Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 10: CMD Konsole öffnet sich von alleine mit BSOD

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 29.10.2016, 22:33   #1
Tedelmann
 
Windows 10: CMD Konsole öffnet sich von alleine mit BSOD - Standard

Windows 10: CMD Konsole öffnet sich von alleine mit BSOD



Hallo zusammen,

Ich habe folgendes Problem... seit einigen Tagen nun öffnet sich auf meinem Rechner willkürlich das CMD-Fenster für einen Bruchteil einer Sekunde und schließt sich wieder.
Außerdem bekomme ich in letzter Zeit immer häufiger Bluescreens die dann zum abstürzen des Computers führen. Dazu kommt noch, dass ich seit heute morgen die Windows Taste - sprich unten Links - nicht mehr anklicken kann sowie alles andere in der Taskleiste.
Ich befürchte dass ich mir irgendwo einen Virus o.ä. eingefangen habe.

PS: Habe schonmal Malwarebytes durchlaufen lassen. (siehe Anhang da sonst zu lang)

Addition:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-10-2016
durchgeführt von admin (29-10-2016 23:11:18)
Gestartet von C:\Users\admin\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-12 23:10:16)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

admin (S-1-5-21-2499327049-1345700090-1954953358-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-2499327049-1345700090-1954953358-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2499327049-1345700090-1954953358-503 - Limited - Disabled)
Gast (S-1-5-21-2499327049-1345700090-1954953358-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Active Directory Authentication Library für SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library für SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Benutzerhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Useg) (Version:  - )
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.7 - BlueJ Team)
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version:  - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation)
CASIO FA-124 (HKLM-x32\...\{FB47E710-6249-4EFA-BE36-E922B0612AF4}) (Version: 2.04.0000 - CASIO COMPUTER CO., LTD.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CrystalDiskInfo 6.6.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.6.1 - Crystal Dew World)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.2 - Bloodshed Software)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.2.0.5.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.2 Alpha - ETS2MP Team)
F1 2014 (HKLM-x32\...\Steam App 226580) (Version:  - Codemasters)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
FireStorm version V1.0.46.005 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.46.005 - )
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.5.323 - DVDVideoSoft Ltd.)
Free Video to Flash Converter version 5.0.55.113 (HKLM-x32\...\Free Video to Flash Converter_is1) (Version: 5.0.55.113 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.51.1215 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.51.1215 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.59 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
LibreOffice 5.1.4.2 (HKLM-x32\...\{D5D4AC5C-C757-4EB2-857C-B021DB22482C}) (Version: 5.1.4.2 - The Document Foundation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6129.5001 - Microsoft Corporation)
Microsoft PowerPoint Home and Student 2010 (HKLM-x32\...\Office14.POWERPOINTR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2016 Management Objects  (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{7F6DCED8-6A2B-4436-AF20-8F659D04E388}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Netzwerkhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Netg) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.1 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.7 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PlanetSide 2 (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7640 - Realtek Semiconductor Corp.)
Recordify 2016 (HKLM-x32\...\{E25B0FAA-66E5-4D2E-9B48-3B85B31543BF}_is1) (Version: 1.54 - Abelssoft)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Roslyn Language Services - x86 (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
Samsung Kies (x32 Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINTR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Spotify) (Version: 1.0.39.157.g674ae377 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25521 - Microsoft) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechSmith Screen Capture Codec (x32 Version: 3.1.0 - TechSmith Corporation) Hidden
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com)
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00EC848C-86C9-47BC-B85B-13FA387FDF59} - kein Dateipfad
Task: {031FE6EA-3811-413F-9C38-968399449312} - System32\Tasks\{E6D8422F-5911-48C8-A2CB-4839FC783C13} => C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
Task: {049E94B2-F0AB-43A3-A7E3-ABFDCFB2C1CE} - kein Dateipfad
Task: {04DB3C46-6919-4F66-945A-81B4A588BFE7} - System32\Tasks\{A13D3229-3538-4A9B-BC9D-4D7E46FEA6D1} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {053D44B9-7A00-49D6-9344-FD129CD575D1} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {073795C9-8A8F-499A-A1E9-4F464494A6E4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0BA0124E-9A6D-4875-BCC6-5F9AB9333055} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {0C3D1C09-F503-40AB-B1E9-5A5D061F520E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {0DE5621F-D1D7-472C-96B2-658556860924} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {17B7F027-9973-4196-8D91-ADE023D54742} - System32\Tasks\{1AE02D85-E364-45B6-92B0-A30EC8FDDDC9} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {17C6AD99-1673-4817-AD75-8F22CE4F1F18} - System32\Tasks\{9CF80396-B379-427D-9DBE-54858E636648} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {196EB3B7-F969-44FB-8904-FC3FFEBCEA36} - System32\Tasks\{E61D7DD5-0347-491C-94EE-5B2A55F53E7F} => pcalua.exe -a "C:\Users\admin\Desktop\lgs510 (1).exe" -d C:\Users\admin\Desktop
Task: {1B373374-5B77-4BD2-9CAC-A088601DAAA0} - \SimpleFiles Installer Starter -> Keine Datei <==== ACHTUNG
Task: {1C57893A-73C3-488F-B526-A8887F2953A7} - kein Dateipfad
Task: {1EC1E15D-F018-4723-9070-4D369E8FEC5C} - System32\Tasks\{DD61DBDB-E610-4BA6-A9B8-8B08C63A417E} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {2567BB02-4670-455E-9C02-C931857870E6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {2B1E6290-3296-4B86-934C-BC5EDCE018AD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2BF4E1F4-BBF9-4735-A379-CD2D2324F79A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {2C95B80B-A51B-4ADF-A2CC-7EBA09197059} - System32\Tasks\ACC => C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat [2015-06-22] () <==== ACHTUNG
Task: {35931239-6C01-4EB9-9F06-B5E34733FB8A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {3835EB9A-A64B-475E-8C88-55D172209009} - System32\Tasks\{BE51D640-5212-4286-940E-DCA2AE9961AB} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {3A147D4D-2142-4D6A-8909-CE683B68FE9A} - System32\Tasks\{A3A353F9-9F9B-44FE-B96D-31646B313523} => pcalua.exe -a C:\Users\admin\Downloads\lgs510.exe -d C:\Users\admin\Downloads
Task: {3ACDCFF8-92A6-4952-A33F-65AF05026115} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29] (Oracle Corporation)
Task: {3BA6A0E0-A338-4CA3-B585-0615270FA949} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {41EBF101-ACE4-4536-8696-90E37984A3E8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {48B78AE7-76A1-472C-8530-AAED256A3D7D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {4B4680D9-E2FE-4D78-8188-B1D11D741EBF} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4D52F5DD-1E4E-4B32-B1B5-BD1C7C4887A1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4ED0E3B6-4DC7-469D-9BD7-A7DA52E08299} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {4FE790BC-A8CB-4349-9629-E4036E9775AF} - System32\Tasks\{39F95DBA-5A4E-4CD2-BB4A-CCE9B94F3079} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {52861456-C744-4ECB-9338-A5EEADA219FA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {557BC2D0-F3F2-4A25-B697-21EC090FDE04} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {56EA4D43-A086-4470-B96E-9FB1768E6ED3} - System32\Tasks\{78912F09-9E09-46ED-8941-11871D4D0C4F} => C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
Task: {57E88640-41B7-4F5D-B851-AFD2838B1C63} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {5E324125-D66E-4D57-8894-976BA96DA865} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5EDE42A2-4A64-484D-800F-C420FA956798} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {67E03967-E26A-4558-8EAB-94C6D7F4330E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {6CFCB68E-50BB-4EC0-85D2-F81762436F24} - System32\Tasks\{47953A5F-E19D-43A8-9964-E39351028038} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {70125431-E640-4C46-8962-AB99C000B9DD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {70278F75-C037-45E7-BF31-69E4C0C8AE56} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {70CE0011-D1AA-42E4-953D-619628912C34} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {75C6EF2C-5336-4D15-964D-A3FA8A1B8BDE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {77F56DD3-E368-46A5-953A-04C3CC67DFDB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-12] (Google Inc.)
Task: {7A28B1AA-97A0-44B4-98F5-467B1CB68A43} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7BBA2D3D-7FA5-4DB4-98CB-C570319C1451} - System32\Tasks\{BC2D6434-8781-46B3-A9A1-BA1C57245AF3} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {878BFAD2-5A40-4B5D-8ADA-E9454C0B39A6} - kein Dateipfad
Task: {8838DCD1-B08E-428D-BF01-24E3B9250A53} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {88F45939-0423-4D4B-96F8-374FF864A93E} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {8B63AD8C-9FAF-4D05-AA3F-27B212A2DFCC} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8F02CB1D-35C4-4102-82B6-66D4C8008C1C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8F430278-2F26-4A86-B85E-42AAEE59C70A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {94670801-FB2B-4E67-AF37-4058B0DCE01A} - System32\Tasks\{F602CB6B-B3B2-4743-AF06-2F66C7BE8499} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {98198969-9034-402D-A679-29DA601446CB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9D5C522B-37BD-46E3-A442-AC23F73592B2} - System32\Tasks\{5C3EC2B9-4AC5-4839-8D87-302FA3C3ACBE} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {AA88E7A4-D1C3-4D6A-A6E3-DA77B9294E7A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AC033A59-1DF9-4ED5-BCFA-794A7A14E327} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {AE2CC07B-7448-4E97-8DFB-A9AF57990CC7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AEB1413A-1D68-4FF8-926E-D120A0757E6E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation)
Task: {AFDBEA67-0843-4AB5-BD1D-9CA29F285BBD} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {B30CA99E-2FB7-4A1F-9310-5086E459D3E4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {B47DB38F-7D31-430C-9BBE-8D3C4ABF9FB3} - System32\Tasks\{7992860A-8431-4122-927D-23C50BAB92FB} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {B558C71A-7D97-4074-92B9-1D455069D76A} - System32\Tasks\{E2612081-8FB6-438B-922C-0A1CE766B7A5} => pcalua.exe -a C:\Users\admin\AppData\Roaming\istartsurf\UninstallManager.exe -c  -ptid=smt
Task: {B7A19E07-846D-409F-B7F6-DEEFFA568013} - System32\Tasks\{7D4F9702-F680-43B7-B33D-5D0B50533B71} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {BA7A3D4D-05B7-4289-8E31-C295248928FE} - System32\Tasks\{45951CB7-774E-4695-A9EB-B860317AA6D3} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {C250493C-00EE-4DDB-9199-E8025EFF9C17} - System32\Tasks\Aufgaben der Ereignisanzeige\System_Service Control Manager_7001 => C:\Program Files (x86)\Dev-Cpp\devcpp.exe [2014-11-01] (Bloodshed Software)
Task: {C8F39163-2C68-480A-942F-B9FBC1D1FE6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-12] (Google Inc.)
Task: {CB36B87D-3291-4E1F-9773-48A3A334D53A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CEA0DE1F-289A-4695-A878-D208156D0A94} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {CFB8ABEC-6757-46E6-8EFC-E0BE2EDF389D} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {D9A1225A-818F-490E-A8D2-87CDB5D762B8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation)
Task: {DD422558-2E0D-41BD-B876-DD539DF6525E} - System32\Tasks\{2B222A2F-11BC-41E4-B2DF-21B4FC5268D1} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {DE537368-396A-4F53-B6D5-96B4AD35DE41} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E2484FC4-A3C9-4BAF-8E8C-15E6D2B8018B} - System32\Tasks\{36036BFE-A7D1-4FEC-9723-E0E4A6990D8E} => pcalua.exe -a C:\Users\admin\Downloads\ensharpendecoder_win.exe -d C:\Users\admin\Downloads
Task: {E7D0D2C6-A37C-487D-A5C3-98BE9DE6BA04} - System32\Tasks\{9ECFA4AD-89C0-4631-8D5F-B2FBE5DAA7BD} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {EC581E02-D4D8-41BB-9CD8-CBFBF873D645} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F3B427A6-5261-478B-A816-B72D733BC307} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FBCF94F8-5346-4EBD-8FF9-0D3B616042BB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FD8AE7A9-F8A2-4A3F-8C71-265A9D8A58A9} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE90EA90-D163-4504-94C1-EDDC81748B3F} - System32\Tasks\{D7330FEA-6FA4-4A05-862C-DE04F8EE8934} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV\Go to OpenIV web site.lnk -> hxxp://openiv.com/

ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f47c86c9d3240056\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=berjuspgraatherfufit
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d6731079c9ca4513\Tim - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=lejutplovshprohey

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-13 00:34 - 2015-12-10 18:08 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-09-14 19:34 - 2016-09-30 06:24 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-14 19:34 - 2016-09-30 06:24 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-14 19:35 - 2016-09-30 06:24 - 00418240 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2015-01-19 15:51 - 2005-04-22 06:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2016-01-08 16:47 - 2016-10-25 22:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-14 11:07 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-14 11:07 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-02-28 11:14 - 2016-10-26 15:28 - 00174872 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\quazip.dll
2014-08-04 15:43 - 2016-10-26 15:28 - 00103192 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 15:43 - 2016-10-26 15:28 - 00107800 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-08-04 15:46 - 2016-10-26 15:28 - 00312088 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-09-17 17:52 - 2015-09-17 17:52 - 00486912 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\plugins\soundboard.dll
2014-08-04 15:46 - 2016-10-26 15:28 - 00485656 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2016-10-20 14:13 - 2016-10-12 07:56 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.59\libglesv2.dll
2016-10-20 14:13 - 2016-10-12 07:56 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.59\libegl.dll
2016-08-22 11:24 - 2015-08-05 10:04 - 00020288 _____ () C:\Program Files\CCleaner\branding.dll
2015-07-17 19:34 - 2015-07-17 19:34 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-12-13 00:34 - 2016-10-29 21:07 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-12-13 00:34 - 2015-12-10 18:08 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-12-26 22:29 - 2016-03-23 15:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2014-12-26 22:29 - 2016-03-23 15:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-12-26 22:29 - 2016-03-23 15:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2014-12-26 22:29 - 2016-03-23 15:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-12-26 22:29 - 2016-03-23 15:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2014-12-26 22:29 - 2016-03-23 15:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-01-08 16:48 - 2016-09-30 06:24 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-14 19:35 - 2016-09-29 19:20 - 00500792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-14 19:35 - 2016-09-29 19:20 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-14 19:35 - 2016-09-29 19:20 - 02801208 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-14 19:35 - 2016-09-29 19:20 - 00244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-14 19:35 - 2016-09-29 19:20 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-14 19:35 - 2016-09-29 19:20 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-14 19:35 - 2016-09-29 19:20 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-09-14 19:35 - 2016-09-30 06:23 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2015-08-12 17:21 - 2015-07-20 17:15 - 00057344 _____ () C:\Program Files (x86)\Skiller PRO\lan.dll
2015-08-12 17:21 - 2012-08-14 22:41 - 00061440 _____ () C:\Program Files (x86)\Skiller PRO\hiddriver.dll
2014-12-25 19:10 - 2016-09-08 05:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-21 15:16 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-12-25 19:10 - 2016-10-13 03:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2014-12-25 19:10 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-25 19:10 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-25 19:10 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-25 19:10 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-12-25 19:10 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-01-21 15:16 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-21 15:16 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-12-25 19:10 - 2016-10-13 03:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-11 18:54 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-10-24 16:22 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2015-01-21 15:16 - 2015-09-25 01:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\Temp:$DATA [16]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\sony.com -> sony.com

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-10-29 16:19 - 00003845 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\Downloads\OgFbo9.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Amazon Music => "C:\Users\admin\AppData\Local\Amazon Music\Amazon Music Helper.exe"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "FireStormStartUpAutoRun"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\StartupFolder: => "OMSI Addon Manager.lnk"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "GalaxyClient"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{02C426C7-9C4E-4A46-BD30-BF2CB5EF4DD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{E842F5E6-2B29-4074-9BF2-B355FD57CFE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{BE839E79-17A6-44E9-BD8C-744EDA451B12}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ED4D5EED-E19E-4B6D-BBC4-BD8EEFEE7381}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8FBBDFE3-4CB1-4C44-B130-9F4E3F691FAC}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E1761EA9-656C-45B2-B863-546C635E23F1}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{669459B0-4C41-4592-8E72-A0FB0805CD8C}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{752A7395-9B28-4E39-BCF6-7E3DD8054A8F}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6B8081F3-87E9-4699-87CF-57090607BD27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{71DC30A2-BC07-4ABA-BDA2-63EEE592F38B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [UDP Query User{FF3FF898-C74B-4BCA-B925-FE7B4D0F9193}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{8AC22E5D-7405-449A-8388-77E105A7FE3F}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{A670B346-EA46-4CAC-BF18-9BEF4316F6AE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0CDA39B9-771A-404F-89FE-D53CB2DF686A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B6DDF0D4-02B1-418B-B571-607D5A78445A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7DE4A39E-7657-462E-8DD9-DE820B7DD6BD}] => (Allow) LPort=80
FirewallRules: [{ECF6FA0C-4E01-41DD-A7F2-140111367D8E}] => (Allow) LPort=443
FirewallRules: [{DE1D9E03-8B7F-4268-8F96-9D9AA50517C4}] => (Allow) LPort=20010
FirewallRules: [{6758E0B6-6176-480E-9BD0-5588169E534A}] => (Allow) LPort=3478
FirewallRules: [{E2BECC4D-BF05-4A53-8EE8-FB929BE83063}] => (Allow) LPort=7850
FirewallRules: [{5E150AAC-48A4-42EF-A89E-E176DC0A97D2}] => (Allow) LPort=7852
FirewallRules: [{B49401C2-80B7-4D07-AE02-5957A1596873}] => (Allow) LPort=7853
FirewallRules: [{88985BEC-DDAD-4887-B7CD-4F130BB6118F}] => (Allow) LPort=27022
FirewallRules: [{7BA48D57-BBD5-4901-9C1F-E5BF4AAFD049}] => (Allow) LPort=6881
FirewallRules: [{3BE55950-CB5E-4CF2-9CAC-EF312DB32D00}] => (Allow) LPort=33333
FirewallRules: [{0AAF2623-F139-4A7D-916D-4069E7F8C1AC}] => (Allow) LPort=20443
FirewallRules: [{68DA44FA-FB2A-4903-AEC6-5D94CF1B949F}] => (Allow) LPort=8090
FirewallRules: [{F8C76348-E4E0-441E-A1FF-CF88497A089F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{6FC93E4D-5540-43D1-89EB-A96BD31D0F1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{D626B09E-7F01-42A0-AD69-CC6BE3770C29}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{59D57AD8-BBF7-47F9-873E-DE7AB528406E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D38884A6-7B75-4271-AA3B-71D8920FAABE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{23707E11-254F-44DA-AD9A-5457B22B8AFA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{84A71B2D-C33C-4F54-A1EE-F65495F71620}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{6026356A-7674-43FC-8085-74D21AEC89E2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{0239E52D-A3B7-4126-B38D-13D5E4242B3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{070B69FA-53FB-42E3-BDD8-8538E7CC30B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{98106D20-060A-48F3-8359-991D1DE45EE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{D0DBCDE8-177C-4A8B-B38F-9F4B49C7C324}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{7BEC5473-494D-40F1-A37E-7A367D96E928}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{EE651D0F-2E98-4B07-BDAA-C862782EBF74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{0A5056C0-4DB0-4206-B872-924322C961B6}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{0ADABA06-D9B3-4FC5-9E64-163A4837B7F9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B881BF59-13EC-4FEB-B124-A313EE74C6B7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{EFC84F2E-9AF3-4AAD-B1CC-BADD16C6A4F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{0DF3284A-B5EB-44AF-A5EF-9FBE6A91FE96}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{98999DE2-D041-446D-B6DB-D1598A3A560C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{CA9CEFFD-7057-4EA3-8E17-4C2DA545D13A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{4D460F5B-1E4D-435A-A2D7-12DDF57B93E6}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{C2CD94CE-1158-4F41-B6C8-61F0F264BB14}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{1B41650B-8C0A-417B-9EE0-26A0CA7900DF}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{EDAACE47-D7CC-436F-B457-BC3E0D182D33}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{641126E5-7F8E-47F5-A691-E1879DE5DFFF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{BAAF648D-A884-4BDD-BFB4-7C23E3F2D419}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{6C9FBCC4-DDA9-4DD9-844C-1710FE6F0DE7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E7B3426-674E-4744-8A34-8FEC5D89E744}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{04B12B99-4B38-47DF-AFFC-5BEE580B5E06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{112ED707-0790-4C38-A0C1-47772EA9E61F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2DEC3BC6-5A7F-451C-84F4-FD5985360ECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2014\F1_2014.exe
FirewallRules: [{29D97B07-E473-46E2-9397-3B88065E54A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2014\F1_2014.exe
FirewallRules: [{8AAAC971-5D08-488F-A9CB-4C3E83EBE438}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{A4C04855-1259-4E93-95DF-B3D7ABAE27D8}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [TCP Query User{238B3ED3-2017-4B3C-8774-004E2F2B4B6A}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{24118DF0-B1A6-40F9-AF54-ADDC6D6A7696}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{182D7FB5-34AC-41B1-B80D-3E14A7C3284D}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{A38DC822-8450-4E90-B948-763473EBFE62}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{34C8DCA4-9CB4-44EB-BDA4-2243B6A94638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{460924A2-DAB1-4BDE-B6F1-EBDAE9624B00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{52E7285A-54BF-4106-B38A-D532E6665E86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{55C59A32-7325-4163-9BBA-CECB8AC28884}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{69AADE24-7EB2-4BA0-B3E2-5022DBB3A73F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{4650E401-DB1C-4EE4-83FF-38ADA29F2284}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{D00893C0-8221-4E36-AE8E-207288F031D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{9FF1999F-00BA-459E-AE40-2778EB9B185F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{7D58F99F-B3EE-401F-9AAD-2F279AD69E15}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DDFC01D2-2BFA-4485-B57F-A3D08551180F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D12B0F98-80C9-414C-9231-12FF2EBD8733}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{9733224E-A078-49E6-964F-6532CBB534D0}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{C2A1FE85-9E02-45CC-AD6F-848DC061BD60}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{CFD11295-DA2F-430B-882A-978CE9849D24}] => (Block) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{6B332141-CA19-461B-AD50-22159F724AFA}] => (Block) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{9958D6F7-0D3E-439E-948B-1DA972AE7C93}] => (Allow) LPort=8317
FirewallRules: [{E2363DDC-96F7-4E0E-862B-0174D03365D5}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{459DC2E5-725B-42DD-8765-1001B4E93F6D}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [TCP Query User{41731BD2-7856-4EC2-8C24-868437B044B5}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5A1E15B3-7ABC-42A3-8DEC-94BCC3EE5989}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9C8281FE-3507-4B1B-96D5-1D4B179C6794}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{393A4BCA-8F94-4A5F-85EF-946A9827A55A}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7E95AA5A-3F59-4CA4-96C2-81D1682A08CD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{815E643C-390A-46F8-8F85-5E9E6F7473F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{160CD63E-1ED4-4CFB-A225-6D27F11A3F1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{7113C531-C03B-4057-B84A-C9CA43320428}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D0C966EC-3480-46FC-A3A5-4DF6EAC62FBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{44561A87-45DB-4C4D-8EF4-40DEAF86E3C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe

==================== Wiederherstellungspunkte =========================

29-10-2016 23:09:58 Removed Vegas Pro 12.0 (64-bit)

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/29/2016 11:10:28 PM) (Source: MsiInstaller) (EventID: 11723) (User: ADMIN-PC)
Description: Produkt: Vegas Pro 12.0 (64-bit) -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SfMSILib_IsProcessRunning, Eintrag: SfMSILib_IsProcessRunning, Bibliothek: C:\ProgramData\Sony\customaction_x64.dll

Error: (10/29/2016 11:10:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (10/29/2016 11:07:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/29/2016 11:07:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/29/2016 11:07:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/29/2016 11:07:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/29/2016 11:07:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/29/2016 11:07:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Music.UI.exe, Version: 10.16092.1031.0, Zeitstempel: 0x5806afe7
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.494, Zeitstempel: 0x5775e4c5
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000000000071f28
ID des fehlerhaften Prozesses: 0x19fc
Startzeit der fehlerhaften Anwendung: 0x01d2322872225338
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16092.10311.0_x64__8wekyb3d8bbwe\Music.UI.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\KERNELBASE.dll
Berichtskennung: 05e230e1-649c-4da8-99aa-1a2590f666bc
Vollständiger Name des fehlerhaften Pakets: Microsoft.ZuneMusic_10.16092.10311.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.ZuneMusic

Error: (10/29/2016 11:07:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/29/2016 11:02:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (10/29/2016 11:07:25 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Microsoft.ZuneMusic.AppXg7frm9cyrqhbagxce6zrshkx8fn0ycca.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/29/2016 11:07:24 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/29/2016 11:07:24 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/29/2016 11:07:24 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/29/2016 11:07:24 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/29/2016 11:07:24 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App.AppXtjcey7sh4wvcw7hy21b0nmp0bq18dyzd.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/29/2016 11:02:32 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "CortanaUI" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/29/2016 11:02:31 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/29/2016 11:02:30 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "CortanaUI" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/29/2016 11:02:28 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2016-10-29 16:08:14.036
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-29 16:08:14.026
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-29 16:08:14.014
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-29 16:08:13.678
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-29 16:08:10.935
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 14:49:58.122
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 14:49:58.109
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 14:49:58.096
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 14:49:58.068
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-20 14:49:58.055
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8129.95 MB
Verfügbarer physikalischer RAM: 5282.64 MB
Summe virtueller Speicher: 16321.95 MB
Verfügbarer virtueller Speicher: 13321.01 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.44 GB) (Free:253.28 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive h: (Tevion) (Removable) (Total:7.4 GB) (Free:6.56 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3B0461CD)
Partition 1: (Active) - (Size=203 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (Size: 7.4 GB) (Disk ID: 66205247)
No partition Table on disk 2.

==================== Ende von Addition.txt ============================
         
FRST:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2016
durchgeführt von admin (Administrator) auf ADMIN-PC (29-10-2016 23:10:37)
Gestartet von C:\Users\admin\Desktop
Geladene Profile: admin (Verfügbare Profile: admin & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Sharkoon Technologies) C:\Program Files (x86)\Skiller PRO\Monitor.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(TeamSpeak Systems GmbH) C:\Users\admin\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1842624 2016-09-30] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-02-28] (Power Software Ltd)
HKLM-x32\...\Run: [Skiller PRO] => C:\Program Files (x86)\Skiller PRO\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278528 2015-12-07] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [Spotify Web Helper] => C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1483888 2016-10-19] (Spotify Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [Spotify] => C:\Users\admin\AppData\Roaming\Spotify\Spotify.exe [6884976 2016-10-19] (Spotify Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [4090944 2016-09-20] (GOG.com)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\MountPoints2: {4c30d469-9739-11e4-bb0a-382c4a739a73} - "F:\pushinst.exe" 
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1aec2684-a865-4e41-9c8d-e825774221ec}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{1aec2684-a865-4e41-9c8d-e825774221ec}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5f030b30-5b32-48cf-92e1-9d9ca305ca6d}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8ba5c6f2-89a0-4423-9b49-1493df0677f5}: [DhcpNameServer] 192.168.178.1
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131124827243312315&GUID=5059F630-8847-C004-A9EE-042B72110A1F
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131124827243338633&GUID=5059F630-8847-C004-A9EE-042B72110A1F
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\grq6bzao.default [2016-10-29]
FF Extension: (Adblock Plus) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\grq6bzao.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-28]
FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{8C679308-89F3-402C-9323-8D9B3B6D57B2}] - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi
FF Extension: (Recordify Title Discover) - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi [2016-01-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-12] (Google Inc.)

Chrome: 
=======
CHR DefaultProfile: lejutplovshprohey
CHR HomePage: lejutplovshprohey -> hxxp://www.trotux.com/?z=79abb8c81d8fbf04419bec9g5zamee5q7e6e9m6z2z&from=fss&uid=WDCXWD10EZEX-00WN4A0_WD-WCC6Y4CVNXHVVNXHV&type=hp
CHR StartupUrls: lejutplovshprohey -> "hxxps://www.google.com/"
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit [2016-10-29] <==== ACHTUNG
CHR Extension: (Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-12]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-12]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-12]
CHR Extension: (Google Mail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-12]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey [2016-10-29] <==== ACHTUNG
CHR Extension: (Recordify Title Discover) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\kkgbclpocodjecojibeaaglcgndegljl [2016-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-29]
CHR HKLM-x32\...\Chrome\Extension: [kkgbclpocodjecojibeaaglcgndegljl] - C:\Program Files (x86)\Recordify\Extensions\recordify_chrome_0.3.18.crx [2016-09-17]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\admin\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-12-28]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2015-12-10] ()
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave Ltd.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [281152 2016-09-20] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6411840 2016-09-19] (GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-09-30] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-09-04] (Electronic Arts)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 vmicvss; C:\WINDOWS\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-26] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 abelssoft_recordify; C:\WINDOWS\system32\drivers\recordify.sys [68536 2016-03-30] (Abelssoft)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-12-10] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-04-10] (Phoenix Technologies) [Datei ist nicht signiert]
S3 fwlanusb5; C:\WINDOWS\system32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH) [Datei ist nicht signiert]
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
R3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-09-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-09-02] (NVIDIA Corporation)
S3 PVUSB; C:\WINDOWS\System32\drivers\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2000-01-01] (Realtek                                            )
S3 scramby; C:\WINDOWS\System32\drivers\scramby.sys [29480 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\WINDOWS\System32\drivers\scramby_out.sys [34336 2007-08-08] (RapidSolution Software AG)
R3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R3 Sftfs; C:\WINDOWS\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation)
R3 Sftplay; C:\WINDOWS\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation)
R3 Sftredir; C:\WINDOWS\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation)
R3 Sftvol; C:\WINDOWS\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2000-01-01] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [16056 2016-10-29] (SlimWare Utilities, Inc.)
S1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102576 2015-08-26] ()
S1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25904 2015-08-26] ()
S1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [701232 2015-08-26] ()
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Datei ist nicht signiert]
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-29 23:05 - 2016-10-29 23:10 - 00022418 _____ C:\Users\admin\Desktop\FRST.txt
2016-10-29 23:05 - 2016-10-29 23:10 - 00000000 ____D C:\FRST
2016-10-29 23:04 - 2016-10-29 23:04 - 02408448 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2016-10-29 23:04 - 2016-10-29 23:04 - 02408448 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2016-10-29 22:57 - 2016-10-29 22:57 - 00036731 _____ C:\Users\admin\Downloads\Logs.rar
2016-10-29 21:10 - 2016-10-29 21:11 - 00406582 _____ C:\Users\admin\Downloads\startmenu.diagcab
2016-10-29 16:36 - 2016-10-29 16:36 - 00003756 _____ C:\WINDOWS\System32\Tasks\ACC
2016-10-29 16:36 - 2016-10-29 16:36 - 00000000 ____D C:\ProgramData\SlimWare Utilities, Inc
2016-10-29 16:36 - 2016-10-29 16:36 - 00000000 ____D C:\ProgramData\DriverSetupUtility
2016-10-29 16:36 - 2016-10-29 16:36 - 00000000 ____D C:\Program Files\DriverSetupUtility
2016-10-29 16:34 - 2016-10-29 16:34 - 00016056 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2016-10-29 16:34 - 2016-10-29 16:34 - 00000000 ____D C:\Users\admin\AppData\Local\SlimWare Utilities Inc
2016-10-29 16:33 - 2016-10-29 16:33 - 03910208 _____ C:\Users\admin\Downloads\adwcleaner_6.030.exe
2016-10-29 16:28 - 2016-10-29 16:28 - 00041208 _____ C:\Users\admin\Documents\cc_20161029_162824.reg
2016-10-29 12:57 - 2016-10-29 12:57 - 00002210 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-10-29 12:57 - 2016-10-25 22:00 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-10-29 12:57 - 2016-09-09 20:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-10-29 12:57 - 2016-09-09 20:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-10-29 12:57 - 2016-09-09 20:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-10-29 12:57 - 2016-09-09 20:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-10-29 12:56 - 2016-10-29 12:56 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-10-29 12:54 - 2016-10-26 03:09 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 40123840 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 35224632 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 28202040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 20718400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 17577728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 14516216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 10912232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 10782952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 10332664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 09120512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 08913512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 08723968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 02940352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 02574784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437570.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437570.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00617696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00572584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00470584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00390200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00384448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00172920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00150784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00131720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-10-29 12:54 - 2016-10-25 23:40 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-10-26 16:20 - 2016-10-26 16:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-25 20:41 - 2016-10-25 20:41 - 13165792 _____ (Microsoft Corporation) C:\Users\admin\Downloads\Silverlight_x64.exe
2016-10-24 16:04 - 2016-10-24 16:09 - 00009631 _____ C:\Users\admin\Documents\Italiensich Spicker v.1.odt
2016-10-20 14:47 - 2016-10-20 14:47 - 00071140 _____ C:\Users\admin\Downloads\TradeMan 1.22h4-6-1-22.zip
2016-10-20 14:41 - 2016-10-20 14:42 - 38827969 _____ C:\Users\admin\Downloads\E3FX V7-23-7.zip
2016-10-20 14:37 - 2016-10-20 14:38 - 41576087 _____ C:\Users\admin\Downloads\E3FX 8.5 (Alternative Bloom)-23-8-5.zip
2016-10-20 14:33 - 2016-10-20 14:33 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2 (2).exe
2016-10-20 14:32 - 2016-10-20 14:33 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2 (1).exe
2016-10-20 14:22 - 2016-10-20 14:22 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2.exe
2016-10-20 14:21 - 2016-10-20 14:44 - 00000000 ____D C:\Users\admin\Desktop\Witcher .dll
2016-10-18 17:37 - 2016-10-18 17:38 - 02891915 _____ C:\Users\admin\Downloads\Fair Sale - Better sale prices v1.03 -4-1-03.7z
2016-10-10 19:01 - 2016-10-01 23:11 - 01935808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437306.dll
2016-10-10 19:01 - 2016-10-01 23:11 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437306.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-29 23:07 - 2015-01-13 18:44 - 00000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2016-10-29 22:45 - 2015-01-24 13:20 - 00000000 ____D C:\Users\admin\AppData\Roaming\TS3Client
2016-10-29 21:18 - 2014-12-25 19:09 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-29 21:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-29 21:13 - 2015-12-13 00:39 - 02087808 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-29 21:13 - 2015-10-30 20:35 - 00888452 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-29 21:13 - 2015-10-30 20:35 - 00197278 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-29 21:13 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-10-29 21:11 - 2015-01-25 19:59 - 00000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2016-10-29 21:08 - 2016-08-12 18:27 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-29 21:08 - 2015-12-13 00:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-29 21:07 - 2015-12-13 00:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-29 16:57 - 2016-09-18 12:48 - 00000000 ____D C:\ProgramData\updater2
2016-10-29 16:42 - 2015-12-13 00:30 - 04995152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-29 16:38 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-10-29 16:37 - 2015-08-01 18:21 - 00000000 ____D C:\AdwCleaner
2016-10-29 16:29 - 2016-01-16 21:44 - 00000000 ____D C:\WINDOWS\Minidump
2016-10-29 16:27 - 2016-01-21 17:52 - 00000000 ____D C:\Program Files\CCleaner
2016-10-29 16:19 - 2015-12-13 00:40 - 00000000 ____D C:\Users\admin
2016-10-29 15:51 - 2015-01-11 16:40 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-29 15:29 - 2016-09-07 14:12 - 00000000 ____D C:\Users\admin\Documents\The Witcher 3
2016-10-29 12:57 - 2016-09-04 12:58 - 00000000 ____D C:\WINDOWS\LastGood
2016-10-29 12:57 - 2016-01-08 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-10-29 12:57 - 2015-12-13 00:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-10-29 12:56 - 2015-12-13 00:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-10-29 12:56 - 2015-12-13 00:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-29 12:56 - 2015-04-07 22:02 - 00000000 ____D C:\Users\admin\AppData\Local\NVIDIA Corporation
2016-10-28 16:04 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-28 03:22 - 2010-11-21 05:27 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-10-27 00:16 - 2016-01-08 16:46 - 14159928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-10-26 16:36 - 2014-11-08 18:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-26 16:36 - 2014-11-08 18:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-26 16:36 - 2014-11-08 18:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-26 15:28 - 2014-12-27 20:56 - 00000000 ____D C:\Users\admin\AppData\Local\TeamSpeak 3 Client
2016-10-26 03:09 - 2015-11-12 18:25 - 01595456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-10-26 03:09 - 2015-11-12 18:25 - 00212936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-10-25 23:40 - 2016-01-08 16:46 - 24365624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-10-25 23:40 - 2016-01-08 16:46 - 03927288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-10-25 23:40 - 2016-01-08 16:46 - 03468736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-10-25 23:40 - 2016-01-08 16:46 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2016-10-25 22:17 - 2016-01-08 16:47 - 06386232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-10-25 22:17 - 2016-01-08 16:47 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-10-25 22:17 - 2016-01-08 16:47 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-10-25 22:17 - 2016-01-08 16:47 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-10-25 22:17 - 2016-01-08 16:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-10-25 22:17 - 2016-01-08 16:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-10-25 22:17 - 2016-01-08 16:47 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-10-25 22:13 - 2016-09-14 19:34 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-10-25 20:41 - 2014-11-08 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-24 08:31 - 2016-01-08 16:47 - 07507695 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-10-21 11:23 - 2016-09-08 14:08 - 00002004 _____ C:\Users\admin\Desktop\The Witcher® 3 - Wild Hunt.lnk
2016-10-20 14:13 - 2016-08-12 18:28 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-20 14:13 - 2016-08-12 18:28 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-19 23:00 - 2016-04-07 19:50 - 00000000 ____D C:\Users\admin\AppData\Local\Spotify
2016-10-19 22:58 - 2016-09-17 09:53 - 00000000 ____D C:\Users\admin\Documents\Recordify
2016-10-19 22:32 - 2016-04-07 19:49 - 00000000 ____D C:\Users\admin\AppData\Roaming\Spotify
2016-10-18 17:42 - 2016-09-23 14:09 - 00000931 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-10-18 17:42 - 2016-09-23 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-10-18 17:42 - 2016-09-23 14:09 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-10-10 18:46 - 2016-09-22 18:17 - 00003736 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 18:46 - 2016-09-14 19:35 - 00003924 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 18:46 - 2016-09-14 19:35 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-10-10 18:46 - 2016-09-14 19:34 - 00003988 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 18:46 - 2016-09-14 19:34 - 00003960 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 18:46 - 2016-09-14 19:34 - 00003898 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 18:46 - 2016-09-14 19:34 - 00003694 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-06 18:53 - 2016-09-04 19:11 - 00000000 ____D C:\Users\admin\Desktop\Memes
2016-09-30 06:24 - 2016-09-14 19:35 - 01842624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-09-30 06:24 - 2016-09-14 19:35 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-09-30 06:24 - 2016-09-14 19:35 - 01444288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-09-30 06:24 - 2016-09-14 19:35 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-09-30 06:24 - 2016-09-14 19:35 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-22 18:24 - 2015-04-22 18:24 - 0549471 _____ () C:\Program Files\vac414demo.zip
2015-08-01 18:08 - 2015-08-01 18:29 - 6420480 _____ () C:\Program Files (x86)\GUT20.tmp
2014-10-10 14:07 - 2014-10-10 14:07 - 0000000 _____ () C:\Users\admin\AppData\Roaming\gdfw.log
2014-10-10 14:07 - 2014-10-10 14:07 - 0000779 _____ () C:\Users\admin\AppData\Roaming\gdscan.log
2016-03-20 14:57 - 2016-03-20 14:57 - 0003584 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-10 15:36 - 2015-04-10 15:36 - 0000058 _____ () C:\Users\admin\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-05-26 21:44 - 2015-12-12 18:05 - 0007601 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2015-12-13 00:35 - 2015-12-13 00:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-30 20:56 - 2015-03-01 20:57 - 0000032 ____R () C:\ProgramData\hash.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\hash.dat


Einige Dateien in TEMP:
====================
C:\Users\admin\AppData\Local\Temp\libeay32.dll
C:\Users\admin\AppData\Local\Temp\msvcr120.dll
C:\Users\admin\AppData\Local\Temp\Nexus Mod Manager-0.63.1.exe
C:\Users\admin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\admin\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\admin\AppData\Local\Temp\nvStInst.exe
C:\Users\admin\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-08-22 15:01

==================== Ende von FRST.txt ============================
         

 

Themen zu Windows 10: CMD Konsole öffnet sich von alleine mit BSOD
abstürzen, bluescreen of the death, cmd öffnet automatisch, converter, cpu, defender, explorer, firefox, flash player, helper, helper.exe, home, homepage, installation, internet explorer, mp3, node.js, nvcontainer, registry, rundll, scan, security, server, services.exe, software, stick, taskleiste anklicken, temp, virus, windows, windowsapps, wlan




Ähnliche Themen: Windows 10: CMD Konsole öffnet sich von alleine mit BSOD


  1. Windows 10 Verseucht und Firefox öffnet sich alleine
    Plagegeister aller Art und deren Bekämpfung - 14.04.2016 (5)
  2. Windows 10: Watch4 Seite öffnet sich von alleine
    Log-Analyse und Auswertung - 28.11.2015 (24)
  3. Watch4 öffnet sich von alleine
    Plagegeister aller Art und deren Bekämpfung - 04.11.2015 (7)
  4. Chrome öffnet sich von alleine und öffnet dann Popup Fenster
    Log-Analyse und Auswertung - 08.03.2015 (11)
  5. Inernet öffnet sich von alleine + Tabs öffnen sich mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 08.12.2014 (27)
  6. Windows 7: CMD-Konsole öffnet bei Systemstart Farmaster.net
    Log-Analyse und Auswertung - 26.09.2014 (9)
  7. Windows 7: CMD-Konsole öffnet bei Systemstart Farmaster.net
    Log-Analyse und Auswertung - 21.09.2014 (12)
  8. Windows Media Player öffnet sich ständig von alleine.
    Plagegeister aller Art und deren Bekämpfung - 11.07.2014 (5)
  9. Windows 8: Internet öffnet sich von alleine (nach Runterladen eines Updates)
    Plagegeister aller Art und deren Bekämpfung - 24.01.2014 (59)
  10. Windows 7: ca. 1 mal pro Woche öffnet sich seth.avazutracking von alleine
    Log-Analyse und Auswertung - 15.08.2013 (12)
  11. Windows Media Player öffnet sich von alleine
    Plagegeister aller Art und deren Bekämpfung - 12.09.2012 (2)
  12. RUNDLL "Fehler beim Laden von C:/WINDOWS/shomsr.dll" öffnet sich von alleine + Hiloti.D.1419 = Virus
    Plagegeister aller Art und deren Bekämpfung - 09.05.2011 (7)
  13. IE öffnet sich von alleine.
    Log-Analyse und Auswertung - 30.12.2010 (1)
  14. IE öffnet sich ungefagt, laute Musik startet von alleine und Wave stellt sich auf minimal.
    Plagegeister aller Art und deren Bekämpfung - 27.07.2010 (5)
  15. Explorer öffnet sich von alleine
    Log-Analyse und Auswertung - 14.11.2008 (0)
  16. Internetexploer öffnet sich von alleine
    Log-Analyse und Auswertung - 03.12.2006 (1)
  17. Mozilla öffnet werbeseiten oder öffnet sich komplett von alleine
    Log-Analyse und Auswertung - 25.10.2005 (2)

Zum Thema Windows 10: CMD Konsole öffnet sich von alleine mit BSOD - Hallo zusammen, Ich habe folgendes Problem... seit einigen Tagen nun öffnet sich auf meinem Rechner willkürlich das CMD-Fenster für einen Bruchteil einer Sekunde und schließt sich wieder. Außerdem bekomme ich - Windows 10: CMD Konsole öffnet sich von alleine mit BSOD...
Archiv
Du betrachtest: Windows 10: CMD Konsole öffnet sich von alleine mit BSOD auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.