| aachenengine | 19.06.2017 09:29 |
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-06-2017 01
durchgeführt von Sebastian (19-06-2017 10:21:55)
Gestartet von C:\Users\Sebastian\Documents\virus suche
Windows 10 Home Version 1607 (X64) (2016-09-27 21:04:03)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2057272010-1014490834-1823264472-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2057272010-1014490834-1823264472-503 - Limited - Disabled)
Gast (S-1-5-21-2057272010-1014490834-1823264472-501 - Limited - Disabled)
Sebastian (S-1-5-21-2057272010-1014490834-1823264472-1001 - Administrator - Enabled) => C:\Users\Sebastian
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2004 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
ACP Application (Version: 2016.0718.1650.38 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (32 Bit) (HKLM-x32\...\{2614BC86-757D-4293-9E25-E4E16F370A9E}) (Version: 16.0 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version: - )
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 06.20.06 - AVM Berlin)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BlueStacks App Player (HKLM-x32\...\{4FEE9A2C-AF32-44CF-902D-9D686E17BF4F}) (Version: 1.1.9.167 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{097E183F-FE88-41B8-ABE0-C730DD4AE48F}) (Version: 2.22.0 - Kovid Goyal)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.4.03034 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.4.03034 - Cisco Systems, Inc.) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CrystalDiskInfo 7.0.3 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.3 - Crystal Dew World)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3716.57 - CyberLink Corp.)
Dr. Hardware 2014 14.5d (HKLM-x32\...\Dr. Hardware 2014_is1) (Version: - Peter A. Gebhard)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Eusing Free Registry Cleaner (HKLM-x32\...\Eusing Free Registry Cleaner) (Version: - Eusing Software)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Host App Service (HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\...\SweetLabs_AP) (Version: 0.269.8.126 - Pokki)
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.8102 - Acer Incorporated)
HP Dropbox Plugin (HKLM-x32\...\{45B18FC7-3ECE-4F2B-99A8-370886AB8238}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP ENVY 4520 series - Grundlegende Software für das Gerät (HKLM\...\{AC99F717-0091-4818-920D-C778C9BACA9D}) (Version: 36.0.72.54013 - Hewlett-Packard Co.)
HP ENVY 4520 series Hilfe (HKLM-x32\...\{AC3A5663-59A5-4421-9A4C-7309A4FEC06D}) (Version: 36.0.0 - Hewlett Packard)
HP Google Drive Plugin (HKLM-x32\...\{1502BB1F-7870-4DC9-9178-65CFE00D070C}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
LibreOffice 4.3.3.2 (HKLM-x32\...\{87C753BB-81E3-403B-BD87-6293F870B20B}) (Version: 4.3.3.2 - The Document Foundation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
Mozilla Thunderbird 45.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.5.0 (x86 de)) (Version: 45.5.0 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
OEM Application Profile (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.1 - pdfforge)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\...\SweetLabs_Start_Menu) (Version: 0.269.8.126 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.3.34 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7135 - Realtek Semiconductor Corp.)
Screenshot Captor 4.16.1 (HKLM-x32\...\ScreenshotCaptor_is1) (Version: - )
Security Task Manager 2.0d (HKLM-x32\...\Security Task Manager) (Version: 2.0d - Neuber Software)
Siemens NX 10.0 (HKLM\...\{11B4AD15-AE98-4618-B90A-562EC6875DC3}) (Version: 10.0.0.24 - Siemens)
Siemens NX 11.0 (HKLM\...\{DB388CC5-C37F-4131-A86E-B2BDC55BDDD4}) (Version: 11.0.0.33 - Ihr Firmenname)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.103 - Skype Technologies S.A.)
SoundCloud (HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\...\Pokki_6f939df69d6785524f49659b9500d1f87280d9ff) (Version: 1.0.0.42583 - Pokki)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Trojan Remover 6.9.4 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.4 - Simply Super Software)
TrojanHunter 6.2 (HKLM-x32\...\TrojanHunter_is1) (Version: 6.2 - Bytelayer AB)
UE BOOM Update-Assistent (HKLM-x32\...\{AABC2E40-7BF0-4E24-BB20-DED8905BDFBB}) (Version: 1.4.52 - Logitech, Inc.)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {016E7F3F-AB92-4404-B4AE-2987B12269C5} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-30] (Acer Incorporated)
Task: {0555096D-4556-417D-BA1A-E9D6DCA43FDF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {068AFA90-F273-4258-960A-19C8C0C010D6} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-01] ()
Task: {0D915448-CA2B-4ADA-8975-2687F0F48272} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {0F6BB098-85EF-4AF4-91CA-80BE6B4A1B88} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {16A7DEF6-3D5D-41DD-9B12-D7133A3C0E1F} - System32\Tasks\{40B99B12-B6CB-4046-8EF1-F8D37C80FF60} => pcalua.exe -a "C:\Users\Sebastian\Documents\.pages datei lese programm\dotnetfx3setup.exe" -d "C:\Users\Sebastian\Documents\.pages datei lese programm"
Task: {18B3F9DA-3867-460D-B124-444B387C6B93} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2016-08-15] ()
Task: {19F4C05E-191F-46DF-95FD-F6B46C64BFA1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-01] (Microsoft Corporation)
Task: {24D8FE65-25F3-4C4B-9CD6-2617AC4F970F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-04] (Adobe Systems Incorporated)
Task: {298DD21B-4281-4A12-8817-80FC42155928} - System32\Tasks\{288BAA74-EDDC-48C0-9896-646DEA5EBA54} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.0.109/de/abandoninstall?page=tsProgressBar
Task: {326F5690-072B-4C6C-9F84-4BD5BBD9577E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3791F4B7-A336-4889-A359-492F8A9E72C8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {3D497170-5FCD-425C-AD58-8A9164B9B474} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {415882EF-0125-4515-967E-88BA44E14996} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {44FA5F4B-060B-4166-BD16-B337A9A1EAB8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-01] ()
Task: {46E174A8-5773-4371-9316-2BF5AB30D672} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {4C676A4C-828F-44D7-9991-9B8A7E6666F3} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {5A7175C0-E3A9-4ABA-8BC3-08BC5CF7AD4D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {5ECC4966-0FEA-478A-89B1-4F214B8F8AB5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5EE64902-E83D-40F7-9C6B-F942D3F6BF71} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-18] (Acer Incorporated)
Task: {63F8634C-5CB8-415E-A9C6-725E33CD818C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-06-01] (Microsoft Corporation)
Task: {6B70BB5A-534B-4441-9493-B473038F3DFB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6BED3D1A-FD32-44A3-A2FE-C66488C963D3} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {7E223B0E-2320-4A09-875B-1AC3AEA7FCEE} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {7F3608DF-63AD-4142-93AD-1440D1301A58} - System32\Tasks\SweetLabs App Platform => C:\Users\Sebastian\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2017-05-18] (Pokki)
Task: {AAC9A766-A6CF-4F53-8436-52B255AB089E} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2013-12-30] (Acer Incorporated)
Task: {AB27AD69-94C8-47C0-AD7E-FA6E078929EC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {B005D5C2-6F94-4A02-8DA0-9B855C1F3044} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {B8922A06-4C88-461D-A420-D6C92E54DFDF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {B8DEC5A0-74A5-47D3-A17F-73E32540FB77} - System32\Tasks\ALU_SelfUpgrade => C:\ProgramData\Acer\updater2\Download\52971982\D\UpgradeDownload.exe [2017-06-11] ()
Task: {B9444A48-00C1-4DEB-867B-7AB7A7E1DB54} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {BE244946-6F30-4927-AA02-D861E2B15CAB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {BF1BF19F-DA1D-4933-A8CF-BF48A16099B1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {DB72F27A-F71A-41FA-B893-8B3B6C9E1610} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {DC85F4A4-13C4-4041-8612-E7EF5889E590} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-24] (TODO: <Company name>)
Task: {DE141CED-1D94-4D65-804B-E4ED8CC9846D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-06-01] (Microsoft Corporation)
Task: {DE90393B-8F83-4975-B0A4-2C97B71745E6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {E12E33F1-A19B-499B-BFB2-791120587D3F} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {F5B7FF69-C35F-4CED-A96F-AA5712DD0457} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {FA10D1AC-6942-4AD0-9116-4384849977D4} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-09-09] (Acer)
Task: {FAC208FA-F038-4E9C-826F-F3B00207719C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {FB5C8AF6-516E-4B09-B73B-0C1870F0A40B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-19 20:16 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-12-19 15:51 - 2014-12-19 20:58 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-09-27 23:15 - 2016-09-27 23:15 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-21 10:44 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-21 10:45 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-21 10:45 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-21 10:45 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-19 20:16 - 2017-03-28 07:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-19 20:16 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-19 20:16 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-08-15 15:24 - 2016-08-15 15:24 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2017-06-11 22:39 - 2017-06-11 22:40 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-11 22:39 - 2017-06-11 22:40 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-11 22:39 - 2017-06-11 22:40 - 43318784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-11 22:39 - 2017-06-11 22:40 - 02427904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\skypert.dll
2017-05-16 16:37 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-16 16:37 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2017-05-17 14:16 - 2017-05-17 14:16 - 00073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-06-19 09:45 - 2017-06-19 09:45 - 00098816 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\win32api.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00110080 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\pywintypes27.dll
2017-06-19 09:45 - 2017-06-19 09:45 - 00364544 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\pythoncom27.dll
2017-06-19 09:45 - 2017-06-19 09:45 - 00320512 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\win32com.shell.shell.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00914432 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\_hashlib.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 01176576 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\wx._core_.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00806400 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\wx._gdi_.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00816128 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\wx._windows_.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 01067008 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\wx._controls_.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00733184 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\wx._misc_.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00682496 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\pysqlite2._sqlite.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00088064 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\_ctypes.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00686080 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\unicodedata.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00119808 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\win32file.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00108544 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\win32security.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00007168 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\hashobjs_ext.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00017920 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\thumbnails_ext.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00088064 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\usb_ext.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00012800 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\common.time34.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00018432 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\win32event.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00167936 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\win32gui.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00046080 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\_socket.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 01303552 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\_ssl.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00128512 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\_elementtree.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00127488 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\pyexpat.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00038912 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\win32inet.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00036864 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\_psutil_windows.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00524248 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\windows._lib_cacheinvalidation.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00011264 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\win32crypt.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00123392 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\wx._wizard.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00077312 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\wx._html2.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00027648 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\_multiprocessing.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00020480 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\_yappi.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00035840 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\win32process.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00078848 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\wx._animate.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00024064 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\win32pipe.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00010240 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\select.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00025600 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\win32pdh.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00017408 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\win32profile.pyd
2017-06-19 09:45 - 2017-06-19 09:45 - 00022528 ____R () C:\Users\Sebastian\AppData\Local\Temp\_MEI46042\win32ts.pyd
2016-11-16 01:02 - 2016-11-16 01:02 - 00569856 _____ () C:\Users\Sebastian\AppData\Local\SweetLabs App Platform\Engine\ppGoogleNaClPluginChrome.dll
2016-11-16 01:02 - 2016-11-16 01:02 - 01400846 _____ () C:\Users\Sebastian\AppData\Local\SweetLabs App Platform\Engine\avcodec-54.dll
2016-11-16 01:02 - 2016-11-16 01:02 - 00151054 _____ () C:\Users\Sebastian\AppData\Local\SweetLabs App Platform\Engine\avutil-51.dll
2016-11-16 01:02 - 2016-11-16 01:02 - 00222734 _____ () C:\Users\Sebastian\AppData\Local\SweetLabs App Platform\Engine\avformat-54.dll
2016-08-15 18:03 - 2016-08-15 18:03 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-08-15 18:05 - 2016-08-15 18:05 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-08-15 18:05 - 2016-08-15 18:05 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-08-15 18:04 - 2016-08-15 18:04 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-09-27 22:33 - 2016-09-27 22:33 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-08-30 15:09 - 2016-08-30 15:09 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-08-30 15:05 - 2016-08-30 15:05 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-09-09 10:51 - 2016-09-09 10:51 - 00202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-09-09 10:51 - 2016-09-09 10:51 - 00119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2015-03-17 10:21 - 2017-06-13 19:04 - 67117168 _____ () C:\Users\Sebastian\AppData\Roaming\Spotify\libcef.dll
2016-10-26 08:45 - 2017-06-13 19:04 - 00120944 _____ () C:\Users\Sebastian\AppData\Roaming\Spotify\SpotifyWinRT.dll
2015-03-17 10:21 - 2017-06-13 19:04 - 02253424 _____ () C:\Users\Sebastian\AppData\Roaming\Spotify\libglesv2.dll
2015-03-17 10:21 - 2017-06-13 19:04 - 00086640 _____ () C:\Users\Sebastian\AppData\Roaming\Spotify\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2017-05-02 19:16 - 00000853 ____H C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "AVMWlanClient"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "TrojanScanner"
HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26"
HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\...\StartupApproved\Run: => "HP ENVY 4520 series (NET)"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{0F822EE2-6509-4240-BDB3-DACF953FA28C}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{D0A24634-B5E0-46DA-BD3A-47ED1AC5B534}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{C4397C91-884B-466F-A56C-52FCD769732C}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{B99D8568-4F43-4FB1-A483-6D568933B77E}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{62EB57F4-B226-4AA5-945F-36127F5D37E7}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{B94CB17C-B5AD-4015-97E7-D3FA587E7C1C}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{0798B10D-6017-4DBB-BE67-3DC4ACB2AD9B}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{3C9E1515-3F01-480B-A25F-D4DA28AD0127}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{51ED801E-7356-44A0-9AA1-3A8AE6D38A98}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{57E2CFDF-5EE0-42D6-8BBE-D6FAFBE3BAE5}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{B44C8F9C-0BE5-47DC-B487-6DD6496B9962}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{FC53AE94-FBB4-4E14-98C4-C869E43D9BFD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{C64C1B9C-5B79-4CD0-BB8C-4A97D738EE09}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{C77E9524-FE9D-4AED-82F7-41AF66095F3C}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{55A30E09-452E-44D4-AF0C-AC74DAC95300}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{C4634545-A7D5-4F3F-A54C-682BC72D80E3}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{D9603153-1663-4DD8-92C9-0E4C97016B78}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{3E77BB59-C02B-4EBF-82E1-3073B923EA53}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{2AAEA74B-8408-467B-8E10-8B763760BF48}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{F9C8A7DE-06D4-4BA9-ADA3-0A44552076D7}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{393516F8-F50F-43B7-B35D-37C3DC5BF58F}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{1483A516-A589-4612-8DA0-DA8DF0315B2D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{8B4CED08-F42A-4E18-A9AE-555354370A77}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{6F2FB7D2-EAA8-4E4C-895E-98B86D9C9E23}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{60C7B9DE-492B-4DB6-8C80-AE5E8EFFB24D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{8141F1A9-A9D2-40DC-89C1-CC3A028C5E49}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{03A21377-1C02-491C-997C-1C8D0B60C5AC}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{E96E4471-F1A3-4519-8A38-88871EDD87C7}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{ACEC3E84-2B91-400E-A3D3-468194F0E2F7}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{13D1852D-E5EB-458F-874E-710A2F3CFF1C}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{A8733DF5-6180-4C65-9B0A-FF092FDE001F}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{C820ACF4-07EC-40DF-9209-947E94B8222B}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{CF5BC0A8-F1E7-48F5-80BB-4CB0E2A50A9C}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{215B3AF6-62FA-497E-9529-08B58C0E798B}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{70FDDD74-AC00-4A0E-AD38-1133AA06D361}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{4CA57ABF-1855-40DF-85FE-F9A8FBC6475E}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{C8E77D9F-92F6-482D-953A-CCE3774EA04B}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{7952E416-E3A3-4C07-84D4-FA28A318249E}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{7E44EADD-F294-4E53-B78C-046372B42E50}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{D9C0EF3C-572D-4207-9281-8F9782A2B588}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{2E1E6AFB-299E-4B68-AF97-991BF777A4F2}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{683ABEA0-AD4E-4F01-90FD-172FC66A4258}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{B335772B-BC09-41A1-AC66-AFD8A3D8425E}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{E085A89A-01F5-4A96-8F88-6718A479B08F}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{1CE518CB-07D6-45A3-8931-973160B290C0}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{8E1B91E6-F6D4-45CF-A03E-2CECD1C50620}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{6E08B559-F8C2-401C-BD9C-F5BC5AF3BFD8}C:\users\sebastian\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{230F2F9D-C4A3-4B85-AC34-95CA526F90C0}C:\users\sebastian\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0C397A57-C9FC-4E3F-A7D8-E31C9876DF0E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{C349B92E-8B97-4E1E-B2C3-BD26358ACB10}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{116D9DA2-21E9-4446-8D20-14AE0F824683}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{2E7E3B78-4E86-4459-A9F1-6C97E6C6ABBE}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{0A97DA94-3894-4BB3-A7A4-4001CE5EE91A}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{03BEA154-2A80-4845-A2F1-AF7F4744D350}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{B912F011-4C1D-4E0D-BB56-69B0BC2FFEBE}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{2F461731-8E03-4A22-BCCD-70C4518C4F61}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{82C44E8E-9619-4B6D-818E-F3AD875C0026}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{34E3324D-2725-4A80-94B6-A37DAC7AC4AE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{92DDBAE6-F473-4EF2-9258-67815FE1B166}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E7B61713-29CE-420D-8AC4-7AC7D5150965}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{5CC1ABDD-421A-4E16-AC5D-D298D3D12ACB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F2E6AFB1-303B-406E-B79E-6BFBA46CB3D3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5E367375-43D1-42AD-AC56-27698EE5F9B5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0FE6C493-EDD2-4BF5-BFDD-0C6575E60DBA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9B0B2E55-9013-4FBD-96E9-E3B8E8500430}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{86474E0B-FA54-4144-9CC6-6DD706D1476C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D630574C-F959-4C2F-8DA3-55185DC867EE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D1F44E03-3BBF-4BFD-88C0-9EBE66030717}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{910C8BE3-8619-468E-98D5-94F406AB08FC}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{DE999721-6C2A-46AF-AE1B-A2D5D8AE8A91}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{EAB13824-8E54-4529-8096-8CEF2FCE083D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{D5EC4056-CFF8-4086-B872-BBF99989D86D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{12ADA550-0FD3-4A5E-89FF-36464E8B4183}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{10156B76-3554-4F42-A903-2B5B3F5F0BE0}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{9835584B-2DC6-428B-9C96-3EDC5ADAB84F}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{CAF33C13-EB93-468E-B7E5-8F8D32B007B4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{69F6F48F-4931-447D-99F0-CBDDF074AA64}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{3B0BBE2A-22D4-4B3E-903A-56805FC65A42}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{855D0AA5-1FD7-4C41-8052-FAC5B59F175C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{64101CDF-A8CC-41AE-9C33-E33C4EACBFCC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FA16281B-5026-45BF-886D-8D37CD708311}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{6874685B-9CDB-42B4-BFF2-F1A92D40201D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A1A19E88-4790-4BAB-906B-AFB30BA9E85B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E7A91667-2322-47A1-A41E-B3401CB4FE0B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{64A0F83A-121E-46EE-8DB9-56FDE9B80655}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{BD703DF6-81EA-414E-95C4-40DD2EB82141}C:\users\sebastian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{48D1EF02-1E7A-4B89-A868-4A1AFD918559}C:\users\sebastian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A9523BE6-0AC1-48EB-9680-851BB2757515}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{70DE3CFF-3BEE-41A0-AA75-377CFF1771F0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{252BA25D-1B6E-4A84-B617-B4C5E0E8CB4E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4FD0D849-A14D-4FC7-81F4-45EF11145359}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FCB549DC-3CFF-4EC4-A443-48B7488F14C6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{22841B88-05AB-4F58-AC15-07E73A7A9F93}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{1C367AB1-D285-4941-ACED-DF7BA17E3483}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{8FB89579-EBAB-4E09-9D73-4B59A1CAEF87}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{7997476C-2AD3-496B-BF2B-73A299589ADE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F983573C-8832-4A1A-87C3-7DFE7B4956CE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{EE47FDCE-ACED-4A5F-AD09-67C2CB521F39}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1206A021-B262-445C-B1E7-D103BA460C8F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F0FCF989-968F-456C-8F73-AAFEC0A5A4EB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C8FA5E58-F4EA-4401-B7C0-4ED3AFFA56E4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{6E0A15E9-1430-4264-ABFB-F1D6AFB597FC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{153896DE-727A-43A3-AA32-6D0D85FCBE38}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{9555F69F-8AAA-4E2B-A58F-B73D19777E1D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{4841DDD3-A280-4AAE-B454-02C54C487205}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{E77A6B49-8530-48F0-8D58-F387D3EB818F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{52819F75-1D37-4C4E-B91B-FA769175ADBC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{A9612E12-AC4B-4850-AFA6-E87BEC85F7B7}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{82E2518A-D8C0-4AF8-846D-7E2BB01C7C2C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A3C1ACA6-EC8A-4272-874B-870CCCC41CDA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BD45FC19-3F91-42B4-9594-54E73CA40F4F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BCB86506-8B39-4B4A-BD8D-DE40C5561091}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E3396174-82A0-4915-A075-50B28A1D6F8E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{47819D0B-AF9E-4DBA-8301-EAFE1C01633A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7FA5DB70-95E7-4235-917E-9D9A97B2B9A7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C4D6A96B-E06F-409B-9411-F61EAECF1F34}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DC2F2915-6C7F-4350-BEE8-FA020985E104}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{704CF713-0BC1-4B1B-8DEB-14EEF29B095E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{41266DDE-8B70-474A-8DD2-5C3B14CE6B80}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BC2FB431-2B75-4CD0-9A28-65ABAFCC3891}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EDB3E7E3-A97D-45E1-AACD-3D046339990F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DBF354B7-B1D9-415D-9802-7424F1694ED6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A94B26FC-0D1C-4A80-97EA-27A4BF842F4A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B2297DA5-7197-4A3A-9171-0C9B9C74A8D2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{56D594EB-677D-4CB7-9069-DC93EA39CCF0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B568BC36-5796-4343-AD56-6C174FE3EF8D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{32C99015-C48D-4E9F-B990-0101420E8ECD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{72158D72-9DD1-44BF-B9C0-3E68913D2EA6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8F848E11-CA29-445F-993C-5E603DAA748B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{789FD443-CCCD-4B1A-8503-9974E6376B93}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{5A877560-3E59-4774-8A98-26749E71F1D1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E7C3FFD0-B6BA-40BC-A04A-8315243228C4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B8454336-142B-47AF-8059-EBFE901563F8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{16702314-EB44-437F-9CFE-472A7D560546}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C84C29A9-744A-4556-BE39-46A6AE06D45E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{69DDF0C0-FF4F-4A20-8485-2ABB273B5FC0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C7C248AB-2957-4101-A281-0726B7E48EE1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7FDDAC99-503F-44B3-AAC3-6A84ADAFDE33}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{EB5A6912-E1CC-4B2A-AE67-4D735185CE80}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4E48024F-88A3-485B-8179-91872525485A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C6B80748-49D7-4525-BFE3-E3E0F800B377}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{231B64D3-6DD9-42A6-AA8F-DFE13FA9B269}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9B28758D-9523-4673-9D85-1233F94D7461}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0ED4E3C4-391A-4E76-BB10-26ACF86B4D97}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{49761574-52B3-4350-88B9-E4807A62ED37}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{017C3472-EDBE-421B-9EEA-C248DFA6424B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E0A89022-4D9B-4379-B757-ABA5A1EFD9ED}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{652B5F48-8FF6-4A57-8E77-A9B198D04AD1}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Photoshop CC 2015 (32 Bit)\Photoshop.exe
FirewallRules: [{4931D67F-BC56-41D1-8EEF-82D86404D4EC}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{89B57165-0655-44D7-806C-DF70FF31FAED}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{B0EA4191-0D42-4208-A0C6-9A96367F134C}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{BE3C7C85-CFAB-4A68-A26D-C6AD2287C356}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{3FDC343A-9F06-429E-A0ED-F51E156D8594}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{E9493BE1-B20B-4FC6-9F4E-BB99DC0CB2DF}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{608D30F7-C52B-4851-8AA6-9EDA4C8A7B46}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{D5A77614-04C9-4E4F-90D9-8B3A4F65DFB1}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{58CC992F-32FE-4BFC-9259-9FB9D5E0E243}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{8AC3685D-9860-4161-B267-617B78B8AEB1}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{C62B177F-1FA8-4925-96D4-C354EFF3085A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{6A7506CA-65EF-4A32-9F44-12D9B53C036B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{C329CCC4-96DA-46A3-B3F2-E6F2EF9E37B8}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{ACAF0075-BE69-4581-98B1-D2CBFA6861EC}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{A29F5B78-7848-4D98-837E-8745AC9C6661}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{72B3DE95-C2F9-4C7F-AB75-317EE7B8906C}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{1E52A224-D3E1-4043-AE2D-9223BA906359}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{BA142729-A1AC-47F5-A7C1-738BF8E8A1AD}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{CFC9F198-4E4C-467B-BABA-CFCCA7947866}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{E04E226A-62F1-4584-B5F8-86D1206E68DA}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{C059D277-2D4F-4D9D-9E90-49B594A68A3E}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{8AB5F4BA-78BC-45BB-A520-FCEA1EF3B7AB}] => (Allow) C:\Users\Sebastian\AppData\Local\Temp\7zS724C\HP.EasyStart.exe
FirewallRules: [{171B27EE-27E4-4986-890B-58992FDF06C5}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\DeviceSetup.exe
FirewallRules: [{3BB907D0-3F4F-48E5-90B4-751CEB65AC25}] => (Allow) LPort=5357
FirewallRules: [{3591C187-E5E4-4468-8829-5F8716B02DE8}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{73694AFC-C755-4B93-8863-AF0035D3FCA0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{E890CABD-B6DC-4BD2-944E-737D640544DA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{1CB44433-1DA4-4D40-B429-793E86539BDD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{77F31591-A1BC-48ED-9CF9-A599B597EFCD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{F195F250-0352-4286-BCDE-3E81C49221AB}C:\program files\siemens\nx 11.0\nxbin\ugraf.exe] => (Allow) C:\program files\siemens\nx 11.0\nxbin\ugraf.exe
FirewallRules: [UDP Query User{3413C94F-8687-4702-A468-35CEC343F4ED}C:\program files\siemens\nx 11.0\nxbin\ugraf.exe] => (Allow) C:\program files\siemens\nx 11.0\nxbin\ugraf.exe
FirewallRules: [{AC28F6D1-9047-4DF4-92EF-430425652AAB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{44016FE6-C801-48C2-BFB7-93E9D3239ECD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{745EA576-A82A-4F82-89A2-34ACC6E38A6A}C:\program files\siemens\nx 10.0\ugii\ugraf.exe] => (Allow) C:\program files\siemens\nx 10.0\ugii\ugraf.exe
FirewallRules: [UDP Query User{D4188F35-5D2A-4F2A-8447-C73B7033819A}C:\program files\siemens\nx 10.0\ugii\ugraf.exe] => (Allow) C:\program files\siemens\nx 10.0\ugii\ugraf.exe
==================== Wiederherstellungspunkte =========================
15-06-2017 14:40:36 Windows Update
15-06-2017 14:41:40 Windows Update
19-06-2017 10:02:55 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: FRITZ!WLAN USB Stick AC 860
Description: FRITZ!WLAN USB Stick AC 860
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: AVM Berlin
Service: fwlanusb6_860
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/19/2017 10:03:24 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (06/19/2017 10:02:22 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {99A31392-7A6C-4405-9492-DB6DD8A0449C}
Error: (06/19/2017 10:02:21 AM) (Source: Software Protection Platform Service) (EventID: 8211) (User: )
Description: Fehler bei der Aktualisierung der Windows-Lizenz- und Product Key-Tokens: 0x80070005.
Error: (06/19/2017 10:00:20 AM) (Source: Software Protection Platform Service) (EventID: 8211) (User: )
Description: Fehler bei der Aktualisierung der Windows-Lizenz- und Product Key-Tokens: 0x80070005.
Error: (06/19/2017 09:45:01 AM) (Source: Software Protection Platform Service) (EventID: 8211) (User: )
Description: Fehler bei der Aktualisierung der Windows-Lizenz- und Product Key-Tokens: 0x80070005.
Error: (06/19/2017 09:44:32 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl) konnten nicht installiert werden. Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (06/19/2017 09:44:32 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3013) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID "007" definiert wurden, können nicht aktualisiert werden. Das erste DWORD im Datenbereich enthält den Fehlercode.
Error: (06/19/2017 09:42:24 AM) (Source: Software Protection Platform Service) (EventID: 8211) (User: )
Description: Fehler bei der Aktualisierung der Windows-Lizenz- und Product Key-Tokens: 0x80070005.
Error: (06/19/2017 09:41:04 AM) (Source: Software Protection Platform Service) (EventID: 8211) (User: )
Description: Fehler bei der Aktualisierung der Windows-Lizenz- und Product Key-Tokens: 0x80070005.
Error: (06/19/2017 09:41:03 AM) (Source: Software Protection Platform Service) (EventID: 8211) (User: )
Description: Fehler bei der Aktualisierung der Windows-Lizenz- und Product Key-Tokens: 0x80070005.
Systemfehler:
=============
Error: (06/19/2017 09:45:03 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/19/2017 09:44:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0922 fehlgeschlagen: 2017-05 Kumulatives Update für Windows 10 Version 1607 für x64-basierte Systeme (KB4019472)
Error: (06/19/2017 09:44:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0922 fehlgeschlagen: 2017-06 Kumulatives Update für Windows 10 Version 1607 für x64-basierte Systeme (KB4022715)
Error: (06/19/2017 09:40:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "chip1click" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/19/2017 09:40:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst chip1click erreicht.
Error: (06/19/2017 09:39:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "amdacpksd" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (06/19/2017 09:38:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Update Orchestrator Service für Windows Update" wurde mit folgendem Fehler beendet:
Die Klasse wurde so konfiguriert, dass sie unter einer anderen Sicherheitskennung als der Aufrufer ausgeführt werden kann.
Error: (06/19/2017 09:36:58 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{B91D5831-B1BD-4608-8198-D72E155020F7}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/19/2017 09:31:19 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (06/19/2017 09:31:19 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
==================== Speicherinformationen ===========================
Prozessor: AMD A10-7800 Radeon R7, 12 Compute Cores 4C+8G
Prozentuale Nutzung des RAM: 52%
Installierter physikalischer RAM: 7089.53 MB
Verfügbarer physikalischer RAM: 3333.45 MB
Summe virtueller Speicher: 8241.53 MB
Verfügbarer virtueller Speicher: 3531.78 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:923.17 GB) (Free:602.54 GB) NTFS
Drive d: (DATA) (Fixed) (Total:923.17 GB) (Free:922.9 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 6704C4C0)
Partition: GPT.
==================== Ende von Addition.txt ============================
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-06-2017 01
durchgeführt von Sebastian (Administrator) auf SEBASTIAN-PC (19-06-2017 10:19:55)
Gestartet von C:\Users\Sebastian\Documents\virus suche
Geladene Profile: Sebastian (Verfügbare Profile: Sebastian)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1439_none_7efe016621f50bd0\TiWorker.exe
(Pokki) C:\Users\Sebastian\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Pokki) C:\Users\Sebastian\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\Sebastian\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.17.420.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Pokki) C:\Users\Sebastian\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Sebastian\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Sebastian\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Sebastian\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Sebastian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Sebastian\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13663448 2014-01-07] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-03-28] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [921208 2015-08-11] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [937984 2015-07-31] (AVM Berlin)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [3537976 2016-05-17] (Simply Super Software)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1224704 2017-05-17] (Cisco Systems, Inc.)
HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\...\Run: [Spotify Web Helper] => C:\Users\Sebastian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-06-13] (Spotify Ltd)
HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\...\Run: [Spotify] => C:\Users\Sebastian\AppData\Roaming\Spotify\Spotify.exe [6949488 2017-06-13] (Spotify Ltd)
HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\...\Run: [GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640 2017-05-09] (Google Inc.)
HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3651080 2015-03-09] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\...\MountPoints2: {d57c2840-eadf-11e5-82da-001a4f4a8e5f} - "K:\pushinst.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{754d7827-5649-4caa-9ade-514b87c25b39}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{88db2c15-9217-4396-9820-947d2fd493b6}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2057272010-1014490834-1823264472-1001 -> DefaultScope {3C435BC6-95AD-4291-86DC-B05EB005CC46} URL =
SearchScopes: HKU\S-1-5-21-2057272010-1014490834-1823264472-1001 -> {002003B0-E083-4EE3-8143-8A5A52712EB9} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B010DE662D20141102&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2057272010-1014490834-1823264472-1001 -> {3C435BC6-95AD-4291-86DC-B05EB005CC46} URL =
SearchScopes: HKU\S-1-5-21-2057272010-1014490834-1823264472-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-06-01] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-01] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-24] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-06-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-24] (Oracle Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\UCftnr3m.default [2017-06-13]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\UCftnr3m.default -> Sichere Suche
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\UCftnr3m.default -> Sichere Suche
FF Homepage: Mozilla\Firefox\Profiles\UCftnr3m.default -> hxxps://www.malwarebytes.org/restorebrowser//?s=acer&m=start
FF Keyword.URL: Mozilla\Firefox\Profiles\UCftnr3m.default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=B110DE662D20141102&p=
FF Extension: (Avira Browser Safety) - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\UCftnr3m.default\Extensions\abs@avira.com [2016-11-03]
FF Extension: (Firefox Hotfix) - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\UCftnr3m.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-23]
FF SearchPlugin: C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\UCftnr3m.default\searchplugins\McSiteAdvisor.xml [2016-07-13]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: (PDF Architect 2 Creator) - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-01-19] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-11-04] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-11-04] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-06-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-06-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-13] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> http://www.trojaner-board.de/185938-...uslastung.html
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default [2017-06-19]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-26]
CHR Extension: (Google Cast) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-09-11]
CHR Extension: (Text To Speech with Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dogdgjickfenmhihlgiedkadbbabiagm [2016-05-24]
CHR Extension: (Adobe Acrobat) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-06]
CHR Extension: (Avira Browserschutz) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-13]
CHR Extension: (Google Docs Offline) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-26]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-05-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-22]
CHR Extension: (Chrome Media Router) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-18]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Sebastian\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-05-24]
CHR HKU\S-1-5-21-2057272010-1014490834-1823264472-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-07-18] (Advanced Micro Devices) [Datei ist nicht signiert]
S2 AvmSwitchUsb; C:\Program Files (x86)\avmwlanstick\AVMSwitchUsb.exe [125440 2015-07-31] () [Datei ist nicht signiert]
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-08-11] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-08-11] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [847480 2015-08-11] (BlueStack Systems, Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
S2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-08-29] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [Datei ist nicht signiert]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-31] (Electronic Arts)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-12-19] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-24] (acer)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-04-26] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-08-11] (BlueStack Systems)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 DRHARD64; C:\Windows\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHARD64; C:\Windows\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\Windows\system32\drivers\DRHMSR64.sys [13760 2013-07-21] ()
R2 DRHMSR64; C:\Windows\SysWOW64\drivers\DRHMSR64.sys [13760 2013-07-21] ()
S3 FWLANUSB; C:\WINDOWS\system32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH) [Datei ist nicht signiert]
S3 fwlanusb6_860; C:\WINDOWS\system32\DRIVERS\fwlanusb6_860.sys [2242720 2015-07-31] (AVM GmbH)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [54736 2016-09-25] ()
S3 Logi_Headset_DFU; C:\WINDOWS\System32\Drivers\lhusbdfuamd64.sys [44136 2015-06-05] (CSR plc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [25592 2015-06-15] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2017-04-07] (Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-06-19 09:10 - 2017-06-19 09:07 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-06-15 10:09 - 2017-06-19 10:19 - 00000000 ____D C:\FRST
2017-06-13 21:41 - 2017-06-13 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2017-06-13 21:41 - 2017-05-17 13:34 - 00245576 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2017-06-13 08:18 - 2017-06-13 08:18 - 00001260 _____ C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-06-13 08:18 - 2017-06-13 08:18 - 00000000 ____D C:\Users\Sebastian\AppData\Local\UNP
2017-06-11 22:21 - 2017-06-11 22:22 - 00000000 ____D C:\Program Files\UNP
2017-06-11 22:21 - 2017-06-11 22:21 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-06-11 22:07 - 2017-06-11 22:07 - 00003756 _____ C:\WINDOWS\System32\Tasks\ALU_SelfUpgrade
2017-05-21 22:06 - 2017-05-21 22:06 - 00002473 _____ C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-06-19 10:03 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-19 09:53 - 2014-11-02 18:17 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Spotify
2017-06-19 09:53 - 2014-11-02 18:17 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Spotify
2017-06-19 09:50 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-19 09:47 - 2014-11-02 18:12 - 00000000 ____D C:\Users\Sebastian\AppData\Local\SweetLabs App Platform
2017-06-19 09:45 - 2016-05-24 08:51 - 00000000 ___RD C:\Users\Sebastian\Google Drive
2017-06-19 09:44 - 2017-05-11 20:05 - 01643192 _____ C:\WINDOWS\system32\PerfStringBackup.TMP
2017-06-19 09:39 - 2016-09-27 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-19 09:39 - 2016-09-27 22:22 - 00440432 ____H C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-19 09:38 - 2016-09-27 22:24 - 00065536 ____H C:\WINDOWS\system32\spu_storage.bin
2017-06-19 09:38 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-06-19 09:37 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-06-19 09:37 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-06-19 09:36 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-06-19 09:36 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-19 09:36 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-19 09:36 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\system32\oobe
2017-06-19 09:36 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\system32\appraiser
2017-06-19 09:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-06-19 09:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-19 09:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-06-19 09:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-06-19 09:36 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-19 09:36 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-19 09:36 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-06-19 09:36 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-06-19 09:30 - 2016-09-23 21:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-19 09:30 - 2016-09-23 21:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-19 09:30 - 2014-11-02 20:04 - 00000000 ____D C:\Program Files (x86)\Avira
2017-06-19 09:11 - 2016-09-25 21:59 - 00000000 ____D C:\Users\Sebastian\Documents\virus suche
2017-06-19 09:08 - 2016-09-27 22:25 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-19 09:08 - 2014-11-02 20:04 - 00000000 ____D C:\ProgramData\Avira
2017-06-19 08:59 - 2016-08-31 12:29 - 00000000 ____D C:\Users\Sebastian\Documents\Allgemein
2017-06-19 08:55 - 2014-11-14 13:17 - 00007608 _____ C:\Users\Sebastian\AppData\Local\Resmon.ResmonCfg
2017-06-19 08:51 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-19 08:36 - 2016-09-27 22:22 - 00000000 ___HD C:\WINDOWS\system32\SleepStudy
2017-06-15 20:03 - 2014-12-21 16:05 - 00000000 ____D C:\Users\Sebastian\Desktop\backround
2017-06-15 14:48 - 2016-09-23 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-15 14:47 - 2014-11-07 20:25 - 00000000 ___HD C:\WINDOWS\system32\MRT
2017-06-15 14:42 - 2014-11-07 20:25 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-15 11:26 - 2016-08-30 12:49 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-06-15 11:26 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-06-15 11:26 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2017-06-15 09:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-14 23:10 - 2014-11-02 21:10 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\vlc
2017-06-14 21:59 - 2017-05-05 16:45 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Siemens
2017-06-13 21:41 - 2017-04-26 19:18 - 00000000 ____D C:\ProgramData\Cisco
2017-06-13 21:41 - 2017-04-26 19:18 - 00000000 ____D C:\Program Files (x86)\Cisco
2017-06-13 21:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-06-13 19:52 - 2016-09-27 23:20 - 00000000 ___DC C:\WINDOWS\Panther
2017-06-13 19:45 - 2017-03-20 07:06 - 00000000 ___HD C:\$WINDOWS.~BT
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-01 19:53 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-01 19:50 - 2014-06-10 17:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-23 15:22 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\system32\NDF
2017-05-22 19:21 - 2016-09-27 22:29 - 00000000 ____D C:\Users\Sebastian
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-01-09 19:56 - 2015-01-09 19:56 - 0004608 _____ () C:\Users\Sebastian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-13 11:19 - 2016-07-13 11:19 - 0000058 _____ () C:\Users\Sebastian\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-11-30 22:03 - 2015-11-30 22:03 - 0004002 _____ () C:\Users\Sebastian\AppData\Local\recently-used.xbel
2014-11-14 13:17 - 2017-06-19 08:55 - 0007608 _____ () C:\Users\Sebastian\AppData\Local\Resmon.ResmonCfg
2016-01-02 17:35 - 2016-01-02 17:35 - 0000000 _____ () C:\Users\Sebastian\AppData\Local\{42027EF8-D4DA-4DE6-B22E-B2CA3DC211F0}
2016-08-30 10:54 - 2016-08-30 10:54 - 0042455 _____ () C:\ProgramData\1472547253.bdinstall.bin
2016-08-30 10:57 - 2016-08-30 10:57 - 0025433 _____ () C:\ProgramData\1472547463.bdinstall.bin
2016-11-01 22:27 - 2016-11-01 22:27 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-09-27 22:23 - 2016-09-27 22:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2016-09-28 19:46 - 2016-09-28 19:46 - 0000000 ____D () C:\Users\Sebastian\AppData\Local\Temp\avgnt.exe
2017-05-19 09:06 - 2017-05-21 22:03 - 64118864 _____ (SweetLabs,Inc.) C:\Users\Sebastian\AppData\Local\Temp\octA3E1.tmp.exe
2016-11-17 09:04 - 2016-11-17 09:05 - 64111920 _____ (SweetLabs,Inc.) C:\Users\Sebastian\AppData\Local\Temp\octAD36.tmp.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-06-13 08:48
==================== Ende von FRST.txt ============================
|
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Lesestoff:
dann auf 
und dann auf 
.