| |
| |||||||
Log-Analyse und Auswertung: Adw Cleaner zeigt immer noch in Scheduled tasks Daten an die der Cleaner nicht LöschtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
21.08.2015, 15:39
| #1 |
| |  Adw Cleaner zeigt immer noch in Scheduled tasks Daten an die der Cleaner nicht Löscht Hallo Trojaner-board Community, Ich hatte folgendes Problem vor 2 Tagen hatte ich ein Update gemacht per Adobe Flash Player, der zeigte mir an das ich noch etwas zusätzlich Installieren sollte. Danach hatte ich einen Dns Unlocker auf meinen Pc und viele andere Schädliche Spamware. Weil ich leider zu blöd war und gleich hier etwas posten hatte sollen, habe ich mir den Spyhunter4 heruntergeladen, wo ich dann später gelesen hatte das es auch sehr schädlich ist. Ich bin dann auf eure seite gegangen und habe erstmals ein paar mal die folgenden Programme heruntergeladen und durchlaufen lassen. Adw Cleaner Eset online scanner revo uninstaller Avast browser Cleaner Malewarebytes Dem Farbar und CC cleaner habe ich nicht durchlaufen gelassen weil ich angst hatte das mein System Schrott wird. Eset online Scanner findet nichts mehr nur mehr der Adw Cleaner findet noch was im Scheduled tasks nähmlich folgendes:AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.000 - Logfile created 21/08/2015 at 16:20:50
# Updated 14/08/2015 by Xplode
# Database : 2015-08-20.1 [Server]
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Username : Chrisi - CHRISI-PC
# Running from : C:\Users\Chrisi\Desktop\Neuer Ordner\adwcleaner_5.000.exe
# Option : Scan
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
Task Found : Superclean
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
C:\AdwCleaner[C1].txt - [1000 octets] - [20/08/2015 09:01:26]
C:\AdwCleaner[S1].txt - [829 octets] - [20/08/2015 08:58:06]
C:\AdwCleaner[S2].txt - [954 octets] - [21/08/2015 16:08:09]
C:\AdwCleaner[S3].txt - [886 octets] - [21/08/2015 16:20:50]
########## EOF - C:\AdwCleaner[S3].txt - [948 octets] ##########
Ich hoffe ihr könnt mir dabei weiterhelfen und bedanke mich schon mal für eure Zeit. |
|
21.08.2015, 15:56
| #2 |
| /// the machine /// TB-Ausbilder    | Adw Cleaner zeigt immer noch in Scheduled tasks Daten an die der Cleaner nicht Löscht hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
21.08.2015, 16:13
| #3 |
| |  Adw Cleaner zeigt immer noch in Scheduled tasks Daten an die der Cleaner nicht Löscht So erstmal die Frst.txt:
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-08-2015
durchgeführt von Chrisi (Administrator) auf CHRISI-PC (21-08-2015 17:10:20)
Gestartet von C:\Users\Chrisi\Downloads
Geladene Profile: Chrisi (Verfügbare Profile: Chrisi & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(Hi-Rez Studios) F:\Program Files\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(SteelSeries) F:\Program Files\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Logitech Inc.) C:\Program Files\Logitech\Logitech Vid\Vid.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6609440 2008-10-31] (Realtek Semiconductor)
HKLM\...\Run: [SteelSeries World of Warcraft MMO Gaming Mouse] => F:\Program Files\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exe [1651200 2011-08-18] (SteelSeries)
HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1505144 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2008-10-31] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [863960 2015-04-06] (BlueStack Systems, Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Run: [Facebook Update] => "C:\Users\Chrisi\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Run: [DAEMON Tools Lite] => F:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Run: [Logitech Vid] => C:\Program Files\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.)
HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [2382368 2013-08-13] (Hewlett-Packard Co.)
HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53649536 2015-07-28] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-07] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-07] (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll Keine Datei
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll Keine Datei
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{E6D32D1B-3934-4A7A-A96C-E1F3216F5F5C}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FDD29BFA-6749-4C91-BE2D-0DC928BFA469}: [DhcpNameServer] 192.168.42.129
FireFox:
========
FF ProfilePath: C:\Users\Chrisi\AppData\Roaming\Mozilla\Firefox\Profiles\qrvx0njv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-17] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-02-11] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3644773473-1287165813-3723838049-1000: @nsroblox.roblox.com/launcher -> C:\Users\Chrisi\AppData\Local\Roblox\Versions\version-d0c46c562fb34e08\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3644773473-1287165813-3723838049-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Chrisi\AppData\Local\Roblox\Versions\version-d0c46c562fb34e08\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3644773473-1287165813-3723838049-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Chrisi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll Keine Datei
FF Plugin HKU\S-1-5-21-3644773473-1287165813-3723838049-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Chrisi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-25] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Chrisi\AppData\Roaming\Mozilla\Firefox\Profiles\qrvx0njv.default\searchplugins\google-images.xml [2014-09-17]
FF SearchPlugin: C:\Users\Chrisi\AppData\Roaming\Mozilla\Firefox\Profiles\qrvx0njv.default\searchplugins\google-maps.xml [2014-09-17]
FF SearchPlugin: C:\Users\Chrisi\AppData\Roaming\Mozilla\Firefox\Profiles\qrvx0njv.default\searchplugins\{3A4A90AF-AB48-49EA-A90E-58EE98586A4B}.xml [2013-04-13]
FF Extension: Adblock Plus - C:\Users\Chrisi\AppData\Roaming\Mozilla\Firefox\Profiles\qrvx0njv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-09-22]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-09-26]
FF HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Chrisi\AppData\Roaming\Mozilla\Firefox\Profiles\qrvx0njv.default\extensions\cliqz@cliqz.com
Chrome:
=======
CHR Profile: C:\Users\Chrisi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Chrisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-05]
CHR Extension: (Google Drive) - C:\Users\Chrisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-05]
CHR Extension: (YouTube) - C:\Users\Chrisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-05]
CHR Extension: (Google Search) - C:\Users\Chrisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-05]
CHR Extension: (Google Wallet) - C:\Users\Chrisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-05]
CHR Extension: (Gmail) - C:\Users\Chrisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-05]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [433880 2015-04-06] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824 2015-04-06] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [798424 2015-04-06] (BlueStack Systems, Inc.)
S4 CTDevice_Srv; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd) [Datei ist nicht signiert]
S4 CTUPnPSv; C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe [64000 2008-05-21] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1883496 2015-08-03] (LogMeIn Inc.)
U2 HiPatchService; F:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2015-02-24] (Hi-Rez Studios) [Datei ist nicht signiert]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-08-03] (LogMeIn, Inc.)
S2 MBAMService; F:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S4 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S3 BRSptSvc; "C:\ProgramData\BitRaider\BRSptSvc.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R5 ACPI; C:\Windows\System32\drivers\acpi.sys [265688 2009-04-11] (Microsoft Corporation)
R5 atapi; C:\Windows\System32\drivers\atapi.sys [19944 2009-04-11] (Microsoft Corporation)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [130776 2015-04-06] (BlueStack Systems)
R5 CLFS; C:\Windows\System32\CLFS.sys [244152 2015-03-05] (Microsoft Corporation)
R5 crcdisk; C:\Windows\System32\drivers\crcdisk.sys [24632 2008-01-21] (Microsoft Corporation)
R5 disk; C:\Windows\System32\drivers\disk.sys [53736 2009-04-11] (Microsoft Corporation)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-11-17] (Disc Soft Ltd)
S3 eapihdrv; C:\Users\Chrisi\AppData\Local\Temp\ehdrv.sys [135760 2015-08-17] (ESET)
R5 Ecache; C:\Windows\System32\drivers\ecache.sys [140224 2015-07-21] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [58936 2008-01-21] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Microsoft Corporation)
R5 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-02-18] (GFI Software)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R5 intelide; C:\Windows\System32\drivers\intelide.sys [17976 2008-01-21] (Microsoft Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [440768 2015-06-12] (Microsoft Corporation)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-08-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
S3 Mo3Fltr; C:\Windows\System32\drivers\Mo3Fltr.sys [11136 2010-08-11] ()
R5 MountMgr; C:\Windows\System32\drivers\mountmgr.sys [56256 2015-07-21] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [16440 2008-01-21] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [48104 2009-04-11] (Microsoft Corporation)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [527848 2009-04-11] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [53120 2012-03-21] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [149480 2009-04-11] (Microsoft Corporation)
R3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2012-07-31] (Screaming Bee LLC)
S3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10384896 2007-08-20] (Sonix Co. Ltd.)
R5 spldr; C:\Windows\system32\Drivers\spldr.sys [21048 2008-01-21] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [905664 2014-04-05] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [52792 2008-01-21] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [292840 2009-04-11] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [224640 2012-08-21] (Microsoft Corporation)
S3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1961072 2010-05-20] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [527064 2013-06-27] (Microsoft Corporation)
S3 BRDriver; \??\C:\programdata\bitraider\BRDriver.sys [X]
S3 EverestDriver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 XDva401; \??\C:\Windows\system32\XDva401.sys [X]
S3 XDva405; \??\C:\Windows\system32\XDva405.sys [X]
S3 XDva424; \??\C:\Windows\system32\XDva424.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-21 17:10 - 2015-08-21 17:11 - 00020475 _____ C:\Users\Chrisi\Downloads\FRST.txt
2015-08-21 17:10 - 2015-08-21 17:10 - 00000000 ____D C:\FRST
2015-08-21 16:25 - 2015-08-21 16:25 - 00001016 _____ C:\Users\Chrisi\Desktop\AdwCleaner[S3].txt
2015-08-21 16:20 - 2015-08-21 16:21 - 00001016 _____ C:\AdwCleaner[S3].txt
2015-08-21 16:13 - 2015-08-21 16:13 - 01677312 _____ (Farbar) C:\Users\Chrisi\Downloads\FRST.exe
2015-08-21 16:08 - 2015-08-21 16:08 - 00000954 _____ C:\AdwCleaner[S2].txt
2015-08-20 09:01 - 2015-08-20 09:01 - 00001000 _____ C:\AdwCleaner[C1].txt
2015-08-20 08:58 - 2015-08-20 08:58 - 00000829 _____ C:\AdwCleaner[S1].txt
2015-08-20 08:58 - 2015-08-20 08:58 - 00000000 ____D C:\AdwCleaner
2015-08-20 08:29 - 2015-08-15 01:03 - 12386816 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-20 08:29 - 2015-08-15 00:56 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-20 08:29 - 2015-08-15 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-17 15:03 - 2015-08-17 15:03 - 00000000 ___RD C:\Users\Chrisi\Documents\Notes
2015-08-17 10:06 - 2015-08-17 10:06 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-17 10:06 - 2015-08-17 10:06 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-08-17 09:45 - 2015-08-17 09:45 - 00000870 _____ C:\Users\Chrisi\Desktop\firefox.exe - Verknüpfung (2).lnk
2015-08-17 00:53 - 2015-08-17 00:53 - 00895965 _____ C:\Users\Chrisi\Desktop\adblock_plus-2.6.9-an_sm_tb_fx.zip
2015-08-17 00:52 - 2015-08-17 00:52 - 158417712 _____ (AVAST Software) C:\Users\Chrisi\Desktop\avast2225_free_antivirus_setup.exe
2015-08-17 00:47 - 2015-08-17 00:47 - 00000846 _____ C:\Users\Chrisi\Desktop\firefox.exe - Verknüpfung.lnk
2015-08-17 00:36 - 2015-08-17 10:16 - 00001384 _____ C:\DelFix.txt
2015-08-17 00:36 - 2015-08-17 04:08 - 00000000 ____D C:\ProgramData\6WinManPro6
2015-08-17 00:29 - 2015-08-17 00:29 - 36128233 _____ C:\Users\Chrisi\Desktop\Flash_Player_18.0.0.232.zip
2015-08-17 00:21 - 2015-08-17 00:21 - 00001057 _____ C:\Users\Chrisi\Desktop\Revo Uninstaller.lnk
2015-08-17 00:21 - 2015-08-17 00:21 - 00000000 ____D C:\Program Files\VS Revo Group
2015-08-16 23:23 - 2015-08-17 00:34 - 00000000 ____D C:\ProgramData\yWinManProy
2015-08-16 22:52 - 2015-08-17 00:42 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-08-16 22:44 - 2015-08-17 00:34 - 00000000 ____D C:\Program Files\03000200-1439757866-0500-0006-000700080009
2015-08-16 22:44 - 2015-08-16 23:09 - 00000000 ____D C:\Users\Chrisi\AppData\Roaming\Opera Software
2015-08-16 22:44 - 2015-08-16 23:09 - 00000000 ____D C:\Users\Chrisi\AppData\Local\Opera Software
2015-08-16 22:44 - 2015-08-16 23:09 - 00000000 ____D C:\Program Files\Opera
2015-08-16 22:44 - 2006-09-18 23:41 - 00000761 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-16 22:42 - 2015-08-17 00:34 - 00000000 ____D C:\ProgramData\Unpeesohwu
2015-08-16 22:39 - 2015-08-21 10:45 - 00001016 _____ C:\Windows\Tasks\lSOFTE1mUd0mQHukFiNo.job
2015-08-16 22:36 - 2015-08-21 10:36 - 00000994 _____ C:\Windows\Tasks\lmrXcwaGn.job
2015-08-16 22:34 - 2015-08-17 00:34 - 00000000 ____D C:\ProgramData\WWinManProW
2015-08-16 22:33 - 2015-08-16 22:33 - 00000000 _____ C:\Windows\prleth.sys
2015-08-16 22:33 - 2015-08-16 22:33 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-16 22:30 - 2015-08-17 00:36 - 00000868 _____ C:\task.vbs
2015-08-16 00:59 - 2015-08-16 00:59 - 03106640 _____ C:\Users\Chrisi\ts3_recording_15_08_16_0_59_26.wav
2015-08-13 09:56 - 2015-07-21 22:55 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-13 09:56 - 2015-07-21 18:07 - 03605440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-08-13 09:56 - 2015-07-21 18:07 - 03553216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-13 09:56 - 2015-07-21 18:07 - 00140224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-08-13 09:56 - 2015-07-21 18:07 - 00056256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-13 09:56 - 2015-07-21 18:03 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-08-13 09:56 - 2015-07-21 18:03 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-13 09:56 - 2015-07-21 18:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-13 09:55 - 2015-07-31 21:27 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 09:54 - 2015-07-11 17:56 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-13 09:54 - 2015-07-10 21:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-13 09:54 - 2015-07-09 16:20 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-08-13 09:46 - 2015-07-18 18:03 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-13 09:46 - 2015-07-10 21:37 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-13 09:46 - 2015-07-10 21:37 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-13 09:45 - 2015-08-01 00:08 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-13 09:45 - 2015-07-31 23:46 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-08-13 09:45 - 2015-07-31 23:46 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-08-13 09:45 - 2015-07-31 23:46 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-08-13 09:45 - 2015-07-31 23:46 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-08-13 09:45 - 2015-07-31 22:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-13 09:45 - 2015-07-31 22:40 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-08-13 09:45 - 2015-07-31 22:35 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-08-13 09:45 - 2015-07-31 22:33 - 02066944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-13 09:45 - 2015-07-31 22:33 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-13 09:45 - 2015-07-31 22:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-13 09:45 - 2015-07-31 22:33 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-13 09:44 - 2015-07-01 17:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-13 09:43 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-13 09:43 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 09:25 - 2015-07-22 22:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 09:25 - 2015-07-22 22:51 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 09:25 - 2015-07-22 22:47 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 09:25 - 2015-07-22 22:46 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 09:25 - 2015-07-22 22:46 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 09:25 - 2015-07-22 22:45 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 09:25 - 2015-07-22 22:45 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-08-12 09:25 - 2015-07-22 22:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 09:25 - 2015-07-22 22:44 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 09:25 - 2015-07-22 22:44 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 09:25 - 2015-07-22 22:44 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 09:25 - 2015-07-22 22:44 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 09:25 - 2015-07-22 22:43 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 09:25 - 2015-07-22 22:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 09:25 - 2015-07-22 22:43 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 09:25 - 2015-07-22 22:43 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-08-12 09:25 - 2015-07-22 22:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-08-12 09:25 - 2015-07-22 22:43 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-08-12 09:25 - 2015-07-22 22:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-08 10:49 - 2015-08-08 10:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-08 10:49 - 2015-08-08 10:49 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2015-08-05 00:03 - 2015-08-05 00:03 - 00877152 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-08-05 00:03 - 2015-08-05 00:03 - 00538208 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2015-07-28 20:01 - 2015-07-28 20:01 - 00000202 _____ C:\Users\Chrisi\Desktop\Unturned.url
2015-07-24 22:24 - 2015-07-24 22:25 - 00000000 ____D C:\Users\Chrisi\AppData\Roaming\Trove
2015-07-24 22:13 - 2015-07-24 22:13 - 00000202 _____ C:\Users\Chrisi\Desktop\Trove.url
2015-07-24 13:37 - 2015-07-24 13:37 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-24 13:33 - 2015-07-24 18:27 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-23 12:56 - 2015-07-23 12:56 - 00000198 _____ C:\Users\Chrisi\Desktop\Counter-Strike Condition Zero.url
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-21 17:09 - 2008-01-21 03:35 - 01238434 _____ C:\Windows\WindowsUpdate.log
2015-08-21 16:17 - 2006-11-02 14:47 - 00004880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-21 16:17 - 2006-11-02 14:47 - 00004880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-21 16:07 - 2012-01-15 19:58 - 00000000 ____D C:\Users\Chrisi\AppData\Roaming\Skype
2015-08-21 14:48 - 2012-12-09 15:28 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3644773473-1287165813-3723838049-1000UA.job
2015-08-21 14:48 - 2012-12-09 15:28 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3644773473-1287165813-3723838049-1000Core.job
2015-08-21 08:23 - 2008-01-21 09:16 - 01567416 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-21 08:20 - 2013-07-19 17:42 - 00000000 ____D C:\Users\Chrisi\AppData\Local\LogMeIn Hamachi
2015-08-21 08:17 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-21 00:29 - 2006-11-02 15:01 - 00032562 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-21 00:20 - 2011-09-22 19:00 - 00000000 ____D C:\Users\Chrisi\AppData\Roaming\TS3Client
2015-08-20 09:03 - 2008-01-21 04:47 - 00889480 _____ C:\Windows\PFRO.log
2015-08-20 08:26 - 2012-01-15 19:57 - 00000000 ____D C:\ProgramData\Skype
2015-08-17 10:16 - 2014-08-20 17:25 - 00000000 ____D C:\Users\Chrisi\Desktop\Neuer Ordner
2015-08-17 10:13 - 2013-09-12 14:02 - 00000000 ____D C:\Users\Chrisi\AppData\Roaming\.medieval
2015-08-17 00:39 - 2014-05-25 07:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Build and Shoot
2015-08-17 00:39 - 2011-09-21 22:08 - 00000977 _____ C:\Users\Chrisi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-17 00:06 - 2015-02-18 17:46 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-16 23:53 - 2011-09-21 22:08 - 00000000 ____D C:\Users\Chrisi
2015-08-16 23:44 - 2011-09-21 23:54 - 00000000 ____D C:\Users\Chrisi\AppData\Roaming\vlc
2015-08-16 22:52 - 2011-09-21 22:08 - 00000944 _____ C:\Users\Chrisi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-16 22:52 - 2011-09-21 22:08 - 00000915 _____ C:\Users\Chrisi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2015-08-16 22:51 - 2013-02-19 16:47 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-16 22:31 - 2015-06-08 11:02 - 00003944 _____ C:\Windows\setupact.log
2015-08-16 22:24 - 2013-05-22 21:02 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-13 18:23 - 2011-09-22 13:24 - 00000000 ____D C:\Program Files\Common Files\Steam
2015-08-13 10:19 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-13 10:15 - 2006-11-02 14:47 - 00294480 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 10:13 - 2012-04-19 12:42 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 10:12 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-08-13 09:56 - 2012-04-19 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 09:53 - 2013-08-15 07:38 - 00000000 ____D C:\Windows\system32\MRT
2015-08-13 09:46 - 2006-11-02 12:24 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-08-08 10:50 - 2011-09-21 22:08 - 00008916 _____ C:\Users\Chrisi\AppData\Local\d3d9caps.dat
2015-08-07 21:17 - 2014-07-17 12:55 - 00000000 ____D C:\Users\Chrisi\AppData\Roaming\HpUpdate
2015-08-03 12:12 - 2013-07-19 17:41 - 00026176 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-07-29 20:40 - 2011-09-22 00:51 - 00159744 _____ C:\Users\Chrisi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-28 20:01 - 2011-09-22 18:29 - 00000000 ____D C:\Users\Chrisi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-28 10:42 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2015-07-24 13:33 - 2014-12-02 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\diclovit's mod pack
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-11-14 23:01 - 2013-12-19 21:38 - 0000096 _____ () C:\Users\Chrisi\AppData\Roaming\Camdata.ini
2013-11-14 23:01 - 2013-12-19 21:38 - 0000408 _____ () C:\Users\Chrisi\AppData\Roaming\CamLayout.ini
2013-11-14 23:01 - 2013-12-19 21:38 - 0000408 _____ () C:\Users\Chrisi\AppData\Roaming\CamShapes.ini
2013-11-14 23:01 - 2013-12-19 21:38 - 0004535 _____ () C:\Users\Chrisi\AppData\Roaming\CamStudio.cfg
2013-11-18 23:32 - 2013-11-21 19:27 - 0087608 _____ () C:\Users\Chrisi\AppData\Roaming\inst.exe
2013-08-12 16:01 - 2013-08-12 16:01 - 0000032 _____ () C:\Users\Chrisi\AppData\Roaming\mbam.context.scan
2013-11-18 23:32 - 2013-11-21 19:27 - 0007887 _____ () C:\Users\Chrisi\AppData\Roaming\pcouffin.cat
2013-11-18 23:32 - 2013-11-21 19:27 - 0001144 _____ () C:\Users\Chrisi\AppData\Roaming\pcouffin.inf
2013-11-18 23:32 - 2013-11-21 19:27 - 0000055 _____ () C:\Users\Chrisi\AppData\Roaming\pcouffin.log
2013-11-18 23:32 - 2013-11-21 19:27 - 0047360 _____ (VSO Software) C:\Users\Chrisi\AppData\Roaming\pcouffin.sys
2013-04-29 14:08 - 2014-01-25 14:55 - 0138056 _____ () C:\Users\Chrisi\AppData\Roaming\PnkBstrK.sys
2013-05-27 22:03 - 2013-05-27 22:03 - 0000850 _____ () C:\Users\Chrisi\AppData\Roaming\Safer-Networking.log
2013-11-14 23:01 - 2013-12-19 21:37 - 0000096 _____ () C:\Users\Chrisi\AppData\Roaming\version2.xml
2014-12-15 15:43 - 2014-12-17 09:43 - 0000129 _____ () C:\Users\Chrisi\AppData\Roaming\WB.CFG
2011-09-21 22:08 - 2015-08-08 10:50 - 0008916 _____ () C:\Users\Chrisi\AppData\Local\d3d9caps.dat
2011-09-22 00:51 - 2015-07-29 20:40 - 0159744 _____ () C:\Users\Chrisi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-17 09:43 - 2014-12-17 09:43 - 0000010 _____ () C:\Users\Chrisi\AppData\Local\DSI.DAT
2014-07-17 12:53 - 2014-07-17 12:53 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-09-26 12:52 - 2011-09-26 13:18 - 0003346 _____ () C:\ProgramData\hpzinstall.log
2012-08-05 15:31 - 2012-08-05 16:36 - 4503728 ____T () C:\ProgramData\rat_0ybba.pad
Einige Dateien in TEMP:
====================
C:\Users\Chrisi\AppData\Local\Temp\5A263F8F-91E3-6040-7C53-23EEED550A5F.dll
C:\Users\Chrisi\AppData\Local\Temp\5A263F8F-91E3-6040-7C53-23EEED550A5F.exe
C:\Users\Chrisi\AppData\Local\Temp\975.exe
C:\Users\Chrisi\AppData\Local\Temp\Quarantine.exe
C:\Users\Chrisi\AppData\Local\Temp\Uninstall.exe
C:\Users\Chrisi\AppData\Local\Temp\UninstallModule.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-21 08:25
==================== Ende vom raportu ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-08-2015
durchgeführt von Chrisi (2015-08-21 17:11:32)
Gestartet von C:\Users\Chrisi\Downloads
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3644773473-1287165813-3723838049-500 - Administrator - Disabled)
Chrisi (S-1-5-21-3644773473-1287165813-3723838049-1000 - Administrator - Enabled) => C:\Users\Chrisi
Gast (S-1-5-21-3644773473-1287165813-3723838049-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-3644773473-1287165813-3723838049-1002 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
325 USB PC Camera (HKLM\...\{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}) (Version: 0.4.0.000 - Sonix)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Action Replay Code Manager (HKLM\...\Action Replay Code Manager_is1) (Version: - )
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Aegisub 3.0.4 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.0.4 - Aegisub Team)
Age of Empires III (HKLM\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Any Video Converter 5.0.7 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
BitRaider Web Client (HKLM\...\BitRaider Web Client) (Version: 1.1.6.1 - BitRaider, LLC)
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.9.30.4239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{78BF00E5-9FD7-4ACD-B7DE-D6CECED1D29A}) (Version: 0.9.20.5213 - BlueStack Systems, Inc.)
BoneTown (HKLM\...\{5E7C721D-B008-4269-A1C4-2CE7E9757983}) (Version: 1.1.1 - DWC Software)
Brick-Force (HKLM\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 4.4.393.134.20 - Infernum Productions AG)
Brother P-touch Editor 5.0 (HKLM\...\{DF9A6075-9308-4572-8932-A4316243C4D9}) (Version: 5.0.2101 - Brother Industries, Ltd.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build and Shoot Launcher 1.2 (HKLM\...\Build and Shoot Launcher) (Version: 1.2 - Buld Then Snip, LLC)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Castle Crashers (HKLM\...\Steam App 204360) (Version: - The Behemoth)
Copy (Version: 130.0.366.000 - Hewlett-Packard) Hidden
Counter-Strike: Condition Zero (HKLM\...\Steam App 80) (Version: - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM\...\Steam App 100) (Version: - Valve)
Craften Terminal 4.1.2 (HKLM\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.1.2 - Craften.de)
Creative Centrale (HKLM\...\Creative Centrale) (Version: 1.18.03 - Creative Technology Ltd.)
Creative Centrale (Version: 1.18.03 - Creative Technology Ltd.) Hidden
Creative Software Update (Version: 1.03.01 - Creative Technology Ltd.) Hidden
Creative ZEN Style Series Dokumentation (HKLM\...\ZENSTYLESERIESUG) (Version: - Creative Technology Ltd.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
Diablo III (HKLM\...\Diablo III) (Version: - Blizzard Entertainment)
diclovit's mod pack 9.9.1 (HKLM\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 9.9.1 - diclovit)
DJ_AIO_06_F2400_SW_Min (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Dota 2 Workshop Tools Alpha (HKLM\...\Steam App 316570) (Version: - )
F2400 (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
FileZilla Client 3.7.3 (HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Fraps (remove only) (HKLM\...\Fraps) (Version: - )
globalupdate Helper (Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ACHTUNG
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Guns And Robots (HKLM\...\Guns And Robots) (Version: 1.0 - Mastheadstudios Ltd.)
Half-Life 2 (HKLM\...\Steam App 220) (Version: - Valve)
Half-Life 2: Lost Coast (HKLM\...\Steam App 340) (Version: - Valve)
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}) (Version: 13.0 - HP)
HP ENVY 4500 series - Grundlegende Software für das Gerät (HKLM\...\{23808E88-87BA-4BF0-8C8F-DC7D9DB40359}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP ENVY 4500 series Hilfe (HKLM\...\{6767CCD2-B939-4542-BF08-015B5496D4EC}) (Version: 30.0.0 - Hewlett Packard)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (Version: 130.0.303.000 - Hewlett-Packard) Hidden
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Landwirtschafts Simulator 2013 (HKLM\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
Logitech Vid (HKLM\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.10.1009 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.383 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliType Pro 7.1 (HKLM\...\{11E94FDB-C895-45F1-B756-1C9B8C36C8F1}) (Version: 7.10.344.0 - Microsoft)
Microsoft LifeCam (HKLM\...\{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MorphVOX Junior (HKLM\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
Mozilla Firefox 40.0.2 (x86 de) (HKLM\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM\...\{47948554-90C6-4AAC-8CFA-D23CE11C1031}) (Version: 8.3.124 - Nero AG)
NVIDIA 3D Vision Controller-Treiber 320.18 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.18 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 320.18 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.18 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Pokémon Trading Card Game Online (HKLM\...\{9AD6C3C3-C63C-4025-AC81-CCD60189E160}) (Version: 2.25.0 - The Pokémon Company International)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5730 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Robocraft (HKLM\...\Steam App 301520) (Version: - Freejam)
RPG Maker VX Ace Lite (HKLM\...\Steam App 224280) (Version: - Enterbrain)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scribblenauts Unlimited (HKLM\...\Steam App 218680) (Version: - 5th Cell Media)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
ShrinkTo5Basic (HKLM\...\ShrinkTo5Basic) (Version: - )
Skype™ 7.7 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Smite (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.1.2598.3 - Hi-Rez Studios)
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spore (HKLM\...\Steam App 17390) (Version: - Maxis™)
Spotify (HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Starbound (HKLM\...\Steam App 211820) (Version: - )
Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Studie zur Verbesserung von HP ENVY 4500 series (HKLM\...\{5C3EB7C3-F5CC-479E-A082-B30B950C0AC4}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
SWF Opener (HKLM\...\{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1) (Version: 1.3 - UnH Solutions)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac: Rebirth (HKLM\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Escapists (HKLM\...\Steam App 298630) (Version: - Mouldy Toof Studios)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total War: SHOGUN 2 (HKLM\...\Steam App 34330) (Version: - The Creative Assembly)
Train Simulator 2014 (HKLM\...\Steam App 24010) (Version: - RailSimulator.com)
TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
Trove (HKLM\...\Steam App 304050) (Version: - Trion Worlds)
Turbo Dismount (HKLM\...\Steam App 263760) (Version: - Secret Exit Ltd.)
Unity Web Player (HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Unturned (HKLM\...\Steam App 304930) (Version: - Nelson Sexton)
VLC media player 2.0.0 (HKLM\...\VLC media player) (Version: 2.0.0 - VideoLAN)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR 4.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Tanks - Common Test (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1) (Version: - Wargaming.net)
World of Tanks (HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warcraft (HKLM\...\World of Warcraft) (Version: 5.2.0.16826 - Blizzard Entertainment)
World of Warcraft MMO Gaming Mouse (HKLM\...\{C9DF0468-5F31-4799-B4FE-CBAD37FFB8DE}) (Version: 1.14.0000 - SteelSeries)
Worms Revolution (HKLM\...\Steam App 200170) (Version: - Team17 Digital Ltd.)
Worms Ultimate Mayhem (HKLM\...\Steam App 70600) (Version: - )
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
XviD4PSP 5.10.271.0 (HKLM\...\XviD4PSP5_is1) (Version: - Winnydows & fcp team)
YGOPro DevPro Version 1.9.2r2 (HKLM\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.2r2 - YGOPro DevPro Online)
Zeta Producer 11 11.2.2 (nur entfernen) (HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\ZetaProducer11) (Version: 11.2.2 - Zeta Software GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> "C:\Users\Chrisi\AppData\Local\Facebook\Update\FacebookUpdate.exe" Keine Datei
CustomCLSID: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Chrisi\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Chrisi\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000_Classes\CLSID\{76D50904-6780-4c8b-8986-1A7EE0B1716D}\InprocServer32 -> C:\Users\Chrisi\AppData\Local\Roblox\Versions\version-d0c46c562fb34e08\RobloxProxy.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Chrisi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Chrisi\AppData\Local\Roblox\Versions\version-d0c46c562fb34e08\RobloxProxy64.dll (ROBLOX Corporation)
==================== Wiederherstellungspunkte =========================
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0087CD7D-8778-4C90-80A8-36E13EDB7E50} - System32\Tasks\HP AR Program Upload - a9ab22a7bfb94fbe8a63e77f84f94ec8ad5e06634a514775a59b7f0aad2d7628 => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2013-08-13] (TODO: <Company name>)
Task: {00C5949D-0CEE-482F-A2F1-06FF3B898C2F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3644773473-1287165813-3723838049-1000Core => C:\Users\Chrisi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {03B4DDC3-79C0-476D-BA31-66153D4835FA} - System32\Tasks\{021DD917-6AC2-4B64-BE67-08AEEB5ACF1A} => pcalua.exe -a C:\Users\Chrisi\AppData\Roaming\.minecraft\versions\13w38c\WDI_0.8.exe -d C:\Users\Chrisi\AppData\Roaming\.minecraft\versions\13w38c
Task: {0AB41E09-F3D4-4C7E-94D5-14B8A6A5256C} - \Unpeesohwu -> Keine Datei <==== ACHTUNG
Task: {14895063-C712-436A-AB70-3A3D2A4A1090} - System32\Tasks\{1DACE068-67E2-42A7-A5E6-4D681C4ADF5F} => pcalua.exe -a "C:\Users\Chrisi\Desktop\homepageteile\Neuer Ordner\auxsetup.exe" -d "C:\Users\Chrisi\Desktop\homepageteile\Neuer Ordner"
Task: {15FC9053-3141-47DA-BE77-0D8066EBAFDF} - System32\Tasks\Asrsetup => E:\ASRSetup.exe
Task: {1B31DB99-BE5B-45B5-9FB1-6C8741F71DA4} - System32\Tasks\{FDF6A4C5-0A1E-4DCA-9806-5155ED209378} => Firefox.exe hxxp://ui.skype.com/ui/0/6.20.0.104/de/abandoninstall?page=tsProgressBar
Task: {1E8ED656-FBB0-4C51-9DD3-7448E13B28AE} - \42c7d91b-7812-4785-a287-623b8d1af162-10_user -> Keine Datei <==== ACHTUNG
Task: {1E8F2932-92BB-4F91-9CC7-C684B4364441} - \globalUpdateUpdateTaskMachineUA -> Keine Datei <==== ACHTUNG
Task: {1ED55EC7-EE03-44F3-88E0-59D5786A67DF} - System32\Tasks\{0AE9FE66-78CC-4174-8D03-47A66E90EA1D} => pcalua.exe -a C:\Users\Chrisi\AppData\Roaming\.minecraft\mods\WDI_0.8.exe -d C:\Users\Chrisi\AppData\Roaming\.minecraft\mods
Task: {1FCAE3FC-D91F-4548-8776-ABB32177C832} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~1\AD-AWA~1\AdAwareLauncher.exe
Task: {294B6A63-F1DA-4026-BA35-70957C2C559E} - System32\Tasks\HP AR Program Upload - de7268eab3cf480ea59227baa5459a55e8a840e34fc24b118250cd306600a61c => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2013-08-13] (TODO: <Company name>)
Task: {43C1D4CB-1400-47EF-960E-CA91304C91F4} - System32\Tasks\cfr3011 => C:\PROGRA~1\FASTSE~1\cfr3011.exe
Task: {47748AA9-E5D8-4E5E-BE3D-4C8CFCD9E1B6} - System32\Tasks\Microsoft_Hardware_Launch_vVX1000_exe => C:\Windows\vVX1000.exe [2010-05-20] (Microsoft Corporation)
Task: {4B86829A-FEB9-4666-81B9-7400BA1AD58E} - System32\Tasks\{BF8D4E13-30D0-485E-BC3E-4B84052A6376} => pcalua.exe -a "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" -c --lang=deDE --uid=diablo3_dede --displayname="Diablo III"
Task: {5C668CF8-6E14-4ADA-B3CD-6AA0FF00FDEB} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2013-08-13] (Hewlett-Packard Co.)
Task: {5EF7BB35-EE4A-407B-9A73-B9602BC719BB} - \42c7d91b-7812-4785-a287-623b8d1af162-5 -> Keine Datei <==== ACHTUNG
Task: {5F60B5AF-0E7D-4761-A734-A998CF647B44} - \Superclean -> Keine Datei <==== ACHTUNG
Task: {649701C3-1612-4B2C-B82D-86F996091AE5} - System32\Tasks\{AF12C017-9D27-482D-A4E8-BFD7CCA56438} => Firefox.exe hxxp://ui.skype.com/ui/0/6.16.59.105/de/abandoninstall?page=tsProgressBar
Task: {717B07F5-6037-4578-B8C6-5D261160F4C6} - System32\Tasks\{C13A4952-BE53-41F6-9E34-E7E117B900CF} => pcalua.exe -a C:\Users\Chrisi\AppData\Roaming\.minecraft\WDI_0.8.exe -d C:\Users\Chrisi\AppData\Roaming\.minecraft
Task: {75418CBD-693B-4611-B053-BDA1B72149CF} - \YOXeJErXlY -> Keine Datei <==== ACHTUNG
Task: {794379FC-C1D0-4ED5-BCAE-DF8FF2A2581F} - \42c7d91b-7812-4785-a287-623b8d1af162-5_user -> Keine Datei <==== ACHTUNG
Task: {7D6D4FD8-2BF4-4E8B-8045-7B7C9685FC46} - System32\Tasks\{E34133B7-60E3-440D-8506-B79595396609} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {809C9AE0-9A4A-4F76-AF6A-DFF28674F716} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {893EF6A6-880B-40F3-8D4C-127BCAAEA9B1} - \42c7d91b-7812-4785-a287-623b8d1af162-1-7 -> Keine Datei <==== ACHTUNG
Task: {8B69BE06-B1C6-47DC-AD1C-54A6BBD960E8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3644773473-1287165813-3723838049-1000UA => C:\Users\Chrisi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {8BBB0DB3-1384-45B8-9403-9DD086EB1BED} - \globalUpdateUpdateTaskMachineCore -> Keine Datei <==== ACHTUNG
Task: {A18C3F31-D15E-496E-8158-F2FD222310FA} - System32\Tasks\lSOFTE1mUd0mQHukFiNo => C:\Users\Chrisi\AppData\Roaming\lSOFTE1mUd0mQHukFiNo.exe <==== ACHTUNG
Task: {B2BB5AE2-A9C9-48EF-BD39-9CBA4755517E} - System32\Tasks\{11A387EA-4242-4ED2-94CF-042972EA58FE} => pcalua.exe -a E:\ASRSetup.exe -d E:\
Task: {B5C5B9AA-7A70-4CE9-B05F-72B33722CF54} - System32\Tasks\{E31BDA84-CDBD-488B-8002-F726927C8AE3} => pcalua.exe -a E:\setup.exe -d E:\
Task: {BA5095EC-D790-4DB9-B81E-688E34C7AA8E} - System32\Tasks\HP AR Program Upload - a96a75c916564176a1a2a8b6b41236dfcb3fc44ae0d34d4ebd9329555156bb29 => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2013-08-13] (TODO: <Company name>)
Task: {DA22FBB9-ACD0-401D-926D-EF7559EB9361} - \42c7d91b-7812-4785-a287-623b8d1af162-1-6 -> Keine Datei <==== ACHTUNG
Task: {E2BA937D-7D3C-4AB1-9DFA-D958262383D8} - System32\Tasks\{F3FB23B9-9A2D-4EBA-9C7F-2B0001813FB2} => pcalua.exe -a L:\setup.exe -d L:\
Task: {F1D8E66B-F304-456A-98D5-CAD42DC9CDD1} - System32\Tasks\lmrXcwaGn => C:\Users\Chrisi\AppData\Roaming\lmrXcwaGn.exe <==== ACHTUNG
Task: {F7F67283-1B60-482B-B92D-C4D2610C7187} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-11-05] (Microsoft Corporation)
Task: {F99C190F-76C1-4455-A629-40D1D84BD169} - \42c7d91b-7812-4785-a287-623b8d1af162-4 -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3644773473-1287165813-3723838049-1000Core.job => C:\Users\Chrisi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3644773473-1287165813-3723838049-1000UA.job => C:\Users\Chrisi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\lmrXcwaGn.job => C:\Users\Chrisi\AppData\Roaming\lmrXcwaGn.exe <==== ACHTUNG
Task: C:\Windows\Tasks\lSOFTE1mUd0mQHukFiNo.job => C:\Users\Chrisi\AppData\Roaming\lSOFTE1mUd0mQHukFiNo.exe <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2011-09-22 00:06 - 2010-08-11 14:18 - 00010752 _____ () F:\Program Files\SteelSeries\World of Warcraft MMO Gaming Mouse\VDHIDWDM.DLL
2009-07-16 16:34 - 2009-07-16 16:34 - 02140944 _____ () C:\Program Files\Logitech\Logitech Vid\QtCore4.dll
2009-07-16 16:34 - 2009-07-16 16:34 - 07704336 _____ () C:\Program Files\Logitech\Logitech Vid\QtGui4.dll
2009-07-16 16:34 - 2009-07-16 16:34 - 00968976 _____ () C:\Program Files\Logitech\Logitech Vid\QtNetwork4.dll
2009-07-16 16:34 - 2009-07-16 16:34 - 00475408 _____ () C:\Program Files\Logitech\Logitech Vid\QtOpenGL4.dll
2009-07-16 16:35 - 2009-07-16 16:35 - 00363792 _____ () C:\Program Files\Logitech\Logitech Vid\QtXml4.dll
2009-07-16 16:34 - 2009-07-16 16:34 - 00199952 _____ () C:\Program Files\Logitech\Logitech Vid\QtSql4.dll
2009-07-16 16:35 - 2009-07-16 16:35 - 00027408 _____ () C:\Program Files\Logitech\Logitech Vid\SDL.dll
2009-07-16 16:35 - 2009-07-16 16:35 - 11311888 _____ () C:\Program Files\Logitech\Logitech Vid\QtWebKit4.dll
2009-07-16 16:34 - 2009-07-16 16:34 - 00291600 _____ () C:\Program Files\Logitech\Logitech Vid\phonon4.dll
2009-07-16 16:36 - 2009-07-16 16:36 - 00028944 _____ () C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll
2009-07-16 16:36 - 2009-07-16 16:36 - 00035088 _____ () C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qico4.dll
2009-07-16 16:36 - 2009-07-16 16:36 - 00138000 _____ () C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll
2015-08-17 10:06 - 2015-08-17 10:06 - 17482952 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\sony.com -> sony.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chrisi\AppData\Roaming\Microsoft\Windows Photo Gallery\wows_bismarck_1280x1024_del_001_eng.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: )
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BrowserDefendert => 2
MSCONFIG\Services: CTDevice_Srv => 2
MSCONFIG\Services: CTUPnPSv => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: napagent => 3
MSCONFIG\Services: Nero BackItUp Scheduler 3 => 2
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: PLFlash DeviceIoControl Service => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Chrisi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "F:\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: FixCamera => C:\Windows\FixCamera.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: Skytel => C:\Program Files\Realtek\Audio\HDA\Skytel.exe
MSCONFIG\startupreg: snp325 => C:\Windows\vsnp325.exe
MSCONFIG\startupreg: SoftAuto.exe => "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Chrisi\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Chrisi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: Steam => "F:\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: tsnp325 => C:\Windows\tsnp325.exe
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{D8D2F0DB-5322-42C7-981E-FA7CD7FCD4ED}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1E74C2CB-9547-4DE9-AC50-3AE6F19C3231}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{9ED2FFFC-6645-4134-865B-90998822A41F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{1E1B9B6F-360A-4237-BF2A-F47A6C76A2DE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{B06CE38C-ECDD-4E09-9754-3970F7F0772C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{54F8DAFF-FB57-4681-8D09-1722F56D2BDE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{B09D88E0-0DB5-4BFF-ABE7-35C9C617BD37}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{B3CACB23-85C6-4BFB-A8DF-E5DF1E2EB677}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{90BD7CB6-AFC1-4AC0-8D3E-AAB09A946BE1}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{03E91573-1B3E-42F2-8405-D96ED69C7705}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{B4E663F3-E848-4D29-BA4D-DD634B036E40}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{FE585DC4-42AA-4CA2-99CE-BC0E71B86050}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{17D28232-D817-440B-A946-B4F603A2E0C0}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{93EE909A-452C-4E18-AA0D-10F234433BA3}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [{976A3818-4B13-4A4B-8825-D89083C4F744}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{0A0942A3-ED02-4F09-A76B-6B37C74E8C49}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{D5F8CE7D-060A-4ABF-AFA1-D003D8953B0A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{ED5FF5A8-A42F-4C22-879F-DE5568EA358F}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0A4B56DF-C69A-4016-B95C-3B5297A3F3A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6ED1FD8B-2592-4F9A-A9B7-57291EA6AB90}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{572D14CD-E937-4B0A-8A0F-E7B84C991F94}] => (Allow) LPort=2869
FirewallRules: [{5931C3EA-91DA-4666-8625-A58031182C99}] => (Allow) LPort=1900
FirewallRules: [{0EC16D13-3066-4A1A-BBF9-30475DF74EBB}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C89DBF20-B5AB-4D89-BB67-D9F4A6D69056}] => (Allow) F:\Steam\SteamApps\sephiroth19\counter-strike\hl.exe
FirewallRules: [{F24D840E-499F-4132-A5D7-D92C15AE443C}] => (Allow) F:\Steam\SteamApps\sephiroth19\counter-strike\hl.exe
FirewallRules: [{DC12E4A3-9260-43C3-AC66-A729D550A2A9}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{0978285E-3045-4071-9112-85057DA574E5}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{A4FA24D6-9DA6-42AB-A2D7-C1810BF0F40B}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{E809E3E5-EDC0-4C9E-9D10-ADDA9ADDD7B7}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{8DFB3EBB-53B2-4CC5-9C7D-95A903B0688F}] => (Allow) F:\Steam\SteamApps\sephiroth19\condition zero\hl.exe
FirewallRules: [{5C22CD21-4F39-404D-AB89-A656D6B6D750}] => (Allow) F:\Steam\SteamApps\sephiroth19\condition zero\hl.exe
FirewallRules: [TCP Query User{60C94F26-3FB3-4AD4-A90A-A577EA9CD763}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [UDP Query User{81920079-D706-44AE-8C8D-505DCD80F9D7}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [{92147873-706D-4A8D-B36C-389E8C5FA42F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [{47177E2C-89CA-46E2-9DA9-D6D2D013E55F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [TCP Query User{DCC26EC0-5EB1-4435-91BC-9A3D384BE76B}F:\diablo iii\diablo iii.exe] => (Allow) F:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{FA2689BC-FABE-4F3A-AF35-6D0AE59CBFC1}F:\diablo iii\diablo iii.exe] => (Allow) F:\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{EF165D6F-0349-4D58-BD49-A65E3E863DE7}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{F1D60C1A-651C-424D-A57B-E928D9B20DA0}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{64F8B2D6-E14D-432E-94B2-224E8E8AC5B6}J:\kernis ordner\netzwerk\spiele\quake iii arena\quake3.exe] => (Allow) J:\kernis ordner\netzwerk\spiele\quake iii arena\quake3.exe
FirewallRules: [UDP Query User{17DDABEF-F235-4CB7-8887-71765895A195}J:\kernis ordner\netzwerk\spiele\quake iii arena\quake3.exe] => (Allow) J:\kernis ordner\netzwerk\spiele\quake iii arena\quake3.exe
FirewallRules: [{01B83E72-B2C3-4FED-A879-28ED80F59FB1}] => (Allow) F:\Steam\SteamApps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [{E9E1CEBB-5CBF-454D-BDC3-C3643AAFC2BB}] => (Allow) F:\Steam\SteamApps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [TCP Query User{9FDA3360-2303-4C02-921B-EC5097ADC185}F:\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Block) F:\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [UDP Query User{D777427A-882F-4315-981E-724334E62E3E}F:\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Block) F:\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [{12BC57D3-BCF0-43C9-A748-9E873C378EB5}] => (Allow) F:\Steam\SteamApps\common\wormsxhd\Launcher.exe
FirewallRules: [{073DA792-7903-47BA-AF30-388979F5967F}] => (Allow) F:\Steam\SteamApps\common\wormsxhd\Launcher.exe
FirewallRules: [{2951E3C5-BE57-489F-883E-D2F7D794390C}] => (Allow) C:\Users\Chrisi\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{0A39492D-2791-49E4-958F-DF48DCF889E4}C:\users\chrisi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chrisi\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6ADDD2A2-BE1B-4F1B-A978-9750668B7746}C:\users\chrisi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chrisi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C7921031-1201-4047-8EAF-021E3BD58B23}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{EF62A453-D30A-4999-A642-867D0AA901EC}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{22EDC1C1-1079-418A-854F-CFF444E61082}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{AD63EDE2-E6A0-4AFA-8BA6-DBAF93CF13D6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{92CC7B23-6153-46F9-9E2F-601BF6BC7734}] => (Allow) F:\Steam\SteamApps\sephiroth19\condition zero\hl.exe
FirewallRules: [{41FBD74D-954B-4950-9A1E-2BC18E3E6D41}] => (Allow) F:\Steam\SteamApps\sephiroth19\condition zero\hl.exe
FirewallRules: [TCP Query User{1553C54D-A429-4CC1-8F64-460513429D4D}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{8009AE83-EE37-4610-9A06-655E5DA2CD95}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [{87704A5B-0285-4F19-BCCE-F8EE15D5EA18}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{C4DC6E1A-6108-4DA0-8279-FA9D16E74E2F}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{734976DD-0D51-4FBE-A112-36BE21078637}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{963F2FE4-0DD4-46D7-B6E5-04E9EC861EE7}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{CACC782D-35E6-4EA9-9F2B-EA2BC7FCC070}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{AACC63A8-C109-492E-80AB-4CE78EC02757}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{8FF47138-6B3D-4067-B2AC-EC31590D9638}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{638DC779-D0AF-45C1-93D9-EEA608D6607F}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [TCP Query User{2359F5B9-CC9F-4204-B190-299BBECB8C8C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{50697E30-03CA-410F-8C35-AF5CD02E8327}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{705040F4-72CF-4197-BD03-E500B919A18A}F:\program files\tera\tera-launcher.exe] => (Allow) F:\program files\tera\tera-launcher.exe
FirewallRules: [UDP Query User{FF5C06D4-A7D1-4DD2-820B-D54ED167BD10}F:\program files\tera\tera-launcher.exe] => (Allow) F:\program files\tera\tera-launcher.exe
FirewallRules: [{10C6DE66-3178-44E2-AD38-E61F806729EE}] => (Allow) F:\Steam\SteamApps\adriano2003\condition zero\hl.exe
FirewallRules: [{C2FD8B3D-168B-4BCB-A98B-D2A3F33C7FE2}] => (Allow) F:\Steam\SteamApps\adriano2003\condition zero\hl.exe
FirewallRules: [{EE48E056-62C5-433F-AC22-F35E808B770D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{2C24E2B9-EC85-482A-B20E-C5419B03CE8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [TCP Query User{41B09284-2838-498E-BB2A-9E6DA33E12CA}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{A5FE8325-F0DB-44E7-8977-AA4B6E97A410}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [{474378DB-54D9-4439-A8EF-0D5E823034FC}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{9756A3A8-091B-49D2-BF23-1EB4CE188EB2}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{E7FE1CC6-DEA2-44B9-8B05-59710689E466}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{C14756C7-2722-46BF-A097-F32CC20D5FE9}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{355FBFBA-9E80-4ECA-A645-36A106A0868F}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{79113EAD-A320-4B9E-B86A-50F04498B890}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [TCP Query User{43E0B360-4A65-4811-9C3F-4FCC705733FD}C:\program files\spybot - search & destroy 2\sdfiles.exe] => (Allow) C:\program files\spybot - search & destroy 2\sdfiles.exe
FirewallRules: [UDP Query User{F572FF4E-E3BC-44C6-851B-A1B5FC002C3B}C:\program files\spybot - search & destroy 2\sdfiles.exe] => (Allow) C:\program files\spybot - search & destroy 2\sdfiles.exe
FirewallRules: [TCP Query User{1F2D3DAD-795A-48A1-916E-5C2B7AFDC6B9}C:\program files\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{C2F0F922-98A9-4999-92B8-2BE75D1E3D9F}C:\program files\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [{9CC87279-1747-4BBD-87D9-DB90766F59E0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{1DE44AC4-0DF5-4CC9-B7AF-BC87BF6169E7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{7692AA4C-5C25-4E93-B4C2-4624BAAF90C1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{A615D716-D563-43BF-B239-EDA4BE804629}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{0FFCA49F-9495-45E1-80E5-F9A51BF42A81}] => (Allow) C:\Program Files\Iminent\Iminent.exe
FirewallRules: [{0C7A97A2-AD0F-4365-9349-101E888818D9}] => (Allow) C:\Program Files\Iminent\Iminent.Messengers.exe
FirewallRules: [TCP Query User{48BE7FF6-2D2B-44F8-BAC1-25511FC769AB}F:\steam\steamapps\sephiroth19\team fortress 2\hl2.exe] => (Block) F:\steam\steamapps\sephiroth19\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{0826D573-01A4-434B-AE6F-D9A63954B5A1}F:\steam\steamapps\sephiroth19\team fortress 2\hl2.exe] => (Block) F:\steam\steamapps\sephiroth19\team fortress 2\hl2.exe
FirewallRules: [{82BC69BE-F31A-4EF7-99A0-0605694FB55A}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{7681D874-8E08-421E-B30E-5C9EF2404E72}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{9CC4BD11-DE5A-483A-B39E-1CB57959DE82}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{D2B6F72D-2091-4E15-A64E-B84CFF8D859E}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [TCP Query User{4DFB6D4B-47FC-45A3-AF73-E728BF951FCA}C:\program files\ea games\battlefield play4free\bfp4f.exe] => (Block) C:\program files\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{98D37983-A6FA-4244-B999-A22E93F9353F}C:\program files\ea games\battlefield play4free\bfp4f.exe] => (Block) C:\program files\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [TCP Query User{3C412190-8F60-4553-9953-CDEABEC610B1}F:\program files\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe] => (Allow) F:\program files\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe
FirewallRules: [UDP Query User{9215C1DC-76DD-4F7D-86F0-C7D62861F6D6}F:\program files\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe] => (Allow) F:\program files\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe
FirewallRules: [{5E8CD7E7-B7CD-4F8E-BE9D-F6E62FE64955}] => (Allow) C:\Users\Chrisi\AppData\Local\Temp\DSOClient\dlcache\app.n3app
FirewallRules: [{9A338C97-CE99-442C-9791-187F6966AABD}] => (Allow) C:\Users\Chrisi\AppData\Local\Temp\DSOClient\dlcache\app.n3app
FirewallRules: [{0F4208ED-409E-4F72-A1DE-35D7542D2963}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{BF3399A6-6CAA-4F44-8C46-E1DEDD08872A}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5219694D-86E1-45BE-87A5-609282BD632F}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B6805707-EE98-4256-915A-2E17B4EE6AE2}] => (Allow) C:\Program Files\ExpressFiles\expressdl.exe
FirewallRules: [{87F3999C-A08D-414D-95F6-B876937DA2A0}] => (Allow) C:\Program Files\ExpressFiles\expressdl.exe
FirewallRules: [{BFBF1B74-398B-495F-B991-6169DD8BBE2A}] => (Allow) C:\Program Files\ExpressFiles\ExpressFiles.exe
FirewallRules: [{129236A6-2DA6-4FFC-9784-0D76E4567F3F}] => (Allow) C:\Program Files\ExpressFiles\ExpressFiles.exe
FirewallRules: [{C277BEB1-3AE2-474A-9587-0F4F57650F19}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{7CADA7D0-A60F-44EA-8454-115C3D779E9B}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [TCP Query User{457F18E5-039D-436D-B0D0-1ACC18B4A692}F:\steam\steamapps\common\trine 2\trine2_32bit.exe] => (Block) F:\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [UDP Query User{1B20DC5C-5102-4CEF-88EF-BFEDFC6E3501}F:\steam\steamapps\common\trine 2\trine2_32bit.exe] => (Block) F:\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [{4E5B538F-AD68-472B-868F-11458ED49965}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{B53B9E79-A170-467E-BBEB-FBF807E59FEC}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{282FFC34-2AB7-47B1-B553-293A3444952E}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\data\encyclopedia\how_to_play.html
FirewallRules: [{EB41E7EC-9982-40EC-8B9C-E15F5BA0AE92}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\data\encyclopedia\how_to_play.html
FirewallRules: [{6CBE1824-359B-46B2-84DD-BA0E463FA090}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{1EC14EC4-C782-4294-9931-584A76DCBFDF}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{F3D3B51C-07BF-4AE3-B035-48444CEB435F}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{3BAF8A02-57FA-4FFF-9F91-B09ED121417E}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{C0992869-211C-49B6-A627-6F3582FE250B}] => (Allow) F:\Steam\SteamApps\common\GodMode\bin\GodMode.exe
FirewallRules: [{96728385-8BB8-48A5-B598-54CD2DAECF57}] => (Allow) F:\Steam\SteamApps\common\GodMode\bin\GodMode.exe
FirewallRules: [{BB0A6D0B-D8E3-43DF-BF03-B2F8B56B3834}] => (Allow) C:\Users\Chrisi\AppData\Local\Temp\DSOClient\dlcache\app.n3app
FirewallRules: [{F00D728A-9D35-42C2-BC10-B8AF7A8BB587}] => (Allow) C:\Users\Chrisi\AppData\Local\Temp\DSOClient\dlcache\app.n3app
FirewallRules: [{A1DC1772-BCF4-4F1D-B28A-1996089D5541}] => (Allow) F:\Steam\SteamApps\common\GodMode\bin\GodMode.exe
FirewallRules: [{6D155D41-887A-4431-90F0-0F5CD393DE8C}] => (Allow) F:\Steam\SteamApps\common\GodMode\bin\GodMode.exe
FirewallRules: [{20BFB949-7C3E-4B98-9453-D353ED4411CC}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1611A33E-50D0-4FA2-99E8-EA8608D0C811}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{748D153D-B3D9-497A-A34F-35CE0922879C}] => (Allow) C:\Program Files\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{8B3E7DA6-80E7-411C-B070-FF9336D54A75}] => (Allow) C:\Program Files\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{353C3128-6726-4904-A380-A73AC2B3B0AA}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0E10CA15-520D-4D92-B542-0A90B568EDEE}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1285683D-ACE8-472A-9512-52B4FD37F14F}] => (Allow) F:\Steam\SteamApps\common\wormsxhd\Launcher.exe
FirewallRules: [{24EEEEFF-2F53-4427-ABC0-53B116FB62AE}] => (Allow) F:\Steam\SteamApps\common\wormsxhd\Launcher.exe
FirewallRules: [{F65B3214-EE45-449B-95C3-E45DF1B3FE07}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{EEAF336C-3ED9-4ABC-8D08-38C13887B3EB}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{886E93FB-0989-4A23-B7D4-75E184D375F2}] => (Allow) F:\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{EE56B18A-49ED-4363-85DF-219CDA4C6A64}] => (Allow) F:\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{13CB33FB-8AEB-48A8-B0B5-AB6B0CE9E480}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{2D8B3779-58E2-4C1C-A38A-D8683CD76876}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B27A7E3E-835E-4192-8AFB-5915146B4DA0}] => (Allow) F:\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{EE255767-CDD7-4E3F-B047-053992936D27}] => (Allow) F:\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{C432940D-C114-4388-BA61-5E430312D120}] => (Allow) F:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{AD0E939E-8570-4A28-B15B-292E48956A50}] => (Allow) F:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{AAF356BE-1909-4250-BC89-12241D88B0AB}] => (Allow) F:\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{C88AFDAB-FDEC-4AC9-B6EA-299A0BEAC7CB}] => (Allow) F:\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{5D854747-B36D-4C07-A7C0-9420CD95C07C}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{72A1CD62-914A-4834-98FC-15ECF6BB3ED7}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{B3DCA67D-0D6B-4089-89A0-C62EA7F729DF}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{73F6AA1B-8D2B-4793-83A3-09D81384C992}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{BB059679-6418-4108-A383-588A7172E1A1}] => (Allow) F:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{DE6CC7AD-2948-4F1C-A53B-31EE056AABF1}] => (Allow) F:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{040CE2C2-402E-4638-8923-FF52925C35F7}] => (Allow) F:\Program Files\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{69CFC6D5-411E-4D0C-91B5-F33E0555BCF1}] => (Allow) F:\Program Files\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{7DB12A66-689C-4BE2-860D-0158E877113B}] => (Allow) F:\Program Files\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{DC8FF882-74F3-4387-B920-FC6DC1238224}] => (Allow) F:\Program Files\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [TCP Query User{369ABED5-916E-4EB9-A1AC-C448EAA5D20B}C:\program files\logitech\logitech vid\vid.exe] => (Allow) C:\program files\logitech\logitech vid\vid.exe
FirewallRules: [UDP Query User{3DDE70BF-0466-431A-9E7D-016E829A071B}C:\program files\logitech\logitech vid\vid.exe] => (Allow) C:\program files\logitech\logitech vid\vid.exe
FirewallRules: [{F42FA5DF-0B99-40FC-84D6-83D791FDAB7B}] => (Allow) F:\Steam\SteamApps\common\TurboDismount\TurboDismount.exe
FirewallRules: [{08C32B73-C4B7-41AD-A664-57055A7088EE}] => (Allow) F:\Steam\SteamApps\common\TurboDismount\TurboDismount.exe
FirewallRules: [{EE806D3D-1291-4A48-947D-0139F2274F3D}] => (Allow) C:\Program Files\WinZip Driver Updater\winzipdu.exe
FirewallRules: [TCP Query User{79CE8F91-624C-4079-A3F8-78534CAEDF80}F:\battlefield play4free\bfp4f.exe] => (Allow) F:\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{399D4047-7D14-4EF2-8487-CA30D6926955}F:\battlefield play4free\bfp4f.exe] => (Allow) F:\battlefield play4free\bfp4f.exe
FirewallRules: [{1216032A-BB86-4794-B497-D3B810A30343}] => (Allow) c:\BrickForce\BfLauncher.exe
FirewallRules: [{0AB0C5AF-5D5F-4121-AFB5-56D43966814D}] => (Allow) c:\BrickForce\BrickForce.exe
FirewallRules: [{4AD35957-09D2-41FF-9BC1-44C6D1C980C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{E9213D1C-0BA5-4C99-ABEF-3CB277FF381F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{32005095-7697-4087-B8FA-ECB7F5D54655}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{5C39E795-5E88-44CD-9F23-8FFC3492E757}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{06B09E3E-8C8F-41DE-9E1C-59F84F0D54FA}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [{35DDC7FD-1FF6-4153-9028-2BA842FEF76E}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [{124EB86D-524F-4FEB-BA53-BDFD993B04AC}] => (Allow) F:\Battle.net\Battle.net.exe
FirewallRules: [{E433F382-8474-4521-8F6F-0F6E4C076050}] => (Allow) F:\Battle.net\Battle.net.exe
FirewallRules: [{BDAC63DD-F65C-49D3-989F-CE78736EB4F3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{1B9AB74D-6EB6-41EF-B1A8-1B02C54EF7C2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{2FD69946-F93D-4BB9-80A1-D126A1366460}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{D7BB30A2-8618-42E5-9C4B-76D98BE84CEB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{8BA1BABB-0A04-4E3B-8E95-416C1BAB66DE}] => (Allow) F:\Program Files\Landwirtschafts Simulator 2013\x64\FarmingSimulator2013Game.exe
FirewallRules: [{8317D375-AE16-446B-9CFB-4E529F14C56C}] => (Allow) F:\Program Files\Landwirtschafts Simulator 2013\x64\FarmingSimulator2013Game.exe
FirewallRules: [{50DBE45D-CE11-480B-BB95-3C5991046004}] => (Allow) F:\Program Files\Landwirtschafts Simulator 2013\x86\FarmingSimulator2013Game.exe
FirewallRules: [{65EF90C2-5382-4CC1-A6C5-2B06A3EB3D7C}] => (Allow) F:\Program Files\Landwirtschafts Simulator 2013\x86\FarmingSimulator2013Game.exe
FirewallRules: [{6981F111-D990-40A4-9633-CDE8A95ECB23}] => (Allow) F:\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{9ACE83A9-9F5E-443B-ABFF-A49B90C68ADE}] => (Allow) F:\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{BD58791F-DE53-4252-9D16-6C8A0A78DAEC}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [{DE123A50-FE94-4003-A12F-644382EEB1EA}] => (Allow) LPort=5357
FirewallRules: [{65C9BB38-BEDC-4D07-AC88-ACEFE9F03CC7}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{A82BE0E2-2042-45F8-A2E3-B44E56D7F74C}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{9939AE0F-8B92-4321-84F1-BCD1364564E8}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{5F8E36D4-9E31-4491-AABB-0ABDF495FBAB}] => (Allow) F:\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{6FC09857-2AA1-4EC8-AD35-3F5E675D8B11}] => (Allow) F:\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{7A1452D9-A9A2-4E68-8344-3ACC7F99C32C}] => (Allow) F:\Steam\SteamApps\common\Scribblenauts\Scribble.exe
FirewallRules: [{2DBF5F9B-A4A4-44F6-9C2A-0F19866EF03A}] => (Allow) F:\Steam\SteamApps\common\Scribblenauts\Scribble.exe
FirewallRules: [{5E78BBFD-C69A-440A-8F5C-4AB5E2CC35E5}] => (Allow) F:\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{533F3579-DB58-4697-A520-46FA64357EB9}] => (Allow) F:\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{0327309F-DDA2-4D82-A5E4-9C48C4748A0C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FBC57E44-A863-494C-8CEE-6EEDE2C05EE5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1875B40B-9D6D-4BE5-8A50-C1599B22DA9B}] => (Allow) F:\Steam\SteamApps\common\The Escapists\TheEscapists.exe
FirewallRules: [{38DB5E55-849A-42B3-94E2-41B8C3819F17}] => (Allow) F:\Steam\SteamApps\common\The Escapists\TheEscapists.exe
FirewallRules: [{13308C36-D932-4426-98D2-5DD8F6461E7C}] => (Allow) F:\Program Files\Brick-Force\BfLauncher.exe
FirewallRules: [{B41B107A-2F0A-4EDD-90C3-A0C29EBD5F30}] => (Allow) F:\Program Files\Brick-Force\BrickForce.exe
FirewallRules: [{9DFF3BCD-470F-4BAE-8648-6DA0886294B1}] => (Allow) F:\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{493FA4A8-B19A-4B5C-AF7F-3A1B6F2A2FB9}] => (Allow) F:\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{7A6ECD8F-1E87-4AC8-A209-CA780C603E3F}] => (Allow) F:\Steam\SteamApps\common\RPG Maker VX Ace Lite\RPGVXAceLite.exe
FirewallRules: [{D7E567F4-18E0-45EA-A920-F7C40DC73DBE}] => (Allow) F:\Steam\SteamApps\common\RPG Maker VX Ace Lite\RPGVXAceLite.exe
FirewallRules: [{FF6241EC-9C94-4943-B975-795F26D406A0}] => (Allow) F:\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{DFE7C6BD-8844-44BF-BBBA-7B8CBC6950A8}] => (Allow) F:\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{A406EB38-B5CF-400F-947D-FA184F24D12C}] => (Allow) F:\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{ED8593EA-A8A9-433C-B22E-110B8662F7FC}] => (Allow) F:\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{4068C92F-4B0C-466B-9B0B-1C5F98F474F1}] => (Allow) F:\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{2BAA9143-61EC-41DB-922D-3005CC8B70CE}] => (Allow) F:\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{AE7DDBAF-11FF-4707-BBA4-BCA38976706B}] => (Allow) F:\Steam\SteamApps\common\The Binding of Isaac Rebirth\isaac-ng.exe
FirewallRules: [{7E40AC67-43A5-471E-9E4E-A5C24C2FB206}] => (Allow) F:\Steam\SteamApps\common\The Binding of Isaac Rebirth\isaac-ng.exe
FirewallRules: [{3A79F3F1-8DBE-49FC-8421-597CFB1BD6D7}] => (Allow) F:\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{5AF7C18F-BA3D-46CE-9209-FE6324722904}] => (Allow) F:\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [TCP Query User{39F35FAD-E462-464C-89E7-517012344D4F}F:\games\world_of_tanks\worldoftanks.exe] => (Allow) F:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{F388A316-4F6F-4FEF-9F19-7511B14EB912}F:\games\world_of_tanks\worldoftanks.exe] => (Allow) F:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{ADDB8E17-011C-4ED1-91D6-88F8E5B0C518}] => (Allow) F:\Steam\SteamApps\common\Trove\GlyphClient.exe
FirewallRules: [{6C1B7381-9CFC-427E-9C3D-4F0D213A06BE}] => (Allow) F:\Steam\SteamApps\common\Trove\GlyphClient.exe
FirewallRules: [TCP Query User{DFB12DF9-0BC7-467F-B9C5-7B2E855E8723}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{7B960604-9EA5-4E1F-87B3-C9DCF429A2C0}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{CDC7A8ED-101E-4EA9-8651-326AE9EB5744}F:\games\world_of_tanks\wotlauncher.exe] => (Allow) F:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{69329C04-D181-4914-96E3-7660CACC150C}F:\games\world_of_tanks\wotlauncher.exe] => (Allow) F:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{C3CC35FC-F326-401A-B522-EF5DA198A908}] => (Allow) F:\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{F61658A3-8973-4FE5-8329-F5A52019DCCF}] => (Allow) F:\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{657E9741-588C-484A-8ACA-1A7CEE218F52}] => (Allow) C:\Program Files\Max Driver Updater\maxdu.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/21/2015 08:18:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/21/2015 08:17:30 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (08/20/2015 09:05:44 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (08/20/2015 09:05:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/20/2015 08:48:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\DROPDOWN.PNG> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\DROPDOWN.PNG> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\CONNECTION.PNG> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\CONNECTION.PNG> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\CHECKBOX.PNG> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Systemfehler:
=============
Error: (08/21/2015 05:11:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Microsoft Office:
=========================
Error: (08/21/2015 08:18:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/21/2015 08:17:30 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (08/20/2015 09:05:44 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (08/20/2015 09:05:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/20/2015 08:48:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\DROPDOWN.PNG
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\DROPDOWN.PNG
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\CONNECTION.PNG
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\CONNECTION.PNG
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\CHECKBOX.PNG
CodeIntegrity:
===================================
Date: 2015-08-21 17:11:05.935
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-21 17:11:05.694
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-21 17:11:05.449
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-21 17:11:05.182
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-17 00:23:23.216
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-17 00:23:23.013
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-17 00:23:22.809
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-17 00:23:22.577
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-17 00:23:22.343
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-17 00:23:22.125
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Prozentuale Nutzung des RAM: 75%
Installierter physikalischer RAM: 3262.58 MB
Verfügbarer physikalischer RAM: 790.64 MB
Summe virtueller Speicher: 6761.29 MB
Verfügbarer virtueller Speicher: 3627.08 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:49.68 GB) (Free:1.87 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive e: (AOE III DISC 1) (CDROM) (Total:0.52 GB) (Free:0 GB) CDFS
Drive f: () (Fixed) (Total:881.83 GB) (Free:608.44 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 9FA558AC)
Partition 1: (Active) - (Size=49.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=881.8 GB) - (Type=07 NTFS)
==================== Ende vom raportu ============================
|
|
22.08.2015, 10:00
| #4 |
| /// the machine /// TB-Ausbilder | Adw Cleaner zeigt immer noch in Scheduled tasks Daten an die der Cleaner nicht Löscht Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.08.2015, 11:35
| #5 |
| | Adw Cleaner zeigt immer noch in Scheduled tasks Daten an die der Cleaner nicht Löscht Hallo, sry für die verspätete antwort ich war ein wenig im stress. bei Revo uinstaller findet ich nichts von globalupdate Helper. finde nur wenn ich per regedit ausführen und nach globalupdate Helper ein paar registrie daten Jetzt eine Frage zu diesen Programm Combofix stimmt das jetzt wirklich wenn ich den Durchlaufen lasse das eventuell mein Pc nicht mehr funktioniert? Ich habe hier genug daten drauf die Wichtig für meinen Beruf sind Geändert von Ragesephirot (22.08.2015 um 12:17 Uhr) |
|
23.08.2015, 06:05
| #6 |
| /// the machine /// TB-Ausbilder | Adw Cleaner zeigt immer noch in Scheduled tasks Daten an die der Cleaner nicht Löscht Kann passieren, so bei jedem 100ten Rechner oder so. Daten musste eh sichern regelmäßig, falls die Platte abraucht, und bei Befall sowieso. Also wäre es ne gute Idee das vorher zu machen 
__________________ --> Adw Cleaner zeigt immer noch in Scheduled tasks Daten an die der Cleaner nicht Löscht |
|
| Themen zu Adw Cleaner zeigt immer noch in Scheduled tasks Daten an die der Cleaner nicht Löscht |
| adobe, adobe flash player, blöd, browser, cc cleaner, desktop, dns, dns unlocker, flash player, folge, home, logfile, online, opera, ordner, problem, programme, registry, scan, seite, server, system, unlocker, update, vista, windows, windows vista |
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
Linear-Darstellung
