Froschmann | 07.12.2017 18:01 | Additional.txt Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 06-12-2017
durchgeführt von Marc (07-12-2017 18:00:07)
Gestartet von C:\Users\Marc\Downloads
Windows 10 Home Version 1703 15063.729 (X64) (2017-08-12 20:34:03)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-721633766-3456424319-3093112155-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-721633766-3456424319-3093112155-503 - Limited - Disabled)
Gast (S-1-5-21-721633766-3456424319-3093112155-501 - Limited - Disabled)
Marc (S-1-5-21-721633766-3456424319-3093112155-1001 - Administrator - Enabled) => C:\Users\Marc
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
. . . (HKLM\...\{DB52A2D0-CAA1-4ED1-B122-29E7EDDE187F}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{06DA421D-EE23-487D-878F-F0AF97EF69AD}) (Version: 2.6.1.4 - Intel) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
888poker (HKLM-x32\...\{F78E5FB8-7856-4A2C-A81B-6EDA12F81B01}) (Version: 7.4.00037 - 888) Hidden
888poker (HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\InstallShield_{F78E5FB8-7856-4A2C-A81B-6EDA12F81B01}) (Version: 7.4.00037 - 888)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3027 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3023 - Acer Incorporated)
Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 375.95 - NVIDIA Corporation) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
AutoHotkey 1.1.25.01 (HKLM\...\AutoHotkey) (Version: 1.1.25.01 - Lexikos)
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.)
DiskCryptor 1.1 (HKLM\...\DiskCryptor_is1) (Version: 1.1 - hxxp://diskcryptor.net/)
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
Dragon 15 (HKLM-x32\...\{768AC460-237E-45B6-99B8-1DE6D0F391E8}) (Version: 15.00.000 - Nuance Communications Inc.)
ELAN HIDI2C Filter Driver X64 13.6.5.2_WHQL (HKLM\...\Elantech) (Version: 13.6.5.2 - ELAN Microelectronic Corp.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
EPSON WF-2760 Series Printer Uninstall (HKLM\...\EPSON WF-2760 Series) (Version: - Seiko Epson Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
FileZilla Client 3.25.1 (HKLM-x32\...\FileZilla Client) (Version: 3.25.1 - Tim Kosse)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Ghost Control 3.0.6 (HKLM-x32\...\Ghost Control_is1) (Version: - N.R.S.)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Git version 2.13.2 (HKLM\...\Git_is1) (Version: 2.13.2 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\GitHubDesktop) (Version: 1.0.10 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Holdem Indicator 2.9.6.0 (HKLM-x32\...\Holdem Indicator_is1) (Version: - hxxp://www.HoldemIndicator.com)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1015 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.0.1039 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1620.3 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{61a0f1f5-c77e-4992-ba85-029f93cd8d18}) (Version: 10.1.1.27 - Intel(R) Corporation) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Malwarebytes Version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.8625.2139 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.8625.2139 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM-x32\...\{F8A2A208-72B3-4D61-95FC-8A65D340689B}_is1) (Version: 1.13.1 - Microsoft Corporation)
Mozilla Firefox 57.0.1 (x64 de) (HKLM\...\Mozilla Firefox 57.0.1 (x64 de)) (Version: 57.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.1.6541 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3.1 - Notepad++ Team)
NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10299 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.191 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7836 - Realtek Semiconductor Corp.)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
Tournament Indicator 2.6.0.0 (HKLM-x32\...\Tournament Indicator_is1) (Version: - hxxp://www.TournamentIndicator.com)
TunnelBear (HKLM-x32\...\{8092fbe5-9e59-4729-a5de-5bb6a64873cc}) (Version: 3.0.37.12 - TunnelBear)
TunnelBear (HKLM-x32\...\{ABC9BE61-B890-4100-BCA4-5AC3BF1F3CB5}) (Version: 3.0.37.12 - TunnelBear) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Winner Poker (HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\winnerpoker) (Version: 1.1.1.35 - Winner Poker)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-721633766-3456424319-3093112155-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Marc\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-721633766-3456424319-3093112155-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Marc\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-721633766-3456424319-3093112155-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Marc\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => Keine Datei
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => -> Keine Datei
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => -> Keine Datei
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => -> Keine Datei
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-01-17] ()
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxDTCM.dll [2017-02-07] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0481BC6E-5635-4CA5-9A47-AC5F661D507F} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2016-01-20] ()
Task: {1219C36E-B6F0-47AC-B8C1-D71B3F7457E5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-22] (Microsoft Corporation)
Task: {171E2F16-7D52-4AFD-92B1-0869BF5D85A6} - System32\Tasks\EPSON WF-2760 Series Update {C8EC83F3-0518-4374-B434-D11713730F69} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {207DC15A-70EC-439B-89F8-9BA9F1C08A72} - System32\Tasks\EPSON WF-2760 Series Update {B6CFA1C1-110C-426C-80BD-40BB944004D8} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {2F2090A3-917D-4EB2-8B3B-C25A373CEC79} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {355F852A-7001-4393-A65A-7457F7E17AF9} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2016-01-20] ()
Task: {4207B2C7-9F0A-45DA-BF1B-0EF9A2356C0E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-11] (Google Inc.)
Task: {4B3A6DEF-7085-4318-8ECE-48E36EA5909D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-28] ()
Task: {55B0F94A-287A-4D03-8B01-0FA86CEFE6F7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-28] ()
Task: {5740D63E-86DA-4729-87CF-D6FC0B97FD60} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-02-03] (Acer Incorporated)
Task: {5A8C5CDE-3D27-4211-A3B4-D4A8D5FBB8DA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-30] (Acer Incorporated)
Task: {619B4769-D920-45E3-A6E8-098C98ECE282} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {657100E4-F622-443A-964A-67B240ABF7B4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe [2017-11-14] (Adobe Systems Incorporated)
Task: {6A0E7275-3E1C-4D19-B27E-95710E785830} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
Task: {6D0FC957-707D-4278-9E3A-4A6203F68EC6} - System32\Tasks\EPSON WF-2760 Series Update {68E8254B-F612-4C41-8893-CD52FBAD49A1} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {70A687B9-01B1-4889-8921-9B4C54A0191C} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {785C730D-B10F-4F09-B654-90DDFBDA135A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-11] (Google Inc.)
Task: {79448C01-7561-4BBF-9286-C8FB4851FDE4} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {79A0CD66-2A3B-4C15-8D21-DC3C7EEB2981} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd)
Task: {79D87E59-33B6-4EDA-96A9-EBE172939FCF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {7E8D8FCD-D903-42A6-BCA0-3117E6359021} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {84ECDB13-8E79-4CC6-A578-9DE428046846} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [2016-09-20] ()
Task: {8786A3CF-361F-4FC7-BF53-D7A7B3BFAC26} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-02-03] (Acer Incorporated)
Task: {88D688B3-6645-49BE-AEBC-8CAB1D5A53EB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14] (Adobe Systems Incorporated)
Task: {90264D9C-0E0D-41AC-BC70-B660A5026298} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {9914F2F5-49AD-4044-BBE1-F1E61CE7E735} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {AF2C6FB2-44F3-4700-A186-6D4BAC656D7D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {AFB7F9EB-7065-4DC2-913B-D8E7DDF6BD19} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {CA105160-4ADE-451B-BBF2-81D45AD39E16} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {DA373233-071A-4568-B38E-078241CD5DD3} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2016-01-20] (Acer Incorporated)
Task: {E0285427-F9BF-4742-A3C6-181EC5D8AD97} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {E28D7D70-5F9A-4819-90B5-C2819368534A} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2016-01-20] ()
Task: {E6CA8CCB-F179-4D36-9E8A-03F274774B5B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-12-02] (Microsoft Corporation)
Task: {E7C499CC-7566-46C3-9F93-CBDCCB29EBA9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E819E1F4-DFDE-4EA8-AD43-751E0A9F439C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {EFF6E9E1-FAD1-4118-A917-6F4EDD3B4491} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {F51BBF49-4C3B-492A-9CD4-944361E4461B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-12-02] (Microsoft Corporation)
Task: {FFEB5D6D-7F8B-4346-8796-DC099B04930A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-22] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\EPSON WF-2760 Series Update {68E8254B-F612-4C41-8893-CD52FBAD49A1}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE:/EXE:{68E8254B-F612-4C41-8893-CD52FBAD49A1} /F:UpdateWORKGROUP\LAPTOP-E5S4SKF9$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-2760 Series Update {B6CFA1C1-110C-426C-80BD-40BB944004D8}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE:/EXE:{B6CFA1C1-110C-426C-80BD-40BB944004D8} /F:UpdateWORKGROUP\LAPTOP-E5S4SKF9$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-2760 Series Update {C8EC83F3-0518-4374-B434-D11713730F69}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE:/EXE:{C8EC83F3-0518-4374-B434-D11713730F69} /F:UpdateWORKGROUP\LAPTOP-E5S4SKF9$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-03-04 19:26 - 2016-03-04 19:26 - 005570728 _____ () C:\WINDOWS\system32\IntelSSTAPO\ParameterService\libxml2-2.dll
2016-06-08 18:04 - 2016-06-08 18:04 - 000117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2017-12-02 14:25 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-08-12 21:24 - 2016-12-29 14:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-01-17 02:30 - 2017-01-17 02:30 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2017-03-20 16:44 - 2017-03-20 16:44 - 000052392 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 21:59 - 2017-03-20 05:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-15 22:12 - 2017-11-10 10:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-15 22:12 - 2017-11-10 10:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
2016-01-20 19:50 - 2016-01-20 19:50 - 004644256 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2017-12-06 09:31 - 2017-12-06 09:31 - 004698848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-01 06:03 - 2017-12-01 06:03 - 026657792 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17102.13911.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-12-01 06:03 - 2017-12-01 06:03 - 009162240 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17102.13911.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 04:08 - 2017-09-26 04:08 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17102.13911.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-17 15:38 - 2017-11-17 15:38 - 035241472 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\Music.UI.exe
2017-11-17 15:38 - 2017-11-17 15:38 - 009218560 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-08-23 10:41 - 2017-08-23 10:41 - 000957952 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2017-09-26 04:08 - 2017-09-26 04:08 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-17 15:38 - 2017-11-17 15:38 - 013224960 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\Music.Visuals.dll
2017-10-10 03:50 - 2017-10-10 03:50 - 004252672 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-09-26 04:08 - 2017-09-26 04:08 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-30 08:27 - 2017-11-30 08:27 - 000087040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-30 08:27 - 2017-11-30 08:27 - 000202752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-30 08:27 - 2017-11-30 08:27 - 025600000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-30 08:27 - 2017-11-30 08:27 - 002546176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\skypert.dll
2017-11-30 08:27 - 2017-11-30 08:27 - 000672256 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2017-07-11 01:34 - 2017-07-11 01:34 - 002331136 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2017-07-11 01:34 - 2017-07-11 01:34 - 002836480 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2016-05-16 20:50 - 2016-05-16 20:50 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-09-26 21:22 - 2017-09-26 21:22 - 001984000 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\Software\Classes\regfile: regedit.exe "%1" <==== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "MouseDriver"
HKLM\...\StartupApproved\Run32: => "ISUSPM"
HKLM\...\StartupApproved\Run32: => "DNS7reminder"
HKLM\...\StartupApproved\Run32: => "MouseDriver"
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\StartupApproved\Run: => "Ghost Control"
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\StartupApproved\Run: => "OpenVPN-GUI"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{6437DEB9-D84B-4F1E-809F-09F93F6FB254}D:\games\portal 2\portal2.exe] => (Block) D:\games\portal 2\portal2.exe
FirewallRules: [TCP Query User{EB301C9C-A55F-4D75-8BBA-1578AB94C65B}D:\games\portal 2\portal2.exe] => (Block) D:\games\portal 2\portal2.exe
FirewallRules: [UDP Query User{01D36499-B575-4FD4-ADFA-870537E201C2}D:\games\age of empires ii hd\game.dat] => (Block) D:\games\age of empires ii hd\game.dat
FirewallRules: [TCP Query User{72A22D15-9A1B-4B78-91D2-2B63DF9EC97B}D:\games\age of empires ii hd\game.dat] => (Block) D:\games\age of empires ii hd\game.dat
FirewallRules: [UDP Query User{6645C61E-717B-49F3-8124-8EA19121C07D}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{6C980ED1-22EC-49E1-B5F9-CB934935ADFC}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{EE0D4713-8A0E-4C14-B49B-F60B918BEDAB}D:\programme\microsoft vs code\code.exe] => (Allow) D:\programme\microsoft vs code\code.exe
FirewallRules: [TCP Query User{06ED79E5-6DAD-44D9-813F-F388FEE3A883}D:\programme\microsoft vs code\code.exe] => (Allow) D:\programme\microsoft vs code\code.exe
FirewallRules: [{0A52A7B2-8F25-4B7A-9314-E0091894B3E3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{79E239C8-3498-41B1-8374-F4F8D0C6DD63}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A560B948-A40B-413E-A457-1C0A85D9B7F9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{E12A2E4B-AD3C-4D4F-BFD4-45CB5218AE2A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{50CDA598-A61C-4EAD-9AD9-93C415164E2C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E7CFB66E-8BDA-495D-AA40-8C01969A7E97}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B9C853F2-899B-42D7-BFCF-3BDC0C651DB8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6BE4FEA3-C238-44EB-A81F-8CB48177FBF5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4DA1DD0D-17DF-4D31-9398-B5C834877DE4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B650E4E5-9DFC-45D0-A425-9FF0EF2350C1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3C2C53B6-E8E1-4E28-9417-E9EC2D793987}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{90F8E26B-FFAC-41AA-9EB1-FED13BC6A443}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{D0D9C1B3-E5B7-47FF-9896-9569EAC5A2D4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{3C1D22C0-D147-4E4F-98A0-55F97BDD3FF0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{04C76429-84FC-439B-BD08-10E52EF2A219}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{2F8651DE-859C-4A05-A19C-752E210DECA3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F3A4DAC7-9C02-4220-9978-1C52EF4A8355}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{29CFB43A-B380-47C2-99DD-10D263E7B01B}] => (Allow) D:\Steamspiele\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{903ABAF8-A1D6-4213-927B-10D241C9FF9A}] => (Allow) D:\Steamspiele\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{A17C384A-EA02-4F92-A1DB-0D6A9CAD365D}] => (Allow) D:\Steamspiele\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{D809024A-ECEA-4914-8E15-FBA492403288}] => (Allow) D:\Steamspiele\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [TCP Query User{CF71BBA6-31F1-4981-8713-1D8F811EAAB7}C:\users\marc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\marc\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7ED345D0-BE4E-4D07-9157-EEF854EB1599}C:\users\marc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\marc\appdata\local\akamai\netsession_win.exe
FirewallRules: [{B7932758-F237-4797-AD0C-74629D8FAF72}] => (Allow) D:\Steamspiele\steamapps\common\Democracy 3\Democracy3.exe
FirewallRules: [{2BC7A53D-ACAE-4E13-9794-4E4A7DFB6E32}] => (Allow) D:\Steamspiele\steamapps\common\Democracy 3\Democracy3.exe
FirewallRules: [{3666437C-07E8-446B-88AE-54D11D265723}] => (Allow) D:\Steamspiele\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{2F282997-0382-427F-8EF9-2D21673DDA8D}] => (Allow) D:\Steamspiele\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{9E4E69E9-592F-4077-A8A8-D3EDA4CC8AC2}] => (Allow) D:\Steamspiele\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{DE8B01D8-14C8-4057-8ED1-25BAFADFBD86}] => (Allow) D:\Steamspiele\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{72042562-6185-4A7D-BE73-4B375E5672D8}] => (Allow) D:\Steamspiele\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{49D16CAA-1D4C-49D5-B1ED-0441A5307B36}] => (Allow) D:\Steamspiele\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{15153893-58E9-4C79-9A53-163BC773F770}] => (Allow) D:\Steamspiele\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{C24CF349-1B0E-43E7-97DB-84C4F9A03176}] => (Allow) D:\Steamspiele\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{81CE3A2A-63D7-403B-B581-C0DF8DDBCC73}] => (Allow) D:\Programme\steam\Steam.exe
FirewallRules: [{CC500E97-B57F-4DF4-9A6E-E489E411025D}] => (Allow) D:\Programme\steam\Steam.exe
FirewallRules: [{4D37F854-1189-4E7F-ACB5-9DB64690C8FF}] => (Allow) D:\Programme\steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C2D26449-97F0-4056-AFD4-DEDEB7FBEE0F}] => (Allow) D:\Programme\steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{57ABC4A2-AF21-429E-A522-BC7DE6118EF4}] => (Allow) D:\Programme\steam\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{354CB7E9-A9C5-433F-89D6-DB0F3A3C57FF}] => (Allow) D:\Programme\steam\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [TCP Query User{D1E20920-50FF-43E7-AD26-D6ADA28C6762}C:\users\marc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\marc\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{63C700BB-39C8-4C3D-814B-75DF39DB2A41}C:\users\marc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\marc\appdata\local\akamai\netsession_win.exe
FirewallRules: [{650DFFEE-8C63-40CB-9881-CF71FF0E17CF}] => (Allow) C:\Program Files (x86)\Holdem Indicator\HoldemIndicator.exe
FirewallRules: [{A89A55D1-76DC-4126-B9B9-C72BA480662F}] => (Allow) C:\Program Files (x86)\Holdem Indicator\HoldemIndicator.exe
FirewallRules: [{054CEC16-4ED0-48D9-9933-4338A6A25490}] => (Allow) D:\Programme\steam\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{C89F7CEA-232D-4DF0-AB3F-C24A252BC320}] => (Allow) D:\Programme\steam\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{B0173163-EABC-49AE-B354-80CF409A9D95}] => (Allow) C:\Program Files (x86)\Tournament Indicator\Indicator.exe
FirewallRules: [{1BFE85E9-D929-4759-870B-4C60EF614F18}] => (Allow) C:\Program Files (x86)\Tournament Indicator\Indicator.exe
FirewallRules: [{18B28BFC-9CD1-445F-919C-2524DBE9C77D}] => (Allow) C:\Program Files (x86)\Tournament Indicator\Indicator.exe
FirewallRules: [{7D729EAB-FD82-4219-8BAA-F8C5F4D2779C}] => (Allow) C:\Program Files (x86)\Tournament Indicator\Indicator.exe
FirewallRules: [{8DB1C38E-D597-4280-BCBD-ADFD0ACE8EA5}] => (Allow) C:\Program Files (x86)\Holdem Indicator\HoldemIndicator.exe
FirewallRules: [{1636DC0F-7CC9-463C-8303-BA197BA686BF}] => (Allow) C:\Program Files (x86)\Holdem Indicator\HoldemIndicator.exe
FirewallRules: [{64BAD023-B621-412C-8E97-7CDD4D118AE9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
02-12-2017 16:38:38 Geplanter Prüfpunkt
05-12-2017 14:56:18 Installed Safari
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: TunnelBear Adapter V9
Description: TunnelBear Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TunnelBear Provider V9
Service: tap-tb-0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/06/2017 06:50:22 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-721633766-3456424319-3093112155-1001}/">.
Error: (12/06/2017 06:50:22 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-721633766-3456424319-3093112155-1001}/">.
Error: (12/06/2017 06:11:40 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-721633766-3456424319-3093112155-1001}/">.
Error: (12/06/2017 06:11:40 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-721633766-3456424319-3093112155-1001}/">.
Error: (12/06/2017 03:20:09 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{41FD88F7-F295-4D39-91AC-A85F3149A05B}" wurde abgelehnt.
Error: (12/06/2017 01:43:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Marc\Downloads\esetsmartinstaller_deu (1).exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
Error: (12/06/2017 09:54:00 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (12/06/2017 09:27:11 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (12/05/2017 10:04:13 PM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{41FD88F7-F295-4D39-91AC-A85F3149A05B}" wurde abgelehnt.
Error: (12/05/2017 03:59:43 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Systemfehler:
=============
Error: (12/06/2017 09:27:01 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/06/2017 09:27:01 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/06/2017 09:26:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (12/06/2017 09:26:33 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 06.12.2017 um 01:29:48 unerwartet heruntergefahren.
Error: (12/03/2017 08:50:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (12/03/2017 08:50:38 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Marc\AppData\Local\Temp\ehdrv.sys
Error: (12/03/2017 08:50:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (12/03/2017 08:50:37 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Marc\AppData\Local\Temp\ehdrv.sys
Error: (12/03/2017 08:50:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (12/03/2017 08:50:37 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Marc\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===================================
Date: 2017-12-07 11:30:43.362
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-07 10:39:08.103
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-12-07 10:39:08.100
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-12-06 11:05:44.274
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-12-03 23:04:31.350
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\$WINDOWS.~BT\NewOS\Windows\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.16299.15_none_f2b6706a39a0f009\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-12-03 23:04:31.338
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\$WINDOWS.~BT\NewOS\Windows\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.16299.15_none_f2b6706a39a0f009\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-12-03 23:04:31.325
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\$WINDOWS.~BT\NewOS\Windows\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.16299.15_none_f2b6706a39a0f009\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-12-03 23:04:31.312
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\$WINDOWS.~BT\NewOS\Windows\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.16299.15_none_f2b6706a39a0f009\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-12-03 23:04:27.525
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\$WINDOWS.~BT\NewOS\Windows\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.16299.15_none_6bf69ff6ccd5c66d\GamePanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-12-03 23:04:27.514
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\$WINDOWS.~BT\NewOS\Windows\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.16299.15_none_6bf69ff6ccd5c66d\GamePanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 81%
Installierter physikalischer RAM: 8060.13 MB
Verfügbarer physikalischer RAM: 1520.56 MB
Summe virtueller Speicher: 18812.13 MB
Verfügbarer virtueller Speicher: 7580.19 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:118.13 GB) (Free:35.56 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:478.86 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: A7C69406)
Partition: GPT.
========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: A7C694E3)
Partition: GPT.
==================== Ende von Addition.txt ============================ |