| lyncat89 | 10.02.2017 20:17 |
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 10-02-2017
durchgeführt von julia (10-02-2017 19:42:41)
Gestartet von C:\Users\julia\Desktop\Virus
Windows 10 Pro Version 1607 (X64) (2016-08-06 20:35:33)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1190779463-2330029784-2471901394-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1190779463-2330029784-2471901394-503 - Limited - Disabled)
Gast (S-1-5-21-1190779463-2330029784-2471901394-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1190779463-2330029784-2471901394-1003 - Limited - Enabled)
julia (S-1-5-21-1190779463-2330029784-2471901394-1001 - Administrator - Enabled) => C:\Users\julia
LynCat (S-1-5-21-1190779463-2330029784-2471901394-1004 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
AirDroid 3.3.1.1 (HKLM-x32\...\AirDroid) (Version: 3.3.1.1 - Sand Studio)
Amazon Kindle (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Amazon Kindle) (Version: 1.17.0.44170 - Amazon)
Amazon Kindle (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Kindle) (Version: 1.17.0.44170 - Amazon)
Amazon Music (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Amazon Amazon Music) (Version: 5.3.5.1704 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Music) (Version: 5.3.5.1704 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{04E14C12-EAB9-9B07-5A25-CAF2D10B2579}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
APP Shop v1.0.24 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.24 - ASRock Inc.)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock Restart to UEFI v1.0.5 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.5 - )
ASRock XFast RAM v3.0.3 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
A-Tuning v2.0.280 (HKLM-x32\...\A-Tuning_is1) (Version: 2.0.280 - ASRock Inc.)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.3.0.1 - G DATA Software AG)
GfK Internet-Monitor (HKLM-x32\...\39992AD7-103F-4308-8BB7-3F65F543604D) (Version: 15.4.173 - GfK)
GoodNightLed v3.0.1 (HKLM-x32\...\GoodNightLed_is1) (Version: 3.0.1 - ASRock Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.20.104.05220 (HKLM-x32\...\{78D4C553-4B41-97A5-22B4-2F446987B724}) (Version: 2.20.104.05220 - Sony)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 de)) (Version: 45.7.1 - Mozilla)
Nielsen (HKLM-x32\...\NetSight) (Version: - )
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.6.0.0 - Duodian Technology Co. Ltd.)
OEM Application Profile (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.5.6379 - Electronic Arts, Inc.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.18.1-r120223-release - Plays.tv, LLC)
PS4 Remote Play (HKLM-x32\...\{127839B2-AF0F-41CA-9F00-A247D04ACD81}) (Version: 1.0.0.15181 - Sony Interactive Entertainment Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7560 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Spotify (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\Spotify) (Version: 1.0.34.146.g28f9eda2 - Spotify AB)
Spotify (HKU\S-1-5-21-1190779463-2330029784-2471901394-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.34.146.g28f9eda2 - Spotify AB)
SRWare Iron Version SRWare Iron 33.0.1800.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 33.0.1800.0 - SRWare)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten (HKLM\...\{EF27865C-E636-47C4-8B35-CE8A88045681}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Uplay (HKLM-x32\...\Uplay) (Version: 21.1 - Ubisoft)
Usb GamePad (HKLM-x32\...\{DEC7CD2E-2BB5-40C3-9592-078F64677E6C}) (Version: 1.00.0000 - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
WinDS PRO 2016.04.08 (HKLM\...\{4237FF56-4BD0-481E-BD44-C1A8DDA9C753}_is1) (Version: 2016.04.08 - WinDS PRO Central)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XFast LAN v10.10 (HKLM\...\XFast LAN) (Version: 10.10 - cFos Software GmbH, Bonn)
Xperia Companion (HKLM-x32\...\{8f4f39fa-087f-4e5c-84f3-1433ac7389e9}) (Version: 1.2.8.0 - Sony)
Xperia Companion (x32 Version: 1.2.8.0 - Sony) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {066EF000-1D31-4F43-8E09-C97DCCC96278} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {0787498F-17F1-438E-A865-955C488125BC} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {2556CECF-EA3C-447B-94AA-800BAC478C7D} - \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start -> Keine Datei <==== ACHTUNG
Task: {471EA7B1-B69E-4FE6-9507-551F2D76CF4B} - System32\Tasks\cFos\Registration Tasks\Open Browser => Chrome.exe "hxxp://www.cfos.de/de/cfosspeed/documentation/keyboard-leds.htm?reg-10.10.2238-asrock"
Task: {4C90C93F-B372-447A-BAD9-4C877F578A53} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-30] (Dropbox, Inc.)
Task: {4CA7C5ED-61A5-4A08-B76C-971D3E54939A} - \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources -> Keine Datei <==== ACHTUNG
Task: {502B87CA-6578-4727-98E0-D5312A5A1A26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.)
Task: {50E75D14-4AFB-4ACB-823D-3611FAA325F0} - \HPCustParticipation HP Deskjet 3050A J611 series -> Keine Datei <==== ACHTUNG
Task: {6296D443-6591-41C6-8164-6F42E329A9B0} - System32\Tasks\HPCeeScheduleForjulia => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {760F7F73-70D6-4F7A-ACB0-CE52D03A6E5F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {7D55EAF4-9F48-486E-8D81-74287FF2CED0} - System32\Tasks\AsrSP.exe => C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\AsrSP.exe [2014-12-02] ()
Task: {849173CC-06EF-4522-99B4-34CDDAB5DA29} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> Keine Datei <==== ACHTUNG
Task: {8F0C3895-A13C-4DAC-A594-051736FCCC88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {9A8C6E8B-C1D2-4DCC-978C-F7856E76371A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
Task: {9C6A1060-F966-4927-B888-198454C7ADF3} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> Keine Datei <==== ACHTUNG
Task: {9E858082-438A-4EF2-B0C6-F930C7B617BB} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> Keine Datei <==== ACHTUNG
Task: {AB9FACDB-986A-4467-9238-8115E635C99F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.)
Task: {B1EF102A-D9C4-4BA0-8C3D-01C864291EB2} - \AMD Updater -> Keine Datei <==== ACHTUNG
Task: {D7363947-96AE-4959-8D5B-F7DB49B01864} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => sc.execonfig upnphost start= auto
Task: {DA111EEE-D374-4720-B899-179957A0B716} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {E4F6F8E8-7CA4-4492-9371-6468BC21B942} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-30] (Dropbox, Inc.)
Task: {E6207A16-3F27-432D-9886-2E98B5F8CC4B} - System32\Tasks\AsrAPPShop => C:\Program Files (x86)\ASRock Utility\APP Shop\AsrAPPShop.exe [2016-02-05] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForjulia.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-04-29 23:50 - 2014-07-31 15:17 - 00463112 _____ () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2016-11-03 12:01 - 2016-10-31 17:11 - 01992256 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe
2016-07-31 18:43 - 2016-07-06 14:20 - 01476160 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe
2016-09-15 04:24 - 2016-09-15 04:24 - 00423752 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-11-21 17:19 - 2016-11-21 17:19 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 20:25 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-06 21:41 - 2016-08-06 21:41 - 00959168 _____ () C:\Users\julia\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-09-14 08:17 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 18:18 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 18:18 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 18:18 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 18:18 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-06 08:43 - 2017-02-06 08:44 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-06 08:43 - 2017-02-06 08:44 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-06 08:43 - 2017-02-06 08:44 - 42895872 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 08:43 - 2017-02-06 08:43 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\roottools.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-30 19:12 - 2016-06-30 19:12 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-05 10:56 - 2016-09-05 10:56 - 00014848 _____ () C:\Program Files\WindowsApps\27877Yunus.ConvertTexttoSpeech_3.1.180.0_x64__2s1d2erncfhrw\Convert Text to Speech.exe
2016-09-05 10:56 - 2016-09-05 10:56 - 01049088 _____ () C:\Program Files\WindowsApps\27877Yunus.ConvertTexttoSpeech_3.1.180.0_x64__2s1d2erncfhrw\Convert Text to Speech.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 01872384 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00638976 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSLoc_OneCore.DLL
2016-07-31 18:43 - 2016-07-06 14:20 - 00619584 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll
2016-10-01 17:37 - 2017-01-15 12:27 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-02-04 01:07 - 2017-02-04 01:07 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-02-04 01:07 - 2017-02-04 01:07 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-02-04 01:07 - 2017-02-04 01:07 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-02-04 01:07 - 2017-02-04 01:07 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-02-04 01:07 - 2017-02-04 01:07 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-02-04 01:07 - 2017-02-04 01:07 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-02-04 01:07 - 2017-02-04 01:07 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-02-04 01:07 - 2017-02-04 01:07 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-02-04 01:07 - 2017-02-04 01:07 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-02-04 01:07 - 2017-02-04 01:07 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-02-04 01:07 - 2017-02-04 01:07 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2016-09-07 07:57 - 2016-08-11 09:34 - 00800912 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\communication.dll
2016-04-21 02:23 - 2017-01-16 08:34 - 09080360 _____ () C:\Program Files (x86)\AirDroid\Android.dll
2016-04-21 02:20 - 2017-01-16 08:34 - 00642088 _____ () C:\Program Files (x86)\AirDroid\System.Data.SQLite.dll
2016-09-07 07:57 - 2016-08-11 09:34 - 00191632 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\npsp1.dll
2016-09-07 07:57 - 2016-08-11 09:34 - 00260752 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\npwmi.dll
2016-09-01 23:14 - 2017-02-01 00:57 - 53478912 _____ () C:\Users\julia\AppData\Local\Amazon Music\libcef.dll
2016-09-01 23:14 - 2017-02-01 00:57 - 01976832 _____ () C:\Users\julia\AppData\Local\Amazon Music\libglesv2.dll
2016-09-01 23:14 - 2017-02-01 00:57 - 00075264 _____ () C:\Users\julia\AppData\Local\Amazon Music\libegl.dll
2017-02-06 19:13 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 19:13 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-01-11 20:45 - 2017-01-11 20:45 - 17835096 _____ () C:\Users\julia\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
2015-10-21 14:50 - 2015-10-21 14:50 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2015-10-21 14:49 - 2015-10-21 14:49 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-04-29 11:54 - 2016-04-29 11:52 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\julia\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\julia\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "XperiaCompanion"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\...\StartupApproved\Run: => "BigNox"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "XperiaCompanion"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1190779463-2330029784-2471901394-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "BigNox"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{BE8EDC0C-73E0-4F9F-9C2E-06DDE5F03E9B}] => C:\Program Files (x86)\Remotr\RemotrServer.exe
FirewallRules: [{2227EE2C-CE55-45FB-B30E-62DC8230A899}] => C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{30F3774D-AD02-45B3-B257-534DA49823C7}] => C:\Users\julia\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{783C2224-7D58-48D8-AD4C-4B0B5C77B453}] => C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{CF90C652-DC55-467E-BAC1-4DF8396B2C92}] => C:\Program Files (x86)\Steam\steamapps\common\CrushCrush\CrushCrush.exe
FirewallRules: [{E6E289E2-4AA2-40F5-ACA6-9C82995E68B7}] => C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{E53E8737-385D-4ABE-B897-20BB0428F9D2}] => C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{9BACBB96-FF86-4833-A8AF-0CF03B271854}] => C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{9AB2427A-D301-4180-8CA0-4214ACCFDC3D}] => C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{89B25E3E-040C-4F42-860C-8C29EBDC2477}] => C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{F31FD7FA-96A5-42E7-A231-1FD1C5ECDCC4}] => C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{DE177724-6098-43D0-8806-973ABCD8489B}] => C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{D761F58A-F839-48D7-99C4-55FC2B2D31AD}] => C:\Program Files (x86)\Steam\steamapps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{A7B83730-8336-4D8C-9855-F525F4B87FD9}] => C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{DB0775A4-53C5-4D60-8B8F-3179817021C6}] => C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{F9BB05C7-2A2A-47AA-A4C8-F67AA78B7F80}] => C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{97388F1B-476A-40C6-B599-72697B7ED5EE}] => C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{AEAF1BD8-98C9-42F7-AC18-6186FD66BF03}] => C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{E9783289-E69A-4E06-9EAF-6EE9BCD26A7A}] => C:\Program Files (x86)\Steam\steamapps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{380E5670-8329-4A13-A453-1FCB2C92CEE3}] => C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{11AEA279-FA35-443C-A14E-5AA0A7F496B3}] => C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{BD8FDB87-DE06-432F-88BA-BC1C337988D7}] => C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe
FirewallRules: [{31C13ED3-EFCB-40F3-ABB5-23F388D89AD0}] => C:\Program Files (x86)\Steam\steamapps\common\ArcheAge\GlyphClient.exe
FirewallRules: [{6D7778AF-2ACA-4C81-8398-D5260FFCBE29}] => C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{9070EA33-9E66-4FCD-A375-B8D09CC4E587}] => C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{6870B29C-5372-4701-8F42-D6DE725973DD}] => C:\Program Files (x86)\Steam\steamapps\common\Transformice\Transformice.exe
FirewallRules: [{E5FA8FB3-D425-415A-B4AB-C6F08CB81390}] => C:\Program Files (x86)\Steam\steamapps\common\Transformice\Transformice.exe
FirewallRules: [{C5EE77CF-1244-4FB7-BAD8-8979C065A7A6}] => C:\Program Files (x86)\Steam\steamapps\common\Shakes & Fidget\Shakes and Fidget.exe
FirewallRules: [{D1CDF799-6265-4CD5-A626-94F4491BE72F}] => C:\Program Files (x86)\Steam\steamapps\common\Shakes & Fidget\Shakes and Fidget.exe
FirewallRules: [{74505E9A-F844-4FF4-A118-C989F71C77AE}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D0F4A6E6-0E01-410A-99B6-349CB62D49AF}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{98A6B571-7328-46CA-A786-18FA12118E8A}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4BFA63AA-FB4E-4CBD-81D2-92E7FCAFDCD2}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E9B7DABE-E09E-44E7-AC61-314074E4A507}] => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{290E19E0-A4C5-4803-A438-0E623CA48EE5}] => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{4F347DFD-A148-4E94-A8C2-19C58D774FCD}] => C:\Users\julia\AppData\Local\Temp\7zS48E3\HPDiagnosticCoreUI.exe
FirewallRules: [{EF4D3B24-6D1A-4A4C-B8B8-232EE3665BFE}] => C:\Users\julia\AppData\Local\Temp\7zS48E3\HPDiagnosticCoreUI.exe
FirewallRules: [{93BCAC83-2502-4ADE-A68A-50235D8FDC39}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{718492BD-2476-4DD7-ACFD-68AB1EA53F10}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D5F54F87-F1F2-47DF-B930-427698A21F72}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2FBA69FF-5B93-4B59-863C-F14782090247}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CDB8F4BC-F6B5-4AED-9C6B-FF33D179093F}] => C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe
FirewallRules: [UDP Query User{B554B3E6-7C3B-4686-9087-B4E5C9C25893}C:\program files (x86)\airdroid\airdroid.exe] => C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [TCP Query User{4C110523-B488-46B3-899F-EF71BBE24D74}C:\program files (x86)\airdroid\airdroid.exe] => C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{748F1E3C-DECB-4B30-BF51-756112C3CD69}] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{393AB3D0-4A56-48CE-BD65-1DEEE70B2C32}] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{E976C55B-498B-4F14-8840-5CE9729A6F01}] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [UDP Query User{211AA0BB-B2BF-4AF9-ABA8-82CFF5CC0E1E}C:\users\julia\appdata\roaming\spotify\spotify.exe] => C:\users\julia\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4D4FCBF6-4215-4F30-9ECA-5C56A461A339}C:\users\julia\appdata\roaming\spotify\spotify.exe] => C:\users\julia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EAF9E66-9C4A-4D0A-B054-19C130287E25}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20BCDFFA-F48F-451F-9909-7564F609CD50}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9C1BE638-D25E-4253-BB83-CE781B3F37EB}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{7E8694C3-45BB-4745-A308-C6A35808C8D1}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D2F959ED-037E-46F8-AD5E-3286E5F07D61}] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [{74359E8A-16FD-4F59-B923-0FE364A84156}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{880A6D2F-EEAB-438E-8929-2631F3FAE283}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{903D728A-A328-40A1-B1E4-F918302DFD0B}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{DF62B350-1B30-45B9-9F9A-0835826ECD8F}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{40ECC61F-8402-4117-B87D-EB3BA1C6DF00}] => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{5201F840-C181-4ADF-B64F-BA586C2E85AF}] => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{88D0A7BC-0EC0-4F83-B6DA-3A76E49049FF}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B0853F73-EE22-4F33-BD5F-457343C80640}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D800BFC-875A-44C6-B3DE-9FA69B80A8F8}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{030DB97E-3233-4BFA-A3C7-62C05B1472AD}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{01B265AF-5994-4773-8645-A594D691C490}] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{37C5AD1F-1DA6-464D-A2F6-7CDE35765FCD}] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{661DEAD1-BBE5-469E-9396-3681E714EF41}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{ACE30677-F83A-4849-8B62-F821F27DBE48}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Wiederherstellungspunkte =========================
04-02-2017 08:55:47 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/10/2017 07:00:45 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (02/10/2017 02:27:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899b5a
Name des fehlerhaften Moduls: USBKeyCredentialProvider.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x53d9fa55
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002b3c6
ID des fehlerhaften Prozesses: 0x255c
Startzeit der fehlerhaften Anwendung: 0x01d283a11a11660b
Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\LogonUI.exe
Pfad des fehlerhaften Moduls: USBKeyCredentialProvider.dll
Berichtskennung: 7db2d9a0-b1a6-4cbc-9a87-89cd0300d143
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/10/2017 02:25:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-N0N5AE6)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/10/2017 02:25:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-N0N5AE6)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/10/2017 02:22:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899b5a
Name des fehlerhaften Moduls: USBKeyCredentialProvider.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x53d9fa55
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002b4a8
ID des fehlerhaften Prozesses: 0x8
Startzeit der fehlerhaften Anwendung: 0x01d283a09c653723
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\LogonUI.exe
Pfad des fehlerhaften Moduls: USBKeyCredentialProvider.dll
Berichtskennung: a9b7e44e-87b4-44d8-b7ee-723b98977c07
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/10/2017 02:21:50 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (02/10/2017 02:19:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wwahost.exe, Version: 10.0.14393.187, Zeitstempel: 0x57cf99b5
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002f7db
ID des fehlerhaften Prozesses: 0x1d30
Startzeit der fehlerhaften Anwendung: 0x01d2839fe2445329
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\wwahost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: df245fc6-e67d-44e1-8a58-778a31864487
Vollständiger Name des fehlerhaften Pakets: 3574gindasoft.to-dos_2.22.0.0_neutral__vhpcp2ef0a8kc
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (02/10/2017 02:18:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-N0N5AE6)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub“ ist folgender Fehler aufgetreten: -2147417850. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/10/2017 02:15:19 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.
Error: (02/10/2017 09:31:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PlacesServer.exe, Version: 10.0.14393.693, Zeitstempel: 0x585a2592
Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 10.0.14393.206, Zeitstempel: 0x57daca78
Ausnahmecode: 0xc000027b
Fehleroffset: 0x000000000006d1c4
ID des fehlerhaften Prozesses: 0x33e8
Startzeit der fehlerhaften Anwendung: 0x01d283782051eb9b
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\twinapi.appcore.dll
Berichtskennung: 6ef30687-4242-41e6-8766-7869361d2dd9
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CortanaUI
Systemfehler:
=============
Error: (02/10/2017 05:48:50 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/10/2017 03:27:46 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: DESKTOP-N0N5AE6)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-1190779463-2330029784-2471901394-1001-0-ntuser.dat
Error: (02/10/2017 03:27:35 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: DESKTOP-N0N5AE6)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-1190779463-2330029784-2471901394-1001-0-ntuser.dat
Error: (02/10/2017 02:59:33 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: DESKTOP-N0N5AE6)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-1190779463-2330029784-2471901394-1001-0-ntuser.dat
Error: (02/10/2017 02:59:22 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: DESKTOP-N0N5AE6)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-1190779463-2330029784-2471901394-1001-0-ntuser.dat
Error: (02/10/2017 02:33:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/10/2017 02:30:25 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: DESKTOP-N0N5AE6)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-1190779463-2330029784-2471901394-1001-0-ntuser.dat
Error: (02/10/2017 02:30:15 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: DESKTOP-N0N5AE6)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-1190779463-2330029784-2471901394-1001-0-ntuser.dat
Error: (02/10/2017 02:25:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N0N5AE6)
Description: Der Server "microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/10/2017 02:25:15 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N0N5AE6)
Description: Der Server "Microsoft.MicrosoftOfficeHub.AppXrqs94aemecwbtd1veqtvyn34m9ks80g7.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2017-02-06 15:30:22.008
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-02-05 20:23:11.527
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-02-05 19:25:05.946
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-02-03 19:14:25.480
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-30 17:39:50.482
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-30 17:39:49.524
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-09 13:09:05.578
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-09 13:09:05.167
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-05 15:58:00.988
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
Date: 2017-01-05 15:58:00.486
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\n64hooks.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 16198.66 MB
Verfügbarer physikalischer RAM: 8555.36 MB
Summe virtueller Speicher: 18630.66 MB
Verfügbarer virtueller Speicher: 10007.77 MB
==================== Laufwerke ================================
Drive c: (Win10-Prof) (Fixed) (Total:931.02 GB) (Free:729.96 GB) NTFS
Drive e: (INTENSO) (Fixed) (Total:1863.01 GB) (Free:209.7 GB) NTFS
Drive f: (Elements) (Fixed) (Total:1397.26 GB) (Free:35.59 GB) NTFS
Drive g: (INTENSO ALT) (Fixed) (Total:1863.01 GB) (Free:960.39 GB) NTFS
Drive h: (INTENSO) (Fixed) (Total:698.63 GB) (Free:352.48 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FB5E5C55)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 1322A89A)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 698.6 GB) (Disk ID: 08E2026F)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 4D49C8E7)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 1397.3 GB) (Disk ID: 000AEA9D)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
# AdwCleaner v6.043 - Bericht erstellt am 01/02/2017 um 14:44:49
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-01-31.1 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : julia - DESKTOP-N0N5AE6
# Gestartet von : C:\Users\julia\Desktop\AdwCleaner_6.043.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startfenster Symbol
[-] Ordner gelöscht: C:\Program Files (x86)\Startfenster Symbol
[-] Ordner gelöscht: C:\Users\julia\AppData\Local\Temp\BROWSERADDON
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\julia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
[#] Datei gelöscht: C:\Users\julia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\startfenster.lnk
[-] Datei gelöscht: C:\Users\julia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster Symbol.lnk
[-] Datei gelöscht: C:\Users\julia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GOODGAME.LNK
[-] Datei gelöscht: C:\Users\julia\Favorites\Startfenster.lnk
[#] Datei gelöscht: C:\Users\julia\Favorites\startfenster.lnk
[-] Datei gelöscht: C:\Users\julia\Favorites\Links\Startfenster.lnk
[#] Datei gelöscht: C:\Users\julia\Favorites\Links\startfenster.lnk
[-] Datei gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Startfenster.lnk
[#] Datei gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\startfenster.lnk
[-] Datei gelöscht: C:\Users\julia\AppData\Roaming\Mozilla\Extensions\startfensterde-0.0.1-an+fx-linux.xpi
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
[-] Wert gelöscht: HKU\S-1-5-21-1190779463-2330029784-2471901394-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [VLC Updater]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\djhangopedggnlnicpbjklghlckmndge
***** [ Browser ] *****
[-] [C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: djhangopedggnlnicpbjklghlckmndge
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2895 Bytes] - [01/02/2017 14:44:49]
C:\AdwCleaner\AdwCleaner[S0].txt - [3111 Bytes] - [01/02/2017 14:43:30]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3041 Bytes] ##########
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 10.02.2017
Suchlaufzeit: 14:30
Protokolldatei: malewareBytes 10.02..txt
Administrator: Ja
Version: 2.2.1.1043
Malware-Datenbank: v2017.02.10.04
Rootkit-Datenbank: v2016.11.20.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: julia
Suchlauftyp: Benutzerdefinierter Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 317743
Abgelaufene Zeit: 25 Min., 59 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswerte: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Dateien: 2
PUP.Optional.CrossRider, C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, In Quarantäne, [5bf1b2ef8c1c8aaca21bf0bfc73c52ae],
PUP.Optional.CrossRider, C:\Users\julia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, In Quarantäne, [e567495801a72313f7c6a7080df659a7],
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end)
|
