| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Mail-Account gehackt, Avast zeigt Trojaner anWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
05.06.2016, 14:03
| #7 |
| |  Windows 7: Mail-Account gehackt, Avast zeigt Trojaner an Also Probleme kann ich nicht feststellen, aber mir ist auch vorher nichts beim alltäglichen Gebrauch aufgefallen, bis auf einmal mein E-Mail-Konto gehackt wurde. Deshalb poste ich die Logs noch mal FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-06-2016 01
durchgeführt von Kiwi (Administrator) auf KIWIPC (05-06-2016 14:58:25)
Gestartet von C:\Users\Kiwi\Desktop
Geladene Profile: Kiwi (Verfügbare Profile: Kiwi & Mcx1-KIWI-PC)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Apple Inc.) D:\itunes (1)\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() Q:\140066.enu\Office14\WINWORDC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() Q:\140066.ENU\OFFICE14\OffSpon.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6469736 2012-03-06] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => D:\itunes (1)\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [IntelSBA] => C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4243168 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Plugin Install] => D:\Quicktime\Plugins\DeleteMe1.exe
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7400064 2016-06-04] (AVAST Software)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [975760 2015-11-03] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-1078192431-239819200-2145751044-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1078192431-239819200-2145751044-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-04] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk [2013-02-10]
ShortcutTarget: Audible Download Manager.lnk -> D:\Audible\Bin\AudibleDownloadHelper.exe (Keine Datei)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{F8CE8708-5C3F-48FF-996E-AFF92665AD4C}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1078192431-239819200-2145751044-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1078192431-239819200-2145751044-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1078192431-239819200-2145751044-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1078192431-239819200-2145751044-1000 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\S-1-5-21-1078192431-239819200-2145751044-1000 -> {07D56749-CE28-4EAD-98CF-98486A8E78D3} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10557
SearchScopes: HKU\S-1-5-21-1078192431-239819200-2145751044-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Expat Shield Class -> {3706EE7C-3CAD-445D-8A43-03EBC3B75908} -> C:\Users\Kiwi\Desktop\Expat Shield\HssIE\ExpatIE_64.dll => Keine Datei
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-06-04] (AVAST Software)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll => Keine Datei
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-04] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-22] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Kiwi\AppData\Roaming\Mozilla\Firefox\Profiles\zaghk6zr.default-1403462312104
FF Homepage: google.de
FF NetworkProxy: "backup.ftp", "212.29.229.21"
FF NetworkProxy: "backup.ftp_port", 80
FF NetworkProxy: "backup.socks", "212.29.229.21"
FF NetworkProxy: "backup.socks_port", 80
FF NetworkProxy: "backup.ssl", "212.29.229.21"
FF NetworkProxy: "backup.ssl_port", 80
FF NetworkProxy: "ftp", "198.50.129.9"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "gopher", "119.4.115.51"
FF NetworkProxy: "gopher_port", 80
FF NetworkProxy: "http", "198.50.129.9"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "198.50.129.9"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "198.50.129.9"
FF NetworkProxy: "ssl_port", 3128
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-16] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-06-07] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-06-07] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> D:\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Extension: NoScript - C:\Users\Kiwi\AppData\Roaming\Mozilla\Firefox\Profiles\zaghk6zr.default-1403462312104\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-08]
FF Extension: Modify Headers - C:\Users\Kiwi\AppData\Roaming\Mozilla\Firefox\Profiles\zaghk6zr.default-1403462312104\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2016-04-27]
FF Extension: Video DownloadHelper - C:\Users\Kiwi\AppData\Roaming\Mozilla\Firefox\Profiles\zaghk6zr.default-1403462312104\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-05-24]
FF Extension: Adblock Plus - C:\Users\Kiwi\AppData\Roaming\Mozilla\Firefox\Profiles\zaghk6zr.default-1403462312104\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF Extension: DownThemAll! - C:\Users\Kiwi\AppData\Roaming\Mozilla\Firefox\Profiles\zaghk6zr.default-1403462312104\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-04-15]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-04]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2016-06-01]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-06-04] (AVAST Software)
R2 Intel(R) Small Business Advantage; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [49376 2012-02-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2120712 2016-04-28] (Electronic Arts)
S2 SkypeUpdate; D:\Skype\Updater\Updater.exe [315488 2015-02-18] (Skype Technologies)
R2 SystemStore; C:\Program Files (x86)\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe [50176 2012-05-21] () [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-06-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-06-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-06-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-06-04] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 hxctlflt; C:\Windows\System32\DRIVERS\hxctlflt.sys [111104 2009-02-09] (Guillemot Corporation) [Datei ist nicht signiert]
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527360 2007-09-10] (PixArt Imaging Inc.) [Datei ist nicht signiert]
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-07-23] (Duplex Secure Ltd.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-04-19] (Anchorfree Inc.)
U5 usbser; C:\Windows\System32\Drivers\usbser.sys [32768 2010-11-21] (Microsoft Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-08-15] (Cisco Systems, Inc.)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-05 14:58 - 2016-06-05 14:58 - 00018429 _____ C:\Users\Kiwi\Desktop\FRST.txt
2016-06-05 14:58 - 2016-06-05 14:58 - 00000000 ____D C:\Users\Kiwi\Desktop\FRST-OlderVersion
2016-06-05 11:57 - 2016-06-04 18:52 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswF5F2.tmp
2016-06-05 02:00 - 2016-06-05 02:46 - 00000000 ____D C:\ProgramData\HitmanPro
2016-06-05 01:59 - 2016-06-05 01:59 - 00007040 _____ C:\Users\Kiwi\Desktop\mbam.txt
2016-06-05 01:16 - 2016-06-05 01:16 - 00010622 _____ C:\Users\Kiwi\Desktop\AdwCleaner[C1].txt
2016-06-05 01:07 - 2016-06-05 01:07 - 03677248 _____ C:\Users\Kiwi\Desktop\AdwCleaner_5.119.exe
2016-06-04 21:00 - 2016-06-04 21:00 - 11438608 _____ (SurfRight B.V.) C:\Users\Kiwi\Desktop\HitmanPro_x64.exe
2016-06-04 20:59 - 2016-06-04 21:00 - 22851472 _____ (Malwarebytes ) C:\Users\Kiwi\Desktop\mbam-setup-2.2.1.1043.exe
2016-06-04 18:52 - 2016-06-04 18:52 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-06-04 18:52 - 2016-06-04 18:52 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-04 18:46 - 2016-06-04 19:01 - 00214646 _____ C:\TDSSKiller.3.1.0.9_04.06.2016_18.46.19_log.txt
2016-06-04 18:46 - 2016-06-04 18:46 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Kiwi\Desktop\tdsskiller.exe
2016-06-04 11:26 - 2016-06-04 11:26 - 00076769 _____ C:\Users\Kiwi\Desktop\Zunehmen-Ernährungsplan-mit-Fleisch.pdf
2016-06-03 21:19 - 2016-06-05 14:57 - 00000000 ____D C:\Users\Kiwi\Desktop\L
2016-06-03 20:58 - 2016-06-05 14:58 - 02384896 _____ (Farbar) C:\Users\Kiwi\Desktop\FRST64.exe
2016-06-03 18:06 - 2016-06-03 18:06 - 00131792 _____ C:\Users\Kiwi\AppData\Local\recently-used.xbel
2016-06-03 13:59 - 2016-06-05 01:42 - 00000000 ____D C:\AdwCleaner
2016-06-03 11:46 - 2016-06-05 14:58 - 00000000 ____D C:\FRST
2016-06-03 11:18 - 2016-06-05 01:57 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-03 11:18 - 2016-06-03 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-06-03 11:17 - 2016-06-03 11:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-03 11:17 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-03 11:17 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-03 11:17 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-02 21:21 - 2016-06-02 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16
2016-06-01 21:34 - 2016-06-04 00:26 - 00000000 ____D C:\Users\Kiwi\Documents\Citavi 5
2016-06-01 21:34 - 2016-06-01 21:47 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\Swiss Academic Software
2016-06-01 21:34 - 2016-06-01 21:34 - 00000000 ____D C:\ProgramData\Swiss Academic Software
2016-06-01 21:34 - 2016-06-01 21:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 5
2016-06-01 21:32 - 2016-06-01 21:32 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Downloaded Installations
2016-05-30 23:41 - 2016-05-30 23:41 - 00000000 ____D C:\Users\Public\CyberLink
2016-05-30 23:41 - 2016-05-30 23:41 - 00000000 ____D C:\Users\Kiwi\Documents\CyberLink
2016-05-30 23:40 - 2016-05-30 23:40 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Cyberlink
2016-05-30 23:33 - 2016-06-03 01:50 - 00000000 ____D C:\Program Files (x86)\CyberLink
2016-05-30 23:33 - 2016-05-30 23:33 - 00000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2016-05-30 23:30 - 2016-06-03 01:50 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2016-05-30 23:30 - 2016-05-30 23:41 - 00000000 ____D C:\ProgramData\CyberLink
2016-05-30 23:30 - 2016-05-30 23:30 - 00000000 ____D C:\ProgramData\install_clap
2016-05-26 00:28 - 2016-06-02 20:11 - 00149015 _____ C:\Users\Kiwi\Desktop\2016_06rechnung_5616687642.pdf
2016-05-11 11:35 - 2016-05-11 11:35 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\com.bby.cinemanowca
2016-05-11 01:18 - 2016-05-15 12:14 - 00000000 ____D C:\Users\Kiwi\Desktop\Rupp 2013
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-05 12:56 - 2009-07-14 06:45 - 00032080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-05 12:56 - 2009-07-14 06:45 - 00032080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-05 11:57 - 2012-04-20 18:12 - 00000000 ____D C:\ProgramData\AVAST Software
2016-06-05 11:41 - 2012-09-17 12:04 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-05 11:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-05 02:55 - 2013-03-25 22:46 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\SoftGrid Client
2016-06-05 02:03 - 2013-12-18 02:18 - 00000000 ____D C:\Users\Kiwi\AppData\Roaming\vlc
2016-06-05 01:55 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\DigitalLocker
2016-06-05 01:16 - 2012-06-03 14:00 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-04 18:52 - 2014-08-01 00:03 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-06-04 18:52 - 2014-08-01 00:03 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-06-04 18:52 - 2013-08-03 22:49 - 00287528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-06-04 18:52 - 2013-08-03 22:49 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-06-04 18:52 - 2012-09-17 12:04 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-06-04 18:52 - 2012-09-17 12:04 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-06-04 18:52 - 2012-09-17 12:04 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-06-04 18:52 - 2012-09-17 12:04 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-06-04 11:21 - 2015-08-05 14:55 - 00000000 ____D C:\Users\Kiwi\Desktop\Neuer Ordner (6)
2016-06-04 01:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-06-04 00:29 - 2015-11-06 00:00 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-03 18:48 - 2016-01-28 12:27 - 00000000 ____D C:\Users\Kiwi\.gimp-2.8
2016-06-03 18:06 - 2014-01-07 20:51 - 00000000 ____D C:\Users\Kiwi\AppData\Local\gtk-2.0
2016-06-03 01:50 - 2012-04-20 17:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-06-03 00:08 - 2014-07-30 23:58 - 00000000 ____D C:\ProgramData\Origin
2016-06-02 21:21 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-06-02 15:35 - 2014-09-10 00:10 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-02 00:05 - 2016-05-03 14:14 - 00000000 ____D C:\Users\Kiwi\Desktop\BA-Arbeit Kapitel
2016-06-01 17:04 - 2011-04-12 09:43 - 00701778 _____ C:\Windows\system32\perfh007.dat
2016-06-01 17:04 - 2011-04-12 09:43 - 00150420 _____ C:\Windows\system32\perfc007.dat
2016-06-01 17:04 - 2009-07-14 07:13 - 01622236 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-01 17:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-30 16:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-05-18 00:02 - 2016-04-26 13:39 - 00000000 ____D C:\Users\Kiwi\Desktop\Transkripte für BA-Arbeit
2016-05-16 11:14 - 2013-03-11 20:15 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-16 11:14 - 2013-03-11 20:15 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-15 14:31 - 2015-11-13 18:50 - 00000000 ____D C:\Users\Kiwi\AppData\Local\Clan_prefs
2016-05-13 01:11 - 2014-12-27 13:45 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-09 22:58 - 2014-05-27 21:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-09 22:56 - 2015-04-29 12:02 - 00000000 ____D C:\Users\Kiwi\dwhelper
2016-05-09 13:48 - 2015-05-29 22:41 - 00000000 __SHD C:\AI_RecycleBin
2016-05-08 16:56 - 2015-12-26 13:16 - 00000000 ____D C:\Users\Kiwi\AppData\Local\UnrealEngine
2016-05-08 11:45 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-02-24 00:43 - 2016-03-28 16:51 - 0001456 _____ () C:\Users\Kiwi\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-06-03 18:06 - 2016-06-03 18:06 - 0131792 _____ () C:\Users\Kiwi\AppData\Local\recently-used.xbel
2015-06-07 02:41 - 2015-06-07 02:41 - 0007605 _____ () C:\Users\Kiwi\AppData\Local\Resmon.ResmonCfg
2014-06-08 16:27 - 2016-05-15 02:23 - 0002703 _____ () C:\ProgramData\flcd_proxy.log
2013-03-30 00:02 - 2013-03-30 00:14 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
Einige Dateien in TEMP:
====================
C:\Users\Kiwi\AppData\Local\Temp\libeay32.dll
C:\Users\Kiwi\AppData\Local\Temp\msvcr120.dll
C:\Users\Kiwi\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-05-28 00:28
==================== Ende von FRST.txt ============================
Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-06-2016 01
durchgeführt von Kiwi (2016-06-05 14:58:56)
Gestartet von C:\Users\Kiwi\Desktop
Windows 7 Professional Service Pack 1 (X64) (2012-04-20 15:20:37)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1078192431-239819200-2145751044-500 - Administrator - Disabled)
Gast (S-1-5-21-1078192431-239819200-2145751044-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1078192431-239819200-2145751044-1003 - Limited - Enabled)
Kiwi (S-1-5-21-1078192431-239819200-2145751044-1000 - Administrator - Enabled) => C:\Users\Kiwi
Mcx1-KIWI-PC (S-1-5-21-1078192431-239819200-2145751044-1001 - Limited - Enabled) => C:\Users\Mcx1-KIWI-PC
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Access 97rt PAN EURO G (HKLM-x32\...\Access 97rt PAN EURO G) (Version: - )
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.198 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ANSTOSS 3 (HKLM-x32\...\ANSTOSS 3_is1) (Version: - )
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 11.2.2262 - AVAST Software)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.1.08005 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.1.08005 - Cisco Systems, Inc.) Hidden
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.3.1.0 - Swiss Academic Software)
CLAN (HKLM-x32\...\{00868CD9-BEB1-4D2C-8307-4AD82C48501A}) (Version: 2.11.00 - CMU)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Fallout (HKLM-x32\...\GOGPACKFALLOUT_is1) (Version: 2.0.0.14 - GOG.com)
Fallout 2 (HKLM-x32\...\GOGPACKFALLOUT2_is1) (Version: 2.0.0.12 - GOG.com)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.42.13482.16 - Electronic Arts)
Fragen-Lern-CD 4.3 (HKLM-x32\...\de.3m5.wendel.flcd.FLCDB.FC622282278C06838B5CD08883589F2C8AB9EEDC.1) (Version: 4.3.5 - Wendel-Verlag GmbH)
Fragen-Lern-CD 4.3 (x32 Version: 4.3.5 - Wendel-Verlag GmbH) Hidden
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: - Intel(R) Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.34813 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.6134.5007 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version: - No More Room in Hell Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.12.2807 - Electronic Arts, Inc.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version: - )
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6586 - Realtek Semiconductor Corp.)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix)
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.5 - Electronic Arts)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Yu-Gi-Oh! The Dawn of a New Era Version 5.0.18.3673 (HKLM-x32\...\{1F276EF8-ACD8-4805-845C-BA1FC14DCB3B}_is1) (Version: 5.0.18.3673 - Kaiba Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0071A13B-6B94-46F2-9FB6-ADE22483D5A5} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-KIWI-PC => C:\Windows\ehome\McxTask.exe [2009-07-14] (Microsoft Corporation)
Task: {0CC6A309-3F84-4134-8FFB-9171C1FE2932} - System32\Tasks\{1DBE5654-06A6-4930-B238-0DF98147764A} => pcalua.exe -a C:\Users\Kiwi\AppData\Local\TNT2\2.0.0.1627\TNT2User.exe -c /UNINSTALL PARTNER=10557
Task: {172DF47C-9163-4CC4-AB32-7BB276417631} - System32\Tasks\{45912AD4-8F33-4D8D-9554-A80AA320F031} => C:\Program Files (x86)\microsoft-office-enterprise-2007-trial-version.exe
Task: {1AE6AEA5-5C3E-4F4B-BC06-6AAD7A21D250} - System32\Tasks\{173E985D-BE0F-4425-BDB3-341AF9AB4146} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\6\SSBCUninstall.exe
Task: {2191EFF0-B8A4-4E70-AB0C-A64B67600B84} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {2585F3CA-5711-4D62-B6F5-A199FED58DC7} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1078192431-239819200-2145751044-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {2B2EA069-9304-4BDF-AF20-4B017C27CC4C} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1078192431-239819200-2145751044-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {2B428C53-209C-48C4-A188-624C9CA70FF9} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1078192431-239819200-2145751044-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {3C96134A-FC2F-4E4B-9EF9-2700AD0D00E6} - System32\Tasks\{66823191-2EB3-47EC-A19A-02C731EA27C2} => pcalua.exe -a E:\dx7ager.exe -d E:\
Task: {4ABB64DA-07A2-46BD-A64B-3E69D48CEC3E} - System32\Tasks\{8CE18D4A-43FB-4D4B-BD63-0B634CDFAFA1} => pcalua.exe -a D:\Installer.exe -d D:\
Task: {4C7DC039-C318-4A43-B7A9-728234D2A737} - System32\Tasks\{AF90126A-79C8-4274-AD4E-38A1B3BDC08D} => C:\Program Files (x86)\microsoft-office-enterprise-2007-trial-version.exe
Task: {5CEE0A7A-9A24-42B3-A8C4-B264A07E3434} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1078192431-239819200-2145751044-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {6672CE13-36D9-4D89-A012-3893126F7B86} - System32\Tasks\{3F24D816-EF75-43E8-9F64-50F1E3DB735E} => pcalua.exe -a C:\Users\Kiwi\Desktop\PESEdit.com_2012_Patch_3.3.1\Installer.exe -d C:\Users\Kiwi\Desktop\PESEdit.com_2012_Patch_3.3.1
Task: {7466DEB7-CB2E-42E6-8A50-621C46C0643E} - System32\Tasks\{60731E58-7FFB-4725-8A0E-4938AF74C082} => C:\Program Files (x86)\microsoft-office-enterprise-2007-trial-version.exe
Task: {803F5571-B947-425E-A2A9-40FFBEC293E0} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1078192431-239819200-2145751044-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {83CE7615-E7E2-40A5-A872-AC1C004B734C} - System32\Tasks\{79A0981F-23F9-4972-A067-D5910A7DAAE0} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\6_old\SSBCUninstall.exe
Task: {883A3927-A45D-4675-BF91-F2EFFA4ACB36} - System32\Tasks\{3670FBCA-2A3C-470A-B293-977CB288DA46} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\setup.exe" -c -runfromtemp -l0x0407 -removeonly
Task: {91981B81-7214-48D1-A774-78CBDD928779} - System32\Tasks\{045A154F-0301-4AE9-858C-C7E12566F748} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {99519820-DA6F-4713-802E-8FF328DFC9A2} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1078192431-239819200-2145751044-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {A5ED77AC-6AED-406F-9953-2B16D36EB5F3} - System32\Tasks\{EE93492B-829F-46B8-8BA2-7225EA8C38FE} => C:\Program Files (x86)\microsoft-office-enterprise-2007-trial-version.exe
Task: {AB7F177B-533D-4559-A658-B5260C43D430} - System32\Tasks\{05376299-63E3-40B4-B000-3BAC939D67C1} => pcalua.exe -a C:\Users\Kiwi\Desktop\epson375890eu.exe -d C:\Users\Kiwi\Desktop
Task: {B6E36C48-A49B-486E-B433-02EA71117731} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-04] (AVAST Software)
Task: {BA07FC55-F1EB-4D5A-8725-902184DD8A13} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1078192431-239819200-2145751044-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {BCAB8935-3339-458D-8B1B-0C0E79442CB0} - System32\Tasks\{B1D11270-DC0A-443F-A2C2-7886CB6545AC} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe
Task: {C04C3B6E-DB4A-4790-9455-7A5DB41505BC} - System32\Tasks\{5877E4B1-A854-461D-A464-83E4E03E4047} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Task: {C515F816-D0D4-48C2-81DE-84D0EAB44AC6} - System32\Tasks\{87B8B25C-F246-4C50-A323-E5115EC007AB} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\1\SS_Uninstall.exe
Task: {D2100B8D-CFCF-4F46-B4C7-38B6BF8FF944} - System32\Tasks\avastBCLRestart_firefox.exe => Firefox.exe
Task: {D31D2427-00AE-4BC4-8DF4-2F9F421DDFBA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {DB898384-D1F3-4649-9244-0A6C28D7214B} - System32\Tasks\{C4C55CCC-9DBF-451F-B551-657EA06F68C0} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe
Task: {DC416041-539F-4378-B0DE-9585A0443A5A} - System32\Tasks\{D3869556-B4D2-45ED-9BB6-9B033BF40786} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\3\SSCDUninstall.exe
Task: {E69AC183-3C16-4AB6-BE2C-67EEFE889F79} - System32\Tasks\{8FE250CF-A532-4D2A-89E2-D971EBC570C8} => pcalua.exe -a C:\Users\Kiwi\Desktop\epson29817eu.exe -d C:\Users\Kiwi\Desktop
Task: {E88DA03D-B7F8-4978-9C38-D24035CD37F9} - System32\Tasks\{6E7BB2E2-DB0B-46AD-A7FD-CD4EBAE55CA1} => Firefox.exe hxxp://ui.skype.com/ui/0/7.6.64.105/de/abandoninstall?page=tsProgressBar
Task: {EB234CD3-AE7B-4C04-BA18-B6510C3CA55B} - System32\Tasks\{BCDD38EF-0904-43CC-B055-D9F7168A70CD} => D:\StreamTransport\StreamTransport.exe
Task: {F2679F97-D496-4E85-BCBD-70F9956D2763} - System32\Tasks\{B08A6FA7-7E3B-4CDF-8D07-44CDA2804BD1} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {F560CC06-3682-441B-A3E7-77352D1C586D} - System32\Tasks\{78685E25-AE26-47B9-BD42-866A20EDC10B} => pcalua.exe -a C:\Users\Kiwi\Downloads\streaming_optimizer_setup.exe -d C:\Users\Kiwi\Downloads
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-05-21 15:42 - 2012-05-21 15:42 - 00050176 _____ () C:\Program Files (x86)\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe
2012-02-07 21:54 - 2012-02-07 21:54 - 00078624 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2015-11-03 12:21 - 2015-11-03 12:21 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-06-04 18:52 - 2016-06-04 18:52 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-06-04 18:52 - 2016-06-04 18:52 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-04 18:51 - 2016-06-04 18:51 - 02923008 _____ () C:\Program Files\AVAST Software\Avast\defs\16060402\algo.dll
2016-06-05 11:41 - 2016-06-05 11:41 - 02923008 _____ () C:\Program Files\AVAST Software\Avast\defs\16060500\algo.dll
2016-06-04 18:52 - 2016-06-04 18:52 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-06-04 18:52 - 2016-06-04 18:52 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-01-15 13:06 - 2016-01-15 13:06 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-05-21 15:42 - 2012-05-21 15:42 - 00020480 _____ () C:\Program Files (x86)\Freemium\SystemStore\Freemium.SystemStore.Infrastructure.dll
2012-04-20 17:58 - 2012-02-21 06:09 - 01198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-04-20 18:00 - 2012-02-27 13:00 - 00030432 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\ProcessPrivileges.dll
2012-04-20 18:00 - 2012-02-27 13:00 - 00215264 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\System.ComponentModel.Composition.dll
2012-04-20 18:00 - 2012-02-27 13:00 - 00051424 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Interop.TaskScheduler.dll
2016-05-16 11:14 - 2016-05-16 11:14 - 19427520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01040656 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1078192431-239819200-2145751044-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kiwi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{94298785-BBE7-4803-9808-176D43C4E216}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{9688D9CD-38B3-4C6C-85A2-93D8171E3856}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{A6853C33-7D72-4FBC-8627-2A87A55919CA}D:\alien arena 7_53\crx.exe] => (Block) D:\alien arena 7_53\crx.exe
FirewallRules: [UDP Query User{E0A83EAB-E379-46B6-827E-F0CB77D07E10}D:\alien arena 7_53\crx.exe] => (Block) D:\alien arena 7_53\crx.exe
FirewallRules: [TCP Query User{01277258-7A3B-4271-9FE7-D4C8607EFA3C}D:\pes 2012\pes2012.exe] => (Allow) D:\pes 2012\pes2012.exe
FirewallRules: [UDP Query User{05AF7882-6A87-4B7F-985A-466333B07AC9}D:\pes 2012\pes2012.exe] => (Allow) D:\pes 2012\pes2012.exe
FirewallRules: [TCP Query User{D4FD44CC-6F86-465D-9660-EE25780533C4}D:\titan quest\titan quest.exe] => (Allow) D:\titan quest\titan quest.exe
FirewallRules: [UDP Query User{F5DB8AF0-02B2-47B5-B66A-FD4CD46F78C6}D:\titan quest\titan quest.exe] => (Allow) D:\titan quest\titan quest.exe
FirewallRules: [TCP Query User{ABDBE795-B056-45E6-9256-94B5C1A48326}D:\konami\pro evolution soccer 2012\pes2012.exe] => (Allow) D:\konami\pro evolution soccer 2012\pes2012.exe
FirewallRules: [UDP Query User{6B65D548-037A-4A83-8228-4BE7B053A9CC}D:\konami\pro evolution soccer 2012\pes2012.exe] => (Allow) D:\konami\pro evolution soccer 2012\pes2012.exe
FirewallRules: [{4A90897E-CD4A-4603-A076-2F7603EC17D8}] => (Block) D:\konami\pro evolution soccer 2012\pes2012.exe
FirewallRules: [{8F60A005-04AB-475E-A786-8BFE92808589}] => (Block) D:\konami\pro evolution soccer 2012\pes2012.exe
FirewallRules: [TCP Query User{49375053-5C68-432F-9781-AC33999F0008}D:\pro evolution soccer 2012\pes2012.exe] => (Allow) D:\pro evolution soccer 2012\pes2012.exe
FirewallRules: [UDP Query User{4AD3975C-C6E2-4052-AC09-49C919E916C0}D:\pro evolution soccer 2012\pes2012.exe] => (Allow) D:\pro evolution soccer 2012\pes2012.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{76CCD08E-FDC4-45B3-BBE4-7F35660D2830}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6177E29A-7E97-423E-9E31-7D391AC1DB6F}] => (Allow) C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{AF591D2A-0520-4C36-93B3-14AEDAF3A549}] => (Allow) C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{F983E86F-E76F-4B3D-A004-ACA22CB80938}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{9E4C7613-42CC-4CE2-A645-F2BF96921709}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [TCP Query User{30B4081A-2283-41D8-9FBB-B08E8024C881}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{36FD5D36-DF53-4F09-9EDD-152F3F4BA620}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{09310F29-FC7C-4CB4-AB3C-5CA3164757C9}D:\orbitdownloader\orbitnet.exe] => (Allow) D:\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{EB6E2773-E0F1-4B00-9466-22FB253C88ED}D:\orbitdownloader\orbitnet.exe] => (Allow) D:\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{E34E6481-9AD7-43AC-AD41-2D8092EDD9CB}D:\orbitdownloader\orbitnet.exe] => (Block) D:\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{B6D4044F-D5C8-4087-9B41-7C656EFD9149}D:\orbitdownloader\orbitnet.exe] => (Block) D:\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{FD68BD03-E04C-4AF5-AEEE-5DAB69C75FB0}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{C43B7741-5F17-4FBD-BD41-891C55C5ACAD}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{E59ABD5C-70B2-4F9C-9BB8-B01DBD44F9EF}E:\fscommand\updater.exe] => (Allow) E:\fscommand\updater.exe
FirewallRules: [UDP Query User{98E8DCE4-788A-4E6B-93D6-5579ED579B1E}E:\fscommand\updater.exe] => (Allow) E:\fscommand\updater.exe
FirewallRules: [TCP Query User{E71AEEB1-01BD-41AA-8F36-CFF524807B0C}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{A8BDF807-1C34-419B-A7F5-0D1075FD766C}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{DF9C7B38-72C8-4905-BF17-15E3D33793AC}D:\sopcast\sopcast.exe] => (Allow) D:\sopcast\sopcast.exe
FirewallRules: [UDP Query User{0394E352-ADD2-4B0C-B227-441231BCE97D}D:\sopcast\sopcast.exe] => (Allow) D:\sopcast\sopcast.exe
FirewallRules: [{8DC61941-EEDE-4959-9AA0-EAD07FDC4DE9}] => (Allow) D:\steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7D198C55-19F3-4229-8FD4-E8894F94A13D}] => (Allow) D:\steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F74C777F-9F65-4418-9779-CBFA100AE30E}] => (Allow) D:\steam\Steam.exe
FirewallRules: [{98DFE08A-1684-455A-A9A4-6264C9E3F784}] => (Allow) D:\steam\Steam.exe
FirewallRules: [{77167C1C-9004-42E2-9BA7-1FBC770B7E89}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{C324AD62-C264-434E-AD50-8685C9A654C5}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{46242EFF-72ED-474C-A15E-17507B313216}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{DFD8F70A-D886-49EE-BDA7-ECAB1088734E}C:\users\kiwi\desktop\neuer ordner (2)\vbalink.exe] => (Allow) C:\users\kiwi\desktop\neuer ordner (2)\vbalink.exe
FirewallRules: [UDP Query User{5D149EAF-08DC-4881-953D-68177630FAE6}C:\users\kiwi\desktop\neuer ordner (2)\vbalink.exe] => (Allow) C:\users\kiwi\desktop\neuer ordner (2)\vbalink.exe
FirewallRules: [{98C691AC-BCA1-43BD-9DF9-86705F0542F8}] => (Allow) D:\Samsung\npsasvr.exe
FirewallRules: [{64A1F775-9F00-4698-BB1C-30234E5E4C75}] => (Allow) D:\Samsung\npsasvr.exe
FirewallRules: [{2FF169A4-6B8B-47B4-8724-AE2FCC1B5015}] => (Allow) D:\Samsung\npsvsvr.exe
FirewallRules: [{F35D6A8D-B3A8-4C01-8956-EBA0A2DF5B1B}] => (Allow) D:\Samsung\npsvsvr.exe
FirewallRules: [{C93155AD-0155-461F-9200-3B8A9E14577B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BF829D10-FEE8-4A39-895B-5A270CB8193F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{556741C3-6B18-407D-A36B-2E33091DB2CD}] => (Allow) D:\npsasvr.exe
FirewallRules: [{E36BC25E-DAF0-4A7E-89B8-6EEB3D37F4C7}] => (Allow) D:\npsasvr.exe
FirewallRules: [{4068BB2E-1E2B-4B35-A5F3-830CC0C31A87}] => (Allow) D:\npsvsvr.exe
FirewallRules: [{06CE6F3F-592D-40F3-9352-212C5AF4B359}] => (Allow) D:\npsvsvr.exe
FirewallRules: [{9EA2F439-5C3C-4CC5-A09F-71ABF4F3AB84}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{A69E688A-D28D-4D8A-92D0-74756BE0349B}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{0A5FCF11-E7F2-4F81-9F43-71AF4D6374F6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{9D2AAA30-7887-4F75-B937-F8B714C15C8C}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{7ECB53BC-7C99-47EC-83B1-9E05FC1B6A23}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{97DB5C82-F495-4902-ACD7-510997B2EE11}] => (Allow) D:\StreamTransport\StreamTransport.exe
FirewallRules: [{716BC0D0-1D25-43E9-A230-8EA33CE2D2A5}] => (Allow) D:\Realplayer\realplay.exe
FirewallRules: [{08418CE3-8F62-44A4-8427-9FEBFFE542FB}] => (Allow) D:\Realplayer\realplay.exe
FirewallRules: [{4DB46D3E-89B2-4A48-97DA-D4B31BB69641}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{2B73FA99-F875-4992-9F10-37F78CD7C608}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [TCP Query User{839203F3-6FB1-4A71-A6D8-55A3530559BE}D:\maniaplanet\maniaplanet.exe] => (Allow) D:\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{931D8042-D7F8-4BAC-AF66-577D7C07848B}D:\maniaplanet\maniaplanet.exe] => (Allow) D:\maniaplanet\maniaplanet.exe
FirewallRules: [{24D79C9B-F04D-4DD1-9AC8-DE551E973D29}] => (Allow) D:\Samsung\npsasvr.exe
FirewallRules: [{DB568B39-2853-4E83-86ED-072619304E66}] => (Allow) D:\Samsung\npsasvr.exe
FirewallRules: [{9BC2BE4F-CBA0-452C-ADB7-C843FAEC4C4B}] => (Allow) D:\Samsung\npsvsvr.exe
FirewallRules: [{58F6E409-1128-40CF-A0B4-CCF101E13DB9}] => (Allow) D:\Samsung\npsvsvr.exe
FirewallRules: [{8C338048-DB27-4E2D-AB8A-EF82FE816AD8}] => (Allow) D:\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{4A2AAC95-CF70-474E-8F42-93ADB0BBACEA}] => (Allow) D:\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{2FF460ED-3A3F-42C9-B13C-C4F4BCFCA5FB}] => (Allow) D:\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{9F962D63-AAB8-4A21-9AB1-AAB1E92CD4DF}] => (Allow) D:\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{7BD7B874-0A59-4FC8-8A51-FCCBEDB68F2B}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{9E5E263C-06E1-47A5-A607-570E8913142E}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [TCP Query User{AF1BE002-5DF9-49DB-9145-04F4668498F6}D:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe] => (Allow) D:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe
FirewallRules: [UDP Query User{F4D10470-C05D-491B-BB38-A505DC6CCC69}D:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe] => (Allow) D:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe
FirewallRules: [{CB0C0078-85B0-4BF4-BBC0-630D2D2202DC}] => (Block) D:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe
FirewallRules: [{59363F5C-D949-438C-8544-4D249C34DC65}] => (Block) D:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe
FirewallRules: [{C70883A0-C343-41E3-B6BD-7D75865A5D5B}] => (Allow) D:\Skype\Phone\Skype.exe
FirewallRules: [{7A33FBBA-2C4D-4668-9632-DF6FC4552E40}] => (Allow) D:\Program Files (x86)\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{70753751-3DB1-40ED-8051-0596499DD5B1}] => (Allow) D:\Program Files (x86)\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{E6DDD641-730A-4647-AD3B-E24C9EBCCB4B}] => (Allow) D:\steam\bin\steamwebhelper.exe
FirewallRules: [{182BB2E6-6C64-471C-8223-2505E76A5767}] => (Allow) D:\steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{230FAD66-FB36-4227-A0C8-BF67D7A62877}D:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) D:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{A2D05491-07CD-4924-8153-BC7A29505700}D:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) D:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{DAAF45B6-8A2F-473C-9BB7-04244E6D50CF}] => (Block) D:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{5B58AC55-CA8F-452E-B796-F9E7DF687BDB}] => (Block) D:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{547129D6-5A14-46E5-B11B-3F6E0BB6B0A4}] => (Allow) D:\steam\SteamApps\common\nmrih\sdk\hl2.exe
FirewallRules: [{CD4EAC82-11C2-41B7-86B1-5FC4CF7619D2}] => (Allow) D:\steam\SteamApps\common\nmrih\sdk\hl2.exe
FirewallRules: [{7A2DA5E6-C4A7-4F59-B65D-AC48A61064E1}] => (Allow) D:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{187A1EF0-5558-447C-ABEE-625AC07A723B}] => (Allow) D:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{1EFB4A3A-6113-464D-9528-6EFA205A6E65}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ADFE4FBE-FA82-47D6-BE12-EBA70E0FEABF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C4698300-FE10-4715-ABB4-759C70195532}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{565E985C-046A-435D-9649-07DF5E0AAC93}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{120151B5-E836-42AA-A43F-F12932CF806B}] => (Allow) D:\steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{CD028901-4F2F-450B-91FE-A8B8511A3286}] => (Allow) D:\steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{E57FF4CC-B1B1-4B8F-BD57-76A4C85D51E4}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{6E64CD84-569D-4E8E-A92A-1C23B704609A}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [TCP Query User{9493AB36-6106-4E5A-8BDF-7EBAC795628B}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{BF076DB4-D3A7-4E77-AAF4-3839952B55CE}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{D876D33F-1264-49BE-9A61-B16E46CAF5E6}] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{BC86322E-CB9C-41A2-9B64-10C49211D7DE}] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{80AB14D5-B8B1-404B-B0EF-C5A0771A73C4}D:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe] => (Allow) D:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe
FirewallRules: [UDP Query User{616A93E8-729A-4587-9737-1CCCC073ED67}D:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe] => (Allow) D:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe
FirewallRules: [{853CB42B-6954-4CB0-A55F-85113F6167D9}] => (Block) D:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe
FirewallRules: [{79697550-E990-4CB2-B1D3-DDD86435FDD1}] => (Block) D:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe
FirewallRules: [TCP Query User{C987FDDC-F65B-449B-BFF2-4FA740BC63A7}D:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) D:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{73F40D76-BDD1-4270-82AD-B45115637DA7}D:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) D:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{B3907EE7-BC18-4B43-AFF5-F98C05A393B4}] => (Block) D:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{5D0EC131-F3A2-441C-879B-65985643F81C}] => (Block) D:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{2F0557AB-20B4-46A3-B1FA-D078CCA96F34}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B2952665-C19C-4084-AFBA-A48D1D4A9B3B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2B0839F3-9AAE-466B-845D-9F77E52F6AC2}] => (Allow) D:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe
FirewallRules: [{3B7FB2AB-AAF6-4B4D-83CB-B6CBD1D7C406}] => (Allow) D:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe
FirewallRules: [TCP Query User{333F4A8D-430F-4B7E-ADF2-59365C8CF461}D:\jdownloader v2.0\jdownloader2.exe] => (Allow) D:\jdownloader v2.0\jdownloader2.exe
FirewallRules: [UDP Query User{EB132654-F851-4A98-8A41-0EB2F2AE92C3}D:\jdownloader v2.0\jdownloader2.exe] => (Allow) D:\jdownloader v2.0\jdownloader2.exe
FirewallRules: [{D86ACBF1-3A3D-4A4D-84CB-5EB369FC731F}] => (Block) D:\jdownloader v2.0\jdownloader2.exe
FirewallRules: [{23BFFDB7-A160-4F4E-B04B-287A8C85404D}] => (Block) D:\jdownloader v2.0\jdownloader2.exe
FirewallRules: [TCP Query User{A072177C-7188-4EB4-9846-1CD55AD8E934}D:\yu-gi-oh! the dawn of a new era\ygopro\ygopro.exe] => (Allow) D:\yu-gi-oh! the dawn of a new era\ygopro\ygopro.exe
FirewallRules: [UDP Query User{87EFAD7E-30EF-4BB3-BD5F-5856BD2137FB}D:\yu-gi-oh! the dawn of a new era\ygopro\ygopro.exe] => (Allow) D:\yu-gi-oh! the dawn of a new era\ygopro\ygopro.exe
FirewallRules: [{767A0D3E-6CDA-4093-A469-3A663F938684}] => (Block) D:\yu-gi-oh! the dawn of a new era\ygopro\ygopro.exe
FirewallRules: [{616DC7E5-3F34-4A8B-B0FA-6103B60F28FC}] => (Block) D:\yu-gi-oh! the dawn of a new era\ygopro\ygopro.exe
FirewallRules: [{29D906A8-E74A-4DA3-ACBC-45028C63EA40}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AC24542D-87FB-4406-A45F-253E11FBC154}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{99A9A41A-755D-43C9-8C04-46EB23AFF018}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{14AADFB8-C9E9-45A1-8A3C-41637D7193A0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{867181B9-03AF-45B7-8A7F-766A660EB38E}] => (Allow) D:\itunes (1)\iTunes.exe
FirewallRules: [TCP Query User{445EBC5A-5F72-45F8-9CDE-396279860252}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{48A911E9-B5BC-47ED-B564-05B06D084A4B}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{CA96D09B-8060-4B2D-81B8-E34C4152E478}] => (Allow) D:\steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{315A886A-E2EB-418F-A831-FA16E3DF8731}] => (Allow) D:\steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{50FC1106-9F83-42E5-8EEB-61B864B36071}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{81B05483-E256-4251-B0F4-B14AC17CA6DB}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
==================== Wiederherstellungspunkte =========================
05-06-2016 02:28:06 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/05/2016 11:52:11 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
Error: (06/05/2016 11:42:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/05/2016 02:05:51 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
Error: (06/05/2016 01:55:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/05/2016 01:28:18 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.
Error: (06/05/2016 01:18:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/04/2016 09:18:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9033
Error: (06/04/2016 09:18:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9033
Error: (06/04/2016 09:18:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/04/2016 09:18:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8019
Systemfehler:
=============
Error: (06/05/2016 11:42:09 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error: (06/05/2016 11:41:04 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/05/2016 01:55:49 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error: (06/05/2016 01:55:07 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/05/2016 01:18:15 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error: (06/05/2016 01:17:23 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/05/2016 01:17:04 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Intel(R) Small Business Advantage" ist vom Dienst "Windows-Verwaltungsinstrumentation" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1115
Error: (06/05/2016 01:17:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109
Error: (06/05/2016 01:17:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109
Error: (06/05/2016 01:17:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Druckwarteschlange" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8130.21 MB
Verfügbarer physikalischer RAM: 5341.07 MB
Summe virtueller Speicher: 8828.38 MB
Verfügbarer virtueller Speicher: 5716.97 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:50 GB) (Free:2.69 GB) NTFS
Drive d: () (Fixed) (Total:415.66 GB) (Free:39.8 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1FE31042)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=415.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
| Themen zu Windows 7: Mail-Account gehackt, Avast zeigt Trojaner an |
| anti-malware, avast, datei, dnsapi.dll, eset, fremden, gehackt, guten, logfiles, löschen, microsoft, namen, online, relativ, scan, scanner, schadprogramme, suche, trojaner, verschickt, viren, win, win32, windows, windows 7, wrapper, yahoo |
Baum-Darstellung