPDATE (Keine Datei)
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {8C2FBD33-5918-499B-A2FA-AB179CB94707} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [735400 2012-10-23] (Sony Corporation -> Sony Corporation)
Task: {91B6BB43-F064-481D-B5FA-0C8A3C1AD937} - System32\Tasks\UninstallMonitor => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe -AUSCAN (Keine Datei)
Task: {9244CE68-D91E-4DBB-A5CF-3A1FB1C657AA} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [503424 2014-11-17] (Sony Corporation -> Sony Corporation)
Task: {937DDAA8-7E72-4BC3-9A11-4B7CC1D4E8B0} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [538280 2012-09-06] (Sony Corporation -> Sony Corporation)
Task: {989B77FF-9006-4BFD-A9F3-4CAC77B433FF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973744 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0B134CE-815B-43AF-88B7-E3D63CD97D49} - System32\Tasks\Microsoft\Windows\RestartManager\{4A54029A-73D5-454e-8FDE-3AF7136D3A41} => C:\WINDOWS\system32\rmclient.exe [17408 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {A63F9836-FF21-4B4E-9587-EB935C3EEFD5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-14] (Adobe Inc. -> Adobe)
Task: {B29661EA-B963-4C05-AE19-9DB27EC346FB} - System32\Tasks\{9333F64A-06B8-4C00-BAF8-AF626E5E3587} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Juergen\Downloads\AudibleDM_iTunesSetup (1).exe" -d C:\Users\Juergen\Downloads
Task: {B74A8C1C-9164-4475-8C47-B0925202360B} - System32\Tasks\Sony Corporation\BP Checker\CheckBPStatusLogon => C:\Program Files\Sony\BP Checker\BPChecker.exe [47672 2016-11-29] (Sony Corporation -> Sony Corporation)
Task: {B9CED526-A3D8-445C-A403-9BEA37096749} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe (Keine Datei)
Task: {B9F3F61B-EAB3-483D-97C2-AB49F8A3A15E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE3F464C-970C-4D1A-801C-63E444262ED0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {BE677A9B-9257-4ABE-8EE0-B40EB19A6052} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [806048 2020-06-23] (Sony Corporation -> Sony Corporation)
Task: {C58078EE-1C71-4031-B950-422542A9C792} - System32\Tasks\Mozilla\Firefox Developer Edition Default Browser Agent CA9422711AE1A81C => C:\Program Files\Firefox Developer Edition\default-browser-agent.exe do-task "CA9422711AE1A81C"
Task: {C6CD4539-F5C3-4F88-89F9-05DB003DE0C3} - System32\Tasks\{E585DAC8-AAE3-4263-8069-0BE66C3A331A} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.10.60.104/de/abandoninstall?page=tsMain
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {CB1791BD-8267-4741-94CF-73017D8D206B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC401E20-4019-4380-A839-368636DADA0F} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39848 2017-05-18] (Garmin International, Inc. -> )
Task: {CCFDC7B8-9F26-4932-812E-D072F73FE2D4} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [538280 2012-09-06] (Sony Corporation -> Sony Corporation)
Task: {CECB1DE6-9E65-4316-86A1-04F12605CCBD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973744 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2D8BD2C-C861-4123-859B-86AA824D78D5} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2417032 2011-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4802B20-3500-4646-9B26-B7DE78AA6E85} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => C:\ProgramData\Sony Corporation\VAIO Care\UpdateContacts.exe taskschedule (Keine Datei)
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {E1FA661E-8A87-4B88-9905-E7B1D096C30D} - System32\Tasks\Sony Corporation\BP Checker\CheckBPStatusCreate => C:\Program Files\Sony\BP Checker\BPChecker.exe [47672 2016-11-29] (Sony Corporation -> Sony Corporation)
Task: {E716AB7F-7C13-4094-849E-2C53BC7C065E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {EBD4BF5D-7D44-44D8-9393-4C045FC9334E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-14] (Adobe Inc. -> Adobe)
Task: {ECE90E98-278A-4C1F-A303-FB61AF55640E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {F50AC884-8831-4F6A-BA1A-40C2C5365677} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [806048 2020-06-23] (Sony Corporation -> Sony Corporation)
Task: {F534473B-A230-4EDF-9649-47F1E797A8B6} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [806048 2020-06-23] (Sony Corporation -> Sony Corporation)
Task: {F60AF627-2A6A-4943-B6BA-5FE9DFE4ABA0} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [338544 2012-07-24] (CyberLink -> CyberLink Corp.)
Task: {F68CA106-ED3C-43FC-90BF-2BA23C597572} - System32\Tasks\Health-Check => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe -scan (Keine Datei)
Task: {F86EF1BB-D1FC-436B-9B90-ADF23176FFE2} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [3152360 2019-11-08] (Sony Corporation -> Sony Corporation)
Task: {FCBB56A4-4033-46F5-98E5-902AFAD70CBC} - \ARHFCC -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\ARHFCC.job => C:\Users\Juergen\AppData\Roaming\ARHFCC.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\ASVCI.job => C:\Users\Juergen\AppData\Roaming\ASVCI.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Health-Check-deep.job => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: C:\WINDOWS\Tasks\Health-Check.job => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ACHTUNG (Beschränkung - Zones)
ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52681;https=127.0.0.1:52681
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0B0BFC85-ECDD-409B-9816-EBB6CE22A8F0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BC7E6617-6535-4386-B384-196ABEF499F8}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Juergen\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-10]
Edge HomePage: Default -> hxxp://www.google.de/
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Juergen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-08-04]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: c4wzlwl1.default-1474292591643-1663776645935
FF ProfilePath: C:\Users\Juergen\AppData\Roaming\Mozilla\Firefox\Profiles\d46imrcb.dev-edition-default [2022-09-19]
FF Extension: (Avast SafePrice | Vergleich, Angebote, Gutscheine) - C:\Users\Juergen\AppData\Roaming\Mozilla\Firefox\Profiles\d46imrcb.dev-edition-default\Extensions\sp@avast.com.xpi [2021-04-27]
FF Extension: (Avast Online Security) - C:\Users\Juergen\AppData\Roaming\Mozilla\Firefox\Profiles\d46imrcb.dev-edition-default\Extensions\wrc@avast.com.xpi [2021-04-27]
FF ProfilePath: C:\Users\Juergen\AppData\Roaming\Mozilla\Firefox\Profiles\c4wzlwl1.default-1474292591643-1663776645935 [2022-10-10]
FF ProfilePath: C:\Users\Juergen\AppData\Roaming\kompozer.net\KompoZer\Profiles\3b6evnwb.default [2016-09-01]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-14] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corporation -> Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-06-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-09-08] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1111762605-3097862284-2369679256-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Juergen\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies SF -> Unity Technologies ApS)
StartMenuInternet: Firefox-CA9422711AE1A81C - C:\Program Files\Firefox Developer Edition\firefox.exe
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Juergen\AppData\Local\Google\Chrome\User Data\Default [2022-10-11]
CHR HomePage: Default -> hxxps://de.search.yahoo.com/?type=715483&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR DefaultSearchKeyword: Default -> google.de_
CHR Extension: (Avira Safe Shopping) - C:\Users\Juergen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2022-10-10]
CHR Extension: (Google-Suche) - C:\Users\Juergen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-27]
CHR Extension: (Avast SafePrice | Vergleich, Angebote, Gutscheine) - C:\Users\Juergen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-08-23]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Juergen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-09-05]
CHR Extension: (NetBeans Connector) - C:\Users\Juergen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hafdlehgocfcodbgjnpecfajgkeejnaa [2016-08-04]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Juergen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-10-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Juergen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-05]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\Juergen\AppData\Roaming\Opera Software\Opera Stable [2022-10-11]
OPR Notifications: Opera Stable -> hxxps://www.flirt4fuck.com; hxxps://www.manomano.de; hxxps://www.youtube.com; hxxps://www80.hattrick.org; hxxps://www83.hattrick.org; hxxps://www84.hattrick.org
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Juergen\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-07-24]
OPR Extension: (Opera Wallet) - C:\Users\Juergen\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-10-10]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Juergen\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-28]
OPR Extension: (Alitools Shopping Assistent) - C:\Users\Juergen\AppData\Roaming\Opera Software\Opera Stable\Extensions\nkekkheibgkgeepapinkalkongndfajn [2022-10-10]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S4 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-14] (Adobe Inc. -> Adobe)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-10-07] (Apple Inc. -> Apple Inc.)
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-11-28] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3054520 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
S4 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2018-08-04] (Creative Labs) [Datei ist nicht signiert]
S2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [Datei ist nicht signiert]
S4 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1093136 2017-05-18] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
R2 impi_smpd; C:\Program Files\PTC\Creo 3.0\M040\Common Files\x86e_win64\cma\Bin\IntelMPI\smpd-intel-4.0.3.009-x64.exe [1611168 2016-05-11] (Intel(R) Software Products -> Intel Corporation)
S3 InnovativeSolutions_monitor; C:\Program Files (x86)\Common Files\Innovative Solutions\Advanced Uninstaller\InnovativeSolutions_monitor_Svr.exe [1065560 2019-03-29] (Innovative Solutions Grup SRL -> )
S2 LibreViewMASMonitor; C:\Program Files (x86)\LibreView Device Drivers\LibreViewMASMonitor.exe [14848 2021-04-28] (Newyu) [Datei ist nicht signiert]
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-01-28] (Malwarebytes Inc -> Malwarebytes)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation -> Microsoft Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation -> Sony Corporation)
S2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation -> Sony Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation -> Microsoft Corporation)
S4 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [Datei ist nicht signiert]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-17] (Microsoft Corporation -> Microsoft Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1744872 2019-11-08] (Sony Corporation -> Sony Corporation)
S2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [366720 2020-05-29] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [Datei ist nicht signiert]
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3837440 2013-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 BTATH_VDP; C:\WINDOWS\system32\drivers\btath_vdp.sys [428488 2013-11-28] (Qualcomm Atheros -> Qualcomm Atheros)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink -> CyberLink)
R3 ksaud; C:\WINDOWS\system32\drivers\ksaud.sys [1561600 2016-08-23] (Creative Technology Ltd -> Creative Technology Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220568 2022-09-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-01-28] (Malwarebytes Inc -> Malwarebytes)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-10-08] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 phantomtap; C:\WINDOWS\system32\DRIVERS\phantomtap.sys [35664 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2021-10-18] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Datei ist nicht signiert]
S3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [226304 2022-03-10] (Microsoft Windows -> Microsoft Corporation)
S3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [262160 2019-08-11] (WDKTestCert charles-yeh,132058328970830801 -> Prolific Technology Inc.)
R3 SFEP; C:\WINDOWS\System32\drivers\SFEP.sys [14336 2012-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
R3 SOWS; C:\WINDOWS\System32\drivers\sows.sys [24280 2012-06-11] (WDKTestCert kaneda,129651282666891607 -> Sony Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]
S3 semav6thermal64ro; \??\C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [X]
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-10-11 11:31 - 2022-10-11 11:36 - 000039290 _____ C:\Users\Juergen\Downloads\FRST.txt
2022-10-11 11:29 - 2022-10-11 11:29 - 000014005 _____ C:\Users\Juergen\Desktop\AdwCleaner[C00].txt
2022-10-11 10:47 - 2022-10-11 11:27 - 000000000 ____D C:\AdwCleaner
2022-10-11 10:45 - 2022-10-11 10:45 - 008791352 _____ (Malwarebytes) C:\Users\Juergen\Downloads\adwcleaner.exe
2022-10-11 10:45 - 2022-10-11 10:45 - 008791352 _____ (Malwarebytes) C:\Users\Juergen\Desktop\adwcleaner.exe
2022-10-11 10:40 - 2022-10-11 10:40 - 000001400 _____ C:\Users\Juergen\Desktop\MBAM.txt
2022-10-11 07:05 - 2022-10-11 07:05 - 002631672 _____ (Malwarebytes) C:\Users\Juergen\Desktop\MBSetup.exe
2022-10-10 18:36 - 2022-10-10 18:46 - 000268931 _____ C:\Users\Juergen\Downloads\Addition_20221010.txt
2022-10-10 18:25 - 2022-10-10 18:46 - 000053782 _____ C:\Users\Juergen\Downloads\FRST_20221010.txt
2022-10-10 18:04 - 2022-10-10 18:04 - 002372096 _____ (Farbar) C:\Users\Juergen\Downloads\FRST64.exe
2022-10-05 15:34 - 2022-10-05 15:36 - 000312328 _____ C:\WINDOWS\ntbtlog.txt
2022-10-04 19:23 - 2022-10-10 08:05 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2022-10-04 18:59 - 2022-10-04 18:59 - 005960536 _____ (Avira Operations GmbH & Co. KG) C:\Users\Juergen\Downloads\avira_de_sptl1_728604575-1664902718__phpws-spotlight-release.exe
2022-09-28 14:49 - 2022-09-28 14:49 - 000767773 _____ C:\Users\Juergen\Downloads\Audi_Q5__SUV_2008_5d_GD_DE.pdf
2022-09-20 17:32 - 2022-09-20 17:32 - 000000000 ____D C:\Meine Webseiten
2022-09-20 17:28 - 2022-09-20 17:28 - 000000848 _____ C:\Users\Juergen\Desktop\HTTrack Website Copier.lnk
2022-09-20 17:28 - 2022-09-20 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2022-09-20 17:27 - 2022-09-20 17:28 - 000000000 ____D C:\Program Files\WinHTTrack
2022-09-20 16:42 - 2022-09-20 16:42 - 000220568 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-09-19 16:00 - 2022-10-02 20:08 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-09-18 16:28 - 2022-09-18 16:29 - 052013226 _____ C:\Users\Juergen\Downloads\JavaScript DOM Crash Course - Part 3.mp4
2022-09-18 16:28 - 2022-09-18 16:29 - 039223091 _____ C:\Users\Juergen\Downloads\JavaScript DOM Crash Course - Part 4 [Final Project].mp4
2022-09-18 16:28 - 2022-09-18 16:29 - 032721867 _____ C:\Users\Juergen\Downloads\JavaScript DOM Crash Course - Part 2.mp4
2022-09-18 16:27 - 2022-09-18 16:27 - 071259187 _____ C:\Users\Juergen\Downloads\JavaScript DOM Crash Course - Part 1.mp4
2022-09-16 15:20 - 2022-09-16 15:20 - 000000000 ____D C:\Users\Juergen\Downloads\Spanisch
2022-09-12 14:49 - 2022-09-12 14:49 - 000000000 ____D C:\Users\Juergen\AppData\Roaming\com.adobe.dunamis
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-10-11 11:34 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2022-10-11 11:33 - 2014-09-19 20:42 - 000000000 ____D C:\FRST
2022-10-11 11:27 - 2016-10-16 07:53 - 000000000 ____D C:\Users\Juergen\AppData\Local\Downloaded Installations
2022-10-11 07:23 - 2021-01-02 22:13 - 000000000 ____D C:\Users\Juergen\AppData\LocalLow\IGDump
2022-10-11 07:14 - 2020-03-17 21:20 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-11 07:14 - 2014-09-18 22:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-11 07:05 - 2014-09-18 18:14 - 000000000 __RDO C:\Users\Juergen\OneDrive
2022-10-11 07:01 - 2013-10-03 16:14 - 000000000 ____D C:\Users\Juergen\Documents\Bluetooth Folder
2022-10-10 20:49 - 2013-10-07 08:17 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-10 20:44 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-10 20:43 - 2013-08-22 15:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2022-10-10 18:42 - 2013-10-03 16:28 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1111762605-3097862284-2369679256-1001
2022-10-10 12:57 - 2020-08-25 18:46 - 000002241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-10 12:57 - 2020-08-25 18:46 - 000002200 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-10 12:55 - 2022-08-26 13:35 - 000004102 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1550940934
2022-10-10 12:55 - 2021-07-30 18:41 - 000001389 _____ C:\Users\Juergen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2022-10-10 10:27 - 2014-09-17 23:14 - 000000000 ____D C:\Users\Juergen
2022-10-10 08:05 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Windows Defender
2022-10-10 08:04 - 2020-04-20 22:44 - 000000000 ____D C:\Users\Public\Security Sessions
2022-10-10 08:04 - 2020-04-20 22:27 - 000000000 ____D C:\Program Files (x86)\Avira
2022-10-10 08:04 - 2019-09-13 17:16 - 000000000 ____D C:\Users\Juergen\AppData\Roaming\vlc
2022-10-10 08:04 - 2014-11-09 15:33 - 000000000 ____D C:\Users\Juergen\AppData\Roaming\GHISLER
2022-10-10 08:01 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-10 07:53 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\registration
2022-10-10 07:52 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-10-10 07:52 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\servicing
2022-10-10 07:50 - 2013-11-16 12:59 - 000000000 ____D C:\W_O_E_R_N_E_R
2022-10-10 07:49 - 2014-09-18 18:15 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-10 07:48 - 2021-12-27 19:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-10-10 07:48 - 2018-12-16 17:21 - 000000000 ____D C:\Program Files (x86)\Steam
2022-10-10 07:33 - 2020-04-20 22:27 - 000000000 ____D C:\ProgramData\Avira
2022-10-09 16:25 - 2012-07-26 10:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-05 19:42 - 2014-03-18 12:03 - 002066404 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-05 19:42 - 2014-03-18 11:25 - 000867434 _____ C:\WINDOWS\system32\perfh007.dat
2022-10-05 19:42 - 2014-03-18 11:25 - 000199442 _____ C:\WINDOWS\system32\perfc007.dat
2022-10-05 16:12 - 2022-02-03 14:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-10-05 16:12 - 2016-07-27 15:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-10-05 16:12 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-10-05 16:12 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\setup
2022-10-04 19:47 - 2020-04-26 17:38 - 000000000 ____D C:\Users\Juergen\.p2
2022-10-04 18:04 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-10-03 18:49 - 2014-06-08 17:24 - 000000000 ____D C:\Temp
2022-10-03 17:59 - 2016-07-31 20:30 - 000000000 ____D C:\Users\Juergen\AppData\Roaming\Code
2022-10-03 14:24 - 2013-08-22 16:44 - 000570024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-02 20:06 - 2016-11-20 19:49 - 000000000 ____D C:\Users\Juergen\AppData\LocalLow\Mozilla
2022-10-02 20:06 - 2016-07-27 15:03 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-10-01 18:02 - 2022-01-18 15:24 - 000004476 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-09-30 18:30 - 2013-10-27 12:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-30 18:13 - 2013-10-27 12:26 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-26 14:53 - 2022-07-24 15:55 - 000000000 ____D C:\Program Files\Microsoft VS Code
2022-09-26 14:52 - 2022-07-24 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2022-09-25 12:59 - 2021-04-27 20:16 - 000000000 ____D C:\Program Files\Firefox Developer Edition
2022-09-21 18:10 - 2018-01-10 11:31 - 000000000 ____D C:\Users\Juergen\Desktop\Alte Firefox-Daten
2022-09-21 15:06 - 2018-08-13 23:02 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2022-09-21 15:06 - 2014-08-16 21:24 - 000000000 ____D C:\Users\Juergen\AppData\Roaming\Notepad++
2022-09-21 14:42 - 2019-04-22 20:46 - 000000000 ____D C:\Users\Juergen\AppData\Roaming\Sky Ticket
2022-09-20 16:47 - 2021-05-05 13:31 - 000000000 ____D C:\Users\Juergen\AppData\Local\atom
2022-09-20 16:46 - 2018-06-07 20:35 - 000000000 ____D C:\Users\Juergen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2022-09-20 16:29 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-20 15:44 - 2014-06-23 21:24 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-09-19 15:59 - 2018-05-05 22:56 - 000001018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk
2022-09-14 20:26 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-09-14 17:17 - 2014-10-12 21:40 - 000000000 ___SD C:\Users\Juergen\Documents\Meine Websites
2022-09-14 17:03 - 2013-10-03 17:54 - 000000000 ____D C:\Users\Juergen\AppData\Local\CrashDumps
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2014-09-01 10:18 - 2014-09-01 10:18 - 000002086 _____ () C:\Users\Juergen\AppData\Roaming\ARHFCC
2014-09-01 10:18 - 2014-09-01 10:18 - 000001248 _____ () C:\Users\Juergen\AppData\Roaming\ASVCI
2014-12-31 16:01 - 2014-12-31 16:22 - 000000088 _____ () C:\Users\Juergen\AppData\Roaming\Camdata.ini
2014-12-31 16:01 - 2014-12-31 16:22 - 000000408 _____ () C:\Users\Juergen\AppData\Roaming\CamLayout.ini
2014-12-31 16:01 - 2014-12-31 16:22 - 000000408 _____ () C:\Users\Juergen\AppData\Roaming\CamShapes.ini
2014-12-31 16:01 - 2014-12-31 16:22 - 000004557 _____ () C:\Users\Juergen\AppData\Roaming\CamStudio.cfg
2014-12-31 16:19 - 2014-12-31 16:19 - 000000098 _____ () C:\Users\Juergen\AppData\Roaming\CamStudio.Producer.command
2014-12-31 16:04 - 2014-12-31 16:19 - 000000000 _____ () C:\Users\Juergen\AppData\Roaming\CamStudio.Producer.Data.ini
2014-12-31 16:04 - 2014-12-31 16:19 - 000001205 _____ () C:\Users\Juergen\AppData\Roaming\CamStudio.Producer.ini
2019-02-07 18:47 - 2022-08-17 17:52 - 000004195 _____ () C:\Users\Juergen\AppData\Roaming\LTspiceXVII.ini
2014-12-31 15:58 - 2014-12-31 16:08 - 000000096 _____ () C:\Users\Juergen\AppData\Roaming\version2.xml
2014-12-06 15:50 - 2014-12-06 15:50 - 000004608 _____ () C:\Users\Juergen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-12-30 19:32 - 2019-12-30 19:32 - 000000410 _____ () C:\Users\Juergen\AppData\Local\oobelibMkey.log
2019-01-27 23:05 - 2020-01-23 23:47 - 000000128 _____ () C:\Users\Juergen\AppData\Local\PUTTY.RND
2020-02-28 21:18 - 2020-02-28 21:18 - 000000890 _____ () C:\Users\Juergen\AppData\Local\recently-used.xbel
2021-01-02 18:42 - 2021-01-02 18:42 - 000000017 _____ () C:\Users\Juergen\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
LastRegBack: 2016-08-30 12:17
==================== Ende von FRST.txt ========================
|
|
| Themen zu Windows 8.1 Probleme nach Windows Update Log-Files zu groß - Teil 1 |
| avg, avira, bonjour, defender, error, firefox, flash player, google, help, home, homepage, internet, mozilla, netzwerk, prozesse, registry, rundll, scan, services.exe, software, svchost.exe, taskmanager, updates, windows, wlan |
Hybrid-Darstellung
