|
Plagegeister aller Art und deren Bekämpfung: Spam durch TastendruckWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
30.09.2016, 12:16 | #1 |
| Spam durch Tastendruck Hallo Leute! Bin ein bisschen verzweifelt Wenn ich auf eine Taste bestimmte Taste drücke, die ich programmieren kann kommt folgender Text (und nein, manuell kann ich es im Programm leider nicht löschen). Ich habe anzügliche Seiten mit einem "*" zensiert, ich hoffe das ist in Ordnung. Leider kann ich überhaupt nicht zuordnen was das Problem ist, von daher auch leider nichts dagegen machen. Das was auf Tastendruck folgt ist: "com celebrity po*n karla edecan nana keun upo*n.com celebrity po*n karla edecan nana keun upo*n.com celebrity po*n karla edecan nana keun upo*n.com celebrity po*n karla edecan nana keun upo*n.com celebrity po*n (Das geht ungefähr vier "Din-A-4-Seiten" so weiter) Dann: celebritlnunnebrnda pceuebrr dnauoo c nacmiterlo naaoi kaann .cceauoocy plnrn.bnda oolnaacoi dpoa nnn o kaakeorlo naa brarnuunorromac keoc laa nnn cr anaumarcannnonlo cmi kcrlpoannn .o rcannnonorrmkarnnnkerlpo ann.o keuo tyaannnkelerr kcnrr conaannnnrn ceeannotnnn. d pclleeaaoikekeelrr cylaa .brrn clnano arnnnnnda koeo aa c kreuubrreoocoeeuylaaaaotarannn.ebneeonebrr dc pomitkeoepo oikenoeeoccbranneocn u.ccennumnunn. kcreo ninnnreneurnnneunnbrrndnamraaaeunnrity laa n . eppo nnn omru.ebrredennuoaa nnn o kckorlepplncri encritoknnnuyl naa oannnonn oeeda p naa l ci kcnnpoeknr da klckelea ooeepa mmty un.rr aaanrnrerru caedp cl o nnncciaackenerrunaaciaacroautylnn.cc kaakprrrknnnerprree claannnrlebnea pc pn.ebrrrc plpod pee pa tyannnennrreeaa ty p eeaa oicaaakrnreurneuun.rredy nuncrr kcylokaacaaakerlo uponlrreupl nnnnmtnu.eb ea pooondlolaaotaaauncia oitn .ccbrrnedprccebrredan o kerendu nnnnm kcnnneeneena nnncr knprnnnnnncceraum arc kcorep aaciannenedu tacaannnnnebrea clleeckeuureea eenaakaacaaanerreennuty nnn coaac kenprreeaa uy cri kc poneprloneeaclaanaacmaraeuurnrreea annn cmitaacaeuureeneeaceeolaa o ka klbr kaac kecelpla tyrun.brrdooeepa n mkkreeplp naa mycannnnr.cicaaaer.bneaen tylu.erda ep nnnccea kpcy pannulaa nnncrren cmaakeuurlrreeooc l naa oitarnu.rr eroedumauebrrrcannneuu.ebndoo pproneea la u cl nnncaannnnlep laa .cricaaareeeea pc plaaccia naa oinr.ccbn kp pamr konlprrauml nmaraernea py lckalcmkarnnnn annnnnebneplpoau ponau y poaaooerrelekrnda y p konlorrau c ola anu p nnn oitrm naautyrmtl onu.rknnnnn.oty anlannn un. kcknnde ordoeede cee pml crr dlanebenneeuy laa nnnoitaannn.arnnneuunccned kooclo nannn p .cbrra kebri kknreerredolaa umitann.ned orrnaaumkarannnrn.caaarrranum nnnnclprrnanncorraaeneeanarnunnccb ke keerreeauty n crr kkernneenaylaaaaperredapee plp nann cpo n c nnn y oi knnncitaanoitaran.riaaannnenniy laoitnunncckaacaaar.ne rern ceemy oitaraaauaacaaakerepo po ety cmroannneuurnda kpooee .caaaeuurnebnelneaucoatyoaeennup ty ncaakprnlreau namncri eeldeannuy lni la bri epoeennu cy laan.brrdporr oknuuncbrredoeoaotncoyrnnn.crrkaaannb epee .ccbaannbrr anu p aau tar .ccbrrnd polo pclpannanc dc koepoanaaul naa arnnneb e p pann laanaami ku o lun cc caaanbrreupy breaaanrredoiaacaaakeoclledau cy l ccbrianumityanuunccbrkenonn nnncmi keuune uooeep o aace kpeeeckeuunebed olo oo tl noiarnnn.ccbrnnlredup la annll nnln ueerred.ebncaaaeuunnecroneea lp y pacpo u c paannooceepoaana ceona" ------------------------------- Achja, die Taste ist meine programmierbare "G1-Taste" Kann sein, dass ich besagte Seiten mal besucht habe (ja ich weiß ...), kann auch sein, dass ich die Personen mal gegooglet habe. Müsste aber schon einige Monate her sein. Außerdem ist über die Zeit, dass was unter den Namen, bzw. den Seiten steht, dazugekommen. Hoffe auf Antwort, danke schonmal im Vorraus! -------------------------------- EDIT: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-09-2016 durchgeführt von P (Administrator) auf P-PC (30-09-2016 14:00:05) Gestartet von E:\Downloads E Geladene Profile: P (Verfügbare Profile: P) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 8 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Windows (R) Win 7 DDK provider) C:\Windows\System32\DbxSvc.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe () C:\Riot Games\LolScreenSaver\service\service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe () C:\Windows\SysWOW64\PnkBstrA.exe (A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Apple Inc.) E:\Program Files\iTunes\iTunesHelper.exe (Octoshape ApS) C:\Users\P\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIMDE.EXE (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (PowerISO Computing, Inc.) E:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Razer Inc.) C:\Program Files (x86)\Razer\SurroundRedist\bin\RzMonitor.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Spotify Ltd) C:\Users\P\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\P\AppData\Roaming\Spotify\SpotifyCrashService.exe (Spotify Ltd) C:\Users\P\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\P\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\P\AppData\Roaming\Spotify\Spotify.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Curse, Inc) C:\Users\P\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc.) C:\Users\P\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe (Curse, Inc.) C:\Users\P\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe (Curse, Inc.) C:\Users\P\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe (Curse, Inc.) C:\Users\P\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (The Document Foundation) E:\Program Files (x86)\LibreOffice 4\program\swriter.exe (The Document Foundation) E:\Program Files (x86)\LibreOffice 4\program\soffice.exe (The Document Foundation) E:\Program Files (x86)\LibreOffice 4\program\soffice.bin (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1514528 2015-01-16] (NVIDIA Corporation) HKLM\...\Run: [iTunesHelper] => E:\Program Files\iTunes\iTunesHelper.exe [176952 2016-05-11] (Apple Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-01-20] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-01-20] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [PWRISOVM.EXE] => e:\Program Files (x86)\PowerISO\PWRISOVM.EXE [200704 2007-08-07] (PowerISO Computing, Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [830064 2016-09-30] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25382344 2016-09-20] (Dropbox, Inc.) HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Razer Surround Redist] => C:\Program Files (x86)\Razer\SurroundRedist\bin\RzMonitor.exe [199480 2014-06-05] (Razer Inc.) HKU\S-1-5-21-3194827597-3522743568-749026121-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2852128 2016-08-03] (Valve Corporation) HKU\S-1-5-21-3194827597-3522743568-749026121-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd) HKU\S-1-5-21-3194827597-3522743568-749026121-1000\...\Run: [Octoshape Streaming Services] => C:\Users\P\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [500016 2014-08-01] (Octoshape ApS) HKU\S-1-5-21-3194827597-3522743568-749026121-1000\...\Run: [Spotify Web Helper] => C:\Users\P\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-09-30] (Spotify Ltd) HKU\S-1-5-21-3194827597-3522743568-749026121-1000\...\Run: [Spotify] => C:\Users\P\AppData\Roaming\Spotify\Spotify.exe [6795376 2016-09-30] (Spotify Ltd) HKU\S-1-5-21-3194827597-3522743568-749026121-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIMDE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-3194827597-3522743568-749026121-1000\...\Run: [AdobeBridge] => [X] ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.) Startup: C:\Users\P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-07-03] ShortcutTarget: Curse.lnk -> C:\Users\P\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc) Startup: C:\Users\P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 6830.lnk [2016-09-30] ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 6830.lnk -> C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{2711FA04-26EE-4F3E-B104-D2C9BD444BDF}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{80127238-8A3D-49E4-99D5-14FD9B30F968}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{C1AE88C9-5421-4C0C-87D4-66818960A1BC}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Internet Explorer: ================== BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> E:\ADOBE2\Installiert\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27] (Adobe Systems, Inc.) BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2015-10-19] (pdfforge GmbH) Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2015-10-19] (pdfforge GmbH) Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\ADOBE2\Installiert\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27] (Adobe Systems, Inc.) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\s1bsotu2.default FF Homepage: hxxp://youtube.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2015-10-19] (pdfforge GmbH) FF Plugin HKU\S-1-5-21-3194827597-3522743568-749026121-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\P\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1503240-0-npoctoshape.dll [2015-03-24] (Octoshape ApS) FF Plugin ProgramFiles/Appdata: C:\Users\P\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2015-07-20] (Octoshape ApS) FF Extension: (Avira Browser Safety) - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\s1bsotu2.default\Extensions\abs@avira.com [2016-09-30] FF Extension: (Firefox Hotfix) - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\s1bsotu2.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-30] FF Extension: (Adblock Plus) - C:\Users\P\AppData\Roaming\Mozilla\Firefox\Profiles\s1bsotu2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-01] FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2015-11-30] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - E:\ADOBE2\Installiert\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} FF Extension: (Adobe Contribute Toolbar) - E:\ADOBE2\Installiert\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2016-05-25] [ist nicht signiert] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nicht gefunden Chrome: ======= CHR StartupUrls: Default -> "hxxp://csgolounge.com/","hxxp://www.csgobm.com/" CHR Profile: C:\Users\P\AppData\Local\Google\Chrome\User Data\Default [2016-08-26] CHR Extension: (Google Präsentationen) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-13] CHR Extension: (Google Docs) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13] CHR Extension: (Google Drive) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30] CHR Extension: (YouTube) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07] CHR Extension: (Adblock Plus) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-02] CHR Extension: (Google-Suche) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30] CHR Extension: (Google Tabellen) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-13] CHR Extension: (Avira Browserschutz) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-08-01] CHR Extension: (LoungeDestroyer) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2016-05-15] CHR Extension: (Google Docs Offline) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-01] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06] CHR Extension: (Google Mail) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-09] CHR Extension: (Chrome Media Router) - C:\Users\P\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-02] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR Extension: (Adblock Plus) - C:\Users\P\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-07-09] StartMenuInternet: (HKLM) OperaStable - E:\Program Files (x86)\Opera\Launcher.exe ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-09-30] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [470600 2016-09-30] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [470600 2016-09-30] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1454720 2016-09-30] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-19] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-19] (Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42792 2016-09-20] (Windows (R) Win 7 DDK provider) R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [676336 2015-06-25] (SEIKO EPSON CORPORATION) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [614624 2014-11-25] (Futuremark) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 LolScreenSaverService; C:\Riot Games\LolScreenSaver\service\service.exe [707072 2016-03-30] () [Datei ist nicht signiert] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation) S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH) S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH) R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-05-28] () R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4250624 2014-05-23] (A-Volute) [Datei ist nicht signiert] S2 SkypeUpdate; E:\Program Files (x86)\Updater\Updater.exe [327296 2016-01-29] (Skype Technologies) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [171752 2016-07-27] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145984 2016-07-27] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2016-04-04] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-04-04] (Avira Operations GmbH & Co. KG) S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-03] (Disc Soft Ltd) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [494864 2013-08-29] (Intel Corporation) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows (R) Win 7 DDK provider) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation) S3 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X] S3 dbx; system32\DRIVERS\dbx.sys [X] S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-09-30 13:29 - 2016-09-30 14:00 - 00000000 ____D C:\FRST 2016-09-30 12:49 - 2016-09-30 12:49 - 00000000 _____ C:\Users\P\Desktop\Neues Textdokument (7).txt 2016-09-30 11:36 - 2016-09-30 12:06 - 00024292 _____ C:\Users\P\Documents\Lerntagebuch BilWi v2.odt 2016-09-30 11:36 - 2016-09-30 12:06 - 00000079 ____H C:\Users\P\Documents\.~lock.Lerntagebuch BilWi v2.odt# 2016-09-29 23:07 - 2016-09-29 23:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-09-29 23:05 - 2016-09-29 23:05 - 00001138 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2016-09-29 21:37 - 2016-09-29 22:55 - 00022563 _____ C:\Users\P\Documents\Lerntagebuch BilWi.odt 2016-09-20 03:15 - 2016-09-20 03:15 - 00042792 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\DbxSvc.exe 2016-09-20 03:07 - 2016-09-20 03:07 - 00073840 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\dbx-stable.sys 2016-09-20 03:07 - 2016-09-20 03:07 - 00073840 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\dbx-dev.sys 2016-09-20 03:07 - 2016-09-20 03:07 - 00073840 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\dbx-canary.sys ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-09-30 14:00 - 2015-11-29 19:05 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-09-30 13:59 - 2016-06-10 15:57 - 00000000 _____ C:\Windows\system32\RzMaelstromVADAudioDeviceManager_log.txt 2016-09-30 13:52 - 2015-03-23 18:56 - 00000000 ____D C:\Users\P\AppData\Roaming\Spotify 2016-09-30 13:31 - 2016-02-02 17:20 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15dcd4ac8eeb6.job 2016-09-30 13:25 - 2015-02-13 00:15 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-09-30 13:24 - 2016-05-19 17:19 - 00001204 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2016-09-30 13:01 - 2009-07-14 06:45 - 00015696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-09-30 13:01 - 2009-07-14 06:45 - 00015696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-09-30 11:07 - 2015-08-20 14:25 - 00003860 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1440073525 2016-09-30 11:07 - 2009-07-14 19:58 - 00699416 _____ C:\Windows\system32\perfh007.dat 2016-09-30 11:07 - 2009-07-14 19:58 - 00149556 _____ C:\Windows\system32\perfc007.dat 2016-09-30 11:07 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI 2016-09-30 11:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-09-30 11:03 - 2015-02-09 04:14 - 00000000 ____D C:\Program Files (x86)\Steam 2016-09-30 11:02 - 2016-07-03 12:51 - 00000000 ____D C:\Users\P\AppData\Roaming\Curse Client 2016-09-30 11:02 - 2015-03-23 18:58 - 00000000 ____D C:\Users\P\AppData\Local\Spotify 2016-09-30 11:01 - 2016-05-19 17:19 - 00001200 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2016-09-30 11:01 - 2015-12-05 10:20 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12f35df294a4c.job 2016-09-30 11:01 - 2015-02-19 13:53 - 00000000 ____D C:\ProgramData\NVIDIA 2016-09-30 11:01 - 2015-02-13 00:15 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-09-30 11:01 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-09-30 01:04 - 2016-05-08 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-09-29 23:07 - 2016-05-19 17:19 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-09-29 23:06 - 2015-02-13 00:16 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-09-29 23:06 - 2015-02-13 00:16 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-09-29 23:05 - 2015-02-09 03:26 - 00000000 ____D C:\ProgramData\Package Cache 2016-09-29 21:11 - 2015-04-14 17:40 - 00000000 ____D C:\Users\P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2016-09-29 21:11 - 2015-04-14 17:40 - 00000000 ____D C:\Program Files (x86)\Image-Line ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-03-23 19:42 - 2015-03-23 19:42 - 0007599 _____ () C:\Users\P\AppData\Local\Resmon.ResmonCfg 2016-01-08 21:28 - 2016-01-08 21:28 - 0000057 _____ () C:\ProgramData\Ament.ini 2015-02-08 19:46 - 2015-02-08 19:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\P\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-06-12 20:47 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-09-2016 durchgeführt von P (30-09-2016 14:00:19) Gestartet von E:\Downloads E Windows 7 Professional Service Pack 1 (X64) (2015-02-08 17:05:26) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3194827597-3522743568-749026121-500 - Administrator - Disabled) Gast (S-1-5-21-3194827597-3522743568-749026121-501 - Limited - Disabled) P (S-1-5-21-3194827597-3522743568-749026121-1000 - Administrator - Enabled) => C:\Users\P ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 3DMark (HKLM-x32\...\{7330098c-3669-4f39-9e82-4221d489db39}) (Version: 1.4.828.0 - Futuremark) 3DMark (Version: 1.4.828.0 - Futuremark) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated) Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated) Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Skybox Labs) Anomaly 2 (HKLM\...\Steam App 236730) (Version: - 11 bit studios) Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: - ) Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version: - Ubisoft Montreal) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battleborn (HKLM\...\Steam App 394230) (Version: - Gearbox Software) Blackguards 2 (HKLM\...\Steam App 314830) (Version: - Daedalic Entertainment) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Borderlands: The Pre-Sequel (HKLM\...\Steam App 261640) (Version: - 2K Australia) CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform) Chronicle: RuneScape Legends (HKLM\...\Steam App 205890) (Version: - Jagex) Clicker Heroes (HKLM\...\Steam App 363970) (Version: - Playsaurus) Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment) Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse) Dropbox (HKLM-x32\...\Dropbox) (Version: 10.4.26 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.41.1 - Dropbox, Inc.) Hidden Endless Legend (HKLM\...\Steam App 289130) (Version: - AMPLITUDE Studios) Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.80.0000 - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{4B22C430-7EA8-4534-8358-376FD900B953}) (Version: 3.10.0042 - Seiko Epson Corporation) Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.53.00 - SEIKO EPSON CORPORATION) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON WF-2630 Series Printer Uninstall (HKLM\...\EPSON WF-2630 Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation) Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version: - Ubisoft) FL Studio 9 (HKLM-x32\...\FL Studio 9) (Version: - Image-Line) FLY'N (HKLM-x32\...\Steam App 223730) (Version: - Ankama) FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games) Futuremark SystemInfo (HKLM-x32\...\{03856D3F-DDDC-4C9A-9202-36529D21D94C}) (Version: 4.32.483.0 - Futuremark) Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Hardcore (HKLM-x32\...\Hardcore) (Version: - Image-Line) Hell Yeah! (HKLM-x32\...\Steam App 205230) (Version: - Arkedo) HP Officejet Pro 6830 - Grundlegende Software für das Gerät (HKLM\...\{5DC2B010-E138-4A57-A5C4-D7C702FFFA44}) (Version: 33.1.73.49987 - Hewlett-Packard Co.) HP Officejet Pro 6830 Hilfe (HKLM-x32\...\{5EB6AD89-997E-4F65-BA3F-0D072BE1CB4F}) (Version: 34.0.0 - Hewlett Packard) HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.0.30.219 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) Infinite HDâ„¢ App (HKU\S-1-5-21-3194827597-3522743568-749026121-1000\...\Octoshape Streaming Services) (Version: - Octoshape ApS) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Network Connections 18.8.136.0 (HKLM\...\PROSetDX) (Version: 18.8.136.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation) iTunes (HKLM\...\{58D7E5F7-BAD1-49C5-93C8-B655736EDA00}) (Version: 12.4.0.119 - Apple Inc.) Killing Floor 2 (HKLM\...\Steam App 232090) (Version: - Tripwire Interactive) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden League-Bildschirmschoner (HKLM-x32\...\LolScreenSaver) (Version: W0.1.19-0.11.13-beta - Riot Games) LibreOffice 4.3.6.2 (HKLM-x32\...\{9F410B70-8A45-4F28-985E-F9731219BCBC}) (Version: 4.3.6.2 - The Document Foundation) Life Is Strangeâ„¢ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment) Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.) Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3194827597-3522743568-749026121-1000\...\OneDriveSetup.exe) (Version: 17.3.5907.0716 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Middle-earth: Shadow of Mordor (HKLM\...\Steam App 241930) (Version: - Monolith Productions, Inc.) Mount & Blade: With Fire and Sword (HKLM\...\Steam App 48720) (Version: - TaleWorlds Entertainment) Mozilla Firefox 47.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 de)) (Version: 47.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla) Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: - Native Instruments) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team) NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation) NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation) NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Opera Stable 40.0.2308.62 (HKLM-x32\...\Opera 40.0.2308.62) (Version: 40.0.2308.62 - Opera Software) Orcs Must Die! 2 (HKLM\...\Steam App 201790) (Version: - Robot Entertainment) PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.26.25466 - pdfforge GmbH) PDF Architect 4 Create Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden PDF Architect 4 Edit Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden PDF Architect 4 View Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.1 - pdfforge) Pixel Piracy (HKLM\...\Steam App 264140) (Version: - Quadro Delta) PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Daybreak Games) PoiZone (HKLM-x32\...\PoiZone) (Version: - Image-Line) PowerISO (HKLM-x32\...\PowerISO) (Version: - ) Prison Architect (HKLM\...\Steam App 233450) (Version: - Introversion Software) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.09 - Razer Inc.) Razer Surround SDK (HKLM-x32\...\Razer Surround SDK) (Version: 1.02.04 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.) RIFT (HKLM-x32\...\Glyph RIFT) (Version: - Trion Worlds, Inc.) Rome: Total War (HKLM-x32\...\Steam App 4760) (Version: - The Creative Assembly) Sanctum 2 (HKLM\...\Steam App 210770) (Version: - Coffee Stain Studios) Sawer (HKLM-x32\...\Sawer) (Version: - Image-Line) SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden Sid Meier's Civilization IV (HKLM-x32\...\Steam App 3900) (Version: - Firaxis Games) Sid Meier's Civilization IV: Beyond the Sword (HKLM-x32\...\Steam App 8800) (Version: - Firaxis Games) Sid Meier's Civilization IV: Colonization (HKLM-x32\...\Steam App 16810) (Version: - Firaxis Games) Sid Meier's Civilization IV: Warlords (HKLM-x32\...\Steam App 3990) (Version: - Firaxis Games) Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Skypeâ„¢ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.) Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION) Spotify (HKU\S-1-5-21-3194827597-3522743568-749026121-1000\...\Spotify) (Version: 1.0.38.171.g5e1cd7b2 - Spotify AB) StarBreak (HKLM\...\Steam App 420790) (Version: - Crunchy Games) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Studie zur Verbesserung von HP Officejet Pro 6830 (HKLM\...\{A9F6BE81-6915-4458-8D03-254C5F053C26}) (Version: 33.1.73.49987 - Hewlett-Packard Co.) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) The Incredible Adventures of Van Helsing (HKLM-x32\...\Steam App 215530) (Version: - NeocoreGames) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.0.0 - GOG.com) Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version: - The Creative Assembly) Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte) Tropico 4 (HKLM-x32\...\Steam App 57690) (Version: - Haemimont Games) Tropico 5 (HKLM-x32\...\Steam App 245620) (Version: - Haemimont Games) Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft) Vegas Pro 10.0 (HKLM-x32\...\{3C8CDDCF-D09A-11DF-8BB6-0013D3D69929}) (Version: 10.0.387 - Sony) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) WildStar (HKLM\...\Steam App 376570) (Version: - Carbine Studios) WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) Worms Pinball (HKLM-x32\...\Steam App 70660) (Version: - Team17 Digital Ltd) XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3194827597-3522743568-749026121-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {035F093E-78B1-490C-B687-CFA030C357DD} - System32\Tasks\Opera scheduled Autoupdate 1440073525 => E:\Program Files (x86)\Opera\launcher.exe [2016-09-21] (Opera Software) Task: {05E3E2BC-1DC7-47AD-A882-4E74257A8A49} - System32\Tasks\HPCustParticipation HP Officejet Pro 6830 => C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPCustPartic.exe [2014-07-18] (Hewlett-Packard Development Company, LP) Task: {0B08E186-7ED0-4B10-86D5-70CC6DBCF829} - System32\Tasks\GoogleUpdateTaskMachineUA1d15dcd4ac8eeb6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-13] (Google Inc.) Task: {191E88CE-9A78-4DFC-BAD6-DBFB9E226F3F} - System32\Tasks\EPSON WF-2630 Series Update {E80C506A-CF9F-464F-88B1-C4075CD321C2} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMDE.EXE [2013-11-22] (SEIKO EPSON CORPORATION) Task: {1D7B03AF-C314-4FB4-887C-A10E35E275EA} - System32\Tasks\HPCustPartic.exe_{1C75B4AA-EC6C-4228-ADCF-805BC9365CC6} => C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPCustPartic.exe [2014-07-18] (Hewlett-Packard Development Company, LP) Task: {1FAABD7A-1FB9-4C3E-A43E-E0A275FFB1E1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-19] (Dropbox, Inc.) Task: {2358FBD9-2E97-4388-A09A-9567A0A944D2} - System32\Tasks\GoogleUpdateTaskMachineCore1d12f35df294a4c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-13] (Google Inc.) Task: {257C1B09-35D0-4F2B-A26E-934B7936C557} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-19] (Dropbox, Inc.) Task: {28546712-5E15-4BAD-81D7-7F5E8CA4C922} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {43A46891-70B8-48AF-97D3-EAE282560E2C} - System32\Tasks\AdobeAAMUpdater-1.0-P-PC-P => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated) Task: {556180A6-3E3C-482F-A146-80212EDBD512} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company) Task: {5957D102-920F-40C1-AFF3-A1381CC9A3F5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company) Task: {68B881B8-EDF4-4A57-BA71-341077685BBF} - System32\Tasks\GoogleUpdateTaskMachineCore1d0ffab4d274385 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-13] (Google Inc.) Task: {6CFA6342-8BCB-4C6D-852D-4E325DAF6732} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-13] (Google Inc.) Task: {710307CE-94E3-4CC8-B742-B14BB6EB542A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-15] (Adobe Systems Incorporated) Task: {8104DCD8-46B1-43F1-946C-5B04829B9384} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf3bc51f8753 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-13] (Google Inc.) Task: {A0CAC15A-1C48-4556-91EA-4FAEE8ACF3A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-13] (Google Inc.) Task: {D599073C-36AC-4E6A-A406-0AE632E8FE10} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.) Task: {E5706BCA-1057-4B4E-ABAC-D47591BDBDFC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-15] (Adobe Systems Incorporated) Task: {F2E564F3-B9C6-4F16-B43F-9BEDC67D1D28} - System32\Tasks\GoogleUpdateTaskMachineCore1d08ee84389790 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-13] (Google Inc.) Task: {FD477E09-66F8-4971-8FCB-EA4AEB1A2605} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\EPSON WF-2630 Series Update {E80C506A-CF9F-464F-88B1-C4075CD321C2}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSMDE.EXE:/EXE:{E80C506A-CF9F-464F-88B1-C4075CD321C2} /F:Update SYSTEMÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08ee84389790.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf3bc51f8753.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0ffab4d274385.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12f35df294a4c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15dcd4ac8eeb6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 9\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk/ ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-02-19 13:53 - 2015-02-05 21:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-03-30 20:25 - 2016-03-30 20:25 - 00707072 _____ () C:\Riot Games\LolScreenSaver\service\service.exe 2015-02-11 17:36 - 2016-05-28 16:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2014-10-14 20:51 - 2014-10-14 20:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2014-10-14 20:51 - 2014-10-14 20:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2015-04-08 21:53 - 2015-04-08 21:53 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2016-05-19 17:20 - 2016-08-24 06:43 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2016-09-29 23:07 - 2016-08-24 06:43 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2016-09-29 23:07 - 2016-08-24 06:43 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2016-09-29 23:07 - 2016-08-24 06:43 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2016-05-19 17:20 - 2016-08-24 06:43 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2016-05-19 17:20 - 2016-08-24 06:43 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2016-05-19 17:20 - 2016-09-20 03:15 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2016-05-19 17:20 - 2016-08-24 06:43 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2016-09-29 23:07 - 2016-09-20 03:15 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-05-19 17:20 - 2016-08-24 06:43 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2016-09-29 23:07 - 2016-09-20 03:15 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2016-09-29 23:07 - 2016-09-20 03:15 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2016-05-19 17:20 - 2016-08-24 06:45 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2016-08-07 17:25 - 2016-09-20 03:15 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2016-09-29 23:07 - 2016-09-20 03:15 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2016-09-29 23:07 - 2016-09-20 03:15 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2016-09-29 23:07 - 2016-08-24 06:43 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2016-09-29 23:07 - 2016-08-24 06:45 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2016-05-19 17:20 - 2016-08-24 06:45 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2016-05-19 17:20 - 2016-08-24 06:45 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2016-05-19 17:20 - 2016-09-20 03:15 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2016-05-19 17:20 - 2016-08-24 06:45 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-08-07 17:25 - 2016-09-20 03:15 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2016-05-19 17:20 - 2016-08-24 06:45 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2016-05-19 17:20 - 2016-08-24 06:45 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2016-05-19 17:20 - 2016-08-24 06:45 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2016-05-19 17:20 - 2016-08-24 06:45 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2016-05-19 17:20 - 2016-08-24 06:45 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-05-19 17:20 - 2016-08-24 06:45 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2016-05-19 17:20 - 2016-08-24 06:45 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2016-09-29 23:07 - 2016-09-20 03:15 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2016-09-29 23:07 - 2016-09-20 03:15 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-05-19 17:20 - 2016-08-24 06:45 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2016-05-19 17:20 - 2016-08-24 06:43 - 00144848 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd 2016-08-07 17:25 - 2016-08-24 06:44 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd 2016-05-19 17:20 - 2016-09-20 03:15 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2016-05-19 17:20 - 2016-09-20 03:15 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-05-19 17:20 - 2016-09-20 03:15 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd 2016-05-19 17:20 - 2016-09-20 03:15 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd 2016-09-29 23:07 - 2016-09-20 03:15 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2016-05-19 17:20 - 2016-08-24 06:45 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2016-05-19 17:20 - 2016-09-20 03:15 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2016-09-29 23:07 - 2016-09-20 03:15 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2016-09-29 23:07 - 2016-08-24 06:41 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2016-09-29 23:07 - 2016-09-20 03:15 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2016-09-29 23:07 - 2016-09-20 03:15 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2016-05-19 17:20 - 2016-08-24 06:43 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2016-09-29 23:07 - 2016-09-20 03:15 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2016-09-29 23:07 - 2016-09-20 03:15 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2016-09-29 23:07 - 2016-09-20 03:15 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2016-09-29 23:07 - 2016-09-20 03:15 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2016-09-29 23:07 - 2016-09-20 03:15 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2016-09-29 23:07 - 2016-09-20 03:15 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-08-07 17:25 - 2016-09-20 03:15 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd 2016-05-19 17:20 - 2016-08-24 06:45 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2016-08-07 17:25 - 2016-09-20 03:15 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2015-03-23 18:58 - 2016-09-30 11:02 - 51272816 _____ () C:\Users\P\AppData\Roaming\Spotify\libcef.dll 2015-03-23 18:58 - 2016-09-30 11:02 - 01765488 _____ () C:\Users\P\AppData\Roaming\Spotify\libglesv2.dll 2015-03-23 18:58 - 2016-09-30 11:02 - 00088176 _____ () C:\Users\P\AppData\Roaming\Spotify\libegl.dll 2016-04-05 17:57 - 2016-04-05 17:57 - 00393608 _____ () C:\Users\P\AppData\Roaming\Curse Client\Bin\opus.dll 2016-06-24 01:03 - 2016-09-30 11:02 - 00534408 _____ () C:\Users\P\AppData\Roaming\Curse Client\Bin\Curse.Presto.Interface.dll 2016-05-02 23:26 - 2016-05-02 23:26 - 01690504 _____ () C:\Users\P\AppData\Roaming\Curse Client\Bin\Electron\libglesv2.dll 2016-05-02 23:26 - 2016-05-02 23:26 - 00018312 _____ () C:\Users\P\AppData\Roaming\Curse Client\Bin\Electron\libegl.dll 2015-02-08 19:33 - 2013-09-16 13:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-01-29 07:45 - 2015-01-29 07:45 - 01040160 _____ () E:\Program Files (x86)\LibreOffice 4\program\libxml2.dll 2015-01-29 07:45 - 2015-01-29 07:45 - 00357152 _____ () E:\Program Files (x86)\LibreOffice 4\program\glew32.dll 2015-01-29 07:45 - 2015-01-29 07:45 - 00182560 _____ () E:\Program Files (x86)\LibreOffice 4\program\libxslt.dll 2015-01-29 07:46 - 2015-01-29 07:46 - 00100640 _____ () E:\Program Files (x86)\LibreOffice 4\program\python3.dll 2015-01-28 15:54 - 2015-01-28 15:54 - 00049664 _____ () E:\Program Files (x86)\LibreOffice 4\program\python-core-3.3.3\lib\_socket.pyd ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) HKLM\...\regfile\shell\open\command: "regedit.exe" "%1" <===== ACHTUNG ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3194827597-3522743568-749026121-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.0.1 - 192.168.0.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{45DC6735-4982-4DCA-A685-CE3BACB1650B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{04DC4F7F-D98B-4458-8EA4-1061DE1F10C5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6D48E517-A49F-49E3-93D1-D546EC4E2830}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe FirewallRules: [{5032C1DC-140B-4185-8434-C0969E64F0E6}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe FirewallRules: [{82D258AE-DF6A-4E9D-BF63-DB9A452D2ECE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{A773A0C6-1AC6-47CE-A3B7-8A9CE6719C93}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{310AF70F-C5F5-4823-8F51-6CF074B14521}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{89E53898-FC67-4D96-9BD9-2AD911EEF41E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{F9062BE8-7CAB-46F5-BAE9-E16E7CE47D17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{6F3404C1-3209-4F6C-9729-7B44945CD6FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{2F156200-9B3F-4D29-8015-59B8B3A46264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3SP.exe FirewallRules: [{7810A3FD-9937-4E45-A9E3-C5D7E30A16AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3SP.exe FirewallRules: [{AB900F18-A6B5-4952-B356-E3BF139EAEA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3MP.exe FirewallRules: [{F427F7CC-5B25-4EA9-8ADD-3FD1BF105766}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3MP.exe FirewallRules: [{D4C84ED1-7802-4CC1-A852-ABCE0713604A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{F5B51574-C4B2-4F54-A0E3-0713E6662E2E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{3E8ED1EC-61B7-4FE9-90C0-F6282AD13D77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{3F9D1F0F-767A-4E59-BB9B-860B428D8207}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{CF8495D0-A96B-418E-B20B-66EF04C71CA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{EA09A629-3D81-4739-9645-9C6694A7AA49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8F43202E-3E03-40E5-BC86-7F1AD57D9394}] => (Allow) E:\Steam Spiele D\steamapps\common\The Incredible Adventures of Van Helsing\VanHelsing.exe FirewallRules: [{3CA144AA-7318-4983-9628-873C2FB8A62C}] => (Allow) E:\Steam Spiele D\steamapps\common\The Incredible Adventures of Van Helsing\VanHelsing.exe FirewallRules: [{4FAC19D7-0DE2-4E31-A8DC-90E788E8B54C}] => (Allow) E:\Steam Spiele D\steamapps\common\FLYN\Source\Flyn.exe FirewallRules: [{D5EDE7A2-0BCC-43F9-AA15-3EE7DDEA0EE6}] => (Allow) E:\Steam Spiele D\steamapps\common\FLYN\Source\Flyn.exe FirewallRules: [{D6DA4156-8127-4BEC-8539-B4AB1EA95765}] => (Allow) E:\Steam Spiele D\steamapps\common\Hell Yeah\HELLYEAH.exe FirewallRules: [{4588B570-2DB0-4D33-BDEA-97634DAD1B8F}] => (Allow) E:\Steam Spiele D\steamapps\common\Hell Yeah\HELLYEAH.exe FirewallRules: [{D957ECE1-D96F-4D81-8289-526B9CE61A2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [{70183D39-3279-4B55-9926-80636D1C0F72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [{3DEBE2E6-8788-4962-B202-CF2502CB0A10}] => (Allow) E:\Steam Spiele D\steamapps\common\Tropico 5\Tropico5Steam.exe FirewallRules: [{BB2ECC7B-A4C8-42C1-9410-C1BB4AEB53F1}] => (Allow) E:\Steam Spiele D\steamapps\common\Tropico 5\Tropico5Steam.exe FirewallRules: [{73FF5FD7-1F13-48D2-BBF7-2AAD2CA94A10}] => (Allow) E:\Steam Spiele D\steamapps\common\Tropico 4\Tropico4.exe FirewallRules: [{B2CBF9E2-C0FB-4E25-8629-F21B7F28BDAA}] => (Allow) E:\Steam Spiele D\steamapps\common\Tropico 4\Tropico4.exe FirewallRules: [TCP Query User{7D33399F-CD86-48CE-B38C-21BF89DE937C}C:\users\p\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\p\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{D191294C-EC83-4045-9E0B-598FC8AC95FB}C:\users\p\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\p\appdata\roaming\spotify\spotify.exe FirewallRules: [{6CBAD8D7-8337-4E81-8D42-4EC76D465387}] => (Allow) C:\Users\P\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{598B96D1-6B45-4E4F-94A3-493E0638DBA1}] => (Allow) E:\Steam Spiele D\steamapps\common\Rome Total War Gold\RomeTW.exe FirewallRules: [{ADBA824D-9BDB-4AD9-AE08-5F8CD43026C8}] => (Allow) E:\Steam Spiele D\steamapps\common\Rome Total War Gold\RomeTW.exe FirewallRules: [{FF6CEDF5-1052-4E77-A72F-426C39E33944}] => (Allow) E:\Steam Spiele D\steamapps\common\Rome Total War Gold\RomeTW-BI.exe FirewallRules: [{496CF932-ED77-4CB7-9555-F20658132EAF}] => (Allow) E:\Steam Spiele D\steamapps\common\Rome Total War Gold\RomeTW-BI.exe FirewallRules: [TCP Query User{A32EC362-8B96-4787-A4CA-997645BDFAB5}C:\users\p\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\p\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{19447944-270F-4EC0-BDA7-852DE3BA0B0C}C:\users\p\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\p\appdata\roaming\spotify\spotify.exe FirewallRules: [{709B2752-7EEF-4408-9970-B03FC827B04C}] => (Allow) E:\Steam Spiele D\steamapps\common\Superfrog\Superfrog.exe FirewallRules: [{18CAFDDD-776F-4F3D-B5A0-051190498360}] => (Allow) E:\Steam Spiele D\steamapps\common\Superfrog\Superfrog.exe FirewallRules: [{3D1523DD-F258-4A2D-B73D-9CD259E39992}] => (Allow) E:\Steam Spiele D\steamapps\common\Deadlight\Binaries\Win32\LOTDGame.exe FirewallRules: [{B53C706D-20BD-4723-A96D-B08D503E9AF0}] => (Allow) E:\Steam Spiele D\steamapps\common\Deadlight\Binaries\Win32\LOTDGame.exe FirewallRules: [{3967207C-F086-4699-91D4-4C75B8003BA7}] => (Allow) E:\Steam Spiele D\steamapps\common\FTL Faster Than Light\FTLGame.exe FirewallRules: [{CC3A4432-3047-4893-99AD-AA31DA87A097}] => (Allow) E:\Steam Spiele D\steamapps\common\FTL Faster Than Light\FTLGame.exe FirewallRules: [{382FFAC5-95DE-4C20-BB93-567A46E0E7FE}] => (Allow) E:\Steam Spiele D\steamapps\common\Half-Life\hl.exe FirewallRules: [{076F3533-1028-4E39-BE59-9019AA52ECB4}] => (Allow) E:\Steam Spiele D\steamapps\common\Half-Life\hl.exe FirewallRules: [{D8E3B87E-0962-42EC-97B9-00E2CD5D17A2}] => (Allow) E:\Program Files (x86)\Phone\Skype.exe FirewallRules: [{AB5E87C1-18EB-4F13-A70C-C02858919A8B}] => (Allow) E:\Steam Spiele D\steamapps\common\PlanetSide 2\LaunchPad.exe FirewallRules: [{A706AAFE-45F7-4AA8-94AE-EC7D8DBF36C4}] => (Allow) E:\Steam Spiele D\steamapps\common\PlanetSide 2\LaunchPad.exe FirewallRules: [{5FD11876-333F-46A4-826F-F6398CA53399}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{2A4B6873-B39B-4966-B88A-95814F1833AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8D95319F-AC91-4DD4-BCEC-43F9634ED3CE}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe FirewallRules: [{A1C5F55B-9008-4D10-B9A9-DAAA5F7CC68E}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe FirewallRules: [{4E2EC727-A350-45BF-9360-5324A97569CA}] => (Allow) E:\Steam Spiele D\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{37673F53-164E-44BB-8901-DFC58FD93A30}] => (Allow) E:\Steam Spiele D\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{01EA8C63-0602-44E5-8E1E-37675FFFA494}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\FaxApplications.exe FirewallRules: [{83434EF9-1711-48F1-9179-C4E495CBEC8C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\DigitalWizards.exe FirewallRules: [{807DC218-4E93-4252-972A-7DA9E34AB5BC}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\SendAFax.exe FirewallRules: [{78952BF1-5AF9-4974-956E-0F58D3147765}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\DeviceSetup.exe FirewallRules: [{E3BEF425-F4FC-4A56-B741-5A8C17CE4847}] => (Allow) LPort=5357 FirewallRules: [{C75FA8D0-10FB-420F-B9B9-5EC23B86FD9F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{7DB2D5E2-78E1-4E95-A8D5-83F94E46CF52}] => (Allow) E:\Steam Spiele D\steamapps\common\Sid Meier's Civilization IV\Civilization4.exe FirewallRules: [{DF66A398-A1DE-4E8F-A555-C91AF4C8B809}] => (Allow) E:\Steam Spiele D\steamapps\common\Sid Meier's Civilization IV\Civilization4.exe FirewallRules: [{214D92DF-3F67-48D8-ABDF-880434566552}] => (Allow) E:\Steam Spiele D\steamapps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{6F58D8BA-B17C-402B-A77C-E7D3A0883DA8}] => (Allow) E:\Steam Spiele D\steamapps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{2176482D-299F-430E-8345-B0AEF873F2F1}] => (Allow) E:\Steam Spiele D\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords.exe FirewallRules: [{4855E166-5692-45E7-AF2D-C6139FF5580D}] => (Allow) E:\Steam Spiele D\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords.exe FirewallRules: [{95B939C9-97BC-494C-94AA-1654ED0B8870}] => (Allow) E:\Steam Spiele D\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords_PitBoss.exe FirewallRules: [{1BFC3B12-5EE4-4BA2-91EC-8C20A8D2F520}] => (Allow) E:\Steam Spiele D\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords_PitBoss.exe FirewallRules: [{02D01FDD-4877-4B53-8321-8DA1DEE0959D}] => (Allow) E:\Steam Spiele D\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\Beyond the Sword\Civ4BeyondSword.exe FirewallRules: [{1E1E4F31-DF70-4853-8486-984C65EB90BE}] => (Allow) E:\Steam Spiele D\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\Beyond the Sword\Civ4BeyondSword.exe FirewallRules: [{57E8C317-DB0A-4705-BAA7-0CF9033ABA44}] => (Allow) E:\Steam Spiele D\steamapps\common\Civilization IV Colonization\Colonization.exe FirewallRules: [{87825392-031A-411A-B011-E682ADBBD7DE}] => (Allow) E:\Steam Spiele D\steamapps\common\Civilization IV Colonization\Colonization.exe FirewallRules: [{E6580687-FAF2-4041-B2DC-788F1E95C133}] => (Allow) E:\Steam Spiele D\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe FirewallRules: [{618002E2-8DE8-4CA2-A6D6-E7FDAC8352C6}] => (Allow) E:\Steam Spiele D\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe FirewallRules: [{C1C0C7C7-4E8D-4C84-817A-58F061E4F5A2}] => (Allow) E:\Steam Spiele D\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{E752B1BC-18A6-42A0-8EC9-2FC896924FFB}] => (Allow) E:\Steam Spiele D\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{7DCCBF43-F7A8-4348-A54E-DB4BE001206D}] => (Allow) E:\Steam Spiele D\steamapps\common\Trine 2\trine2_launcher.exe FirewallRules: [{665E0524-CFD7-4702-B470-05212F42914A}] => (Allow) E:\Steam Spiele D\steamapps\common\Trine 2\trine2_launcher.exe FirewallRules: [{208548A9-143E-48E2-94A1-E70C094A4650}] => (Allow) E:\Steam Spiele D\steamapps\common\Worms Pinball\mmlauncher.exe FirewallRules: [{2BAB2FCC-BACA-45AE-8A6C-17CF41A6B83E}] => (Allow) E:\Steam Spiele D\steamapps\common\Worms Pinball\mmlauncher.exe FirewallRules: [{489CC3EA-6C14-4D25-9F89-580604C0C64B}] => (Allow) E:\Steam Spiele D\steamapps\common\Pixel Piracy\PixelPiracy.exe FirewallRules: [{DFCAA468-6372-49E7-B157-C8B9D7C8A773}] => (Allow) E:\Steam Spiele D\steamapps\common\Pixel Piracy\PixelPiracy.exe FirewallRules: [{AACD5640-027E-4357-8B08-DC619FB8CD41}] => (Allow) E:\Steam Spiele D\steamapps\common\Anomaly 2\Anomaly 2.exe FirewallRules: [{3A0AE9C5-8790-489A-ABB7-F28F60301CE8}] => (Allow) E:\Steam Spiele D\steamapps\common\Anomaly 2\Anomaly 2.exe FirewallRules: [{EA22003A-1530-4F2A-87AB-AE8EC611285B}] => (Allow) E:\Steam Spiele D\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe FirewallRules: [{A826C11B-4808-4D42-BD41-BE34E6DCD7D4}] => (Allow) E:\Steam Spiele D\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe FirewallRules: [{ACDE6644-D94C-41BF-89F6-E3DCE641960A}] => (Allow) E:\Steam Spiele D\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{7E0893EF-163B-4451-9822-EE278B727422}] => (Allow) E:\Steam Spiele D\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [TCP Query User{42EEBE94-7B5E-4C85-87BF-58F49AAA2D9D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{1CD532D2-E8FC-45C9-867C-21FCF954929F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{A39BF607-330F-4B02-B917-B56049A1724E}C:\users\p\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Block) C:\users\p\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe FirewallRules: [UDP Query User{6D8F5D5A-51B8-4924-AD39-7DEA1360485E}C:\users\p\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Block) C:\users\p\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe FirewallRules: [{94748669-435B-4707-8923-73C2498D00E4}] => (Allow) E:\Steam Spiele D\steamapps\common\Clicker Heroes\Clicker Heroes.exe FirewallRules: [{4651FB53-2217-42B8-AE5C-2DB4863B9542}] => (Allow) E:\Steam Spiele D\steamapps\common\Clicker Heroes\Clicker Heroes.exe FirewallRules: [{C92B6790-6693-4F5C-8DC4-0CA69767C0C4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{D1A82D41-2E0D-40C6-9D7E-74C0DE5E635A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{4FDA70F6-E3FE-4B80-8B48-CA5084BF60E8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{F37C9E05-68BD-4B16-97EC-43820D5BF516}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{A3B792EF-821A-444F-80AA-35435A1622E3}] => (Allow) E:\Program Files\iTunes\iTunes.exe FirewallRules: [{A9C74FBF-3440-48C6-AA7A-E30016DBEF68}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{1DC467CF-C0CE-4591-8CEE-1249CA19599C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{CA9AA387-12A6-41E7-BFA1-4B18DB162339}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{41099780-6023-4D1A-ADA0-8641DA7D6578}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{37918BBA-4916-4723-BB1B-B49C60FFFFDD}E:\neuer ordner (3)\far cry 3\bin\farcry3.exe] => (Allow) E:\neuer ordner (3)\far cry 3\bin\farcry3.exe FirewallRules: [UDP Query User{BFCB99C2-8C5B-4444-A798-76A8AC47D111}E:\neuer ordner (3)\far cry 3\bin\farcry3.exe] => (Allow) E:\neuer ordner (3)\far cry 3\bin\farcry3.exe FirewallRules: [TCP Query User{E507FDB6-117A-44D0-8371-4D4BED227DB0}E:\neuer ordner (3)\far cry 3\bin\farcry3_d3d11.exe] => (Allow) E:\neuer ordner (3)\far cry 3\bin\farcry3_d3d11.exe FirewallRules: [UDP Query User{149786EE-949C-45D1-911A-369AB768AE8B}E:\neuer ordner (3)\far cry 3\bin\farcry3_d3d11.exe] => (Allow) E:\neuer ordner (3)\far cry 3\bin\farcry3_d3d11.exe FirewallRules: [{8644D35C-5561-4C39-A77C-2E0FD62AB000}] => (Allow) E:\Steam Spiele D\steamapps\common\StarBreak\mvmmoclient.exe FirewallRules: [{45B57B1A-093C-45C3-BCD2-8F1978B0BE04}] => (Allow) E:\Steam Spiele D\steamapps\common\StarBreak\mvmmoclient.exe FirewallRules: [{7A402660-0D59-445B-A18F-4E0E393DB279}] => (Allow) E:\Steam Spiele D\steamapps\common\WildStar\Steam_WildStar.exe FirewallRules: [{A44629EB-2BFC-47DA-A4C6-91BB3A71F659}] => (Allow) E:\Steam Spiele D\steamapps\common\WildStar\Steam_WildStar.exe FirewallRules: [{AFCE8DE4-9E14-4131-917B-7ADD4F7D2110}] => (Allow) E:\Steam Spiele D\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe FirewallRules: [{5CA58CC4-C0C4-404E-9C0D-074926FBE311}] => (Allow) E:\Steam Spiele D\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe FirewallRules: [{EFFFD6F5-4509-4871-994C-B3A174330CCB}] => (Allow) E:\Steam Spiele D\steamapps\common\Blackguards 2\Blackguards 2.exe FirewallRules: [{16BB89A3-1337-4741-92CA-578B138382F8}] => (Allow) E:\Steam Spiele D\steamapps\common\Blackguards 2\Blackguards 2.exe FirewallRules: [{15F7585F-2B32-4F62-98EC-25C2A09D7749}] => (Allow) E:\Steam Spiele D\steamapps\common\Age2HD\Launcher.exe FirewallRules: [{9E8C792A-A8B7-4AB2-B82B-492F86A2944A}] => (Allow) E:\Steam Spiele D\steamapps\common\Age2HD\Launcher.exe FirewallRules: [{29DF487E-8BBB-4799-A8AF-8C8FEAECC020}] => (Allow) E:\Steam Spiele D\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{2169882A-F0B9-40BF-9DCF-8E0ABFA33D63}] => (Allow) E:\Steam Spiele D\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{A9207623-1A29-419F-82EB-C0D50936C978}] => (Allow) E:\Steam Spiele D\steamapps\common\Mount & Blade With Fire and Sword\mb_wfas.exe FirewallRules: [{21536918-6ECB-431B-9C98-185765389B6F}] => (Allow) E:\Steam Spiele D\steamapps\common\Mount & Blade With Fire and Sword\mb_wfas.exe FirewallRules: [{C8060D67-C016-4456-9CC9-A516EA00D1E3}] => (Allow) E:\Steam Spiele D\steamapps\common\Prison Architect\Prison Architect.exe FirewallRules: [{6BABB10C-2E1E-481E-9D3A-90E28869C4B9}] => (Allow) E:\Steam Spiele D\steamapps\common\Prison Architect\Prison Architect.exe FirewallRules: [{FB5255E2-B0FC-4ACD-991D-0E3A23BBAF98}] => (Allow) E:\Steam Spiele D\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe FirewallRules: [{63BFCD02-3ECF-4E27-ACA0-BC2A12A41373}] => (Allow) E:\Steam Spiele D\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe FirewallRules: [{13525DA5-DA5A-4F4F-8BB0-4B377628AE5C}] => (Allow) E:\Steam Spiele D\steamapps\common\Endless Legend\EndlessLegend.exe FirewallRules: [{2F56785A-507C-483F-A498-82D5128A76E2}] => (Allow) E:\Steam Spiele D\steamapps\common\Endless Legend\EndlessLegend.exe FirewallRules: [{FFFC5AE7-9521-4793-B718-73C77B7201CD}] => (Allow) E:\Steam Spiele D\steamapps\common\Chronicle\Chronicle.exe FirewallRules: [{AB17467C-5B42-4AA0-9C9F-014E53101E1A}] => (Allow) E:\Steam Spiele D\steamapps\common\Chronicle\Chronicle.exe FirewallRules: [{7919854C-896C-4DF6-BCE7-E034BD9B899C}] => (Allow) E:\Steam Spiele D\steamapps\common\Battleborn\Binaries\Win64\Battleborn.exe FirewallRules: [{F0D2F41A-61BA-4C4C-8B7C-1129956C1192}] => (Allow) E:\Steam Spiele D\steamapps\common\Battleborn\Binaries\Win64\Battleborn.exe FirewallRules: [{ADA7B962-AE07-4851-9825-05C473C9B3FC}] => (Allow) E:\Steam Spiele D\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe FirewallRules: [{10287D96-23B0-44F9-A536-4135A1B09BF4}] => (Allow) E:\Steam Spiele D\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe FirewallRules: [TCP Query User{3EA28498-71F7-415A-A3D7-8F4354464C6B}E:\steam spiele d\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) E:\steam spiele d\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe FirewallRules: [UDP Query User{2C979138-103E-45BD-9EF0-96E7BD2E79DF}E:\steam spiele d\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) E:\steam spiele d\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe FirewallRules: [{AB60CE89-00AA-4588-B497-7090B6E37C7B}] => (Allow) E:\Steam Spiele D\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe FirewallRules: [{58611883-304F-4F24-9157-43E4F6E7DDBD}] => (Allow) E:\Steam Spiele D\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe FirewallRules: [TCP Query User{B6A1DD3D-221C-46FA-93E2-BB7BC71EA1FC}E:\steam spiele d\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steam spiele d\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe FirewallRules: [UDP Query User{9EDD260E-EB51-4D74-A729-B3FBF60C6FE0}E:\steam spiele d\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\steam spiele d\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe FirewallRules: [{1404B23B-F6A5-49B6-AB44-509BF93C4F78}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{5454B12A-DEC3-4393-896B-46AC50BE9B20}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Wiederherstellungspunkte ========================= ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (08/20/2016 06:43:48 PM) (Source: MsiInstaller) (EventID: 11316) (User: P-PC) Description: Produkt: NVIDIA PhysX -- Fehler 1316. Beim Lesen der Datei E:\Steam Spiele D\steamapps\common\Life Is Strange\_CommonRedist\PhysX\9.14.0702\PhysX_9.14.0702_SystemSoftware.msi ist ein Netzwerkfehler aufgetreten Error: (08/13/2016 03:50:52 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Ãœberprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 2a44 Startzeit: 01d1f50519be3c9b Endzeit: 2 Anwendungspfad: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe Berichts-ID: 5c61350f-60f8-11e6-bf89-94de80b618bb Error: (07/30/2016 12:36:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac Name des fehlerhaften Moduls: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac Ausnahmecode: 0xc0000005 Fehleroffset: 0x000b8554 ID des fehlerhaften Prozesses: 0x10d0 Startzeit der fehlerhaften Anwendung: 0x01d1ea4e29809aca Pfad der fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe Pfad des fehlerhaften Moduls: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe Berichtskennung: 682e5567-5641-11e6-884f-94de80b618bb Error: (07/28/2016 02:35:32 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm firefox.exe, Version 47.0.1.6018 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Ãœberprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 668 Startzeit: 01d1e8647e083bb4 Endzeit: 27 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Berichts-ID: 2f7dbd4f-545b-11e6-b745-94de80b618bb Error: (07/28/2016 02:35:32 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 47.0.1.6018, Zeitstempel: 0x576c9637 Name des fehlerhaften Moduls: mozglue.dll, Version: 47.0.1.6018, Zeitstempel: 0x576c85ba Ausnahmecode: 0x80000003 Fehleroffset: 0x0000f02b ID des fehlerhaften Prozesses: 0xa60 Startzeit der fehlerhaften Anwendung: 0x01d1e866881bfb4e Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll Berichtskennung: 30b0274b-545b-11e6-b745-94de80b618bb Error: (07/26/2016 03:12:21 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x5771d5df Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x5771d561 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000093c4 ID des fehlerhaften Prozesses: 0xf08 Startzeit der fehlerhaften Anwendung: 0x01d1e6dac09fbe7d Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll Berichtskennung: 004c4f35-52ce-11e6-ad7e-94de80b618bb Error: (07/25/2016 05:25:14 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x5771d5df Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x5771d561 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000093c4 ID des fehlerhaften Prozesses: 0x470 Startzeit der fehlerhaften Anwendung: 0x01d1e62423232eba Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll Berichtskennung: 666ddb52-5217-11e6-9a5d-94de80b618bb Error: (07/25/2016 05:24:56 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x5771d5df Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x5771d561 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000093c4 ID des fehlerhaften Prozesses: 0x1fe0 Startzeit der fehlerhaften Anwendung: 0x01d1e624170ad834 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll Berichtskennung: 5bb3452a-5217-11e6-9a5d-94de80b618bb Error: (07/10/2016 01:24:26 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: mb_wfas.exe, Version: 1.0.0.0, Zeitstempel: 0x4e1da256 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x7501c10f ID des fehlerhaften Prozesses: 0x17c4 Startzeit der fehlerhaften Anwendung: 0x01d1da37d2686311 Pfad der fehlerhaften Anwendung: E:\Steam Spiele D\steamapps\common\Mount & Blade With Fire and Sword\mb_wfas.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 4679dd68-462c-11e6-bab2-94de80b618bb Error: (07/07/2016 02:15:45 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm csgo.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Ãœberprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1820 Startzeit: 01d1d7d82fca2479 Endzeit: 295 Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe Berichts-ID: Systemfehler: ============= Error: (09/30/2016 01:50:07 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung empfangen: 40. Error: (09/30/2016 01:50:07 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung empfangen: 40. Error: (09/30/2016 01:34:36 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung empfangen: 40. Error: (09/30/2016 01:34:36 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung empfangen: 40. Error: (09/30/2016 01:17:45 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung empfangen: 40. Error: (09/30/2016 01:17:44 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung empfangen: 40. Error: (09/30/2016 12:58:42 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung empfangen: 40. Error: (09/30/2016 12:58:42 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung empfangen: 40. Error: (09/30/2016 12:22:49 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung empfangen: 40. Error: (09/30/2016 12:22:49 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung empfangen: 40. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz Prozentuale Nutzung des RAM: 59% Installierter physikalischer RAM: 8062.54 MB Verfügbarer physikalischer RAM: 3281.54 MB Summe virtueller Speicher: 16123.27 MB Verfügbarer virtueller Speicher: 11050.43 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:119.14 GB) (Free:5.72 GB) NTFS Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive e: () (Fixed) (Total:465.66 GB) (Free:36.49 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: DA14A539) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 000A9A96) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ Geändert von mikeyyy (30.09.2016 um 13:09 Uhr) |
30.09.2016, 12:54 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Spam durch Tastendruck Was bitte verstehst du unter G1 Taste und warum verschweigst du hier alle anderen relevanten Daten wie Betriebssystem und Eckdaten der Hardware???
__________________
__________________ |
30.09.2016, 13:14 | #3 | |
| Spam durch TastendruckZitat:
Hey, leider habe ich das im Tohuwabohu vergessen, sorry! Hab es jetzt noch nachträglich per Addition.txt eingefügt. Mit "G1-Taste" meine ich meine Taste auf der G910 Tastatur von Logitech, die mit "G1" gekennzeichnet ist. Diese G-Tasten (1-5 auf) liegen auf der linken Seite der Tastatur. |
30.09.2016, 13:20 | #4 | ||||
/// Winkelfunktion /// TB-Süch-Tiger™ | Spam durch TastendruckZitat:
Gewerblich genutztes System? Zitat:
Zitat:
Zitat:
Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Spam durch Tastendruck |
antwort, bestimmte, besuch, besucht, folge, folgender, hoffe, lan, leute, löschen, manuell, monate, namen, neun, nicht löschen, not, officejet, programmieren, robot, schonmal, seite, seiten, spam, spam durch taste, taste, tastendruck, textdatei, uplay, verzweifel, verzweifelt, virus |