| |
| |||||||
Log-Analyse und Auswertung: Windows 8.1: plötzlich langsam, Untersuchungen der SSD brauchen 15hWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
12.10.2015, 18:09
| #1 |
 |  Windows 8.1: plötzlich langsam, Untersuchungen der SSD brauchen 15h Hallo liebe Trojaner-Board Gemeinde, Mich plagt seit 3 Tagen mein PC, der sich plötzlich viel langsamer verhält und auch mal für einige (~15) Sekunden aussetzt. Ich habe erstmal CCleaner & MBAM laufen lassen, aber die logs nicht gesichert. CCleaner hat ca. 900MB gereinigt, MBAM hat nichts mehr extra gefunden. Leider hat dies das Problem nicht gelöst, weshalb ich meinen PC um eine Woche zurücksetzen wollte. Ich habe also den Windows 8 Wiederherstellungs-Modus "PC ohne Auswirkungen auf die Dateien auffrischen gestartet, Windows CD eingelegt, dabei ist das Programm bei 60% abgebrochen mit der Nachricht "to restart, press ctrl+alt+del", wobei alle USB-Ports nicht mehr angenommen wurden, Keyboard ging auch nicht mehr. Ich habe stattdessen den Power-Knopf kurz gedrückt, er hat mehrere Male es nochmal starten wollen, jedes Mal ohne Erfolg, bis er dann alle Änderungen zurückgenommen hat und wieder (langsam) gestartet ist. Ich habe dann nochmal G-DATA gestartet, einmal nach Viren zu gucken, habe aber nach 2 Stunden und nicht mal 1% Fortschritt den Prozess abgebrochen. Jetzt habe ich nochmal wieder das Problem gegoogled und bin auf FRST gestoßen, habe das jetzt gestartet und die logs behalten. FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:11-10-2015 02
durchgeführt von Arne (Administrator) auf ARNEGAMING (12-10-2015 15:31:54)
Gestartet von C:\Users\Arne\Downloads
Geladene Profile: Arne (Verfügbare Profile: Arne)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Scarlet.Crush Productions) C:\Program Files (x86)\Controller PS3\bin\ScpService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Flux Software LLC) C:\Users\Arne\AppData\Local\FluxSoftware\Flux\flux.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\TotalProtection\GUI\GDSC.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(G DATA Software) C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575256 2014-05-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [G Data ASM] => "C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" /autostart
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [12844864 2015-08-28] (Corsair Components, Inc.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe [1864312 2015-06-16] (G DATA Software AG)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\Run: [f.lux] => C:\Users\Arne\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\MountPoints2: {9ab6c832-0055-11e4-8281-448a5b5d8518} - "J:\Browse.exe"
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{5E06F4D9-FE63-4FC0-AFC6-15D8F73957BD}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6B82A37A-7428-425F-975B-5FE6A16B7C4B}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-07] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-07] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Arne\AppData\Roaming\Mozilla\Firefox\Profiles\vfgsmcoi.default
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-22] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-22] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2014-03-24] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-10-19]
FF Extension: Kein Name - C:\Users\Arne\AppData\Roaming\Mozilla\Firefox\Profiles\vfgsmcoi.default\extensions\faststartff@gmail.com [nicht gefunden]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovigo.com/?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPF0FC7C4F-7659-43B8-A530-B5710A8194E6&SSPV=
CHR StartupUrls: Default -> "","hxxp://www.google.com/"
CHR Session Restore: Default -> ist aktiviert.
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Profile: C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-04-01]
CHR Extension: (Open Reddit NSFW Links in Incognito Window) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aedepcllfamehicoifddolbbnmahlkff [2015-06-25]
CHR Extension: (Google Docs) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-06]
CHR Extension: (Google Drive) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-12]
CHR Extension: (YouTube) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-06]
CHR Extension: (Honey) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2015-04-26]
CHR Extension: (uBlock Origin) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-02-11]
CHR Extension: (Google Search) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-06]
CHR Extension: (Chain Reaction) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemgfpodpjapjhfohdlibagceiknakpa [2014-04-06]
CHR Extension: (Google Docs Offline) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
CHR Extension: (The Camelizer) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo [2015-07-15]
CHR Extension: (Isoball 3) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj [2014-04-06]
CHR Extension: (IP Address) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml [2014-04-06]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-04-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-10]
CHR Extension: (Hover Zoom) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-04-10]
CHR Extension: (AlienTube for YouTube™) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\opgodjgjgojjkhlmmhdlojfehcemknnp [2015-07-03]
CHR Extension: (Click&Clean App) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-04-06]
CHR Extension: (Gmail) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-06]
CHR Extension: (Reddit Trading Flair Linker Enhanced) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnahghpneiabcncanmccahgloopbbbgp [2014-05-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2558072 2015-06-19] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe [966776 2015-06-16] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe [3711712 2015-06-16] (G Data Software AG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
S4 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [813328 2014-04-28] (Disc Soft Ltd)
R2 Ds3Service; C:\Program Files (x86)\Controller PS3\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [Datei ist nicht signiert]
R2 GDBackupSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [3894392 2015-06-19] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe [3202368 2015-06-19] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789624 2015-06-16] (G Data Software AG)
R3 GDTunerSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [2235512 2015-06-16] (G Data Software AG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-07-14] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2100736 2014-06-04] (MSI) [Datei ist nicht signiert]
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4026368 2014-06-06] (MSI) [Datei ist nicht signiert]
S4 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2118144 2014-06-03] () [Datei ist nicht signiert]
S4 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4157440 2014-06-17] () [Datei ist nicht signiert]
S4 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [1990144 2014-06-03] () [Datei ist nicht signiert]
S4 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2250240 2014-06-06] () [Datei ist nicht signiert]
S4 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2063360 2014-06-04] () [Datei ist nicht signiert]
S4 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [549888 2014-06-10] () [Datei ist nicht signiert]
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
S4 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1722320 2014-08-26] (Micro-Star International)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-09] (MSI)
S4 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-28] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-16] ()
S4 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-01-22] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
S4 SuperRAIDSvc; C:\MSI\Super RAID\SuperRAIDSvc.exe [16384 2013-09-23] () [Datei ist nicht signiert]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
R3 TSNxGService; C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe [255608 2014-07-01] (G DATA Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S4 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [307928 2013-12-30] ()
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel(R) Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [80592 2013-11-08] (Qualcomm Atheros, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2015-05-18] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2015-05-18] (Corsair)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-07-11] (Disc Soft Ltd)
R3 dtscsibus; C:\Windows\system32\DRIVERS\dtscsibus.sys [29696 2014-06-30] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [158720 2015-10-11] (G Data Software AG)
R3 gddcd; C:\Windows\system32\drivers\gddcd64.sys [78848 2015-10-11] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv64.sys [58880 2015-10-11] (G Data Software AG)
S0 GDElam; C:\Windows\System32\DRIVERS\GDElam.sys [117904 2015-01-08] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-10-11] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-04-09] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230912 2015-10-11] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [91648 2015-10-11] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68608 2015-10-11] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-10-11] (G Data Software)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [125952 2015-10-11] (G Data Software AG)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [20464 2013-11-11] (Windows (R) Win 7 DDK provider)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] ()
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NPF; C:\Windows\system32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
S3 NTIOLib_1_0_1; C:\MSI\Super RAID\NTIOLib_X64.sys [14136 2012-06-11] (MSI)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIFrequency_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 rzjstk; C:\Windows\System32\drivers\rzjstk.sys [27816 2014-05-19] (Razer Inc)
S3 rzkeypadendpt; C:\Windows\System32\drivers\rzkeypadendpt.sys [32936 2014-05-19] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-07-12] (Duplex Secure Ltd.)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2015-10-11] (G Data Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.sys [14544 2015-10-12] (OpenLibSys.org)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-08-12] (CyberLink Corp.)
R3 cpuz136; \??\C:\Users\Arne\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-12 15:31 - 2015-10-12 15:32 - 00034174 _____ C:\Users\Arne\Downloads\FRST.txt
2015-10-12 15:28 - 2015-10-12 15:31 - 00000000 ____D C:\FRST
2015-10-12 14:23 - 2015-10-12 14:23 - 02195968 _____ (Farbar) C:\Users\Arne\Downloads\FRST64.exe
2015-10-12 14:18 - 2015-10-12 14:18 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2015-10-12 14:05 - 2015-10-12 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-10-12 13:55 - 2015-10-12 13:55 - 00262144 _____ C:\Windows\SysWOW64\18
2015-10-12 13:55 - 2015-10-12 13:55 - 00000000 __SHD C:\#GDATA.Recovery.Data#
2015-10-11 22:11 - 2015-10-11 22:11 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2015-10-11 22:02 - 2015-10-11 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA TOTAL PROTECTION
2015-10-11 22:02 - 2015-10-11 22:02 - 00027648 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB64.sys
2015-10-11 22:02 - 2015-10-11 22:02 - 00001998 _____ C:\Users\Public\Desktop\G DATA TOTAL PROTECTION.lnk
2015-10-11 22:01 - 2015-10-11 22:01 - 00000000 ____D C:\Windows\ELAMBKUP
2015-10-11 21:26 - 2015-10-11 22:08 - 00091648 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2015-10-11 21:26 - 2015-10-11 22:02 - 00098760 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys
2015-10-11 21:26 - 2015-10-11 21:26 - 00078848 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcd64.sys
2015-10-11 21:26 - 2015-10-11 21:26 - 00058880 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcv64.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00230912 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00158720 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00125952 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00068608 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00042416 _____ C:\Windows\DPINST.LOG
2015-10-11 21:23 - 2015-10-11 21:23 - 00000000 ____D C:\ProgramData\G DATA Software
2015-10-11 21:07 - 2015-10-11 21:36 - 00039082 _____ C:\Windows\PFRO.log
2015-10-11 20:59 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-10-11 20:55 - 2015-10-12 15:11 - 00614210 _____ C:\Windows\WindowsUpdate.log
2015-10-11 20:53 - 2015-10-11 20:53 - 00003252 _____ C:\Windows\System32\Tasks\{929C1D19-79DD-4E02-9F98-1DFB6842E470}
2015-10-11 20:46 - 2015-10-12 13:47 - 00003759 _____ C:\Windows\setupact.log
2015-10-11 20:46 - 2015-10-11 20:46 - 00000000 _____ C:\Windows\setuperr.log
2015-10-11 17:45 - 2015-10-11 17:45 - 00000000 ____D C:\$WINDOWS.~BT
2015-10-11 16:25 - 2015-10-11 16:25 - 00262144 _____ C:\Windows\system32\config\userdiff
2015-10-11 15:38 - 2015-10-11 19:02 - 00000000 _____ C:\Recovery.txt
2015-10-09 16:52 - 2015-10-09 16:52 - 00000000 ____D C:\Users\Arne\AppData\Roaming\11bitstudios
2015-10-09 13:58 - 2015-10-09 13:58 - 00000000 ____D C:\Users\Arne\Documents\Darkest
2015-10-09 13:45 - 2015-10-09 13:45 - 00000222 _____ C:\Users\Arne\Desktop\Darkest Dungeon.url
2015-10-09 13:44 - 2015-10-09 13:44 - 00002160 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-10-09 13:44 - 2015-10-03 04:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-09 13:43 - 2015-10-03 07:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 15002304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-09 13:43 - 2015-10-03 07:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00879000 _____ C:\Windows\system32\nvmcumd.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-08 18:16 - 2015-10-08 18:16 - 00000222 _____ C:\Users\Arne\Desktop\System Shock 2.url
2015-10-08 14:31 - 2015-10-08 14:31 - 00000222 _____ C:\Users\Arne\Desktop\This War of Mine.url
2015-10-07 00:22 - 2015-10-07 01:07 - 137363456 _____ C:\Users\Arne\Downloads\Galador.part2.rar
2015-10-06 21:11 - 2015-10-06 21:56 - 137363456 _____ C:\Users\Arne\Downloads\Galador.part1.rar
2015-10-05 23:40 - 2015-10-05 23:40 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Big Fish Games
2015-10-05 23:33 - 2015-10-05 23:33 - 00001073 _____ C:\Users\Public\Desktop\Play Mystery Case Files - Dire Grove Collector's Edition.lnk
2015-10-05 23:33 - 2015-10-05 23:33 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Case Files - Dire Grove Collector's Edition
2015-10-05 23:33 - 2015-10-05 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery Case Files - Dire Grove Collector's Edition
2015-10-05 22:52 - 2015-10-05 22:52 - 00001950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2015-10-05 22:52 - 2015-10-05 22:52 - 00001248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
2015-10-05 22:52 - 2015-10-05 22:52 - 00000982 _____ C:\Users\Public\Desktop\Games.lnk
2015-10-05 22:52 - 2015-10-05 22:52 - 00000000 ____D C:\ProgramData\Big Fish
2015-10-05 22:52 - 2015-10-05 22:52 - 00000000 ____D C:\Program Files (x86)\bfgclient
2015-10-05 22:50 - 2015-10-05 22:55 - 00000000 ____D C:\BigFishCache
2015-10-05 22:50 - 2015-10-05 22:52 - 00000000 ____D C:\Users\Arne\AppData\Local\Big Fish
2015-10-05 16:17 - 2015-10-07 23:20 - 00000000 ____D C:\Users\Arne\Documents\ArcheAge
2015-10-04 15:39 - 2015-10-10 13:03 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Nidhogg
2015-10-04 15:36 - 2015-10-04 15:36 - 00000000 ____D C:\Program Files (x86)\Controller PS3
2015-10-04 15:35 - 2013-05-19 09:02 - 00039168 _____ (Scarlet.Crush Productions) C:\Windows\system32\Drivers\ScpVBus.sys
2015-10-04 15:35 - 2013-01-07 16:56 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2015-10-04 15:34 - 2015-10-04 15:34 - 10571443 _____ C:\Users\Arne\Downloads\SCP-DS-Driver-Package-1.2.0.160.7z
2015-10-04 15:31 - 2015-10-04 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2015-10-04 15:31 - 2015-10-04 15:31 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2015-10-04 15:11 - 2015-10-04 15:11 - 00000221 _____ C:\Users\Arne\Desktop\Nidhogg.url
2015-10-04 15:11 - 2015-10-04 15:11 - 00000000 ____D C:\Users\Arne\Documents\motioninjoy-0-7-1001-en-win
2015-10-04 15:10 - 2015-10-04 15:10 - 04117346 _____ C:\Users\Arne\Documents\motioninjoy-0-7-1001-en-win.zip
2015-10-04 13:06 - 2015-10-04 13:06 - 00000222 _____ C:\Users\Arne\Desktop\Antichamber.url
2015-10-04 11:07 - 2015-10-04 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2015-10-04 11:06 - 2015-10-04 11:06 - 00000000 ____D C:\Users\Arne\Documents\Corsair-Utility-Engine-v1.10.67
2015-10-04 11:05 - 2015-10-04 11:05 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-01 20:01 - 2015-10-01 20:03 - 59101198 _____ C:\Users\Arne\Documents\Corsair-Utility-Engine-v1.10.67.zip
2015-09-30 14:26 - 2015-09-30 14:26 - 00541302 _____ C:\Users\Arne\Downloads\DeviceWin8.meta.diagcab
2015-09-30 14:04 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-30 14:04 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-30 14:04 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-30 13:51 - 2015-09-30 13:52 - 58728224 _____ (yWorks GmbH) C:\Users\Arne\Downloads\yEd-3.14.3_with-JRE_32-bit_setup.exe
2015-09-27 21:23 - 2015-10-03 07:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-09-27 21:23 - 2015-09-14 02:29 - 01898288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435598.dll
2015-09-27 21:23 - 2015-09-14 02:29 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435598.dll
2015-09-24 23:45 - 2015-09-24 23:45 - 00000000 ____D C:\Users\Arne\AppData\LocalLow\Dinosaur Polo Club
2015-09-24 23:38 - 2015-09-24 23:38 - 00000222 _____ C:\Users\Arne\Desktop\Mini Metro.url
2015-09-19 12:37 - 2015-09-19 12:37 - 00293944 _____ C:\Users\Arne\Downloads\AGOT Green Valyria-12-1.zip
2015-09-18 21:45 - 2015-09-18 21:45 - 00336575 _____ C:\Users\Arne\Downloads\AGOT Colonize Valyria.zip
2015-09-18 21:17 - 2015-09-18 21:17 - 01293768 _____ C:\Users\Arne\Downloads\AGOT Colonize Away-13-4-3.zip
2015-09-13 23:06 - 2015-10-11 19:00 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-12 15:31 - 2015-06-21 17:21 - 00001242 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2429973200-1952470861-1716419375-1001UA.job
2015-10-12 14:53 - 2014-04-06 20:13 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-12 14:50 - 2015-02-12 13:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-12 14:18 - 2015-01-26 11:34 - 00000000 ____D C:\Users\Arne\AppData\Local\G DATA
2015-10-12 14:12 - 2014-04-06 20:15 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2429973200-1952470861-1716419375-1001
2015-10-12 14:07 - 2014-05-04 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-10-12 14:06 - 2014-05-04 17:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-10-12 14:06 - 2014-05-04 17:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-10-12 14:05 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-12 13:55 - 2015-03-09 18:42 - 00000000 ____D C:\Windows\Minidump
2015-10-12 13:55 - 2015-03-06 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dundjinni Enterprises
2015-10-12 13:55 - 2015-02-16 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSA Charaktergenerator
2015-10-12 13:55 - 2014-10-15 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-12 13:55 - 2014-09-16 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2015-10-12 13:55 - 2014-07-05 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\.sol Editor
2015-10-12 13:55 - 2014-04-06 19:28 - 00000000 ____D C:\Windows\Panther
2015-10-12 13:50 - 2014-08-19 18:24 - 00000000 ____D C:\Users\Arne\AppData\Local\Adobe
2015-10-12 13:48 - 2014-04-07 21:04 - 00000000 ____D C:\Users\Arne\AppData\Local\CrashDumps
2015-10-12 13:48 - 2014-04-06 18:58 - 00000000 ___DO C:\Users\Arne\SkyDrive
2015-10-12 13:47 - 2014-04-08 19:38 - 00000021 _____ C:\Users\Arne\AppData\Roaming\config_data.dat
2015-10-12 13:47 - 2014-04-06 20:13 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-12 13:47 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-12 13:46 - 2014-08-04 23:25 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-11 22:09 - 2014-05-03 22:10 - 00000000 ___RD C:\Users\Arne\Dropbox
2015-10-11 22:09 - 2014-05-03 22:08 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Dropbox
2015-10-11 22:09 - 2014-04-06 22:02 - 00000000 ____D C:\ProgramData\G Data
2015-10-11 21:39 - 2015-06-18 21:23 - 00000000 ____D C:\Users\Arne\AppData\Local\Battle.net
2015-10-11 21:38 - 2015-06-18 21:23 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-10-11 21:38 - 2015-05-23 22:16 - 00000000 ____D C:\Users\Arne\AppData\Local\LogMeIn Hamachi
2015-10-11 21:25 - 2014-04-06 16:28 - 00000976 _____ C:\Users\Arne\AppData\Roaming\gdscan.log
2015-10-11 21:09 - 2014-04-06 22:03 - 00000000 ____D C:\Program Files (x86)\G Data
2015-10-11 20:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\setup
2015-10-11 20:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-10-11 20:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Com
2015-10-11 20:57 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-10-11 20:14 - 2014-09-10 21:50 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Skype
2015-10-11 18:59 - 2014-04-08 23:04 - 00000000 ____D C:\Users\Arne\Desktop\Games
2015-10-11 18:58 - 2014-04-06 17:04 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-11 16:10 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-10-11 15:47 - 2013-08-22 16:44 - 05177192 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-10 22:34 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-10-09 23:59 - 2015-09-03 17:55 - 00000000 ____D C:\Users\Arne\Desktop\HS Screenshots
2015-10-09 13:44 - 2014-04-06 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-09 13:44 - 2014-04-06 20:24 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-08 23:50 - 2014-04-06 18:38 - 00000000 ____D C:\Users\Arne
2015-10-07 23:26 - 2014-09-16 19:06 - 00000000 ____D C:\Users\Arne\AppData\Local\Glyph
2015-10-07 23:26 - 2014-09-16 19:06 - 00000000 ____D C:\Program Files (x86)\Glyph
2015-10-07 23:24 - 2014-09-16 19:06 - 00000000 ____D C:\ProgramData\Glyph
2015-10-07 11:30 - 2014-04-24 04:51 - 00000000 ____D C:\Users\Arne\AppData\Roaming\vlc
2015-10-06 01:16 - 2014-04-06 21:47 - 00000000 ____D C:\ProgramData\Temp
2015-10-05 23:33 - 2014-06-11 03:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-05 22:49 - 2014-04-06 18:40 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-05 22:49 - 2013-08-23 01:24 - 00764340 _____ C:\Windows\system32\perfh007.dat
2015-10-05 22:49 - 2013-08-23 01:24 - 00159160 _____ C:\Windows\system32\perfc007.dat
2015-10-05 21:50 - 2014-04-06 18:38 - 00000000 ____D C:\Users\Arne\AppData\Local\Packages
2015-10-04 11:07 - 2014-04-08 19:38 - 00000000 ____D C:\Program Files (x86)\Corsair
2015-10-03 07:06 - 2014-08-04 23:25 - 00112944 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-10-03 07:06 - 2014-08-04 23:25 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 17395512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 12769408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 03573832 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 03154104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 00033507 _____ C:\Windows\system32\nvinfo.pb
2015-10-03 04:49 - 2014-08-04 23:25 - 06358648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-10-03 04:49 - 2014-08-04 23:25 - 02982520 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-10-03 04:49 - 2014-08-04 23:25 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-10-03 04:49 - 2014-08-04 23:25 - 00938800 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-10-03 04:49 - 2014-08-04 23:25 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-10-03 04:49 - 2014-08-04 23:25 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-10-02 20:47 - 2015-07-20 15:36 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-10-01 11:33 - 2014-08-04 23:25 - 05284082 _____ C:\Windows\system32\nvcoproc.bin
2015-09-30 16:51 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-30 14:04 - 2014-07-04 12:09 - 00001125 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-30 14:04 - 2014-07-04 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-30 14:04 - 2014-07-04 12:09 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-30 07:51 - 2015-06-18 21:30 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-09-29 12:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-29 02:31 - 2015-06-21 17:21 - 00001190 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2429973200-1952470861-1716419375-1001Core.job
2015-09-28 20:46 - 2014-04-06 17:46 - 00000000 ____D C:\Users\Arne\Documents\my games
2015-09-28 13:18 - 2015-06-18 21:23 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Battle.net
2015-09-28 01:04 - 2014-04-08 21:12 - 00000000 ____D C:\ProgramData\Origin
2015-09-28 00:14 - 2014-04-08 21:14 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Origin
2015-09-28 00:08 - 2014-04-08 21:12 - 00000000 ____D C:\Program Files (x86)\Origin
2015-09-26 00:47 - 2014-09-10 21:50 - 00000000 ____D C:\ProgramData\Skype
2015-09-24 20:19 - 2014-11-13 11:54 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-19 12:36 - 2015-08-30 14:24 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AGOT
2015-09-18 20:48 - 2014-04-06 20:13 - 00004112 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-18 20:48 - 2014-04-06 20:13 - 00003876 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 03:18 - 2013-08-22 17:38 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2013-08-22 17:38 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 09:24 - 2014-04-06 18:38 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Adobe
2015-09-13 22:23 - 2014-04-06 20:13 - 00000000 ____D C:\Users\Arne\AppData\Local\Google
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-04-15 19:42 - 2013-07-21 21:59 - 0012005 _____ () C:\Users\Arne\AppData\Roaming\alsoft.ini
2014-04-08 19:38 - 2015-10-12 13:47 - 0000021 _____ () C:\Users\Arne\AppData\Roaming\config_data.dat
2014-04-06 16:28 - 2014-04-06 16:28 - 0000000 _____ () C:\Users\Arne\AppData\Roaming\gdfw.log
2014-04-06 16:28 - 2015-10-11 21:25 - 0000976 _____ () C:\Users\Arne\AppData\Roaming\gdscan.log
2014-08-22 18:43 - 2014-08-22 18:43 - 0002716 _____ () C:\Users\Arne\AppData\Local\recently-used.xbel
Einige Dateien in TEMP:
====================
C:\Users\Arne\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwp6bqf.dll
C:\Users\Arne\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-08 19:39
==================== Ende von FRST.txt ============================
Defogger hat keinen Log auf meinen Desktop gespeichert. GMER gab mir wenig aus, ich war allerdings auch zu blöd alles erstmal durchzulesen und habe das Programm einmal kurz gestartet, als ich noch im Internet mit G-DATA aktiv war, außerdem habe ich G-DATA nur für 15 Minuten pausiert, die Untersuchung dauerte allerdings 1,5h (nochmal: Ich habe nur einen Quickscan bei einer 1T SSD gestartet: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-10-12 18:23:17
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003d Samsung_SSD_840_EVO_1TB rev.EXT0BB6Q 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Arne\AppData\Local\Temp\fxlirkow.sys
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\csrss.exe [628:652] fffff960008152d0
Thread C:\Windows\system32\csrss.exe [628:684] fffff960008152d0
Thread C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [5488:5604] 000000007313c1f0
Thread C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [5488:7852] 0000000006cb408f
Thread C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [5488:7856] 0000000006cb4126
Thread C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [5488:7860] 0000000006cb4126
Thread C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [5488:7864] 0000000006cb4126
Thread C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [5488:7868] 0000000006cb4126
Thread C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [5488:7872] 0000000006cb4126
Thread C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [5488:7876] 0000000006cb4126
Thread C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [5488:7880] 0000000006cb4126
Thread C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [5488:7884] 0000000006cb4126
---- Processes - GMER 2.1 ----
Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\mso.dll (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE [5220] 0000000065040000
Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office15\csi.dll (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE [5220] 000000005d1a0000
Library C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\ACEOLEDB.DLL (*** suspicious ***) @ C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE [5220] 000000005d150000
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed 675249441
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Ultra\
Reg HKCU\Software\Microsoft\Windows\DWM@ColorizationColor -1972991540
Reg HKCU\Software\Microsoft\Windows\DWM@ColorizationColorBalance 58
Reg HKCU\Software\Microsoft\Windows\DWM@ColorizationAfterglow -1972991540
Reg HKCU\Software\Microsoft\Windows\DWM@ColorizationBlurBalance 32
---- EOF - GMER 2.1 ----
Meine Vermutung: Vor etwa einer Woche kam von G-DATA eine Benachrichtigung, dass es nicht normal hochfahren konnte. Ich habe dies (dämlicher weise) abgewunken und mir nichts dabei gedacht. Es kann aber sehr gut sein, dass ich mir dann beim browsen etwas eingefangen habe, obwohl ich keine illegalen Downloads etc. gestartet habe. Danke schon Mal im Voraus für denjenigen, der bis hier gelesen hat, und ich hoffe du kannst mir helfen! |
|
12.10.2015, 19:51
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 8.1: plötzlich langsam, Untersuchungen der SSD brauchen 15h Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
12.10.2015, 20:30
| #3 |
| | Windows 8.1: plötzlich langsam, Untersuchungen der SSD brauchen 15h Ah tut mir leid, hier ist der Addition log:
__________________Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:11-10-2015 02
durchgeführt von Arne (2015-10-12 15:32:15)
Gestartet von C:\Users\Arne\Downloads
Windows 8.1 (X64) (2014-04-06 16:38:08)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2429973200-1952470861-1716419375-500 - Administrator - Disabled)
Arne (S-1-5-21-2429973200-1952470861-1716419375-1001 - Administrator - Enabled) => C:\Users\Arne
Gast (S-1-5-21-2429973200-1952470861-1716419375-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA TOTAL PROTECTION (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA TOTAL PROTECTION (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
0RBITALIS (HKLM-x32\...\Steam App 278440) (Version: - Alan Zucconi)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A Game of Thrones version 0.9.6 (HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\{7C82709E-75FE-4C3A-976A-8C97908DDD7B}_is1) (Version: 0.9.6 - AGOT TEAM)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version: - SkyBox Labs)
Antichamber (HKLM-x32\...\Steam App 219890) (Version: - Alexander Bruce)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (HKLM-x32\...\Steam App 219540) (Version: - )
Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version: - Bohemia Interactive)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1073742145.4759644.48.2147344384 - Audible, Inc.)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer)
AutoREALM Version 2.2.1 (HKLM-x32\...\AutoREALM_is1) (Version: - )
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version: - Ronimo Games)
Axis Game Factory's AGFPRO 3.0 (HKLM-x32\...\Steam App 253370) (Version: - Axis Game Factory LLC)
Ballance (HKLM-x32\...\{42E0783D-3BA4-454B-B58A-BF26E49EB7DE}) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.15221 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Blackguards (HKLM-x32\...\Blackguards_is1) (Version: 1.0 - Daedalic Entertainment GmbH)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Bulletstorm (HKLM-x32\...\Steam App 99810) (Version: - People Can Fly)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.5.5145 - Corsair)
Corsair Utility Engine (HKLM-x32\...\{791216E9-E76E-4C76-9C6E-C968A8C253D9}) (Version: 1.10.67 - Corsair)
Creation Kit (HKLM-x32\...\Steam App 202480) (Version: - bgs.bethsoft.com)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version: - Paradox Development Studio)
CyberLink MediaEspresso 7 (HKLM-x32\...\{F6C47233-40F6-4076-89A9-68B43C2AF5C5}) (Version: 7.0.5417_54129 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2014 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4412.58 - CyberLink Corp.)
DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 2.3.0.0254 - Disc Soft Ltd)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version: - Red Hook Studios)
Darksiders (HKLM-x32\...\Steam App 50620) (Version: - Vigil Games)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Delver (HKLM-x32\...\Steam App 249630) (Version: - Priority Interrupt)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: - Arkane Studios)
Divine Divinity (HKLM-x32\...\Steam App 214170) (Version: - Larian Studios)
Divinity II - Ego Draconis (HKLM-x32\...\Divinity II - Ego Draconis_is1) (Version: - dtp)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Dropbox (HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
English Country Tune (HKLM-x32\...\Steam App 207570) (Version: - increpare games)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
f.lux (HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\Flux) (Version: - )
Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.0.9 - MSI)
FEZ Version 1.10 (HKLM-x32\...\{634CBDF9-98A3-4AF5-AED4-A23EC2665434}_is1) (Version: 1.10 - Polytron)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
G DATA TOTAL PROTECTION (HKLM-x32\...\{2A1FF304-D778-49F1-B340-E4BF4CDA2EB0}) (Version: 25.1.0.8 - G DATA Software AG)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Gone Home (HKLM-x32\...\Steam App 232430) (Version: - The Fullbright Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Gothic (HKLM-x32\...\Steam App 65540) (Version: - Piranha – Bytes)
Gothic 1+2 Windows 8 fixes (HKLM\...\{9084b1e7-83b4-406a-8705-374300ee2d84}.sdb) (Version: - )
Gothic 3 (HKLM-x32\...\Steam App 39500) (Version: - Piranha – Bytes)
Gothic II: Gold Edition (HKLM-x32\...\Steam App 39510) (Version: - Piranha – Bytes)
GOTHIC1 - Classic - 'System-Paket' (HKLM-x32\...\GOTHIC1 - Classic - 'System-Paket') (Version: 1.1 - World of Gothic RU © 2014)
GOTHIC2 - Odyssee - 'System-Paket' (HKLM-x32\...\GOTHIC2 - Odyssee - 'System-Paket') (Version: 1.1 - World of Gothic RU © 2014)
GOTHIC2 ADDON - 'Odyssey — on behalf of the King' (HKLM-x32\...\GOTHIC2 ADDON - 'Odyssey — on behalf of the King') (Version: 1.1 - World of Gothic DE - Community © 2015)
Hammerwatch (HKLM-x32\...\Steam App 239070) (Version: - Crackshell)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{B1AC3709-3E98-4F2C-A84E-4BCA2A452E64}) (Version: 4.2.40.2418 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Knights of Pen and Paper +1 (HKLM-x32\...\Steam App 231740) (Version: - Behold Studios)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Legend of Ahssûn (HKLM-x32\...\Legend of Ahssûn) (Version: 1.0 - LoA-Team)
LEGO Racers 2 (HKLM-x32\...\{3DD2E9EA-0544-4162-B8BE-E21E994E9F3B}) (Version: - )
LEGO Rock Raiders (HKLM-x32\...\LEGO Rock Raiders) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.377 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.377 - LogMeIn, Inc.) Hidden
Long Live The Queen (HKLM-x32\...\Steam App 251990) (Version: - Hanako Games)
LOOT (HKLM-x32\...\LOOT) (Version: 0.6.0 - LOOT Development Team)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mass Effect (HKLM-x32\...\Steam App 17460) (Version: - BioWare)
Mass Effect 2 (HKLM-x32\...\Steam App 24980) (Version: - BioWare)
Microsoft Application Compatibility Toolkit 5.6 (HKLM-x32\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Might & Magic: Clash of Heroes (HKLM-x32\...\Steam App 61700) (Version: - Capybara Games)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mini Metro (HKLM-x32\...\Steam App 287980) (Version: - Dinosaur Polo Club)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.68 - MSI)
MSI GamingApp (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 1.0.0.13 - MSI)
MSI Intel Extreme Tuning Utility (HKLM-x32\...\{2301bb34-385a-4a57-877f-c54347957fad}) (Version: 4.0.6.305 - Intel Corporation)
MSI Intel Extreme Tuning Utility (x32 Version: 4.0.6.305 - Intel Corporation) Hidden
MSI Kombustor 2.5.6 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.009 - MSI)
Mystery Case Files®: Dire Grove™ Collector's Edition (HKLM-x32\...\BFG-Mystery Case Files - Dire Grove Collector's Edition) (Version: - )
NETGEAR WNDA3100v2 wireless USB 2.0 driver (HKLM-x32\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 2.2.0.4 - NETGEAR)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version: - Messhof)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 358.50 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Odyssee-Speech 1.0 (HKLM-x32\...\Odyssee-Speech) (Version: 1.0 - OdysseeModTeam)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Paper Sorcerer (HKLM-x32\...\Steam App 263560) (Version: - Jesse Gallagher)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
Project Zomboid (HKLM-x32\...\Steam App 108600) (Version: - Indie Stone Studios)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.39.1040 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Razer Comms (HKLM-x32\...\Razer Comms) (Version: 5.11 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.17.22533 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7245 - Realtek Semiconductor Corp.)
Receiver (HKLM-x32\...\Steam App 234190) (Version: - Wolfire Games)
Risen 3 - Titan Lords (HKLM-x32\...\{383CAA4A-9B72-4DE9-9B0F-780C49682780}) (Version: 1.00 - Deep Silver)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - )
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)
Roleplaying City Map Generator 5.40 (HKLM-x32\...\{3B585A53-CC41-4969-A7CB-F0E5D34ACA08}) (Version: 5.4.0.0 - )
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
RPG Maker VX Ace (HKLM-x32\...\Steam App 220700) (Version: - Enterbrain)
RPG Maker XP (HKLM-x32\...\Steam App 235900) (Version: - Degica)
Sacred 2 - Elite (HKLM-x32\...\{2BB047B7-E613-4686-BE0C-E63BB26BE121}) (Version: 1.00.0000 - )
Sacred 2 (HKLM-x32\...\{1023383E-D9F6-478C-A965-23A4657B3C9A}) (Version: 2.64.0.0 - Deep Silver)
Sacred 2 Gold (HKLM-x32\...\Steam App 225640) (Version: - Ascaron)
Sacred Gold (HKLM-x32\...\Steam App 12320) (Version: - Ascaron Entertainment ltd.)
Sacred Underworld (HKLM-x32\...\Sacred Underworld_is1) (Version: - Ascaron Entertainment GmbH)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version: - Harebrained Schemes)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - Keen Software House)
Spore (HKLM-x32\...\Steam App 17390) (Version: - Maxis™)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.022 - MSI)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
System Shock 2 (HKLM-x32\...\Steam App 238210) (Version: - Irrational Games)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.38475 - TeamViewer)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD Projekt RED)
Thief 2 (HKLM-x32\...\Steam App 211740) (Version: - Looking Glass Studios)
Thief Gold (HKLM-x32\...\Steam App 211600) (Version: - Looking Glass Studios)
Thief: Deadly Shadows (HKLM-x32\...\Steam App 6980) (Version: - Ion Storm)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version: - 11 bit studios)
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version: - Mike Bithell)
TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)
UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 6.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Speech Recognition Macros (HKLM-x32\...\{8DC197D6-F4AB-44E0-ACF7-210355E6F389}) (Version: 1.0.6862.19 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {04B955D6-9731-43F6-8451-F4EB404460C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {06EB6B25-C96D-4BCD-8BC3-0237D684BE8D} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2429973200-1952470861-1716419375-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {0DD98130-6441-4A58-8387-FCEA20BDA314} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {3960F09C-2C4E-427A-8334-63A02FD83344} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {43F4242D-B484-46A3-B195-995B4D080D51} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {54044415-FEA6-40E2-9565-0241FE4135BB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {653C69B2-562E-4565-BA6F-EB13C3D86903} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-22] (Adobe Systems Incorporated)
Task: {74D95A25-FB0A-409D-9D12-7BEED8D2C962} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2429973200-1952470861-1716419375-1001UA => C:\Users\Arne\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {838D0CDB-5DF9-4429-A087-8D29A2E16754} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-luigiarne@live.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {8C6F652B-36B6-42E9-9076-8BDA4C473BF3} - System32\Tasks\Start CorsairLINK Hardware Monitor => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exe [2013-08-06] (Corsair Components, Inc.)
Task: {8EA01FD0-D0DA-47F1-928C-B92ADA051C78} - System32\Tasks\{313474B4-55E4-4C98-A5B7-564E080A7119} => pcalua.exe -a H:\DirectX6\DirectX6\Directx\dinstall.exe -d H:\DirectX6\DirectX6\Directx
Task: {92831619-3D2D-40B4-A103-B52D8AE7C833} - System32\Tasks\{EE79AC62-2AB3-462F-AB98-78FB96B17429} => pcalua.exe -a "C:\SIERRA\Herrscher des Olymp - Zeus\Zeus.exe" -d "C:\SIERRA\Herrscher des Olymp - Zeus"
Task: {A3A3EE1A-71D7-4F6F-848E-610BDAA92661} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A942C660-1617-4F79-994D-1BE127C6AF2D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-09-12] (Microsoft Corporation)
Task: {B7C135DB-5BEA-45AE-9AEE-BA701BA6A87C} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {C2E536EC-7388-4D49-A1D2-5A51F4ED0FDD} - System32\Tasks\{8D7AECB1-FF08-4CED-B4FF-3006E259FE0B} => pcalua.exe -a "F:\Daten von anderen Medien\Mama PC\HdOZ\Herrscher des Olymp - Zeus\Zeus.exe" -d "F:\Daten von anderen Medien\Mama PC\HdOZ\Herrscher des Olymp - Zeus"
Task: {C8C1769D-EBF0-4817-BBE2-C2B654E1E9A2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2429973200-1952470861-1716419375-1001Core => C:\Users\Arne\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {D9BE0052-0BC6-431C-91C3-62F911987268} - System32\Tasks\DeviceDetector7 => C:\Program Files (x86)\CyberLink\MediaEspresso7\DeviceDetector\DeviceDetector7.exe [2014-06-17] (CyberLink)
Task: {ECFFCE26-034B-432E-AF35-BBA61DFB1E0A} - System32\Tasks\{929C1D19-79DD-4E02-9F98-1DFB6842E470} => pcalua.exe -a "C:\ProgramData\G Data\Setups\{2A1FF304-D778-49F1-B340-E4BF4CDA2EB0}\setup.exe" -c /InstallMode=Uninstall /_DoNotShowChange=true
Task: {F2917EBE-FACA-498E-963A-EA3DB1C8AF01} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {F46127E7-FD81-4631-A5E1-C19A1A2D4F54} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [2013-12-05] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2429973200-1952470861-1716419375-1001Core.job => C:\Users\Arne\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2429973200-1952470861-1716419375-1001UA.job => C:\Users\Arne\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-08-04 23:25 - 2015-10-03 04:49 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-13 11:54 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-01 17:31 - 2013-08-01 17:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-04-16 18:16 - 2014-04-16 18:16 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-23 21:11 - 2015-06-23 21:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-06-16 11:17 - 2015-06-16 11:17 - 00382584 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2014-04-08 23:17 - 2013-12-05 09:21 - 03082608 _____ () C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe
2015-09-15 21:34 - 2015-08-12 05:15 - 08900672 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-04-06 20:05 - 2012-11-01 11:23 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2014-04-06 20:05 - 2012-11-01 11:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2014-04-08 23:17 - 2013-12-05 09:21 - 00088424 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll
2014-04-08 23:17 - 2013-12-05 09:21 - 00154472 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbRobbins.dll
2015-03-30 18:12 - 2015-08-27 02:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-28 18:11 - 2015-08-28 18:11 - 00091136 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\LuaQtWrapperLibrary.dll
2015-08-28 18:09 - 2015-08-28 18:09 - 00224256 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2015-08-28 18:09 - 2015-08-28 18:09 - 00200704 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\lua52.dll
2014-04-06 21:41 - 2014-09-28 18:59 - 00019872 _____ () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll
2014-11-13 11:55 - 2014-11-13 11:59 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-04-06 20:13 - 2013-09-16 21:20 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-09-26 21:54 - 2015-09-24 04:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-26 21:54 - 2015-09-24 04:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:6A936202
AlternateDataStreams: C:\ProgramData\Temp:80FE037D
AlternateDataStreams: C:\ProgramData\Temp:FAFEC4B9
AlternateDataStreams: C:\Users\Arne\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Arne\Downloads\Ehrenhändel.pdf:com.dropbox.attributes
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\skype.com -> hxxps://apps.skype.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Arne\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
MpsSvc => Firewall Dienst läuft nicht.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: Disc Soft Bus Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MSICOMM_CC => 3
MSCONFIG\Services: MSICPU_CC => 3
MSCONFIG\Services: MSICTL_CC => 2
MSCONFIG\Services: MSIDDR_CC => 3
MSCONFIG\Services: MSISMB_CC => 3
MSCONFIG\Services: MSISuperIO_CC => 3
MSCONFIG\Services: MSI_LiveUpdate_Service => 2
MSCONFIG\Services: MSI_Trigger_Service => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: ose => 3
MSCONFIG\Services: Qualcomm Atheros Killer Service V2 => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SuperRAIDSvc => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TunngleService => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WSWNDA3100v2 => 2
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "LiveUpdate 5"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "Fast Boot"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\StartupApproved\Run: => "Power2GoExpress8"
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\StartupApproved\Run: => "EADM"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DC16D13A-DD07-405B-8263-07EF14B34C0C}] => (Allow) C:\Program Files (x86)\Intel\Extreme Tuning Utility\Client\PerfTune.exe
FirewallRules: [{29468ABF-1C29-4205-890B-3BF9A9F1DAD1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E1E43572-0D08-4D70-9403-E129AC9E9023}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2CAA93BA-8051-48A0-AD2B-53E50D396F71}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C806807C-7174-4D0E-BD60-B9DAB7B3DE17}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1FCB1805-8E35-40DF-AD95-F13148357943}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{60CA1261-07A8-4BDC-B4CF-6DA406F0FFD8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{8492C114-97A8-4E53-8140-81E6063A853C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{0C7D3FF7-D248-4162-AED5-59BA53371555}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{6DEEB53C-4174-4A25-A278-045D71646F45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{90B23AF7-EA57-4B88-8299-F3D8F1371312}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{34776462-A519-4396-89F4-7A718D52FE02}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{75F47CF5-B5F2-4824-BA53-D2911EB349E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{A77E326E-E607-4FD9-986B-62D8C46ED702}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{4CCBE81E-AFB8-4A55-9455-0089052947F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{5A45FC3E-01E4-454B-98A8-457E9DFBA2EC}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{0D8A987B-E332-49B1-84AC-330533019E51}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{7A3469E8-B205-49DE-B600-085481AD2B80}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{241DFB71-A7A1-45E8-AFC3-CC8798FF3E2E}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{1BD2E10F-CE99-4C22-8949-DEFDCE4E68B9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3AEC38E6-AC1F-40A9-B444-77691ED5AB9C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E35E49F5-E2A4-4D11-B8C7-2247C12F9176}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C4F9E139-6B13-4295-A506-E7C4C6982C9E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F4C09689-42AE-422B-809E-1E98728B43BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\arma 2 operation arrowhead\Expansion\beta\Arma2OA.exe
FirewallRules: [{15704237-B75D-4201-A2ED-2A931C049519}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\arma 2 operation arrowhead\Expansion\beta\Arma2OA.exe
FirewallRules: [{62E223E8-6CFD-406B-98AB-57B3EC221D6B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{779F2EEA-5A82-4BD4-94DB-4EB5A271FD0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{5F18B74D-5DE5-4468-8DE4-8EEB580D966C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{0AE206A0-9E9A-4A24-B164-EE4C902B0013}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{DD281CC1-C11B-4BC8-BBF2-D218D979F0AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{F85F3E50-8936-4511-948B-8523225836B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{DECEC117-6A99-49DF-B1B4-E7F57448E4B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{8FC2A2E4-2889-4F45-902E-42FE43261D10}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{363A21B2-5EB2-4138-9615-8B99EED7B423}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{97A5F1A2-A254-4EBF-9381-D6D817C0E48B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{3AA36BB0-95E3-468A-B35E-45028E1A2DF5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{637DAAB8-2D88-4D16-838B-FE443AC73D89}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{F7A36963-3904-41EA-9B80-CDFD979F0888}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{8AF58CFB-73B5-44C1-84FE-3F4F5BF76392}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{2D8BE591-8968-4025-8C2A-D92174263B8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\divine_divinity\div.exe
FirewallRules: [{270F127D-4699-4E7C-B5A6-5E34A2186241}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\divine_divinity\div.exe
FirewallRules: [{160B3BB9-69AC-4747-B6CE-C7EFCB4FF94C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\divine_divinity\configtool.exe
FirewallRules: [{D20F38E7-EC28-4A00-817A-BAF09B91CD7F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\divine_divinity\configtool.exe
FirewallRules: [{DC046D01-05A7-4FED-9636-7E683B8DBCE0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gone Home\GoneHome.exe
FirewallRules: [{3C4C12AE-66A0-494F-898B-647E93CFBC95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gone Home\GoneHome.exe
FirewallRules: [{2EB37E27-5AEC-4238-894B-FDD224DB311C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\thief_gold\THIEF.EXE
FirewallRules: [{8DBD4FFB-4A76-44C7-86BA-4EF197786EAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\thief_gold\THIEF.EXE
FirewallRules: [{29FAE1AD-3AE2-4F1F-8BC9-DA1101050E03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\thief_2\thief2.exe
FirewallRules: [{92303C16-DF86-4E2F-A27A-44841C1B0C72}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\thief_2\thief2.exe
FirewallRules: [{19020EC7-2F06-45E1-B86B-39C6B2B43DCD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Thief Deadly Shadows\System\runme.exe
FirewallRules: [{CDB1C5C7-738D-4CBB-BF85-550A4ADF3375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Thief Deadly Shadows\System\runme.exe
FirewallRules: [{F4C5350E-4804-441E-B171-04CD98633289}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bulletstorm\Binaries\Win32\ShippingPC-StormGame.exe
FirewallRules: [{4DA38DB0-EBFB-42DB-B9C7-FE20340CDCA1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bulletstorm\Binaries\Win32\ShippingPC-StormGame.exe
FirewallRules: [{6A91BC52-1FC6-43BC-B690-12662B5287DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\CreationKit.exe
FirewallRules: [{FD1BC291-B9B0-4468-897B-3670C515F4F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\CreationKit.exe
FirewallRules: [{B9A79176-98DD-4788-BAAB-3A4BBC9AA642}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{9D184652-BC28-4E7E-8C4C-421A3DC0E957}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{1476AB95-C4E0-4326-881A-C2BC49EB2F26}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Clash of Heroes\ClashOfHeroes.exe
FirewallRules: [{58961019-E000-4405-826C-984E379496E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Clash of Heroes\ClashOfHeroes.exe
FirewallRules: [{71221098-9801-4EC7-B191-531FC76126C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{547FBBB1-8031-4BAD-BEF6-96C8F54C5375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{258306F6-BA63-4110-940C-3D791A8E03D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{A8311EA0-5541-49CE-93E5-4849C62F5CDE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{34B97BBA-990F-46B7-A8B9-0022F563D0BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{D1EF9219-A73A-4071-B1CB-80CA27BDA7E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{FC1F76E8-5A7B-44AB-86AF-F87AF8A873BA}] => (Allow) C:\Users\Arne\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{19185F86-C4F0-4AA8-AD62-7B05C448B29A}] => (Allow) C:\Users\Arne\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E51C1F60-0A63-4EA3-A8C9-E72AEE41FDFF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{291DD970-688C-46F7-B63D-24D1FE5CF27F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{38360BA7-FC60-425D-9BA7-54E6909BE9C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{C0C603FB-DB47-408C-AD7D-5781E1D4A95E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{3260A47D-7068-4A2A-9857-9636D8F8E61A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{CCEEC348-540A-4693-ACCE-2AD2A9A7153E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{29C98F05-18EC-4A91-A7FD-D6B6A33E9D98}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred Gold\Sacred.exe
FirewallRules: [{E400D3A0-4CD2-4560-9B88-9B3F371DBB39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred Gold\Sacred.exe
FirewallRules: [{A4D1B485-A4F0-49A3-BE79-E8E6C0BC5F02}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{7BE178A6-09D3-423C-88F4-10539ABD5D80}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{50EF5E4D-A10A-401E-936D-ADC7AE0A6B8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{73B8BC2A-030F-4E12-AA9F-8AB978087216}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{02B98376-E3CA-4DFA-9FBA-B21062D716A7}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{E0FD43E6-AD4F-4A47-8FCD-63EAD1ABC8EE}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{B8544FC1-4F8A-46E9-B137-CD80E5FE1D33}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{7A96BE9F-C2B2-41A0-9479-44A32FA8F6AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{DD1CE780-AD4C-4851-9F2D-D0EF2F8BB677}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{B2F6B5C7-51AA-4DC5-B992-6258AD9BE918}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{675FEA7E-F827-4D2E-A773-1B62DBCDD664}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{5E0111B4-A85C-40F6-99E8-20A8CB426F5F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{5E42D7B0-BE17-4C9C-BEE1-F0D47261CB6A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{5F144C5F-670B-4C53-B892-0ECEB2F3997F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{BD7EAE16-3A5D-4F03-859A-A200F151F39B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [{F848F231-332A-49A5-8C54-E649CBF5A91F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [{CE3193CC-E822-4472-98F2-AC73621D83FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{AB325CA8-5FE4-4A2F-BCF0-02191C0C055F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{29DB7430-9B31-4922-8AD3-79E1D4FFCE3A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{700CAF0E-0D80-4340-835C-D7869C75091E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F0F14772-5632-4E76-84A4-9FC956BBB873}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{2D152367-F06B-4D84-828E-A106B4B3F113}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{0A917922-1E74-4919-98B9-3547DDC8846C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{C2F2C2B2-CF1B-4A3E-A9F2-014B5799495E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{E545204B-21FC-48A6-BD86-D8BE17994239}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{B688B00A-07E5-4C4E-AA26-18FCF21F96C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{1D52D07C-1836-4C0D-8C2F-C0B3753DB65F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{09A7960C-4AC0-4855-BA0B-1017DC52E560}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{EAA9F7F5-9022-47F5-A77D-F1A3A862888C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{4FB4F2EC-8724-47D3-9F12-AFF64A8DD01E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{516C5BEA-9A7A-4608-9792-DD7B893861A5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{E5C2D3D1-C0E0-47A3-BF73-8864C82055E2}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{1B2FF707-86A1-4F41-9227-67DC48D062AB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{25B60AFF-2981-4DD9-AE09-AECBBE36E593}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{9A374454-C02F-4A14-B589-FB2D6F48C447}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LongLiveTheQueen\LongLiveTheQueen.exe
FirewallRules: [{7B8C8C98-DD00-4CFA-8081-C81B68BAA16E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LongLiveTheQueen\LongLiveTheQueen.exe
FirewallRules: [{E2C04D9F-2F4E-4020-B08C-6C33BCF638BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{60452FFB-E33D-42F1-AFB5-F37246A8AA95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{3406FBFF-23E0-4805-9C4E-573845FED93E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{82A74DD1-1A47-4EE8-9D32-5567BC15B850}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{BBB982C1-ADE6-4A50-A1C5-65A141E766D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{8F791460-962B-4E28-9EA9-C4854C0486DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{CAD29422-F26E-48F3-9EB7-7823A19476C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{AB86E2EF-367B-4BCA-BA09-86E158AC10A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid32.exe
FirewallRules: [{A8B7C3CD-14B5-4918-BCE2-B26637BF6EB7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid32.exe
FirewallRules: [{91DEBD8F-0756-41D4-BFAE-7AB37D9FD895}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\0rbitalis\0RBITALIS.exe
FirewallRules: [{D90CD9C9-B969-45DC-A146-E022CD472B0B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\0rbitalis\0RBITALIS.exe
FirewallRules: [{E762CE04-B401-4962-9085-47119B88F62E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{28605DE9-C356-4804-9623-BD2BDC4E036C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{3F9E9166-0F79-479C-B3D7-6AF942C925B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\English Country Tune\English Country Tune.exe
FirewallRules: [{62C50A8F-5E66-4BF9-A640-CE09000DDF1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\English Country Tune\English Country Tune.exe
FirewallRules: [{27905AFE-7BFC-42D2-A850-19E2762234A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{17ABFA1E-7C0A-4F35-BE70-E5910C64DE9C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{7BBA5C93-FF20-4785-B1BC-7C79A2765BA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{F828CF0A-4F26-42A9-89ED-06454CB0C46A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{8F1A78FD-B1DB-4D7D-A3C6-4A78FFEA818E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic II\system\Gothic2.exe
FirewallRules: [{95F5E892-9B00-443A-97ED-68138FB4234A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic II\system\Gothic2.exe
FirewallRules: [{8C83818B-C9A5-4DAB-BF85-19482AA5695A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{9BD998DC-1C6A-4F13-8DB7-923FFFB743E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{C5C11FD3-6B2B-4701-9B8C-9AB6579AAD42}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{76B7A982-15DE-405B-88DD-37445A745E07}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B9514C13-60A5-4E43-9B77-8CF3166D89C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{568F5CE7-D2A7-4002-95B9-540E4C7CB068}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E217F001-6D09-47BD-8191-45D84F56AF91}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPGVXAce\RPGVXAce.exe
FirewallRules: [{D1AC1375-458D-4C79-864F-8C372E89D9D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPGVXAce\RPGVXAce.exe
FirewallRules: [{0E0D5D40-C0F2-4DBE-9C22-E75028AED1F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPGXP\RPGXP.exe
FirewallRules: [{B44D70D0-989B-478B-9143-042A9E84D0F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPGXP\RPGXP.exe
FirewallRules: [{06AAD81C-AFEE-4C7C-BD15-3A9F70D0473A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Delver\delver.exe
FirewallRules: [{02E51636-1BB5-48A2-8563-B1E1AE3CE3A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Delver\delver.exe
FirewallRules: [{8CFE0E04-60C2-49CB-9986-FA0F1377A12C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{34510A6E-BAC9-439D-AF4E-73BC6665982A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{38681EC0-CCBA-444B-B47B-5798C92BDB55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{020A0F0B-F9A3-40C1-895C-E4AE7F6DF8EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{E20D5A70-AFB0-44EA-AF83-BEB38AE56163}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{7EE344E5-BAB4-4B31-9BE9-49A108138C56}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{4A8136DF-9773-4043-B03D-F8998615961C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{F87960A0-C3E6-4100-84DA-1F3C2D80A531}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{3D4D4488-43E3-4372-AB9F-55599AAF9C29}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [{538CF3E2-E416-46E3-8E3F-4C0DFE94D7A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [{80D79EC1-8560-4E28-AD1E-68BA475C106A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{7A73BDD4-D43D-4EC8-BAC5-017D3EB4FEC3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{6C464E0F-C882-4CDD-A886-F36445B16EE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{1340C697-135B-46C9-AECF-A6A33CE0B953}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{012B5330-967B-4789-991A-EB7AD9B764AE}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{EE8B4713-6C12-4228-AD83-53AD01EF969E}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{18D5149D-880A-459B-8534-6DF7C1201A9A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E4D9721E-E46F-4EF8-81FA-DD2697B8C469}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{331C0175-3A61-427F-ABB5-F8E22679982F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{C80F4E94-8D44-4C38-8E7D-5119E779DB3F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{9581A42E-9F00-4BE2-9C42-954E4B7E2391}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of Pen and Paper\knightspp.exe
FirewallRules: [{0F6BED09-0EA9-42D2-BC77-CDC07424B061}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of Pen and Paper\knightspp.exe
FirewallRules: [{FF6F1D37-FBA1-42C2-ACB7-215ECBD5F2DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Axis Game Factory\Axis Game Factory.exe
FirewallRules: [{A20504D4-C1AE-4B0E-AC3F-94D4F7F9F819}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Axis Game Factory\Axis Game Factory.exe
FirewallRules: [{AB4EBA53-435F-4519-BB79-0DD6F6520C63}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{0D7C1082-1087-488A-AE1E-C97F205C6FA4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{9383C60F-CF5B-4F94-AE87-894BE0878EEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Receiver\Receiver.exe
FirewallRules: [{15C09D4C-5E7F-415C-BA67-BEC466D01BC9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Receiver\Receiver.exe
FirewallRules: [{3994860F-9506-4143-8BE4-442155300879}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9FE9F209-9E31-40C3-AA01-A2776C5668EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{50725B0D-854D-42BF-A57D-5188CCDAC088}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{7DC78678-E6DC-44A0-9F19-C696AC555BF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2946897D-C7D9-40F2-8CE9-3E1CF8D83FD8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{43670852-B6D0-4D2D-8AD7-A32AA1E593D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{67E810C6-3759-4439-92FA-ADD084C66BFE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{D871E605-EEAC-4667-8126-AED8E652DC47}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{E96C21ED-F2EE-49FA-BDD3-A1C9A8B8FF9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{6E8E0E76-B3AF-4226-9A24-E46C6C1429B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MiniMetro\MiniMetro.exe
FirewallRules: [{98CA9968-D73B-4AF9-9567-9448038A4772}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MiniMetro\MiniMetro.exe
FirewallRules: [{ADDDC840-1F20-42AD-90B4-AD48DA4B2DC4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BAA1C06A-0541-41A8-A6B9-2BEE71CA4ECD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{32CAEC9B-ABF7-4813-BD32-010EBDF80B57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{8524F88A-02C7-47A2-8A30-21370F9F376F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{45D1A8E3-1852-47E5-A92F-40694CF545CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{A2D7A8E1-C87B-482B-915C-0BC7BCE1003C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{31A7C3DA-8880-4C43-8816-E3BC3DA05640}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{4B5D1565-CEF9-427F-B583-A36B878FCAFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SS2\Shock2.exe
FirewallRules: [{69A3A156-C7DB-4D75-BD02-4F07071B4EDD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SS2\Shock2.exe
FirewallRules: [{BC6DAEC5-D60D-4A88-9A7F-D447EB864CF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{E349C860-153B-4B49-8450-FE3818537488}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Konnte Geräte nicht auflisten. Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/12/2015 03:27:19 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <10, 0x80071a30, Fehler beim Speichern der Änderungen am Crawl Scope-Manager: >.
Error: (10/12/2015 03:27:19 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <20, 0x80071a30, "">.
Error: (10/12/2015 03:26:39 PM) (Source: ESENT) (EventID: 104) (User: )
Description: SearchIndexer (10384) Windows: Das Datenbankmodul hat die Instanz (0) mit einem Fehler (-510) beendet.
Interne Zeitsteuerungsabfolge: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.000, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000.
Error: (10/12/2015 03:26:39 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. 0xc0041801 (0xc0041801)
Error: (10/12/2015 03:26:39 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (540)} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.
Details:
0x8e5e01fe (0x8e5e01fe)
Error: (10/12/2015 03:26:39 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/12/2015 03:26:38 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4811 - enduser\mssearch2\search\search\gather\server\pathtbl.cxx (144)} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
Error: (10/12/2015 03:26:38 PM) (Source: ESENT) (EventID: 492) (User: )
Description: SearchIndexer (10384) Windows: Die Protokolldatei-Reihenfolge in "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\" wurde durch einen schwerwiegenden Fehler angehalten. Für die Datenbank, die diese Protokolldatei-Reihenfolge verwendet, sind keine weiteren Aktualisierungen möglich. Bitte korrigieren Sie das Problem, und starten Sie erneut, oder führen Sie eine Wiederherstellung aus einer Sicherung durch.
Error: (10/12/2015 03:26:38 PM) (Source: ESENT) (EventID: 416) (User: )
Description: SearchIndexer (10384) Windows: Beim Leeren von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log kann nicht in Abschnitt 2 geschrieben werden. Fehler -1022 (0xfffffc02).
Error: (10/12/2015 03:26:38 PM) (Source: ESENT) (EventID: 482) (User: )
Description: SearchIndexer (10384) Windows: Versuch, in Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log" bei Offset 565248 (0x000000000008a000) für 262144 (0x00040000) Bytes zu schreiben, ist nach SearchIndexer0 Sekunden mit Systemfehler 1117 (0x0000045d): "Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. " fehlgeschlagen. Fehler -1022 (0xfffffc02) bei Schreiboperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
Systemfehler:
=============
Error: (10/12/2015 03:27:59 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (10/12/2015 03:27:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/12/2015 03:27:29 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%6704
Error: (10/12/2015 03:19:17 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (10/12/2015 03:18:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/12/2015 03:18:47 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%6704
Error: (10/12/2015 03:15:30 PM) (Source: volsnap) (EventID: 14) (User: )
Description: Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers auf Volume "C:" abgebrochen.
Error: (10/12/2015 03:10:07 PM) (Source: volsnap) (EventID: 14) (User: )
Description: Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers auf Volume "C:" abgebrochen.
Error: (10/12/2015 03:08:13 PM) (Source: volsnap) (EventID: 14) (User: )
Description: Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers auf Volume "C:" abgebrochen.
Error: (10/12/2015 03:04:17 PM) (Source: volsnap) (EventID: 14) (User: )
Description: Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers auf Volume "C:" abgebrochen.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16327.93 MB
Verfügbarer physikalischer RAM: 13179.22 MB
Summe virtueller Speicher: 32711.93 MB
Verfügbarer virtueller Speicher: 28606.67 MB
==================== Laufwerke ================================
Drive c: (Samsung) (Fixed) (Total:931.17 GB) (Free:338.3 GB) NTFS
Drive d: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.01 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (500 KB von Arne) (Fixed) (Total:456.95 GB) (Free:438.43 GB) NTFS
Drive f: (3T) (Fixed) (Total:2794.39 GB) (Free:2508.4 GB) NTFS
Drive g: (DATA) (Fixed) (Total:457.46 GB) (Free:457.27 GB) NTFS
Drive h: (IRM_CCSA_X64FRE_DE-DE_DV5) (CDROM) (Total:3.68 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C52ECE49)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FEB9136C)
Partition 1: (Not Active) - (Size=17 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=457 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=457.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
13.10.2015, 18:15
| #4 |
| /// the machine /// TB-Ausbilder | Windows 8.1: plötzlich langsam, Untersuchungen der SSD brauchen 15h Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.10.2015, 20:30
| #5 |
| | Windows 8.1: plötzlich langsam, Untersuchungen der SSD brauchen 15h Danke nochmal, hier sind die weiteren logs (Teil 1/2): MBAM hat, glaube ich, nichts gefunden, aber hier ist der log zur Sicherheit: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 13.10.2015 Suchlaufzeit: 19:25 Protokolldatei: MBAM 13-10.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.10.13.06 Rootkit-Datenbank: v2015.10.06.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Arne Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 368869 Abgelaufene Zeit: 8 Min., 11 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Warnen PUM: Warnen Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.013 - Bericht erstellt am 13/10/2015 um 20:10:51
# Aktualisiert am 09/10/2015 von Xplode
# Datenbank : 2015-10-09.3 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Arne - ARNEGAMING
# Gestartet von : C:\Users\Arne\Desktop\AdwCleaner_5.013.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Program Files (x86)\DriverToolkit
[-] Ordner Gelöscht : C:\Users\Arne\AppData\Local\DriverToolkit
[-] Ordner Gelöscht : C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bmnlcjabgnpnenekpadlanbbkooimhnj_0.localstorage
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.001
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.7z
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.arj
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.bz2
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.bzip2
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.cab
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.cpio
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.deb
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.dmg
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.fat
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.gz
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.gzip
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.hfs
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.iso
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.lha
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.lzh
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.lzma
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.ntfs
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.rar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.rpm
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.squashfs
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.swm
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.tar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.taz
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.tbz
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.tbz2
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.tgz
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.tpz
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.txz
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.vhd
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.wim
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.xar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.xz
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.z
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\WinZipper.zip
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\DriverToolkit
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\DriverToolkit
***** [ Internetbrowser ] *****
[-] [C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : bmnlcjabgnpnenekpadlanbbkooimhnj
[-] [C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Gelöscht : hxxp://www.trovigo.com/?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPF0FC7C4F-7659-43B8-A530-B5710A8194E6&SSPV=
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [4315 Bytes] ##########
JRT wurde von G-Data deaktiviert, obwohl Wächter, Firewall und Autopilot ausgeschaltet waren. Ich habe aber nichts online zum "komplett abstellen" gefunden und stattdessen alle Tasks im Manager gestoppt. Danach hat es geklappt. Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 8.1 x64
Ran by Arne on 13.10.2015 at 20:32:50,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\Users\Arne\AppData\Roaming\3909
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Arne\Appdata\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj
[C:\Users\Arne\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Arne\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
bmnlcjabgnpnenekpadlanbbkooimhnj
[C:\Users\Arne\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Arne\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
bmnlcjabgnpnenekpadlanbbkooimhnj
]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.10.2015 at 20:35:08,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mit FRST habe ich ein paar Probleme, zum einen wollte G-DATA mir weismachen, dass FRST in die Quarantäne sollte, dass habe ich erstmal gestoppt und bin jetzt etwas skeptisch gegenüber dem Programm, kannst du mir eine bessere Alternative empfehlen? Außerdem hat mir G-DATA diese Nachricht geschickt:  Zweitens bekomme ich immer diese Nachricht, wenn ich das Programm starte:  Ich drücke dann auf nein, und das Programm läuft, aber komisch ist es allemal. Hier die zwei logs: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-10-2015
durchgeführt von Arne (Administrator) auf ARNEGAMING (13-10-2015 20:43:10)
Gestartet von C:\Users\Arne\Desktop
Geladene Profile: Arne (Verfügbare Profile: Arne)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575256 2014-05-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [G Data ASM] => "C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" /autostart
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [12844864 2015-08-28] (Corsair Components, Inc.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe [1864312 2015-06-16] (G DATA Software AG)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\Run: [f.lux] => C:\Users\Arne\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\MountPoints2: {9ab6c832-0055-11e4-8281-448a5b5d8518} - "J:\Browse.exe"
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{5E06F4D9-FE63-4FC0-AFC6-15D8F73957BD}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6B82A37A-7428-425F-975B-5FE6A16B7C4B}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-07] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-07] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Arne\AppData\Roaming\Mozilla\Firefox\Profiles\vfgsmcoi.default
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-22] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-22] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2014-03-24] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-10-19]
FF Extension: Kein Name - C:\Users\Arne\AppData\Roaming\Mozilla\Firefox\Profiles\vfgsmcoi.default\extensions\faststartff@gmail.com [nicht gefunden]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovigo.com/?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPF0FC7C4F-7659-43B8-A530-B5710A8194E6&SSPV=
CHR StartupUrls: Default -> "","hxxp://www.google.com/"
CHR Session Restore: Default -> ist aktiviert.
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Profile: C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-04-01]
CHR Extension: (Open Reddit NSFW Links in Incognito Window) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aedepcllfamehicoifddolbbnmahlkff [2015-06-25]
CHR Extension: (Google Docs) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-06]
CHR Extension: (Google Drive) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-12]
CHR Extension: (YouTube) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-06]
CHR Extension: (uBlock Origin) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-02-11]
CHR Extension: (Google Search) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-06]
CHR Extension: (Chain Reaction) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemgfpodpjapjhfohdlibagceiknakpa [2014-04-06]
CHR Extension: (Google Docs Offline) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
CHR Extension: (The Camelizer) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo [2015-07-15]
CHR Extension: (Isoball 3) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj [2014-04-06]
CHR Extension: (IP Address) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml [2014-04-06]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-04-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-10]
CHR Extension: (Hover Zoom) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-04-10]
CHR Extension: (AlienTube for YouTube™) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\opgodjgjgojjkhlmmhdlojfehcemknnp [2015-07-03]
CHR Extension: (Click&Clean App) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-04-06]
CHR Extension: (Gmail) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-06]
CHR Extension: (Reddit Trading Flair Linker Enhanced) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnahghpneiabcncanmccahgloopbbbgp [2014-05-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2558072 2015-06-19] (G Data Software AG)
S2 AVKService; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe [966776 2015-06-16] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe [3711712 2015-06-16] (G Data Software AG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
S4 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [813328 2014-04-28] (Disc Soft Ltd)
S2 Ds3Service; C:\Program Files (x86)\Controller PS3\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [Datei ist nicht signiert]
R2 GDBackupSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [3894392 2015-06-19] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe [3202368 2015-06-19] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789624 2015-06-16] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [2235512 2015-06-16] (G Data Software AG)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-07-14] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2100736 2014-06-04] (MSI) [Datei ist nicht signiert]
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4026368 2014-06-06] (MSI) [Datei ist nicht signiert]
S4 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2118144 2014-06-03] () [Datei ist nicht signiert]
S4 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4157440 2014-06-17] () [Datei ist nicht signiert]
S4 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [1990144 2014-06-03] () [Datei ist nicht signiert]
S4 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2250240 2014-06-06] () [Datei ist nicht signiert]
S4 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2063360 2014-06-04] () [Datei ist nicht signiert]
S4 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [549888 2014-06-10] () [Datei ist nicht signiert]
S2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
S4 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1722320 2014-08-26] (Micro-Star International)
S2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-09] (MSI)
S4 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-28] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-16] ()
S4 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-01-22] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
S4 SuperRAIDSvc; C:\MSI\Super RAID\SuperRAIDSvc.exe [16384 2013-09-23] () [Datei ist nicht signiert]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
S3 TSNxGService; C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe [255608 2014-07-01] (G DATA Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S4 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [307928 2013-12-30] ()
S2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel(R) Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [80592 2013-11-08] (Qualcomm Atheros, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2015-05-18] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2015-05-18] (Corsair)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-07-11] (Disc Soft Ltd)
R3 dtscsibus; C:\Windows\system32\DRIVERS\dtscsibus.sys [29696 2014-06-30] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [158720 2015-10-11] (G Data Software AG)
R3 gddcd; C:\Windows\system32\drivers\gddcd64.sys [78848 2015-10-11] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv64.sys [58880 2015-10-11] (G Data Software AG)
S0 GDElam; C:\Windows\System32\DRIVERS\GDElam.sys [117904 2015-01-08] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-10-11] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-04-09] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230912 2015-10-11] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [91648 2015-10-11] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68608 2015-10-11] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-10-11] (G Data Software)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [125952 2015-10-11] (G Data Software AG)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [20464 2013-11-11] (Windows (R) Win 7 DDK provider)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] ()
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NPF; C:\Windows\system32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
S3 NTIOLib_1_0_1; C:\MSI\Super RAID\NTIOLib_X64.sys [14136 2012-06-11] (MSI)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIFrequency_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 rzjstk; C:\Windows\System32\drivers\rzjstk.sys [27816 2014-05-19] (Razer Inc)
S3 rzkeypadendpt; C:\Windows\System32\drivers\rzkeypadendpt.sys [32936 2014-05-19] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-07-12] (Duplex Secure Ltd.)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2015-10-11] (G Data Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.sys [14544 2015-10-13] (OpenLibSys.org)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-08-12] (CyberLink Corp.)
R3 cpuz136; \??\C:\Users\Arne\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-13 20:43 - 2015-10-13 20:43 - 00030081 _____ C:\Users\Arne\Desktop\FRST.txt
2015-10-13 20:35 - 2015-10-13 20:35 - 00001324 _____ C:\Users\Arne\Desktop\JRT.txt
2015-10-13 20:15 - 2015-10-13 20:15 - 00004402 _____ C:\Users\Arne\Desktop\AdwCleaner[C2].txt
2015-10-13 19:35 - 2015-10-13 19:35 - 00001193 _____ C:\MBAM 13-10.txt
2015-10-13 19:23 - 2015-10-13 19:23 - 01798976 _____ (Malwarebytes) C:\Users\Arne\Desktop\JRT.exe
2015-10-13 19:23 - 2015-10-13 19:23 - 01682432 _____ C:\Users\Arne\Desktop\AdwCleaner_5.013.exe
2015-10-12 21:36 - 2015-10-12 21:36 - 00000382 _____ C:\Windows\DirectX.log
2015-10-12 18:22 - 2015-10-12 18:23 - 00005779 _____ C:\Users\Arne\Desktop\GMER.txt
2015-10-12 17:35 - 2015-10-12 17:35 - 00000000 ____D C:\Users\Arne\AppData\Local\TempTaskUpdateDetection97956D7F-3CE4-4CAB-8CD4-7B6B6C13FE1C
2015-10-12 17:06 - 2015-10-12 17:06 - 00380416 _____ C:\Users\Arne\Desktop\Gmer-19357.exe
2015-10-12 16:17 - 2015-10-12 16:18 - 00003200 _____ C:\Users\Arne\Desktop\Trojaner Board.txt
2015-10-12 16:14 - 2015-10-12 16:14 - 00000580 _____ C:\Users\Arne\Downloads\defogger_disable.log
2015-10-12 16:14 - 2015-10-12 16:14 - 00000020 _____ C:\Users\Arne\defogger_reenable
2015-10-12 16:12 - 2015-10-12 16:12 - 00050477 _____ C:\Users\Arne\Downloads\Defogger.exe
2015-10-12 15:32 - 2015-10-12 15:32 - 00073958 _____ C:\Users\Arne\Downloads\Addition.txt
2015-10-12 15:31 - 2015-10-12 15:32 - 00056919 _____ C:\Users\Arne\Downloads\FRST.txt
2015-10-12 15:28 - 2015-10-13 20:43 - 00000000 ____D C:\FRST
2015-10-12 14:23 - 2015-10-13 19:22 - 02196480 _____ (Farbar) C:\Users\Arne\Desktop\FRST64.exe
2015-10-12 14:18 - 2015-10-12 14:18 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2015-10-12 14:05 - 2015-10-12 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-10-12 13:55 - 2015-10-12 13:55 - 00262144 _____ C:\Windows\SysWOW64\18
2015-10-12 13:55 - 2015-10-12 13:55 - 00000000 __SHD C:\#GDATA.Recovery.Data#
2015-10-11 22:11 - 2015-10-11 22:11 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2015-10-11 22:02 - 2015-10-11 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA TOTAL PROTECTION
2015-10-11 22:02 - 2015-10-11 22:02 - 00027648 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB64.sys
2015-10-11 22:02 - 2015-10-11 22:02 - 00001998 _____ C:\Users\Public\Desktop\G DATA TOTAL PROTECTION.lnk
2015-10-11 22:01 - 2015-10-11 22:01 - 00000000 ____D C:\Windows\ELAMBKUP
2015-10-11 21:26 - 2015-10-11 22:08 - 00091648 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2015-10-11 21:26 - 2015-10-11 22:02 - 00098760 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys
2015-10-11 21:26 - 2015-10-11 21:26 - 00078848 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcd64.sys
2015-10-11 21:26 - 2015-10-11 21:26 - 00058880 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcv64.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00230912 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00158720 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00125952 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00068608 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00042416 _____ C:\Windows\DPINST.LOG
2015-10-11 21:23 - 2015-10-11 21:23 - 00000000 ____D C:\ProgramData\G DATA Software
2015-10-11 21:07 - 2015-10-13 20:12 - 00039374 _____ C:\Windows\PFRO.log
2015-10-11 20:59 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-10-11 20:55 - 2015-10-13 20:00 - 00783796 _____ C:\Windows\WindowsUpdate.log
2015-10-11 20:53 - 2015-10-11 20:53 - 00003252 _____ C:\Windows\System32\Tasks\{929C1D19-79DD-4E02-9F98-1DFB6842E470}
2015-10-11 20:46 - 2015-10-13 20:25 - 00007182 _____ C:\Windows\setupact.log
2015-10-11 20:46 - 2015-10-11 20:46 - 00000000 _____ C:\Windows\setuperr.log
2015-10-11 17:45 - 2015-10-11 17:45 - 00000000 ____D C:\$WINDOWS.~BT
2015-10-11 16:25 - 2015-10-11 16:25 - 00262144 _____ C:\Windows\system32\config\userdiff
2015-10-11 15:38 - 2015-10-11 19:02 - 00000000 _____ C:\Recovery.txt
2015-10-09 16:52 - 2015-10-09 16:52 - 00000000 ____D C:\Users\Arne\AppData\Roaming\11bitstudios
2015-10-09 13:58 - 2015-10-09 13:58 - 00000000 ____D C:\Users\Arne\Documents\Darkest
2015-10-09 13:45 - 2015-10-09 13:45 - 00000222 _____ C:\Users\Arne\Desktop\Darkest Dungeon.url
2015-10-09 13:44 - 2015-10-09 13:44 - 00002160 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-10-09 13:44 - 2015-10-03 04:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-09 13:43 - 2015-10-03 07:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 15002304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-09 13:43 - 2015-10-03 07:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00879000 _____ C:\Windows\system32\nvmcumd.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-08 18:16 - 2015-10-08 18:16 - 00000222 _____ C:\Users\Arne\Desktop\System Shock 2.url
2015-10-08 14:31 - 2015-10-08 14:31 - 00000222 _____ C:\Users\Arne\Desktop\This War of Mine.url
2015-10-07 00:22 - 2015-10-07 01:07 - 137363456 _____ C:\Users\Arne\Downloads\Galador.part2.rar
2015-10-06 21:11 - 2015-10-06 21:56 - 137363456 _____ C:\Users\Arne\Downloads\Galador.part1.rar
2015-10-05 23:40 - 2015-10-05 23:40 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Big Fish Games
2015-10-05 23:33 - 2015-10-05 23:33 - 00001073 _____ C:\Users\Public\Desktop\Play Mystery Case Files - Dire Grove Collector's Edition.lnk
2015-10-05 23:33 - 2015-10-05 23:33 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Case Files - Dire Grove Collector's Edition
2015-10-05 23:33 - 2015-10-05 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery Case Files - Dire Grove Collector's Edition
2015-10-05 22:52 - 2015-10-05 22:52 - 00001950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2015-10-05 22:52 - 2015-10-05 22:52 - 00001248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
2015-10-05 22:52 - 2015-10-05 22:52 - 00000982 _____ C:\Users\Public\Desktop\Games.lnk
2015-10-05 22:52 - 2015-10-05 22:52 - 00000000 ____D C:\ProgramData\Big Fish
2015-10-05 22:52 - 2015-10-05 22:52 - 00000000 ____D C:\Program Files (x86)\bfgclient
2015-10-05 22:50 - 2015-10-05 22:55 - 00000000 ____D C:\BigFishCache
2015-10-05 22:50 - 2015-10-05 22:52 - 00000000 ____D C:\Users\Arne\AppData\Local\Big Fish
2015-10-05 16:17 - 2015-10-07 23:20 - 00000000 ____D C:\Users\Arne\Documents\ArcheAge
2015-10-04 15:39 - 2015-10-10 13:03 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Nidhogg
2015-10-04 15:36 - 2015-10-04 15:36 - 00000000 ____D C:\Program Files (x86)\Controller PS3
2015-10-04 15:35 - 2013-05-19 09:02 - 00039168 _____ (Scarlet.Crush Productions) C:\Windows\system32\Drivers\ScpVBus.sys
2015-10-04 15:35 - 2013-01-07 16:56 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2015-10-04 15:34 - 2015-10-04 15:34 - 10571443 _____ C:\Users\Arne\Downloads\SCP-DS-Driver-Package-1.2.0.160.7z
2015-10-04 15:31 - 2015-10-04 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2015-10-04 15:31 - 2015-10-04 15:31 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2015-10-04 15:11 - 2015-10-04 15:11 - 00000221 _____ C:\Users\Arne\Desktop\Nidhogg.url
2015-10-04 15:11 - 2015-10-04 15:11 - 00000000 ____D C:\Users\Arne\Documents\motioninjoy-0-7-1001-en-win
2015-10-04 15:10 - 2015-10-04 15:10 - 04117346 _____ C:\Users\Arne\Documents\motioninjoy-0-7-1001-en-win.zip
2015-10-04 13:06 - 2015-10-04 13:06 - 00000222 _____ C:\Users\Arne\Desktop\Antichamber.url
2015-10-04 11:07 - 2015-10-04 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2015-10-04 11:06 - 2015-10-04 11:06 - 00000000 ____D C:\Users\Arne\Documents\Corsair-Utility-Engine-v1.10.67
2015-10-04 11:05 - 2015-10-04 11:05 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-01 20:01 - 2015-10-01 20:03 - 59101198 _____ C:\Users\Arne\Documents\Corsair-Utility-Engine-v1.10.67.zip
2015-09-30 14:26 - 2015-09-30 14:26 - 00541302 _____ C:\Users\Arne\Downloads\DeviceWin8.meta.diagcab
2015-09-30 14:04 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-30 14:04 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-30 14:04 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-30 13:51 - 2015-09-30 13:52 - 58728224 _____ (yWorks GmbH) C:\Users\Arne\Downloads\yEd-3.14.3_with-JRE_32-bit_setup.exe
2015-09-27 21:23 - 2015-10-03 07:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-09-27 21:23 - 2015-09-14 02:29 - 01898288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435598.dll
2015-09-27 21:23 - 2015-09-14 02:29 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435598.dll
2015-09-24 23:45 - 2015-09-24 23:45 - 00000000 ____D C:\Users\Arne\AppData\LocalLow\Dinosaur Polo Club
2015-09-24 23:38 - 2015-09-24 23:38 - 00000222 _____ C:\Users\Arne\Desktop\Mini Metro.url
2015-09-19 12:37 - 2015-09-19 12:37 - 00293944 _____ C:\Users\Arne\Downloads\AGOT Green Valyria-12-1.zip
2015-09-18 21:45 - 2015-09-18 21:45 - 00336575 _____ C:\Users\Arne\Downloads\AGOT Colonize Valyria.zip
2015-09-18 21:17 - 2015-09-18 21:17 - 01293768 _____ C:\Users\Arne\Downloads\AGOT Colonize Away-13-4-3.zip
2015-09-13 23:06 - 2015-10-13 19:25 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-13 20:32 - 2014-04-07 21:04 - 00000000 ____D C:\Users\Arne\AppData\Local\CrashDumps
2015-10-13 20:31 - 2015-06-21 17:21 - 00001242 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2429973200-1952470861-1716419375-1001UA.job
2015-10-13 20:26 - 2015-06-18 21:23 - 00000000 ____D C:\Users\Arne\AppData\Local\Battle.net
2015-10-13 20:26 - 2015-06-18 21:23 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-10-13 20:25 - 2015-03-09 18:42 - 00000000 ____D C:\Windows\Minidump
2015-10-13 20:25 - 2014-08-04 23:25 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-13 20:25 - 2014-04-08 19:38 - 00000021 _____ C:\Users\Arne\AppData\Roaming\config_data.dat
2015-10-13 20:25 - 2014-04-06 20:13 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-13 20:25 - 2014-04-06 18:58 - 00000000 ___DO C:\Users\Arne\SkyDrive
2015-10-13 20:25 - 2014-04-06 18:38 - 00000000 ____D C:\Users\Arne
2015-10-13 20:25 - 2014-04-06 18:28 - 00097792 ____N C:\Windows\Minidump\101315-15578-01.dmp
2015-10-13 20:25 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-13 20:10 - 2014-12-17 16:31 - 00000000 ____D C:\AdwCleaner
2015-10-13 19:54 - 2014-04-06 20:13 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-13 19:47 - 2015-02-12 13:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-13 19:15 - 2014-04-06 18:28 - 00098816 ____N C:\Windows\Minidump\101315-24078-01.dmp
2015-10-13 10:45 - 2014-04-06 18:28 - 00102912 ____N C:\Windows\Minidump\101315-21953-01.dmp
2015-10-13 02:55 - 2014-04-06 17:04 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-13 02:31 - 2015-06-21 17:21 - 00001190 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2429973200-1952470861-1716419375-1001Core.job
2015-10-13 02:00 - 2014-08-19 18:24 - 00000000 ____D C:\Users\Arne\AppData\Local\Adobe
2015-10-12 21:26 - 2014-04-06 18:28 - 00102912 ____N C:\Windows\Minidump\101215-19000-01.dmp
2015-10-12 18:49 - 2014-04-06 20:15 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2429973200-1952470861-1716419375-1001
2015-10-12 16:21 - 2014-04-21 17:22 - 00000000 ___RD C:\Users\Arne\Desktop\Programme
2015-10-12 16:19 - 2014-05-04 17:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-10-12 14:18 - 2015-01-26 11:34 - 00000000 ____D C:\Users\Arne\AppData\Local\G DATA
2015-10-12 14:07 - 2014-05-04 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-10-12 14:06 - 2014-05-04 17:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-10-12 14:05 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-12 13:55 - 2015-03-06 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dundjinni Enterprises
2015-10-12 13:55 - 2015-02-16 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSA Charaktergenerator
2015-10-12 13:55 - 2014-10-15 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-12 13:55 - 2014-09-16 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2015-10-12 13:55 - 2014-07-05 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\.sol Editor
2015-10-12 13:55 - 2014-04-06 19:28 - 00000000 ____D C:\Windows\Panther
2015-10-11 22:09 - 2014-05-03 22:10 - 00000000 ___RD C:\Users\Arne\Dropbox
2015-10-11 22:09 - 2014-05-03 22:08 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Dropbox
2015-10-11 22:09 - 2014-04-06 22:02 - 00000000 ____D C:\ProgramData\G Data
2015-10-11 21:38 - 2015-05-23 22:16 - 00000000 ____D C:\Users\Arne\AppData\Local\LogMeIn Hamachi
2015-10-11 21:25 - 2014-04-06 16:28 - 00000976 _____ C:\Users\Arne\AppData\Roaming\gdscan.log
2015-10-11 21:09 - 2014-04-06 22:03 - 00000000 ____D C:\Program Files (x86)\G Data
2015-10-11 20:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\setup
2015-10-11 20:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-10-11 20:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Com
2015-10-11 20:57 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-10-11 20:14 - 2014-09-10 21:50 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Skype
2015-10-11 18:59 - 2014-04-08 23:04 - 00000000 ____D C:\Users\Arne\Desktop\Games
2015-10-11 16:10 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-10-11 15:47 - 2013-08-22 16:44 - 05177192 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-10 22:34 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-10-09 23:59 - 2015-09-03 17:55 - 00000000 ____D C:\Users\Arne\Desktop\HS Screenshots
2015-10-09 13:44 - 2014-04-06 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-09 13:44 - 2014-04-06 20:24 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-07 23:26 - 2014-09-16 19:06 - 00000000 ____D C:\Users\Arne\AppData\Local\Glyph
2015-10-07 23:26 - 2014-09-16 19:06 - 00000000 ____D C:\Program Files (x86)\Glyph
2015-10-07 23:24 - 2014-09-16 19:06 - 00000000 ____D C:\ProgramData\Glyph
2015-10-07 11:30 - 2014-04-24 04:51 - 00000000 ____D C:\Users\Arne\AppData\Roaming\vlc
2015-10-06 01:16 - 2014-04-06 21:47 - 00000000 ____D C:\ProgramData\Temp
2015-10-05 23:33 - 2014-06-11 03:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-05 22:49 - 2014-04-06 18:40 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-05 22:49 - 2013-08-23 01:24 - 00764340 _____ C:\Windows\system32\perfh007.dat
2015-10-05 22:49 - 2013-08-23 01:24 - 00159160 _____ C:\Windows\system32\perfc007.dat
2015-10-05 21:50 - 2014-04-06 18:38 - 00000000 ____D C:\Users\Arne\AppData\Local\Packages
2015-10-04 11:07 - 2014-04-08 19:38 - 00000000 ____D C:\Program Files (x86)\Corsair
2015-10-03 07:06 - 2014-08-04 23:25 - 00112944 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-10-03 07:06 - 2014-08-04 23:25 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 17395512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 12769408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 03573832 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 03154104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 00033507 _____ C:\Windows\system32\nvinfo.pb
2015-10-03 04:49 - 2014-08-04 23:25 - 06358648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-10-03 04:49 - 2014-08-04 23:25 - 02982520 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-10-03 04:49 - 2014-08-04 23:25 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-10-03 04:49 - 2014-08-04 23:25 - 00938800 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-10-03 04:49 - 2014-08-04 23:25 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-10-03 04:49 - 2014-08-04 23:25 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-10-02 20:47 - 2015-07-20 15:36 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-10-01 11:33 - 2014-08-04 23:25 - 05284082 _____ C:\Windows\system32\nvcoproc.bin
2015-09-30 16:51 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-30 14:04 - 2014-07-04 12:09 - 00001125 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-30 14:04 - 2014-07-04 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-30 14:04 - 2014-07-04 12:09 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-30 07:51 - 2015-06-18 21:30 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-09-29 12:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-28 20:46 - 2014-04-06 17:46 - 00000000 ____D C:\Users\Arne\Documents\my games
2015-09-28 13:18 - 2015-06-18 21:23 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Battle.net
2015-09-28 01:04 - 2014-04-08 21:12 - 00000000 ____D C:\ProgramData\Origin
2015-09-28 00:14 - 2014-04-08 21:14 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Origin
2015-09-28 00:08 - 2014-04-08 21:12 - 00000000 ____D C:\Program Files (x86)\Origin
2015-09-26 00:47 - 2014-09-10 21:50 - 00000000 ____D C:\ProgramData\Skype
2015-09-24 20:19 - 2014-11-13 11:54 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-19 12:36 - 2015-08-30 14:24 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AGOT
2015-09-18 20:48 - 2014-04-06 20:13 - 00004112 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-18 20:48 - 2014-04-06 20:13 - 00003876 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 03:18 - 2013-08-22 17:38 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2013-08-22 17:38 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 09:24 - 2014-04-06 18:38 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Adobe
2015-09-13 22:23 - 2014-04-06 20:13 - 00000000 ____D C:\Users\Arne\AppData\Local\Google
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-04-15 19:42 - 2013-07-21 21:59 - 0012005 _____ () C:\Users\Arne\AppData\Roaming\alsoft.ini
2014-04-08 19:38 - 2015-10-13 20:25 - 0000021 _____ () C:\Users\Arne\AppData\Roaming\config_data.dat
2014-04-06 16:28 - 2014-04-06 16:28 - 0000000 _____ () C:\Users\Arne\AppData\Roaming\gdfw.log
2014-04-06 16:28 - 2015-10-11 21:25 - 0000976 _____ () C:\Users\Arne\AppData\Roaming\gdscan.log
2014-08-22 18:43 - 2014-08-22 18:43 - 0002716 _____ () C:\Users\Arne\AppData\Local\recently-used.xbel
Einige Dateien in TEMP:
====================
C:\Users\Arne\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwp6bqf.dll
C:\Users\Arne\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Arne\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-08 19:39
==================== Ende von FRST.txt ============================
Addition log ist in der nächsten Antwort! |
|
13.10.2015, 20:31
| #6 |
| | Windows 8.1: plötzlich langsam, Untersuchungen der SSD brauchen 15h Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-10-2015
durchgeführt von Arne (2015-10-13 20:43:27)
Gestartet von C:\Users\Arne\Desktop
Windows 8.1 (X64) (2014-04-06 16:38:08)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2429973200-1952470861-1716419375-500 - Administrator - Disabled)
Arne (S-1-5-21-2429973200-1952470861-1716419375-1001 - Administrator - Enabled) => C:\Users\Arne
Gast (S-1-5-21-2429973200-1952470861-1716419375-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA TOTAL PROTECTION (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA TOTAL PROTECTION (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
0RBITALIS (HKLM-x32\...\Steam App 278440) (Version: - Alan Zucconi)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A Game of Thrones version 0.9.6 (HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\{7C82709E-75FE-4C3A-976A-8C97908DDD7B}_is1) (Version: 0.9.6 - AGOT TEAM)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version: - SkyBox Labs)
Antichamber (HKLM-x32\...\Steam App 219890) (Version: - Alexander Bruce)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (HKLM-x32\...\Steam App 219540) (Version: - )
Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version: - Bohemia Interactive)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1073742145.4759644.48.2147344384 - Audible, Inc.)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer)
AutoREALM Version 2.2.1 (HKLM-x32\...\AutoREALM_is1) (Version: - )
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version: - Ronimo Games)
Axis Game Factory's AGFPRO 3.0 (HKLM-x32\...\Steam App 253370) (Version: - Axis Game Factory LLC)
Ballance (HKLM-x32\...\{42E0783D-3BA4-454B-B58A-BF26E49EB7DE}) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.15221 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Blackguards (HKLM-x32\...\Blackguards_is1) (Version: 1.0 - Daedalic Entertainment GmbH)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Bulletstorm (HKLM-x32\...\Steam App 99810) (Version: - People Can Fly)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.5.5145 - Corsair)
Corsair Utility Engine (HKLM-x32\...\{791216E9-E76E-4C76-9C6E-C968A8C253D9}) (Version: 1.10.67 - Corsair)
Creation Kit (HKLM-x32\...\Steam App 202480) (Version: - bgs.bethsoft.com)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version: - Paradox Development Studio)
CyberLink MediaEspresso 7 (HKLM-x32\...\{F6C47233-40F6-4076-89A9-68B43C2AF5C5}) (Version: 7.0.5417_54129 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2014 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4412.58 - CyberLink Corp.)
DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 2.3.0.0254 - Disc Soft Ltd)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version: - Red Hook Studios)
Darksiders (HKLM-x32\...\Steam App 50620) (Version: - Vigil Games)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Delver (HKLM-x32\...\Steam App 249630) (Version: - Priority Interrupt)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: - Arkane Studios)
Divine Divinity (HKLM-x32\...\Steam App 214170) (Version: - Larian Studios)
Divinity II - Ego Draconis (HKLM-x32\...\Divinity II - Ego Draconis_is1) (Version: - dtp)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Dropbox (HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
English Country Tune (HKLM-x32\...\Steam App 207570) (Version: - increpare games)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
f.lux (HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\Flux) (Version: - )
Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.0.9 - MSI)
FEZ Version 1.10 (HKLM-x32\...\{634CBDF9-98A3-4AF5-AED4-A23EC2665434}_is1) (Version: 1.10 - Polytron)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
G DATA TOTAL PROTECTION (HKLM-x32\...\{2A1FF304-D778-49F1-B340-E4BF4CDA2EB0}) (Version: 25.1.0.8 - G DATA Software AG)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Gone Home (HKLM-x32\...\Steam App 232430) (Version: - The Fullbright Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Gothic (HKLM-x32\...\Steam App 65540) (Version: - Piranha – Bytes)
Gothic 1+2 Windows 8 fixes (HKLM\...\{9084b1e7-83b4-406a-8705-374300ee2d84}.sdb) (Version: - )
Gothic 3 (HKLM-x32\...\Steam App 39500) (Version: - Piranha – Bytes)
Gothic II: Gold Edition (HKLM-x32\...\Steam App 39510) (Version: - Piranha – Bytes)
GOTHIC1 - Classic - 'System-Paket' (HKLM-x32\...\GOTHIC1 - Classic - 'System-Paket') (Version: 1.1 - World of Gothic RU © 2014)
GOTHIC2 - Odyssee - 'System-Paket' (HKLM-x32\...\GOTHIC2 - Odyssee - 'System-Paket') (Version: 1.1 - World of Gothic RU © 2014)
GOTHIC2 ADDON - 'Odyssey — on behalf of the King' (HKLM-x32\...\GOTHIC2 ADDON - 'Odyssey — on behalf of the King') (Version: 1.1 - World of Gothic DE - Community © 2015)
Hammerwatch (HKLM-x32\...\Steam App 239070) (Version: - Crackshell)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{B1AC3709-3E98-4F2C-A84E-4BCA2A452E64}) (Version: 4.2.40.2418 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Knights of Pen and Paper +1 (HKLM-x32\...\Steam App 231740) (Version: - Behold Studios)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Legend of Ahssûn (HKLM-x32\...\Legend of Ahssûn) (Version: 1.0 - LoA-Team)
LEGO Racers 2 (HKLM-x32\...\{3DD2E9EA-0544-4162-B8BE-E21E994E9F3B}) (Version: - )
LEGO Rock Raiders (HKLM-x32\...\LEGO Rock Raiders) (Version: - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.377 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.377 - LogMeIn, Inc.) Hidden
Long Live The Queen (HKLM-x32\...\Steam App 251990) (Version: - Hanako Games)
LOOT (HKLM-x32\...\LOOT) (Version: 0.6.0 - LOOT Development Team)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mass Effect (HKLM-x32\...\Steam App 17460) (Version: - BioWare)
Mass Effect 2 (HKLM-x32\...\Steam App 24980) (Version: - BioWare)
Microsoft Application Compatibility Toolkit 5.6 (HKLM-x32\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Might & Magic: Clash of Heroes (HKLM-x32\...\Steam App 61700) (Version: - Capybara Games)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mini Metro (HKLM-x32\...\Steam App 287980) (Version: - Dinosaur Polo Club)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.68 - MSI)
MSI GamingApp (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 1.0.0.13 - MSI)
MSI Intel Extreme Tuning Utility (HKLM-x32\...\{2301bb34-385a-4a57-877f-c54347957fad}) (Version: 4.0.6.305 - Intel Corporation)
MSI Intel Extreme Tuning Utility (x32 Version: 4.0.6.305 - Intel Corporation) Hidden
MSI Kombustor 2.5.6 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.009 - MSI)
My Game Long Name (HKLM\...\UDK-64f634bb-019a-4e7a-a306-feee5333e48d) (Version: - Epic Games, Inc.)
Mystery Case Files®: Dire Grove™ Collector's Edition (HKLM-x32\...\BFG-Mystery Case Files - Dire Grove Collector's Edition) (Version: - )
NETGEAR WNDA3100v2 wireless USB 2.0 driver (HKLM-x32\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 2.2.0.4 - NETGEAR)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version: - Messhof)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 358.50 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Odyssee-Speech 1.0 (HKLM-x32\...\Odyssee-Speech) (Version: 1.0 - OdysseeModTeam)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Paper Sorcerer (HKLM-x32\...\Steam App 263560) (Version: - Jesse Gallagher)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
Project Zomboid (HKLM-x32\...\Steam App 108600) (Version: - Indie Stone Studios)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.39.1040 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Razer Comms (HKLM-x32\...\Razer Comms) (Version: 5.11 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.17.22533 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7245 - Realtek Semiconductor Corp.)
Receiver (HKLM-x32\...\Steam App 234190) (Version: - Wolfire Games)
Risen 3 - Titan Lords (HKLM-x32\...\{383CAA4A-9B72-4DE9-9B0F-780C49682780}) (Version: 1.00 - Deep Silver)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - )
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)
Roleplaying City Map Generator 5.40 (HKLM-x32\...\{3B585A53-CC41-4969-A7CB-F0E5D34ACA08}) (Version: 5.4.0.0 - )
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
RPG Maker VX Ace (HKLM-x32\...\Steam App 220700) (Version: - Enterbrain)
RPG Maker XP (HKLM-x32\...\Steam App 235900) (Version: - Degica)
Sacred 2 - Elite (HKLM-x32\...\{2BB047B7-E613-4686-BE0C-E63BB26BE121}) (Version: 1.00.0000 - )
Sacred 2 (HKLM-x32\...\{1023383E-D9F6-478C-A965-23A4657B3C9A}) (Version: 2.64.0.0 - Deep Silver)
Sacred 2 Gold (HKLM-x32\...\Steam App 225640) (Version: - Ascaron)
Sacred Gold (HKLM-x32\...\Steam App 12320) (Version: - Ascaron Entertainment ltd.)
Sacred Underworld (HKLM-x32\...\Sacred Underworld_is1) (Version: - Ascaron Entertainment GmbH)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version: - Harebrained Schemes)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - Keen Software House)
Spore (HKLM-x32\...\Steam App 17390) (Version: - Maxis™)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.022 - MSI)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
System Shock 2 (HKLM-x32\...\Steam App 238210) (Version: - Irrational Games)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.38475 - TeamViewer)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD Projekt RED)
Thief 2 (HKLM-x32\...\Steam App 211740) (Version: - Looking Glass Studios)
Thief Gold (HKLM-x32\...\Steam App 211600) (Version: - Looking Glass Studios)
Thief: Deadly Shadows (HKLM-x32\...\Steam App 6980) (Version: - Ion Storm)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version: - 11 bit studios)
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version: - Mike Bithell)
TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)
UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 6.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Speech Recognition Macros (HKLM-x32\...\{8DC197D6-F4AB-44E0-ACF7-210355E6F389}) (Version: 1.0.6862.19 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
13-10-2015 20:32:50 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {04B955D6-9731-43F6-8451-F4EB404460C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {06EB6B25-C96D-4BCD-8BC3-0237D684BE8D} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2429973200-1952470861-1716419375-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {0DD98130-6441-4A58-8387-FCEA20BDA314} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {3960F09C-2C4E-427A-8334-63A02FD83344} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {43F4242D-B484-46A3-B195-995B4D080D51} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {54044415-FEA6-40E2-9565-0241FE4135BB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {653C69B2-562E-4565-BA6F-EB13C3D86903} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-22] (Adobe Systems Incorporated)
Task: {74D95A25-FB0A-409D-9D12-7BEED8D2C962} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2429973200-1952470861-1716419375-1001UA => C:\Users\Arne\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {838D0CDB-5DF9-4429-A087-8D29A2E16754} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-luigiarne@live.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {8C6F652B-36B6-42E9-9076-8BDA4C473BF3} - System32\Tasks\Start CorsairLINK Hardware Monitor => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exe [2013-08-06] (Corsair Components, Inc.)
Task: {8EA01FD0-D0DA-47F1-928C-B92ADA051C78} - System32\Tasks\{313474B4-55E4-4C98-A5B7-564E080A7119} => pcalua.exe -a H:\DirectX6\DirectX6\Directx\dinstall.exe -d H:\DirectX6\DirectX6\Directx
Task: {92831619-3D2D-40B4-A103-B52D8AE7C833} - System32\Tasks\{EE79AC62-2AB3-462F-AB98-78FB96B17429} => pcalua.exe -a "C:\SIERRA\Herrscher des Olymp - Zeus\Zeus.exe" -d "C:\SIERRA\Herrscher des Olymp - Zeus"
Task: {A3A3EE1A-71D7-4F6F-848E-610BDAA92661} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A942C660-1617-4F79-994D-1BE127C6AF2D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-09-12] (Microsoft Corporation)
Task: {B7C135DB-5BEA-45AE-9AEE-BA701BA6A87C} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {C2E536EC-7388-4D49-A1D2-5A51F4ED0FDD} - System32\Tasks\{8D7AECB1-FF08-4CED-B4FF-3006E259FE0B} => pcalua.exe -a "F:\Daten von anderen Medien\Mama PC\HdOZ\Herrscher des Olymp - Zeus\Zeus.exe" -d "F:\Daten von anderen Medien\Mama PC\HdOZ\Herrscher des Olymp - Zeus"
Task: {C3B6932E-5D2A-4B73-BBDC-4E6DF754B043} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {C8C1769D-EBF0-4817-BBE2-C2B654E1E9A2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2429973200-1952470861-1716419375-1001Core => C:\Users\Arne\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {D9BE0052-0BC6-431C-91C3-62F911987268} - System32\Tasks\DeviceDetector7 => C:\Program Files (x86)\CyberLink\MediaEspresso7\DeviceDetector\DeviceDetector7.exe [2014-06-17] (CyberLink)
Task: {ECFFCE26-034B-432E-AF35-BBA61DFB1E0A} - System32\Tasks\{929C1D19-79DD-4E02-9F98-1DFB6842E470} => pcalua.exe -a "C:\ProgramData\G Data\Setups\{2A1FF304-D778-49F1-B340-E4BF4CDA2EB0}\setup.exe" -c /InstallMode=Uninstall /_DoNotShowChange=true
Task: {F46127E7-FD81-4631-A5E1-C19A1A2D4F54} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [2013-12-05] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2429973200-1952470861-1716419375-1001Core.job => C:\Users\Arne\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2429973200-1952470861-1716419375-1001UA.job => C:\Users\Arne\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-09-15 21:34 - 2015-08-12 05:15 - 08900672 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-06-16 11:17 - 2015-06-16 11:17 - 00382584 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2014-11-13 11:54 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-01 17:31 - 2013-08-01 17:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2015-06-23 21:11 - 2015-06-23 21:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-04-06 20:13 - 2013-09-16 21:20 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:6A936202
AlternateDataStreams: C:\ProgramData\Temp:80FE037D
AlternateDataStreams: C:\ProgramData\Temp:FAFEC4B9
AlternateDataStreams: C:\Users\Arne\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Arne\Downloads\Ehrenhändel.pdf:com.dropbox.attributes
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\skype.com -> hxxps://apps.skype.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Arne\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: Disc Soft Bus Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MSICOMM_CC => 3
MSCONFIG\Services: MSICPU_CC => 3
MSCONFIG\Services: MSICTL_CC => 2
MSCONFIG\Services: MSIDDR_CC => 3
MSCONFIG\Services: MSISMB_CC => 3
MSCONFIG\Services: MSISuperIO_CC => 3
MSCONFIG\Services: MSI_LiveUpdate_Service => 2
MSCONFIG\Services: MSI_Trigger_Service => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: ose => 3
MSCONFIG\Services: Qualcomm Atheros Killer Service V2 => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SuperRAIDSvc => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TunngleService => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WSWNDA3100v2 => 2
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "LiveUpdate 5"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "Fast Boot"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\StartupApproved\Run: => "Power2GoExpress8"
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\StartupApproved\Run: => "EADM"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DC16D13A-DD07-405B-8263-07EF14B34C0C}] => (Allow) C:\Program Files (x86)\Intel\Extreme Tuning Utility\Client\PerfTune.exe
FirewallRules: [{29468ABF-1C29-4205-890B-3BF9A9F1DAD1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E1E43572-0D08-4D70-9403-E129AC9E9023}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2CAA93BA-8051-48A0-AD2B-53E50D396F71}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C806807C-7174-4D0E-BD60-B9DAB7B3DE17}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1FCB1805-8E35-40DF-AD95-F13148357943}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{60CA1261-07A8-4BDC-B4CF-6DA406F0FFD8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{8492C114-97A8-4E53-8140-81E6063A853C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{0C7D3FF7-D248-4162-AED5-59BA53371555}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{6DEEB53C-4174-4A25-A278-045D71646F45}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{90B23AF7-EA57-4B88-8299-F3D8F1371312}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PapersPlease\PapersPlease.exe
FirewallRules: [{34776462-A519-4396-89F4-7A718D52FE02}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{75F47CF5-B5F2-4824-BA53-D2911EB349E2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Stanley Parable\stanley.exe
FirewallRules: [{A77E326E-E607-4FD9-986B-62D8C46ED702}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{4CCBE81E-AFB8-4A55-9455-0089052947F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{5A45FC3E-01E4-454B-98A8-457E9DFBA2EC}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{0D8A987B-E332-49B1-84AC-330533019E51}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{7A3469E8-B205-49DE-B600-085481AD2B80}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{241DFB71-A7A1-45E8-AFC3-CC8798FF3E2E}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{1BD2E10F-CE99-4C22-8949-DEFDCE4E68B9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3AEC38E6-AC1F-40A9-B444-77691ED5AB9C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E35E49F5-E2A4-4D11-B8C7-2247C12F9176}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C4F9E139-6B13-4295-A506-E7C4C6982C9E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F4C09689-42AE-422B-809E-1E98728B43BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\arma 2 operation arrowhead\Expansion\beta\Arma2OA.exe
FirewallRules: [{15704237-B75D-4201-A2ED-2A931C049519}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\arma 2 operation arrowhead\Expansion\beta\Arma2OA.exe
FirewallRules: [{62E223E8-6CFD-406B-98AB-57B3EC221D6B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{779F2EEA-5A82-4BD4-94DB-4EB5A271FD0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\arma 2 operation arrowhead\ArmA2OA.exe
FirewallRules: [{5F18B74D-5DE5-4468-8DE4-8EEB580D966C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{0AE206A0-9E9A-4A24-B164-EE4C902B0013}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{DD281CC1-C11B-4BC8-BBF2-D218D979F0AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{F85F3E50-8936-4511-948B-8523225836B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{DECEC117-6A99-49DF-B1B4-E7F57448E4B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{8FC2A2E4-2889-4F45-902E-42FE43261D10}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{363A21B2-5EB2-4138-9615-8B99EED7B423}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{97A5F1A2-A254-4EBF-9381-D6D817C0E48B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{3AA36BB0-95E3-468A-B35E-45028E1A2DF5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{637DAAB8-2D88-4D16-838B-FE443AC73D89}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{F7A36963-3904-41EA-9B80-CDFD979F0888}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{8AF58CFB-73B5-44C1-84FE-3F4F5BF76392}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{2D8BE591-8968-4025-8C2A-D92174263B8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\divine_divinity\div.exe
FirewallRules: [{270F127D-4699-4E7C-B5A6-5E34A2186241}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\divine_divinity\div.exe
FirewallRules: [{160B3BB9-69AC-4747-B6CE-C7EFCB4FF94C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\divine_divinity\configtool.exe
FirewallRules: [{D20F38E7-EC28-4A00-817A-BAF09B91CD7F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\divine_divinity\configtool.exe
FirewallRules: [{DC046D01-05A7-4FED-9636-7E683B8DBCE0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gone Home\GoneHome.exe
FirewallRules: [{3C4C12AE-66A0-494F-898B-647E93CFBC95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gone Home\GoneHome.exe
FirewallRules: [{2EB37E27-5AEC-4238-894B-FDD224DB311C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\thief_gold\THIEF.EXE
FirewallRules: [{8DBD4FFB-4A76-44C7-86BA-4EF197786EAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\thief_gold\THIEF.EXE
FirewallRules: [{29FAE1AD-3AE2-4F1F-8BC9-DA1101050E03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\thief_2\thief2.exe
FirewallRules: [{92303C16-DF86-4E2F-A27A-44841C1B0C72}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\thief_2\thief2.exe
FirewallRules: [{19020EC7-2F06-45E1-B86B-39C6B2B43DCD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Thief Deadly Shadows\System\runme.exe
FirewallRules: [{CDB1C5C7-738D-4CBB-BF85-550A4ADF3375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Thief Deadly Shadows\System\runme.exe
FirewallRules: [{F4C5350E-4804-441E-B171-04CD98633289}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bulletstorm\Binaries\Win32\ShippingPC-StormGame.exe
FirewallRules: [{4DA38DB0-EBFB-42DB-B9C7-FE20340CDCA1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bulletstorm\Binaries\Win32\ShippingPC-StormGame.exe
FirewallRules: [{6A91BC52-1FC6-43BC-B690-12662B5287DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\CreationKit.exe
FirewallRules: [{FD1BC291-B9B0-4468-897B-3670C515F4F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\CreationKit.exe
FirewallRules: [{B9A79176-98DD-4788-BAAB-3A4BBC9AA642}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{9D184652-BC28-4E7E-8C4C-421A3DC0E957}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{1476AB95-C4E0-4326-881A-C2BC49EB2F26}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Clash of Heroes\ClashOfHeroes.exe
FirewallRules: [{58961019-E000-4405-826C-984E379496E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Might and Magic Clash of Heroes\ClashOfHeroes.exe
FirewallRules: [{71221098-9801-4EC7-B191-531FC76126C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{547FBBB1-8031-4BAD-BEF6-96C8F54C5375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{258306F6-BA63-4110-940C-3D791A8E03D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{A8311EA0-5541-49CE-93E5-4849C62F5CDE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{34B97BBA-990F-46B7-A8B9-0022F563D0BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{D1EF9219-A73A-4071-B1CB-80CA27BDA7E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{FC1F76E8-5A7B-44AB-86AF-F87AF8A873BA}] => (Allow) C:\Users\Arne\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{19185F86-C4F0-4AA8-AD62-7B05C448B29A}] => (Allow) C:\Users\Arne\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E51C1F60-0A63-4EA3-A8C9-E72AEE41FDFF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{291DD970-688C-46F7-B63D-24D1FE5CF27F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{38360BA7-FC60-425D-9BA7-54E6909BE9C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{C0C603FB-DB47-408C-AD7D-5781E1D4A95E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{3260A47D-7068-4A2A-9857-9636D8F8E61A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{CCEEC348-540A-4693-ACCE-2AD2A9A7153E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{29C98F05-18EC-4A91-A7FD-D6B6A33E9D98}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred Gold\Sacred.exe
FirewallRules: [{E400D3A0-4CD2-4560-9B88-9B3F371DBB39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred Gold\Sacred.exe
FirewallRules: [{A4D1B485-A4F0-49A3-BE79-E8E6C0BC5F02}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{7BE178A6-09D3-423C-88F4-10539ABD5D80}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{50EF5E4D-A10A-401E-936D-ADC7AE0A6B8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{73B8BC2A-030F-4E12-AA9F-8AB978087216}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{02B98376-E3CA-4DFA-9FBA-B21062D716A7}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{E0FD43E6-AD4F-4A47-8FCD-63EAD1ABC8EE}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{B8544FC1-4F8A-46E9-B137-CD80E5FE1D33}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{7A96BE9F-C2B2-41A0-9479-44A32FA8F6AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{DD1CE780-AD4C-4851-9F2D-D0EF2F8BB677}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{B2F6B5C7-51AA-4DC5-B992-6258AD9BE918}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{675FEA7E-F827-4D2E-A773-1B62DBCDD664}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{5E0111B4-A85C-40F6-99E8-20A8CB426F5F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{5E42D7B0-BE17-4C9C-BEE1-F0D47261CB6A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{5F144C5F-670B-4C53-B892-0ECEB2F3997F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{BD7EAE16-3A5D-4F03-859A-A200F151F39B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [{F848F231-332A-49A5-8C54-E649CBF5A91F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\arma 2 operation arrowhead\ArmA2OA_BE.exe
FirewallRules: [{CE3193CC-E822-4472-98F2-AC73621D83FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{AB325CA8-5FE4-4A2F-BCF0-02191C0C055F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{29DB7430-9B31-4922-8AD3-79E1D4FFCE3A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{700CAF0E-0D80-4340-835C-D7869C75091E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F0F14772-5632-4E76-84A4-9FC956BBB873}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{2D152367-F06B-4D84-828E-A106B4B3F113}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{0A917922-1E74-4919-98B9-3547DDC8846C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{C2F2C2B2-CF1B-4A3E-A9F2-014B5799495E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{E545204B-21FC-48A6-BD86-D8BE17994239}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{B688B00A-07E5-4C4E-AA26-18FCF21F96C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{1D52D07C-1836-4C0D-8C2F-C0B3753DB65F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{09A7960C-4AC0-4855-BA0B-1017DC52E560}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{EAA9F7F5-9022-47F5-A77D-F1A3A862888C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{4FB4F2EC-8724-47D3-9F12-AFF64A8DD01E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{516C5BEA-9A7A-4608-9792-DD7B893861A5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{E5C2D3D1-C0E0-47A3-BF73-8864C82055E2}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{1B2FF707-86A1-4F41-9227-67DC48D062AB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{25B60AFF-2981-4DD9-AE09-AECBBE36E593}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{9A374454-C02F-4A14-B589-FB2D6F48C447}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LongLiveTheQueen\LongLiveTheQueen.exe
FirewallRules: [{7B8C8C98-DD00-4CFA-8081-C81B68BAA16E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LongLiveTheQueen\LongLiveTheQueen.exe
FirewallRules: [{E2C04D9F-2F4E-4020-B08C-6C33BCF638BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{60452FFB-E33D-42F1-AFB5-F37246A8AA95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{3406FBFF-23E0-4805-9C4E-573845FED93E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{82A74DD1-1A47-4EE8-9D32-5567BC15B850}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{BBB982C1-ADE6-4A50-A1C5-65A141E766D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{8F791460-962B-4E28-9EA9-C4854C0486DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{CAD29422-F26E-48F3-9EB7-7823A19476C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{AB86E2EF-367B-4BCA-BA09-86E158AC10A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid32.exe
FirewallRules: [{A8B7C3CD-14B5-4918-BCE2-B26637BF6EB7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid32.exe
FirewallRules: [{91DEBD8F-0756-41D4-BFAE-7AB37D9FD895}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\0rbitalis\0RBITALIS.exe
FirewallRules: [{D90CD9C9-B969-45DC-A146-E022CD472B0B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\0rbitalis\0RBITALIS.exe
FirewallRules: [{E762CE04-B401-4962-9085-47119B88F62E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{28605DE9-C356-4804-9623-BD2BDC4E036C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{3F9E9166-0F79-479C-B3D7-6AF942C925B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\English Country Tune\English Country Tune.exe
FirewallRules: [{62C50A8F-5E66-4BF9-A640-CE09000DDF1B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\English Country Tune\English Country Tune.exe
FirewallRules: [{27905AFE-7BFC-42D2-A850-19E2762234A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{17ABFA1E-7C0A-4F35-BE70-E5910C64DE9C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{7BBA5C93-FF20-4785-B1BC-7C79A2765BA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{F828CF0A-4F26-42A9-89ED-06454CB0C46A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{8F1A78FD-B1DB-4D7D-A3C6-4A78FFEA818E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic II\system\Gothic2.exe
FirewallRules: [{95F5E892-9B00-443A-97ED-68138FB4234A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic II\system\Gothic2.exe
FirewallRules: [{8C83818B-C9A5-4DAB-BF85-19482AA5695A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{9BD998DC-1C6A-4F13-8DB7-923FFFB743E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Gothic\system\GOTHIC.EXE
FirewallRules: [{C5C11FD3-6B2B-4701-9B8C-9AB6579AAD42}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{76B7A982-15DE-405B-88DD-37445A745E07}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B9514C13-60A5-4E43-9B77-8CF3166D89C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{568F5CE7-D2A7-4002-95B9-540E4C7CB068}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E217F001-6D09-47BD-8191-45D84F56AF91}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPGVXAce\RPGVXAce.exe
FirewallRules: [{D1AC1375-458D-4C79-864F-8C372E89D9D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPGVXAce\RPGVXAce.exe
FirewallRules: [{0E0D5D40-C0F2-4DBE-9C22-E75028AED1F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPGXP\RPGXP.exe
FirewallRules: [{B44D70D0-989B-478B-9143-042A9E84D0F7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RPGXP\RPGXP.exe
FirewallRules: [{06AAD81C-AFEE-4C7C-BD15-3A9F70D0473A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Delver\delver.exe
FirewallRules: [{02E51636-1BB5-48A2-8563-B1E1AE3CE3A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Delver\delver.exe
FirewallRules: [{8CFE0E04-60C2-49CB-9986-FA0F1377A12C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{34510A6E-BAC9-439D-AF4E-73BC6665982A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{38681EC0-CCBA-444B-B47B-5798C92BDB55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{020A0F0B-F9A3-40C1-895C-E4AE7F6DF8EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{E20D5A70-AFB0-44EA-AF83-BEB38AE56163}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{7EE344E5-BAB4-4B31-9BE9-49A108138C56}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{4A8136DF-9773-4043-B03D-F8998615961C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{F87960A0-C3E6-4100-84DA-1F3C2D80A531}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{3D4D4488-43E3-4372-AB9F-55599AAF9C29}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [{538CF3E2-E416-46E3-8E3F-4C0DFE94D7A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [{80D79EC1-8560-4E28-AD1E-68BA475C106A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{7A73BDD4-D43D-4EC8-BAC5-017D3EB4FEC3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{6C464E0F-C882-4CDD-A886-F36445B16EE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{1340C697-135B-46C9-AECF-A6A33CE0B953}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{012B5330-967B-4789-991A-EB7AD9B764AE}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{EE8B4713-6C12-4228-AD83-53AD01EF969E}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{18D5149D-880A-459B-8534-6DF7C1201A9A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E4D9721E-E46F-4EF8-81FA-DD2697B8C469}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{331C0175-3A61-427F-ABB5-F8E22679982F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{C80F4E94-8D44-4C38-8E7D-5119E779DB3F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{9581A42E-9F00-4BE2-9C42-954E4B7E2391}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of Pen and Paper\knightspp.exe
FirewallRules: [{0F6BED09-0EA9-42D2-BC77-CDC07424B061}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of Pen and Paper\knightspp.exe
FirewallRules: [{FF6F1D37-FBA1-42C2-ACB7-215ECBD5F2DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Axis Game Factory\Axis Game Factory.exe
FirewallRules: [{A20504D4-C1AE-4B0E-AC3F-94D4F7F9F819}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Axis Game Factory\Axis Game Factory.exe
FirewallRules: [{AB4EBA53-435F-4519-BB79-0DD6F6520C63}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{0D7C1082-1087-488A-AE1E-C97F205C6FA4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{9383C60F-CF5B-4F94-AE87-894BE0878EEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Receiver\Receiver.exe
FirewallRules: [{15C09D4C-5E7F-415C-BA67-BEC466D01BC9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Receiver\Receiver.exe
FirewallRules: [{3994860F-9506-4143-8BE4-442155300879}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9FE9F209-9E31-40C3-AA01-A2776C5668EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{50725B0D-854D-42BF-A57D-5188CCDAC088}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{7DC78678-E6DC-44A0-9F19-C696AC555BF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2946897D-C7D9-40F2-8CE9-3E1CF8D83FD8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{43670852-B6D0-4D2D-8AD7-A32AA1E593D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{67E810C6-3759-4439-92FA-ADD084C66BFE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{D871E605-EEAC-4667-8126-AED8E652DC47}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{E96C21ED-F2EE-49FA-BDD3-A1C9A8B8FF9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{6E8E0E76-B3AF-4226-9A24-E46C6C1429B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MiniMetro\MiniMetro.exe
FirewallRules: [{98CA9968-D73B-4AF9-9567-9448038A4772}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MiniMetro\MiniMetro.exe
FirewallRules: [{ADDDC840-1F20-42AD-90B4-AD48DA4B2DC4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BAA1C06A-0541-41A8-A6B9-2BEE71CA4ECD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{32CAEC9B-ABF7-4813-BD32-010EBDF80B57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{8524F88A-02C7-47A2-8A30-21370F9F376F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{45D1A8E3-1852-47E5-A92F-40694CF545CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{A2D7A8E1-C87B-482B-915C-0BC7BCE1003C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{31A7C3DA-8880-4C43-8816-E3BC3DA05640}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{4B5D1565-CEF9-427F-B583-A36B878FCAFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SS2\Shock2.exe
FirewallRules: [{69A3A156-C7DB-4D75-BD02-4F07071B4EDD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SS2\Shock2.exe
FirewallRules: [{BC6DAEC5-D60D-4A88-9A7F-D447EB864CF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{E349C860-153B-4B49-8450-FE3818537488}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/13/2015 08:38:42 PM) (Source: MsiInstaller) (EventID: 1024) (User: ARNEGAMING)
Description: Produkt: Adobe Reader XI (11.0.12) - Update "{AC76BA86-7AD7-0000-2550-7A8C40011013}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (10/13/2015 08:32:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVKTray.exe, Version: 25.1.15196.306, Zeitstempel: 0x55a5ce31
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68dd1
Ausnahmecode: 0xc000070a
Fehleroffset: 0x000f5036
ID des fehlerhaften Prozesses: 0x155c
Startzeit der fehlerhaften Anwendung: 0xAVKTray.exe0
Pfad der fehlerhaften Anwendung: AVKTray.exe1
Pfad des fehlerhaften Moduls: AVKTray.exe2
Berichtskennung: AVKTray.exe3
Vollständiger Name des fehlerhaften Pakets: AVKTray.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AVKTray.exe5
Error: (10/13/2015 08:32:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GDFwSvcx64.exe, Version: 4.1.15170.623, Zeitstempel: 0x5583d189
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.17415, Zeitstempel: 0x545041bb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000029f8
ID des fehlerhaften Prozesses: 0xd6c
Startzeit der fehlerhaften Anwendung: 0xGDFwSvcx64.exe0
Pfad der fehlerhaften Anwendung: GDFwSvcx64.exe1
Pfad des fehlerhaften Moduls: GDFwSvcx64.exe2
Berichtskennung: GDFwSvcx64.exe3
Vollständiger Name des fehlerhaften Pakets: GDFwSvcx64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GDFwSvcx64.exe5
Error: (10/13/2015 08:31:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVKWCtlx64.exe, Version: 27.0.15167.273, Zeitstempel: 0x557f8ad3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc000070a
Fehleroffset: 0x0000000000102159
ID des fehlerhaften Prozesses: 0x220
Startzeit der fehlerhaften Anwendung: 0xAVKWCtlx64.exe0
Pfad der fehlerhaften Anwendung: AVKWCtlx64.exe1
Pfad des fehlerhaften Moduls: AVKWCtlx64.exe2
Berichtskennung: AVKWCtlx64.exe3
Vollständiger Name des fehlerhaften Pakets: AVKWCtlx64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AVKWCtlx64.exe5
Error: (10/13/2015 08:31:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GDScan.exe, Version: 1.4.15167.237, Zeitstempel: 0x557f8277
Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.3.9600.17919, Zeitstempel: 0x558ed276
Ausnahmecode: 0xc0020043
Fehleroffset: 0x00055252
ID des fehlerhaften Prozesses: 0x1e4
Startzeit der fehlerhaften Anwendung: 0xGDScan.exe0
Pfad der fehlerhaften Anwendung: GDScan.exe1
Pfad des fehlerhaften Moduls: GDScan.exe2
Berichtskennung: GDScan.exe3
Vollständiger Name des fehlerhaften Pakets: GDScan.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GDScan.exe5
Error: (10/13/2015 08:28:55 PM) (Source: ESENT) (EventID: 104) (User: )
Description: SearchIndexer (6248) Windows: Das Datenbankmodul hat die Instanz (0) mit einem Fehler (-510) beendet.
Interne Zeitsteuerungsabfolge: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.078, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000, [13] 0.094, [14] 0.000, [15] 0.000.
Error: (10/13/2015 08:28:55 PM) (Source: ESENT) (EventID: 492) (User: )
Description: SearchIndexer (6248) Windows: Die Protokolldatei-Reihenfolge in "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\" wurde durch einen schwerwiegenden Fehler angehalten. Für die Datenbank, die diese Protokolldatei-Reihenfolge verwendet, sind keine weiteren Aktualisierungen möglich. Bitte korrigieren Sie das Problem, und starten Sie erneut, oder führen Sie eine Wiederherstellung aus einer Sicherung durch.
Error: (10/13/2015 08:28:55 PM) (Source: ESENT) (EventID: 416) (User: )
Description: SearchIndexer (6248) Windows: Beim Leeren von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log kann nicht in Abschnitt 2 geschrieben werden. Fehler -1022 (0xfffffc02).
Error: (10/13/2015 08:28:55 PM) (Source: ESENT) (EventID: 482) (User: )
Description: SearchIndexer (6248) Windows: Versuch, in Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log" bei Offset 290816 (0x0000000000047000) für 290816 (0x00047000) Bytes zu schreiben, ist nach SearchIndexer0 Sekunden mit Systemfehler 1117 (0x0000045d): "Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden. " fehlgeschlagen. Fehler -1022 (0xfffffc02) bei Schreiboperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
Error: (10/13/2015 08:25:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CorsairLINK_HardwareMonitor.exe, Version: 2.4.5110.41697, Zeitstempel: 0x520168cf
Name des fehlerhaften Moduls: UsbClink.dll, Version: 0.0.0.0, Zeitstempel: 0x52a0a7ff
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000018aa
ID des fehlerhaften Prozesses: 0x1368
Startzeit der fehlerhaften Anwendung: 0xCorsairLINK_HardwareMonitor.exe0
Pfad der fehlerhaften Anwendung: CorsairLINK_HardwareMonitor.exe1
Pfad des fehlerhaften Moduls: CorsairLINK_HardwareMonitor.exe2
Berichtskennung: CorsairLINK_HardwareMonitor.exe3
Vollständiger Name des fehlerhaften Pakets: CorsairLINK_HardwareMonitor.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CorsairLINK_HardwareMonitor.exe5
Systemfehler:
=============
Error: (10/13/2015 08:33:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/13/2015 08:33:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Smart Connect Technology Agent" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/13/2015 08:33:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/13/2015 08:33:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office ClickToRun Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/13/2015 08:32:44 PM) (Source: volsnap) (EventID: 14) (User: )
Description: Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers auf Volume "C:" abgebrochen.
Error: (10/13/2015 08:32:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "G Data Personal Firewall" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/13/2015 08:32:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "G Data Dateisystem Wächter" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/13/2015 08:31:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "G Data Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/13/2015 08:31:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "G Data AntiVirus Proxy" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/13/2015 08:28:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Integrated Clock Controller Service - Intel(R) ICCS" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 13%
Installierter physikalischer RAM: 16327.93 MB
Verfügbarer physikalischer RAM: 14194.39 MB
Summe virtueller Speicher: 32711.93 MB
Verfügbarer virtueller Speicher: 30527.33 MB
==================== Laufwerke ================================
Drive c: (Samsung) (Fixed) (Total:931.17 GB) (Free:337.06 GB) NTFS
Drive d: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.01 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (500 KB von Arne) (Fixed) (Total:456.95 GB) (Free:438.43 GB) NTFS
Drive f: (3T) (Fixed) (Total:2794.39 GB) (Free:2508.4 GB) NTFS
Drive g: (DATA) (Fixed) (Total:457.46 GB) (Free:457.27 GB) NTFS
Drive h: (IRM_CCSA_X64FRE_DE-DE_DV5) (CDROM) (Total:3.68 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C52ECE49)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FEB9136C)
Partition 1: (Not Active) - (Size=17 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=457 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=457.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
14.10.2015, 19:24
| #7 |
| /// the machine /// TB-Ausbilder | Windows 8.1: plötzlich langsam, Untersuchungen der SSD brauchen 15h FRST ist von uns aus der Community, das Tool ist 1000% sauber, Fehlalarm von Gdata. ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.10.2015, 14:05
| #8 |
| | Windows 8.1: plötzlich langsam, Untersuchungen der SSD brauchen 15h Sorry, dass ich gestern noch nicht geantwortet habe, aber ESET hatte 4,5h gebraucht. Außerdem hat meine Freundin den PC & Chrome gestartet, ohne das Browser-/Webschutz aktiviert war. Ausgeschimpft habe ich sie schon, ob dadurch irgendwas weiteres passiert ist weiß ich leider nicht. Allerdings ist das "leere Icon" Phänomen wieder da, und ich war sogar so klug es schnell zu speichern:  Hier ist der log: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fbecd5fb95081547a761a5e51d4221fa
# end=init
# utc_time=2015-10-14 07:21:51
# local_time=2015-10-14 09:21:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=41217
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=41217
Update Finalize
Updated modules version: 0
Old modules - delete modules
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=41217
Update Finalize
Updated modules version: 0
'Can not update to actual engine, exiting
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=37126
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=37126
Update Finalize
Updated modules version: 0
Old modules - delete modules
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=37126
Update Finalize
Updated modules version: 0
'Can not update to actual engine, exiting
Update Init
Update Download
Update Finalize
Updated modules version: 26237
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fbecd5fb95081547a761a5e51d4221fa
# end=updated
# utc_time=2015-10-14 08:25:46
# local_time=2015-10-14 10:25:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=fbecd5fb95081547a761a5e51d4221fa
# engine=26237
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-15 12:58:49
# local_time=2015-10-15 02:58:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='G DATA TOTAL PROTECTION'
# compatibility_mode=4111 16777213 100 100 20640 20470733 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 278916 8660299 0 0
# scanned=776007
# found=9
# cleaned=0
# scan_time=16383
sh=53F226B3D1D3828304E40C6C7A50667ADF23B42A ft=1 fh=e1ea10a5e9416a5c vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir"
sh=4139F95644E13A650D4827C943BCC9F2F0F6AA93 ft=1 fh=3b96e1736604b8bc vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\uninstall.exe.vir"
sh=BF7B65E32DA5AEA6AB0A961390C377F2518AA315 ft=1 fh=8a775b07cb25f72f vn="Variante von Win32/ELEX.FP evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZipper\dup.exe.vir"
sh=60B5EB2B43DD57F7FCA5BCB2FA1848F129E8E001 ft=1 fh=ae6dcb3caea0167c vn="Variante von Win32/ELEX.DS evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZipper\eUninstall.exe.vir"
sh=66AE7020991466E365531E01821D1721FF10F7A9 ft=1 fh=2b6131bebc979372 vn="Win32/ELEX.BF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZipper\TrayDownloader.exe.vir"
sh=36D9F4A3B13AFC47D1E28A81CF00AC38B82C54E0 ft=1 fh=ee02773919a25ace vn="Variante von Win32/ELEX.CK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZipper\winzipersvc.exe.vir"
sh=C93FB945956D3241233F257ECD5BC0A0CD586235 ft=0 fh=0000000000000000 vn="JS/Trackware.Agent.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\inject.js.vir"
sh=6A0A9783FFE1EE10D850173AA652325188FF37FF ft=1 fh=c71c0011414b9536 vn="Variante von Win32/ELEX.CP evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Arne\AppData\Roaming\mystartsearch\UninstallManager.exe.vir"
sh=01A2BA91E6A6EA4F945DC202E8247BAAD77F66AD ft=0 fh=0000000000000000 vn="Win32/InstallMonetizer.AN evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Arne\Downloads\free_vsts.rar"
Code:
ATTFilter Results of screen317's Security Check version 1.009
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
G DATA TOTAL PROTECTION
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java version 32-bit out of Date!
Adobe Flash Player 17.0.0.188 Flash Player out of Date!
Adobe Reader XI
Google Chrome (45.0.2454.101)
Google Chrome (45.0.2454.99)
````````Process Check: objlist.exe by Laurent````````
G Data TotalProtection Firewall GDFwSvcx64.exe
G Data TotalProtection Firewall GDFirewallTray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST log: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:14-10-2015 01
durchgeführt von Arne (Administrator) auf ARNEGAMING (15-10-2015 10:46:22)
Gestartet von C:\Users\Arne\Desktop
Geladene Profile: Arne (Verfügbare Profile: Arne)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Scarlet.Crush Productions) C:\Program Files (x86)\Controller PS3\bin\ScpService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Flux Software LLC) C:\Users\Arne\AppData\Local\FluxSoftware\Flux\flux.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575256 2014-05-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [G Data ASM] => "C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" /autostart
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [12844864 2015-08-28] (Corsair Components, Inc.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe [1864312 2015-06-16] (G DATA Software AG)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\Run: [f.lux] => C:\Users\Arne\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\MountPoints2: {9ab6c832-0055-11e4-8281-448a5b5d8518} - "J:\Browse.exe"
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{5E06F4D9-FE63-4FC0-AFC6-15D8F73957BD}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6B82A37A-7428-425F-975B-5FE6A16B7C4B}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-07] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-07] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Arne\AppData\Roaming\Mozilla\Firefox\Profiles\vfgsmcoi.default
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-22] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-22] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2014-03-24] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-10-19]
FF Extension: Kein Name - C:\Users\Arne\AppData\Roaming\Mozilla\Firefox\Profiles\vfgsmcoi.default\extensions\faststartff@gmail.com [nicht gefunden]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovigo.com/?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPF0FC7C4F-7659-43B8-A530-B5710A8194E6&SSPV=
CHR StartupUrls: Default -> "","hxxp://www.google.com/"
CHR Session Restore: Default -> ist aktiviert.
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Profile: C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-04-01]
CHR Extension: (Open Reddit NSFW Links in Incognito Window) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aedepcllfamehicoifddolbbnmahlkff [2015-06-25]
CHR Extension: (Google Docs) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-06]
CHR Extension: (Google Drive) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-12]
CHR Extension: (YouTube) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-06]
CHR Extension: (Honey) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2015-10-13]
CHR Extension: (uBlock Origin) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-02-11]
CHR Extension: (Google Search) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-06]
CHR Extension: (Chain Reaction) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemgfpodpjapjhfohdlibagceiknakpa [2014-04-06]
CHR Extension: (Google Docs Offline) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
CHR Extension: (The Camelizer) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo [2015-07-15]
CHR Extension: (Isoball 3) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj [2014-04-06]
CHR Extension: (IP Address) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml [2014-04-06]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-04-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-10-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-10]
CHR Extension: (Hover Zoom) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-04-10]
CHR Extension: (AlienTube for YouTube™) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\opgodjgjgojjkhlmmhdlojfehcemknnp [2015-07-03]
CHR Extension: (Click&Clean App) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-04-06]
CHR Extension: (Gmail) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-06]
CHR Extension: (Reddit Trading Flair Linker Enhanced) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnahghpneiabcncanmccahgloopbbbgp [2014-05-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2558072 2015-06-19] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe [966776 2015-06-16] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe [3711712 2015-06-16] (G Data Software AG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
S4 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [813328 2014-04-28] (Disc Soft Ltd)
R2 Ds3Service; C:\Program Files (x86)\Controller PS3\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [Datei ist nicht signiert]
R2 GDBackupSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [3894392 2015-06-19] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe [3202368 2015-06-19] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789624 2015-06-16] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [2235512 2015-06-16] (G Data Software AG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-07-14] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2100736 2014-06-04] (MSI) [Datei ist nicht signiert]
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4026368 2014-06-06] (MSI) [Datei ist nicht signiert]
S4 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2118144 2014-06-03] () [Datei ist nicht signiert]
S4 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4157440 2014-06-17] () [Datei ist nicht signiert]
S4 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [1990144 2014-06-03] () [Datei ist nicht signiert]
S4 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2250240 2014-06-06] () [Datei ist nicht signiert]
S4 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2063360 2014-06-04] () [Datei ist nicht signiert]
S4 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [549888 2014-06-10] () [Datei ist nicht signiert]
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
S4 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1722320 2014-08-26] (Micro-Star International)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-09] (MSI)
S4 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-28] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-16] ()
S4 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-01-22] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
S4 SuperRAIDSvc; C:\MSI\Super RAID\SuperRAIDSvc.exe [16384 2013-09-23] () [Datei ist nicht signiert]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
S3 TSNxGService; C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe [255608 2014-07-01] (G DATA Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S4 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [307928 2013-12-30] ()
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel(R) Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [80592 2013-11-08] (Qualcomm Atheros, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2015-05-18] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2015-05-18] (Corsair)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-07-11] (Disc Soft Ltd)
R3 dtscsibus; C:\Windows\system32\DRIVERS\dtscsibus.sys [29696 2014-06-30] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [158720 2015-10-11] (G Data Software AG)
R3 gddcd; C:\Windows\system32\drivers\gddcd64.sys [78848 2015-10-11] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv64.sys [58880 2015-10-11] (G Data Software AG)
S0 GDElam; C:\Windows\System32\DRIVERS\GDElam.sys [117904 2015-01-08] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-10-11] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-04-09] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230912 2015-10-11] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [91648 2015-10-11] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68608 2015-10-11] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-10-11] (G Data Software)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [125952 2015-10-11] (G Data Software AG)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [20464 2013-11-11] (Windows (R) Win 7 DDK provider)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] ()
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NPF; C:\Windows\system32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
S3 NTIOLib_1_0_1; C:\MSI\Super RAID\NTIOLib_X64.sys [14136 2012-06-11] (MSI)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIFrequency_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 rzjstk; C:\Windows\System32\drivers\rzjstk.sys [27816 2014-05-19] (Razer Inc)
S3 rzkeypadendpt; C:\Windows\System32\drivers\rzkeypadendpt.sys [32936 2014-05-19] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-07-12] (Duplex Secure Ltd.)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2015-10-11] (G Data Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-08-12] (CyberLink Corp.)
R3 cpuz136; \??\C:\Users\Arne\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-15 10:44 - 2015-10-15 10:44 - 00000000 ____D C:\Users\Arne\Desktop\FRST-OlderVersion
2015-10-15 10:42 - 2015-10-15 10:42 - 00000918 _____ C:\Users\Arne\Desktop\checkup.txt
2015-10-14 21:17 - 2015-10-14 21:17 - 02870984 _____ (ESET) C:\Users\Arne\Desktop\esetsmartinstaller_deu.exe
2015-10-14 21:17 - 2015-10-14 21:17 - 00852720 _____ C:\Users\Arne\Desktop\SecurityCheck.exe
2015-10-13 20:43 - 2015-10-15 10:46 - 00032394 _____ C:\Users\Arne\Desktop\FRST.txt
2015-10-13 20:43 - 2015-10-13 20:43 - 00074801 _____ C:\Users\Arne\Desktop\Addition.txt
2015-10-13 20:35 - 2015-10-13 20:35 - 00001324 _____ C:\Users\Arne\Desktop\JRT.txt
2015-10-13 20:15 - 2015-10-13 20:15 - 00004402 _____ C:\Users\Arne\Desktop\AdwCleaner[C2].txt
2015-10-13 19:35 - 2015-10-13 19:35 - 00001193 _____ C:\MBAM 13-10.txt
2015-10-13 19:23 - 2015-10-13 19:23 - 01798976 _____ (Malwarebytes) C:\Users\Arne\Desktop\JRT.exe
2015-10-13 19:23 - 2015-10-13 19:23 - 01682432 _____ C:\Users\Arne\Desktop\AdwCleaner_5.013.exe
2015-10-12 21:36 - 2015-10-12 21:36 - 00000382 _____ C:\Windows\DirectX.log
2015-10-12 18:22 - 2015-10-12 18:23 - 00005779 _____ C:\Users\Arne\Desktop\GMER.txt
2015-10-12 17:35 - 2015-10-12 17:35 - 00000000 ____D C:\Users\Arne\AppData\Local\TempTaskUpdateDetection97956D7F-3CE4-4CAB-8CD4-7B6B6C13FE1C
2015-10-12 17:06 - 2015-10-12 17:06 - 00380416 _____ C:\Users\Arne\Desktop\Gmer-19357.exe
2015-10-12 16:17 - 2015-10-12 16:18 - 00003200 _____ C:\Users\Arne\Desktop\Trojaner Board.txt
2015-10-12 16:14 - 2015-10-12 16:14 - 00000580 _____ C:\Users\Arne\Downloads\defogger_disable.log
2015-10-12 16:14 - 2015-10-12 16:14 - 00000020 _____ C:\Users\Arne\defogger_reenable
2015-10-12 16:12 - 2015-10-12 16:12 - 00050477 _____ C:\Users\Arne\Downloads\Defogger.exe
2015-10-12 15:32 - 2015-10-12 15:32 - 00073958 _____ C:\Users\Arne\Downloads\Addition.txt
2015-10-12 15:31 - 2015-10-12 15:32 - 00056919 _____ C:\Users\Arne\Downloads\FRST.txt
2015-10-12 15:28 - 2015-10-15 10:46 - 00000000 ____D C:\FRST
2015-10-12 14:23 - 2015-10-15 10:44 - 02196992 _____ (Farbar) C:\Users\Arne\Desktop\FRST64.exe
2015-10-12 14:18 - 2015-10-12 14:18 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2015-10-12 14:05 - 2015-10-12 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-10-12 13:55 - 2015-10-12 13:55 - 00262144 _____ C:\Windows\SysWOW64\18
2015-10-12 13:55 - 2015-10-12 13:55 - 00000000 __SHD C:\#GDATA.Recovery.Data#
2015-10-11 22:11 - 2015-10-11 22:11 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2015-10-11 22:02 - 2015-10-11 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA TOTAL PROTECTION
2015-10-11 22:02 - 2015-10-11 22:02 - 00027648 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB64.sys
2015-10-11 22:02 - 2015-10-11 22:02 - 00001998 _____ C:\Users\Public\Desktop\G DATA TOTAL PROTECTION.lnk
2015-10-11 22:01 - 2015-10-11 22:01 - 00000000 ____D C:\Windows\ELAMBKUP
2015-10-11 21:26 - 2015-10-11 22:08 - 00091648 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2015-10-11 21:26 - 2015-10-11 22:02 - 00098760 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys
2015-10-11 21:26 - 2015-10-11 21:26 - 00078848 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcd64.sys
2015-10-11 21:26 - 2015-10-11 21:26 - 00058880 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcv64.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00230912 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00158720 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00125952 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00068608 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00042416 _____ C:\Windows\DPINST.LOG
2015-10-11 21:23 - 2015-10-11 21:23 - 00000000 ____D C:\ProgramData\G DATA Software
2015-10-11 21:07 - 2015-10-15 10:36 - 00040216 _____ C:\Windows\PFRO.log
2015-10-11 20:59 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-10-11 20:55 - 2015-10-15 10:45 - 00916626 _____ C:\Windows\WindowsUpdate.log
2015-10-11 20:53 - 2015-10-11 20:53 - 00003252 _____ C:\Windows\System32\Tasks\{929C1D19-79DD-4E02-9F98-1DFB6842E470}
2015-10-11 20:46 - 2015-10-15 10:37 - 00009627 _____ C:\Windows\setupact.log
2015-10-11 20:46 - 2015-10-11 20:46 - 00000000 _____ C:\Windows\setuperr.log
2015-10-11 17:45 - 2015-10-11 17:45 - 00000000 ____D C:\$WINDOWS.~BT
2015-10-11 16:25 - 2015-10-11 16:25 - 00262144 _____ C:\Windows\system32\config\userdiff
2015-10-11 15:38 - 2015-10-11 19:02 - 00000000 _____ C:\Recovery.txt
2015-10-09 16:52 - 2015-10-09 16:52 - 00000000 ____D C:\Users\Arne\AppData\Roaming\11bitstudios
2015-10-09 13:58 - 2015-10-09 13:58 - 00000000 ____D C:\Users\Arne\Documents\Darkest
2015-10-09 13:45 - 2015-10-09 13:45 - 00000222 _____ C:\Users\Arne\Desktop\Darkest Dungeon.url
2015-10-09 13:44 - 2015-10-09 13:44 - 00002160 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-10-09 13:44 - 2015-10-03 04:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-09 13:43 - 2015-10-03 07:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 15002304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-09 13:43 - 2015-10-03 07:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00879000 _____ C:\Windows\system32\nvmcumd.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-08 18:16 - 2015-10-08 18:16 - 00000222 _____ C:\Users\Arne\Desktop\System Shock 2.url
2015-10-08 14:31 - 2015-10-08 14:31 - 00000222 _____ C:\Users\Arne\Desktop\This War of Mine.url
2015-10-07 00:22 - 2015-10-07 01:07 - 137363456 _____ C:\Users\Arne\Downloads\Galador.part2.rar
2015-10-06 21:11 - 2015-10-06 21:56 - 137363456 _____ C:\Users\Arne\Downloads\Galador.part1.rar
2015-10-05 23:40 - 2015-10-05 23:40 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Big Fish Games
2015-10-05 23:33 - 2015-10-05 23:33 - 00001073 _____ C:\Users\Public\Desktop\Play Mystery Case Files - Dire Grove Collector's Edition.lnk
2015-10-05 23:33 - 2015-10-05 23:33 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Case Files - Dire Grove Collector's Edition
2015-10-05 23:33 - 2015-10-05 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery Case Files - Dire Grove Collector's Edition
2015-10-05 22:52 - 2015-10-05 22:52 - 00001950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2015-10-05 22:52 - 2015-10-05 22:52 - 00001248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
2015-10-05 22:52 - 2015-10-05 22:52 - 00000982 _____ C:\Users\Public\Desktop\Games.lnk
2015-10-05 22:52 - 2015-10-05 22:52 - 00000000 ____D C:\ProgramData\Big Fish
2015-10-05 22:52 - 2015-10-05 22:52 - 00000000 ____D C:\Program Files (x86)\bfgclient
2015-10-05 22:50 - 2015-10-05 22:55 - 00000000 ____D C:\BigFishCache
2015-10-05 22:50 - 2015-10-05 22:52 - 00000000 ____D C:\Users\Arne\AppData\Local\Big Fish
2015-10-05 16:17 - 2015-10-07 23:20 - 00000000 ____D C:\Users\Arne\Documents\ArcheAge
2015-10-04 15:39 - 2015-10-14 21:11 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Nidhogg
2015-10-04 15:36 - 2015-10-04 15:36 - 00000000 ____D C:\Program Files (x86)\Controller PS3
2015-10-04 15:35 - 2013-05-19 09:02 - 00039168 _____ (Scarlet.Crush Productions) C:\Windows\system32\Drivers\ScpVBus.sys
2015-10-04 15:35 - 2013-01-07 16:56 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2015-10-04 15:34 - 2015-10-04 15:34 - 10571443 _____ C:\Users\Arne\Downloads\SCP-DS-Driver-Package-1.2.0.160.7z
2015-10-04 15:31 - 2015-10-04 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2015-10-04 15:31 - 2015-10-04 15:31 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2015-10-04 15:11 - 2015-10-04 15:11 - 00000221 _____ C:\Users\Arne\Desktop\Nidhogg.url
2015-10-04 15:11 - 2015-10-04 15:11 - 00000000 ____D C:\Users\Arne\Documents\motioninjoy-0-7-1001-en-win
2015-10-04 15:10 - 2015-10-04 15:10 - 04117346 _____ C:\Users\Arne\Documents\motioninjoy-0-7-1001-en-win.zip
2015-10-04 13:06 - 2015-10-04 13:06 - 00000222 _____ C:\Users\Arne\Desktop\Antichamber.url
2015-10-04 11:07 - 2015-10-04 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2015-10-04 11:06 - 2015-10-04 11:06 - 00000000 ____D C:\Users\Arne\Documents\Corsair-Utility-Engine-v1.10.67
2015-10-04 11:05 - 2015-10-04 11:05 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-01 20:01 - 2015-10-01 20:03 - 59101198 _____ C:\Users\Arne\Documents\Corsair-Utility-Engine-v1.10.67.zip
2015-09-30 14:26 - 2015-09-30 14:26 - 00541302 _____ C:\Users\Arne\Downloads\DeviceWin8.meta.diagcab
2015-09-30 14:04 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-30 14:04 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-30 14:04 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-30 13:51 - 2015-09-30 13:52 - 58728224 _____ (yWorks GmbH) C:\Users\Arne\Downloads\yEd-3.14.3_with-JRE_32-bit_setup.exe
2015-09-27 21:23 - 2015-10-03 07:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-09-27 21:23 - 2015-09-14 02:29 - 01898288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435598.dll
2015-09-27 21:23 - 2015-09-14 02:29 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435598.dll
2015-09-24 23:45 - 2015-09-24 23:45 - 00000000 ____D C:\Users\Arne\AppData\LocalLow\Dinosaur Polo Club
2015-09-24 23:38 - 2015-09-24 23:38 - 00000222 _____ C:\Users\Arne\Desktop\Mini Metro.url
2015-09-19 12:37 - 2015-09-19 12:37 - 00293944 _____ C:\Users\Arne\Downloads\AGOT Green Valyria-12-1.zip
2015-09-18 21:45 - 2015-09-18 21:45 - 00336575 _____ C:\Users\Arne\Downloads\AGOT Colonize Valyria.zip
2015-09-18 21:17 - 2015-09-18 21:17 - 01293768 _____ C:\Users\Arne\Downloads\AGOT Colonize Away-13-4-3.zip
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-15 10:44 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-10-15 10:38 - 2014-04-06 18:58 - 00000000 __RDO C:\Users\Arne\SkyDrive
2015-10-15 10:37 - 2014-04-08 19:38 - 00000021 _____ C:\Users\Arne\AppData\Roaming\config_data.dat
2015-10-15 10:37 - 2014-04-07 21:04 - 00000000 ____D C:\Users\Arne\AppData\Local\CrashDumps
2015-10-15 10:37 - 2014-04-06 20:13 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-15 10:36 - 2015-03-09 18:42 - 00000000 ____D C:\Windows\Minidump
2015-10-15 10:36 - 2014-08-04 23:25 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-15 10:36 - 2014-04-06 18:28 - 00098304 ____N C:\Windows\Minidump\101515-18671-01.dmp
2015-10-15 10:36 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-15 06:31 - 2015-06-21 17:21 - 00001242 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2429973200-1952470861-1716419375-1001UA.job
2015-10-15 05:53 - 2014-04-06 20:13 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-15 05:47 - 2015-02-12 13:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-15 02:31 - 2015-06-21 17:21 - 00001190 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2429973200-1952470861-1716419375-1001Core.job
2015-10-15 02:00 - 2014-08-19 18:24 - 00000000 ____D C:\Users\Arne\AppData\Local\Adobe
2015-10-14 21:12 - 2014-04-06 17:04 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-14 21:05 - 2014-04-06 21:47 - 00000000 ____D C:\ProgramData\Temp
2015-10-14 20:38 - 2014-04-06 18:28 - 00097792 ____N C:\Windows\Minidump\101415-14640-01.dmp
2015-10-14 20:25 - 2014-04-06 20:15 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2429973200-1952470861-1716419375-1001
2015-10-14 19:56 - 2014-09-10 21:50 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-14 19:55 - 2014-04-06 18:28 - 00098304 ____N C:\Windows\Minidump\101415-21578-01.dmp
2015-10-13 21:17 - 2015-03-12 10:38 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-13 21:17 - 2015-03-11 17:29 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-13 21:06 - 2015-09-13 23:06 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-13 21:03 - 2014-04-06 18:28 - 00098816 ____N C:\Windows\Minidump\101315-23750-01.dmp
2015-10-13 20:26 - 2015-06-18 21:23 - 00000000 ____D C:\Users\Arne\AppData\Local\Battle.net
2015-10-13 20:26 - 2015-06-18 21:23 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-10-13 20:25 - 2014-04-06 18:38 - 00000000 ____D C:\Users\Arne
2015-10-13 20:25 - 2014-04-06 18:28 - 00097792 ____N C:\Windows\Minidump\101315-15578-01.dmp
2015-10-13 20:10 - 2014-12-17 16:31 - 00000000 ____D C:\AdwCleaner
2015-10-13 19:15 - 2014-04-06 18:28 - 00098816 ____N C:\Windows\Minidump\101315-24078-01.dmp
2015-10-13 10:45 - 2014-04-06 18:28 - 00102912 ____N C:\Windows\Minidump\101315-21953-01.dmp
2015-10-12 21:26 - 2014-04-06 18:28 - 00102912 ____N C:\Windows\Minidump\101215-19000-01.dmp
2015-10-12 16:21 - 2014-04-21 17:22 - 00000000 ___RD C:\Users\Arne\Desktop\Programme
2015-10-12 16:19 - 2014-05-04 17:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-10-12 14:18 - 2015-01-26 11:34 - 00000000 ____D C:\Users\Arne\AppData\Local\G DATA
2015-10-12 14:07 - 2014-05-04 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-10-12 14:06 - 2014-05-04 17:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-10-12 14:05 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-12 13:55 - 2015-03-06 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dundjinni Enterprises
2015-10-12 13:55 - 2015-02-16 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSA Charaktergenerator
2015-10-12 13:55 - 2014-10-15 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-12 13:55 - 2014-09-16 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2015-10-12 13:55 - 2014-07-05 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\.sol Editor
2015-10-12 13:55 - 2014-04-06 19:28 - 00000000 ____D C:\Windows\Panther
2015-10-11 22:09 - 2014-05-03 22:10 - 00000000 ___RD C:\Users\Arne\Dropbox
2015-10-11 22:09 - 2014-05-03 22:08 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Dropbox
2015-10-11 22:09 - 2014-04-06 22:02 - 00000000 ____D C:\ProgramData\G Data
2015-10-11 21:38 - 2015-05-23 22:16 - 00000000 ____D C:\Users\Arne\AppData\Local\LogMeIn Hamachi
2015-10-11 21:25 - 2014-04-06 16:28 - 00000976 _____ C:\Users\Arne\AppData\Roaming\gdscan.log
2015-10-11 21:09 - 2014-04-06 22:03 - 00000000 ____D C:\Program Files (x86)\G Data
2015-10-11 20:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\setup
2015-10-11 20:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-10-11 20:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Com
2015-10-11 20:57 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-10-11 20:14 - 2014-09-10 21:50 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Skype
2015-10-11 18:59 - 2014-04-08 23:04 - 00000000 ____D C:\Users\Arne\Desktop\Games
2015-10-11 15:47 - 2013-08-22 16:44 - 05177192 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-10 22:34 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-10-09 23:59 - 2015-09-03 17:55 - 00000000 ____D C:\Users\Arne\Desktop\HS Screenshots
2015-10-09 13:44 - 2014-04-06 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-09 13:44 - 2014-04-06 20:24 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-07 23:26 - 2014-09-16 19:06 - 00000000 ____D C:\Users\Arne\AppData\Local\Glyph
2015-10-07 23:26 - 2014-09-16 19:06 - 00000000 ____D C:\Program Files (x86)\Glyph
2015-10-07 23:24 - 2014-09-16 19:06 - 00000000 ____D C:\ProgramData\Glyph
2015-10-07 11:30 - 2014-04-24 04:51 - 00000000 ____D C:\Users\Arne\AppData\Roaming\vlc
2015-10-05 23:33 - 2014-06-11 03:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-05 22:49 - 2014-04-06 18:40 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-05 22:49 - 2013-08-23 01:24 - 00764340 _____ C:\Windows\system32\perfh007.dat
2015-10-05 22:49 - 2013-08-23 01:24 - 00159160 _____ C:\Windows\system32\perfc007.dat
2015-10-05 21:50 - 2014-04-06 18:38 - 00000000 ____D C:\Users\Arne\AppData\Local\Packages
2015-10-04 11:07 - 2014-04-08 19:38 - 00000000 ____D C:\Program Files (x86)\Corsair
2015-10-03 07:06 - 2014-08-04 23:25 - 00112944 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-10-03 07:06 - 2014-08-04 23:25 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 17395512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 12769408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 03573832 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 03154104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 00033507 _____ C:\Windows\system32\nvinfo.pb
2015-10-03 04:49 - 2014-08-04 23:25 - 06358648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-10-03 04:49 - 2014-08-04 23:25 - 02982520 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-10-03 04:49 - 2014-08-04 23:25 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-10-03 04:49 - 2014-08-04 23:25 - 00938800 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-10-03 04:49 - 2014-08-04 23:25 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-10-03 04:49 - 2014-08-04 23:25 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-10-02 20:47 - 2015-07-20 15:36 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-10-01 11:33 - 2014-08-04 23:25 - 05284082 _____ C:\Windows\system32\nvcoproc.bin
2015-09-30 16:51 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-30 14:04 - 2014-07-04 12:09 - 00001125 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-30 14:04 - 2014-07-04 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-30 14:04 - 2014-07-04 12:09 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-30 07:51 - 2015-06-18 21:30 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-09-29 12:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-28 20:46 - 2014-04-06 17:46 - 00000000 ____D C:\Users\Arne\Documents\my games
2015-09-28 13:18 - 2015-06-18 21:23 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Battle.net
2015-09-28 01:04 - 2014-04-08 21:12 - 00000000 ____D C:\ProgramData\Origin
2015-09-28 00:14 - 2014-04-08 21:14 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Origin
2015-09-28 00:08 - 2014-04-08 21:12 - 00000000 ____D C:\Program Files (x86)\Origin
2015-09-26 00:47 - 2014-09-10 21:50 - 00000000 ____D C:\ProgramData\Skype
2015-09-24 20:19 - 2014-11-13 11:54 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-19 12:36 - 2015-08-30 14:24 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AGOT
2015-09-18 20:48 - 2014-04-06 20:13 - 00004112 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-18 20:48 - 2014-04-06 20:13 - 00003876 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 03:18 - 2013-08-22 17:38 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2013-08-22 17:38 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-04-15 19:42 - 2013-07-21 21:59 - 0012005 _____ () C:\Users\Arne\AppData\Roaming\alsoft.ini
2014-04-08 19:38 - 2015-10-15 10:37 - 0000021 _____ () C:\Users\Arne\AppData\Roaming\config_data.dat
2014-04-06 16:28 - 2014-04-06 16:28 - 0000000 _____ () C:\Users\Arne\AppData\Roaming\gdfw.log
2014-04-06 16:28 - 2015-10-11 21:25 - 0000976 _____ () C:\Users\Arne\AppData\Roaming\gdscan.log
2014-08-22 18:43 - 2014-08-22 18:43 - 0002716 _____ () C:\Users\Arne\AppData\Local\recently-used.xbel
Einige Dateien in TEMP:
====================
C:\Users\Arne\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwp6bqf.dll
C:\Users\Arne\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Arne\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-08 19:39
==================== Ende von FRST.txt ============================
Abermals danke und einen schönen Abend, ich hoffe dieses direkt antworten zu können, aber die Geschwindigkeit meines PCs lässt das oftmals nicht zu.  neonJAhr |
|
16.10.2015, 18:35
| #9 |
| /// the machine /// TB-Ausbilder | Windows 8.1: plötzlich langsam, Untersuchungen der SSD brauchen 15h Java und Flash updaten. Bitte nochmal den AdwCleaner laufen lassen, dann nochmal ein frisches FRST log.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.10.2015, 09:26
| #10 |
| | Windows 8.1: plötzlich langsam, Untersuchungen der SSD brauchen 15h Moin, heute fuhr der PC wieder recht schnell hoch, ich hoffe, du hast das Problem gefunden! Ich habe Java & Adobe geupdated, und AdwCleaner & FRST laufen lassen. AdwCleaner log: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.013 - Bericht erstellt am 17/10/2015 um 09:48:55
# Aktualisiert am 09/10/2015 von Xplode
# Datenbank : 2015-10-16.1 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Arne - ARNEGAMING
# Gestartet von : C:\Users\Arne\Desktop\AdwCleaner_5.013.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
Ordner Gefunden : C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
[C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gefunden : bmnlcjabgnpnenekpadlanbbkooimhnj
[C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Gefunden : hxxp://www.trovigo.com/?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPF0FC7C4F-7659-43B8-A530-B5710A8194E6&SSPV=
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1117 Bytes] ##########
Die Error-Nachricht: "Error Saving File C:\FRST\HIVES\SOFTWAR! ..." Nachricht kam nicht, nachdem ich G-DATA wieder mal versichert habe, dass die geupdatete Version von FRST in Ordnung ist. Ich habe auch das Erunt.exe file ausgeführt, was beim Öffnen von FRST mit startet, aber von G-DATA auch vorher immer geblockt wurde. Hier der FRST Log: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:16-10-2015
durchgeführt von Arne (Administrator) auf ARNEGAMING (17-10-2015 09:53:58)
Gestartet von C:\Users\Arne\Desktop
Geladene Profile: Arne (Verfügbare Profile: Arne)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Scarlet.Crush Productions) C:\Program Files (x86)\Controller PS3\bin\ScpService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files (x86)\Corsair\Corsair Link\CorsairLink.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Flux Software LLC) C:\Users\Arne\AppData\Local\FluxSoftware\Flux\flux.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575256 2014-05-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [G Data ASM] => "C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" /autostart
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [12844864 2015-08-28] (Corsair Components, Inc.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe [1864312 2015-06-16] (G DATA Software AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\Run: [f.lux] => C:\Users\Arne\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\MountPoints2: {9ab6c832-0055-11e4-8281-448a5b5d8518} - "J:\Browse.exe"
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Arne\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-02] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{5E06F4D9-FE63-4FC0-AFC6-15D8F73957BD}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6B82A37A-7428-425F-975B-5FE6A16B7C4B}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Arne\AppData\Roaming\Mozilla\Firefox\Profiles\vfgsmcoi.default
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2014-03-24] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-10-19]
FF Extension: Kein Name - C:\Users\Arne\AppData\Roaming\Mozilla\Firefox\Profiles\vfgsmcoi.default\extensions\faststartff@gmail.com [nicht gefunden]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovigo.com/?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPF0FC7C4F-7659-43B8-A530-B5710A8194E6&SSPV=
CHR StartupUrls: Default -> "","hxxp://www.google.com/"
CHR Session Restore: Default -> ist aktiviert.
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Profile: C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-04-01]
CHR Extension: (Open Reddit NSFW Links in Incognito Window) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aedepcllfamehicoifddolbbnmahlkff [2015-06-25]
CHR Extension: (Google Docs) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-06]
CHR Extension: (Google Drive) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-12]
CHR Extension: (YouTube) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-06]
CHR Extension: (Honey) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2015-10-13]
CHR Extension: (uBlock Origin) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-02-11]
CHR Extension: (Google Search) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-06]
CHR Extension: (Chain Reaction) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemgfpodpjapjhfohdlibagceiknakpa [2014-04-06]
CHR Extension: (Google Docs Offline) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
CHR Extension: (The Camelizer) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo [2015-07-15]
CHR Extension: (Isoball 3) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj [2014-04-06]
CHR Extension: (IP Address) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml [2014-04-06]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-04-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-10-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-10]
CHR Extension: (Hover Zoom) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-04-10]
CHR Extension: (AlienTube for YouTube™) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\opgodjgjgojjkhlmmhdlojfehcemknnp [2015-07-03]
CHR Extension: (Click&Clean App) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-04-06]
CHR Extension: (Gmail) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-06]
CHR Extension: (Reddit Trading Flair Linker Enhanced) - C:\Users\Arne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnahghpneiabcncanmccahgloopbbbgp [2014-05-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2558072 2015-06-19] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe [966776 2015-06-16] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe [3711712 2015-06-16] (G Data Software AG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
S4 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [813328 2014-04-28] (Disc Soft Ltd)
R2 Ds3Service; C:\Program Files (x86)\Controller PS3\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [Datei ist nicht signiert]
R2 GDBackupSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [3894392 2015-06-19] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe [3202368 2015-06-19] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789624 2015-06-16] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [2235512 2015-06-16] (G Data Software AG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-07-14] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2100736 2014-06-04] (MSI) [Datei ist nicht signiert]
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4026368 2014-06-06] (MSI) [Datei ist nicht signiert]
S4 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2118144 2014-06-03] () [Datei ist nicht signiert]
S4 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4157440 2014-06-17] () [Datei ist nicht signiert]
S4 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [1990144 2014-06-03] () [Datei ist nicht signiert]
S4 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2250240 2014-06-06] () [Datei ist nicht signiert]
S4 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2063360 2014-06-04] () [Datei ist nicht signiert]
S4 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [549888 2014-06-10] () [Datei ist nicht signiert]
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
S4 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1722320 2014-08-26] (Micro-Star International)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-09] (MSI)
S4 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-28] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-16] ()
S4 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-01-22] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
S4 SuperRAIDSvc; C:\MSI\Super RAID\SuperRAIDSvc.exe [16384 2013-09-23] () [Datei ist nicht signiert]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
S3 TSNxGService; C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe [255608 2014-07-01] (G DATA Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S4 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [307928 2013-12-30] ()
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel(R) Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [80592 2013-11-08] (Qualcomm Atheros, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2015-05-18] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2015-05-18] (Corsair)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-07-11] (Disc Soft Ltd)
R3 dtscsibus; C:\Windows\system32\DRIVERS\dtscsibus.sys [29696 2014-06-30] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [158720 2015-10-11] (G Data Software AG)
R3 gddcd; C:\Windows\system32\drivers\gddcd64.sys [78848 2015-10-11] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv64.sys [58880 2015-10-11] (G Data Software AG)
S0 GDElam; C:\Windows\System32\DRIVERS\GDElam.sys [117904 2015-01-08] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-10-11] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-04-09] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230912 2015-10-11] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [91648 2015-10-11] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68608 2015-10-11] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-10-11] (G Data Software)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [125952 2015-10-11] (G Data Software AG)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [20464 2013-11-11] (Windows (R) Win 7 DDK provider)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] ()
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NPF; C:\Windows\system32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
S3 NTIOLib_1_0_1; C:\MSI\Super RAID\NTIOLib_X64.sys [14136 2012-06-11] (MSI)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIFrequency_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 rzjstk; C:\Windows\System32\drivers\rzjstk.sys [27816 2014-05-19] (Razer Inc)
S3 rzkeypadendpt; C:\Windows\System32\drivers\rzkeypadendpt.sys [32936 2014-05-19] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-07-12] (Duplex Secure Ltd.)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2015-10-11] (G Data Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-08-12] (CyberLink Corp.)
R3 cpuz136; \??\C:\Users\Arne\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
R3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-17 09:51 - 2015-10-17 09:51 - 00001196 _____ C:\Users\Arne\Desktop\AdwCleaner[S3].txt
2015-10-17 09:45 - 2015-10-17 09:45 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-17 09:45 - 2015-10-17 09:45 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Sun
2015-10-17 09:45 - 2015-10-17 09:45 - 00000000 ____D C:\Users\Arne\.oracle_jre_usage
2015-10-17 09:45 - 2015-10-17 09:45 - 00000000 _____ C:\Windows\system32\RENB0F7.tmp
2015-10-17 09:44 - 2015-10-17 09:44 - 00584288 _____ (Oracle Corporation) C:\Users\Arne\Downloads\chromeinstall-8u60.exe
2015-10-15 21:00 - 2015-10-15 21:00 - 00000000 ____D C:\Users\Arne\AppData\Roaming\3909
2015-10-15 10:44 - 2015-10-17 09:53 - 00000000 ____D C:\Users\Arne\Desktop\FRST-OlderVersion
2015-10-15 10:42 - 2015-10-15 10:42 - 00000918 _____ C:\Users\Arne\Desktop\checkup.txt
2015-10-14 21:17 - 2015-10-14 21:17 - 02870984 _____ (ESET) C:\Users\Arne\Desktop\esetsmartinstaller_deu.exe
2015-10-14 21:17 - 2015-10-14 21:17 - 00852720 _____ C:\Users\Arne\Desktop\SecurityCheck.exe
2015-10-13 20:43 - 2015-10-17 09:53 - 00033160 _____ C:\Users\Arne\Desktop\FRST.txt
2015-10-13 20:43 - 2015-10-13 20:43 - 00074801 _____ C:\Users\Arne\Desktop\Addition.txt
2015-10-13 20:35 - 2015-10-13 20:35 - 00001324 _____ C:\Users\Arne\Desktop\JRT.txt
2015-10-13 20:15 - 2015-10-13 20:15 - 00004402 _____ C:\Users\Arne\Desktop\AdwCleaner[C2].txt
2015-10-13 19:35 - 2015-10-13 19:35 - 00001193 _____ C:\MBAM 13-10.txt
2015-10-13 19:23 - 2015-10-13 19:23 - 01798976 _____ (Malwarebytes) C:\Users\Arne\Desktop\JRT.exe
2015-10-13 19:23 - 2015-10-13 19:23 - 01682432 _____ C:\Users\Arne\Desktop\AdwCleaner_5.013.exe
2015-10-12 21:36 - 2015-10-12 21:36 - 00000382 _____ C:\Windows\DirectX.log
2015-10-12 18:22 - 2015-10-12 18:23 - 00005779 _____ C:\Users\Arne\Desktop\GMER.txt
2015-10-12 17:35 - 2015-10-12 17:35 - 00000000 ____D C:\Users\Arne\AppData\Local\TempTaskUpdateDetection97956D7F-3CE4-4CAB-8CD4-7B6B6C13FE1C
2015-10-12 17:06 - 2015-10-12 17:06 - 00380416 _____ C:\Users\Arne\Desktop\Gmer-19357.exe
2015-10-12 16:17 - 2015-10-12 16:18 - 00003200 _____ C:\Users\Arne\Desktop\Trojaner Board.txt
2015-10-12 16:14 - 2015-10-12 16:14 - 00000580 _____ C:\Users\Arne\Downloads\defogger_disable.log
2015-10-12 16:14 - 2015-10-12 16:14 - 00000020 _____ C:\Users\Arne\defogger_reenable
2015-10-12 16:12 - 2015-10-12 16:12 - 00050477 _____ C:\Users\Arne\Downloads\Defogger.exe
2015-10-12 15:32 - 2015-10-12 15:32 - 00073958 _____ C:\Users\Arne\Downloads\Addition.txt
2015-10-12 15:31 - 2015-10-12 15:32 - 00056919 _____ C:\Users\Arne\Downloads\FRST.txt
2015-10-12 15:28 - 2015-10-17 09:53 - 00000000 ____D C:\FRST
2015-10-12 14:23 - 2015-10-17 09:53 - 02196480 _____ (Farbar) C:\Users\Arne\Desktop\FRST64.exe
2015-10-12 14:18 - 2015-10-12 14:18 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2015-10-12 14:05 - 2015-10-12 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-10-12 13:55 - 2015-10-12 13:55 - 00262144 _____ C:\Windows\SysWOW64\18
2015-10-12 13:55 - 2015-10-12 13:55 - 00000000 __SHD C:\#GDATA.Recovery.Data#
2015-10-11 22:11 - 2015-10-11 22:11 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2015-10-11 22:02 - 2015-10-11 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA TOTAL PROTECTION
2015-10-11 22:02 - 2015-10-11 22:02 - 00027648 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB64.sys
2015-10-11 22:02 - 2015-10-11 22:02 - 00001998 _____ C:\Users\Public\Desktop\G DATA TOTAL PROTECTION.lnk
2015-10-11 22:01 - 2015-10-11 22:01 - 00000000 ____D C:\Windows\ELAMBKUP
2015-10-11 21:26 - 2015-10-11 22:08 - 00091648 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2015-10-11 21:26 - 2015-10-11 22:02 - 00098760 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys
2015-10-11 21:26 - 2015-10-11 21:26 - 00078848 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcd64.sys
2015-10-11 21:26 - 2015-10-11 21:26 - 00058880 _____ (G Data Software AG) C:\Windows\system32\Drivers\gddcv64.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00230912 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00158720 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00125952 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00068608 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2015-10-11 21:25 - 2015-10-11 22:01 - 00042416 _____ C:\Windows\DPINST.LOG
2015-10-11 21:23 - 2015-10-11 21:23 - 00000000 ____D C:\ProgramData\G DATA Software
2015-10-11 21:07 - 2015-10-15 10:36 - 00040216 _____ C:\Windows\PFRO.log
2015-10-11 20:59 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-10-11 20:55 - 2015-10-15 23:38 - 01119215 _____ C:\Windows\WindowsUpdate.log
2015-10-11 20:53 - 2015-10-11 20:53 - 00003252 _____ C:\Windows\System32\Tasks\{929C1D19-79DD-4E02-9F98-1DFB6842E470}
2015-10-11 20:46 - 2015-10-17 09:42 - 00011094 _____ C:\Windows\setupact.log
2015-10-11 20:46 - 2015-10-11 20:46 - 00000000 _____ C:\Windows\setuperr.log
2015-10-11 17:45 - 2015-10-11 17:45 - 00000000 ____D C:\$WINDOWS.~BT
2015-10-11 16:25 - 2015-10-11 16:25 - 00262144 _____ C:\Windows\system32\config\userdiff
2015-10-11 15:38 - 2015-10-11 19:02 - 00000000 _____ C:\Recovery.txt
2015-10-09 16:52 - 2015-10-09 16:52 - 00000000 ____D C:\Users\Arne\AppData\Roaming\11bitstudios
2015-10-09 13:58 - 2015-10-09 13:58 - 00000000 ____D C:\Users\Arne\Documents\Darkest
2015-10-09 13:45 - 2015-10-09 13:45 - 00000222 _____ C:\Users\Arne\Desktop\Darkest Dungeon.url
2015-10-09 13:44 - 2015-10-09 13:44 - 00002160 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-10-09 13:44 - 2015-10-03 04:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-09 13:43 - 2015-10-03 07:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 15002304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-09 13:43 - 2015-10-03 07:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00879000 _____ C:\Windows\system32\nvmcumd.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-09 13:43 - 2015-10-03 07:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-08 18:16 - 2015-10-08 18:16 - 00000222 _____ C:\Users\Arne\Desktop\System Shock 2.url
2015-10-08 14:31 - 2015-10-08 14:31 - 00000222 _____ C:\Users\Arne\Desktop\This War of Mine.url
2015-10-07 00:22 - 2015-10-07 01:07 - 137363456 _____ C:\Users\Arne\Downloads\Galador.part2.rar
2015-10-06 21:11 - 2015-10-06 21:56 - 137363456 _____ C:\Users\Arne\Downloads\Galador.part1.rar
2015-10-05 23:40 - 2015-10-05 23:40 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Big Fish Games
2015-10-05 23:33 - 2015-10-05 23:33 - 00001073 _____ C:\Users\Public\Desktop\Play Mystery Case Files - Dire Grove Collector's Edition.lnk
2015-10-05 23:33 - 2015-10-05 23:33 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Case Files - Dire Grove Collector's Edition
2015-10-05 23:33 - 2015-10-05 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery Case Files - Dire Grove Collector's Edition
2015-10-05 22:52 - 2015-10-05 22:52 - 00001950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2015-10-05 22:52 - 2015-10-05 22:52 - 00001248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
2015-10-05 22:52 - 2015-10-05 22:52 - 00000982 _____ C:\Users\Public\Desktop\Games.lnk
2015-10-05 22:52 - 2015-10-05 22:52 - 00000000 ____D C:\ProgramData\Big Fish
2015-10-05 22:52 - 2015-10-05 22:52 - 00000000 ____D C:\Program Files (x86)\bfgclient
2015-10-05 22:50 - 2015-10-05 22:55 - 00000000 ____D C:\BigFishCache
2015-10-05 22:50 - 2015-10-05 22:52 - 00000000 ____D C:\Users\Arne\AppData\Local\Big Fish
2015-10-05 16:17 - 2015-10-07 23:20 - 00000000 ____D C:\Users\Arne\Documents\ArcheAge
2015-10-04 15:39 - 2015-10-14 21:11 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Nidhogg
2015-10-04 15:36 - 2015-10-04 15:36 - 00000000 ____D C:\Program Files (x86)\Controller PS3
2015-10-04 15:35 - 2013-05-19 09:02 - 00039168 _____ (Scarlet.Crush Productions) C:\Windows\system32\Drivers\ScpVBus.sys
2015-10-04 15:35 - 2013-01-07 16:56 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2015-10-04 15:34 - 2015-10-04 15:34 - 10571443 _____ C:\Users\Arne\Downloads\SCP-DS-Driver-Package-1.2.0.160.7z
2015-10-04 15:31 - 2015-10-04 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2015-10-04 15:31 - 2015-10-04 15:31 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2015-10-04 15:11 - 2015-10-04 15:11 - 00000221 _____ C:\Users\Arne\Desktop\Nidhogg.url
2015-10-04 15:11 - 2015-10-04 15:11 - 00000000 ____D C:\Users\Arne\Documents\motioninjoy-0-7-1001-en-win
2015-10-04 15:10 - 2015-10-04 15:10 - 04117346 _____ C:\Users\Arne\Documents\motioninjoy-0-7-1001-en-win.zip
2015-10-04 13:06 - 2015-10-04 13:06 - 00000222 _____ C:\Users\Arne\Desktop\Antichamber.url
2015-10-04 11:07 - 2015-10-04 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2015-10-04 11:06 - 2015-10-04 11:06 - 00000000 ____D C:\Users\Arne\Documents\Corsair-Utility-Engine-v1.10.67
2015-10-04 11:05 - 2015-10-04 11:05 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-01 20:01 - 2015-10-01 20:03 - 59101198 _____ C:\Users\Arne\Documents\Corsair-Utility-Engine-v1.10.67.zip
2015-09-30 14:26 - 2015-09-30 14:26 - 00541302 _____ C:\Users\Arne\Downloads\DeviceWin8.meta.diagcab
2015-09-30 14:04 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-30 14:04 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-30 14:04 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-30 13:51 - 2015-09-30 13:52 - 58728224 _____ (yWorks GmbH) C:\Users\Arne\Downloads\yEd-3.14.3_with-JRE_32-bit_setup.exe
2015-09-27 21:23 - 2015-10-03 07:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-09-27 21:23 - 2015-09-14 02:29 - 01898288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435598.dll
2015-09-27 21:23 - 2015-09-14 02:29 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435598.dll
2015-09-24 23:45 - 2015-09-24 23:45 - 00000000 ____D C:\Users\Arne\AppData\LocalLow\Dinosaur Polo Club
2015-09-24 23:38 - 2015-09-24 23:38 - 00000222 _____ C:\Users\Arne\Desktop\Mini Metro.url
2015-09-19 12:37 - 2015-09-19 12:37 - 00293944 _____ C:\Users\Arne\Downloads\AGOT Green Valyria-12-1.zip
2015-09-18 21:45 - 2015-09-18 21:45 - 00336575 _____ C:\Users\Arne\Downloads\AGOT Colonize Valyria.zip
2015-09-18 21:17 - 2015-09-18 21:17 - 01293768 _____ C:\Users\Arne\Downloads\AGOT Colonize Away-13-4-3.zip
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-17 09:53 - 2014-04-06 20:13 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-17 09:53 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-10-17 09:50 - 2014-08-19 18:24 - 00000000 ____D C:\Users\Arne\AppData\Local\Adobe
2015-10-17 09:50 - 2014-04-06 20:15 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2429973200-1952470861-1716419375-1001
2015-10-17 09:48 - 2014-12-17 16:31 - 00000000 ____D C:\AdwCleaner
2015-10-17 09:47 - 2015-02-12 13:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-17 09:45 - 2015-02-12 13:04 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-17 09:45 - 2014-10-15 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-17 09:45 - 2014-08-06 11:45 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-17 09:45 - 2014-04-06 18:38 - 00000000 ____D C:\Users\Arne
2015-10-17 09:43 - 2014-04-08 19:38 - 00000021 _____ C:\Users\Arne\AppData\Roaming\config_data.dat
2015-10-17 09:43 - 2014-04-07 21:04 - 00000000 ____D C:\Users\Arne\AppData\Local\CrashDumps
2015-10-17 09:43 - 2014-04-06 20:13 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-17 09:43 - 2014-04-06 18:58 - 00000000 ___DO C:\Users\Arne\SkyDrive
2015-10-17 09:42 - 2015-03-09 18:42 - 00000000 ____D C:\Windows\Minidump
2015-10-17 09:42 - 2014-08-04 23:25 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-17 09:42 - 2014-04-06 18:28 - 00097280 ____N C:\Windows\Minidump\101715-12218-01.dmp
2015-10-17 09:42 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-15 23:31 - 2015-06-21 17:21 - 00001242 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2429973200-1952470861-1716419375-1001UA.job
2015-10-15 22:27 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-10-15 21:57 - 2014-04-07 23:19 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-15 21:56 - 2014-04-06 17:04 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-15 19:47 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-10-15 19:42 - 2014-04-06 18:28 - 00098304 ____N C:\Windows\Minidump\101515-33000-01.dmp
2015-10-15 10:36 - 2014-04-06 18:28 - 00098304 ____N C:\Windows\Minidump\101515-18671-01.dmp
2015-10-15 02:31 - 2015-06-21 17:21 - 00001190 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2429973200-1952470861-1716419375-1001Core.job
2015-10-14 21:05 - 2014-04-06 21:47 - 00000000 ____D C:\ProgramData\Temp
2015-10-14 20:38 - 2014-04-06 18:28 - 00097792 ____N C:\Windows\Minidump\101415-14640-01.dmp
2015-10-14 19:56 - 2014-09-10 21:50 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-14 19:55 - 2014-04-06 18:28 - 00098304 ____N C:\Windows\Minidump\101415-21578-01.dmp
2015-10-13 21:17 - 2015-03-12 10:38 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-13 21:17 - 2015-03-11 17:29 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-13 21:06 - 2015-09-13 23:06 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-13 21:03 - 2014-04-06 18:28 - 00098816 ____N C:\Windows\Minidump\101315-23750-01.dmp
2015-10-13 20:26 - 2015-06-18 21:23 - 00000000 ____D C:\Users\Arne\AppData\Local\Battle.net
2015-10-13 20:26 - 2015-06-18 21:23 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-10-13 20:25 - 2014-04-06 18:28 - 00097792 ____N C:\Windows\Minidump\101315-15578-01.dmp
2015-10-13 19:15 - 2014-04-06 18:28 - 00098816 ____N C:\Windows\Minidump\101315-24078-01.dmp
2015-10-13 10:45 - 2014-04-06 18:28 - 00102912 ____N C:\Windows\Minidump\101315-21953-01.dmp
2015-10-12 21:26 - 2014-04-06 18:28 - 00102912 ____N C:\Windows\Minidump\101215-19000-01.dmp
2015-10-12 16:21 - 2014-04-21 17:22 - 00000000 ___RD C:\Users\Arne\Desktop\Programme
2015-10-12 16:19 - 2014-05-04 17:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-10-12 14:18 - 2015-01-26 11:34 - 00000000 ____D C:\Users\Arne\AppData\Local\G DATA
2015-10-12 14:07 - 2014-05-04 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-10-12 14:06 - 2014-05-04 17:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-10-12 14:05 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-12 13:55 - 2015-03-06 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dundjinni Enterprises
2015-10-12 13:55 - 2015-02-16 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSA Charaktergenerator
2015-10-12 13:55 - 2014-09-16 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2015-10-12 13:55 - 2014-07-05 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\.sol Editor
2015-10-12 13:55 - 2014-04-06 19:28 - 00000000 ____D C:\Windows\Panther
2015-10-11 22:09 - 2014-05-03 22:10 - 00000000 ___RD C:\Users\Arne\Dropbox
2015-10-11 22:09 - 2014-05-03 22:08 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Dropbox
2015-10-11 22:09 - 2014-04-06 22:02 - 00000000 ____D C:\ProgramData\G Data
2015-10-11 21:38 - 2015-05-23 22:16 - 00000000 ____D C:\Users\Arne\AppData\Local\LogMeIn Hamachi
2015-10-11 21:25 - 2014-04-06 16:28 - 00000976 _____ C:\Users\Arne\AppData\Roaming\gdscan.log
2015-10-11 21:09 - 2014-04-06 22:03 - 00000000 ____D C:\Program Files (x86)\G Data
2015-10-11 20:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\setup
2015-10-11 20:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-10-11 20:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Com
2015-10-11 20:57 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-10-11 20:14 - 2014-09-10 21:50 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Skype
2015-10-11 18:59 - 2014-04-08 23:04 - 00000000 ____D C:\Users\Arne\Desktop\Games
2015-10-11 15:47 - 2013-08-22 16:44 - 05177192 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-09 23:59 - 2015-09-03 17:55 - 00000000 ____D C:\Users\Arne\Desktop\HS Screenshots
2015-10-09 13:44 - 2014-04-06 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-09 13:44 - 2014-04-06 20:24 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-07 23:26 - 2014-09-16 19:06 - 00000000 ____D C:\Users\Arne\AppData\Local\Glyph
2015-10-07 23:26 - 2014-09-16 19:06 - 00000000 ____D C:\Program Files (x86)\Glyph
2015-10-07 23:24 - 2014-09-16 19:06 - 00000000 ____D C:\ProgramData\Glyph
2015-10-07 11:30 - 2014-04-24 04:51 - 00000000 ____D C:\Users\Arne\AppData\Roaming\vlc
2015-10-05 23:33 - 2014-06-11 03:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-05 22:49 - 2014-04-06 18:40 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-05 22:49 - 2013-08-23 01:24 - 00764340 _____ C:\Windows\system32\perfh007.dat
2015-10-05 22:49 - 2013-08-23 01:24 - 00159160 _____ C:\Windows\system32\perfc007.dat
2015-10-05 21:50 - 2014-04-06 18:38 - 00000000 ____D C:\Users\Arne\AppData\Local\Packages
2015-10-04 11:07 - 2014-04-08 19:38 - 00000000 ____D C:\Program Files (x86)\Corsair
2015-10-03 07:06 - 2014-08-04 23:25 - 00112944 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-10-03 07:06 - 2014-08-04 23:25 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 17395512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 12769408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 03573832 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 03154104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-10-03 07:06 - 2014-08-04 23:21 - 00033507 _____ C:\Windows\system32\nvinfo.pb
2015-10-03 04:49 - 2014-08-04 23:25 - 06358648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-10-03 04:49 - 2014-08-04 23:25 - 02982520 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-10-03 04:49 - 2014-08-04 23:25 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-10-03 04:49 - 2014-08-04 23:25 - 00938800 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-10-03 04:49 - 2014-08-04 23:25 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-10-03 04:49 - 2014-08-04 23:25 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-10-02 20:47 - 2015-07-20 15:36 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-10-01 11:33 - 2014-08-04 23:25 - 05284082 _____ C:\Windows\system32\nvcoproc.bin
2015-09-30 14:04 - 2014-07-04 12:09 - 00001125 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-30 14:04 - 2014-07-04 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-30 14:04 - 2014-07-04 12:09 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-30 07:51 - 2015-06-18 21:30 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-09-29 12:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-28 20:46 - 2014-04-06 17:46 - 00000000 ____D C:\Users\Arne\Documents\my games
2015-09-28 13:18 - 2015-06-18 21:23 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Battle.net
2015-09-28 01:04 - 2014-04-08 21:12 - 00000000 ____D C:\ProgramData\Origin
2015-09-28 00:14 - 2014-04-08 21:14 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Origin
2015-09-28 00:08 - 2014-04-08 21:12 - 00000000 ____D C:\Program Files (x86)\Origin
2015-09-26 00:47 - 2014-09-10 21:50 - 00000000 ____D C:\ProgramData\Skype
2015-09-24 20:19 - 2014-11-13 11:54 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-19 12:36 - 2015-08-30 14:24 - 00000000 ____D C:\Users\Arne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AGOT
2015-09-18 20:48 - 2014-04-06 20:13 - 00004112 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-18 20:48 - 2014-04-06 20:13 - 00003876 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-04-15 19:42 - 2013-07-21 21:59 - 0012005 _____ () C:\Users\Arne\AppData\Roaming\alsoft.ini
2014-04-08 19:38 - 2015-10-17 09:43 - 0000021 _____ () C:\Users\Arne\AppData\Roaming\config_data.dat
2014-04-06 16:28 - 2014-04-06 16:28 - 0000000 _____ () C:\Users\Arne\AppData\Roaming\gdfw.log
2014-04-06 16:28 - 2015-10-11 21:25 - 0000976 _____ () C:\Users\Arne\AppData\Roaming\gdscan.log
2014-08-22 18:43 - 2014-08-22 18:43 - 0002716 _____ () C:\Users\Arne\AppData\Local\recently-used.xbel
Einige Dateien in TEMP:
====================
C:\Users\Arne\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwp6bqf.dll
C:\Users\Arne\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-08 19:39
==================== Ende von FRST.txt ============================
neonJAhr Gute Neuigkeiten, der PC fährt auf jeden Fall um einiges schneller hoch als zuvor, und als ich ein PC-Spiel getestet habe, gab es keine freezes! Soweit, wie ich das sehen kann, hat sich das Problem gelöst! Kannst du mir sagen, was genau das Problem war und wie ich es verhindern kann, bzw. wie ich meinen PC am besten schütze? Ich hatte jede Woche MBAM & CCleaner einmal starten lassen, und ansonsten auf G-DATA vertraut, allergins bin ich mir jetzt bei G-DATA nicht mehr so sicher... Danke auf jeden Fall nochmal! neonJAhr |
|
18.10.2015, 06:06
| #11 |
| /// the machine /// TB-Ausbilder | Windows 8.1: plötzlich langsam, Untersuchungen der SSD brauchen 15h Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\MountPoints2: {9ab6c832-0055-11e4-8281-448a5b5d8518} - "J:\Browse.exe"
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Da war überwiegend Adware. Bei Downloads aufpassen, was man lädt und wo. Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung:Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.10.2015, 17:31
| #12 |
| | Windows 8.1: plötzlich langsam, Untersuchungen der SSD brauchen 15h Okay, ich werde mehr mit Downloads aufpassen! Hier erstmal der fixlog: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-10-2015
durchgeführt von Arne (2015-10-18 18:19:52) Run:1
Gestartet von C:\Users\Arne\Desktop
Geladene Profile: Arne (Verfügbare Profile: Arne)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\...\MountPoints2: {9ab6c832-0055-11e4-8281-448a5b5d8518} - "J:\Browse.exe"
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ACHTUNG
Emptytemp:
*****************
HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Wert erfolgreich entfernt
HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Wert erfolgreich entfernt
"HKU\S-1-5-21-2429973200-1952470861-1716419375-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ab6c832-0055-11e4-8281-448a5b5d8518}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{9ab6c832-0055-11e4-8281-448a5b5d8518} => Schlüssel nicht gefunden.
HKU\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Wert erfolgreich entfernt
EmptyTemp: => 1 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 18:20:15 ====
Daher auch hier: Danke, danke, danke dir Schrauber, du hast mir sehr, sehr geholfen! |
|
19.10.2015, 19:11
| #13 |
| /// the machine /// TB-Ausbilder | Windows 8.1: plötzlich langsam, Untersuchungen der SSD brauchen 15h Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.11.2015, 14:52
| #14 |
| | Windows 8.1: plötzlich langsam, Untersuchungen der SSD brauchen 15h Hey schrauber, Das gleiche Problem ist wieder aufgetaucht! Soll ich einen neuen Thread öffnen, oder hier posten? Ich habe nichts illegal runtergeladen, daher habe ich keine Ahnung, wie dieses Problem aufgetaucht ist... Ich habe MBAM laufen lassen, was nichts gefunden hat, und CNET gestartet, allerdings dauerte der Check so lange, dass ich ihn nach 1,5h und 13% abgebrochen habe. Würdest du mir nochmal helfen? |
|
12.11.2015, 17:00
| #15 |
| /// the machine /// TB-Ausbilder | Windows 8.1: plötzlich langsam, Untersuchungen der SSD brauchen 15h welches Problem genau? Neue FRST logs bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 8.1: plötzlich langsam, Untersuchungen der SSD brauchen 15h |
| desktop, dnsapi.dll, flash player, g-data, helper, homepage, hängen, langsam, mozilla, netgear, problem, programm, prozess, prozesse, realtek, registry, rundll, scan, security, sekunden, software, starten, svchost.exe, system, ublock, ublock origin, viren, windows |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
