| |
| |||||||
Log-Analyse und Auswertung: Windows 10: CMD Konsole öffnet sich von alleine mit BSODWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
29.10.2016, 22:33
| #1 |
| |  Windows 10: CMD Konsole öffnet sich von alleine mit BSOD Hallo zusammen, Ich habe folgendes Problem... seit einigen Tagen nun öffnet sich auf meinem Rechner willkürlich das CMD-Fenster für einen Bruchteil einer Sekunde und schließt sich wieder. Außerdem bekomme ich in letzter Zeit immer häufiger Bluescreens die dann zum abstürzen des Computers führen. Dazu kommt noch, dass ich seit heute morgen die Windows Taste - sprich unten Links - nicht mehr anklicken kann sowie alles andere in der Taskleiste. Ich befürchte dass ich mir irgendwo einen Virus o.ä. eingefangen habe. PS: Habe schonmal Malwarebytes durchlaufen lassen. (siehe Anhang da sonst zu lang) Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-10-2016
durchgeführt von admin (29-10-2016 23:11:18)
Gestartet von C:\Users\admin\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-12 23:10:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
admin (S-1-5-21-2499327049-1345700090-1954953358-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-2499327049-1345700090-1954953358-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2499327049-1345700090-1954953358-503 - Limited - Disabled)
Gast (S-1-5-21-2499327049-1345700090-1954953358-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Active Directory Authentication Library für SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library für SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Benutzerhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Useg) (Version: - )
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.7 - BlueJ Team)
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version: - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation)
CASIO FA-124 (HKLM-x32\...\{FB47E710-6249-4EFA-BE36-E922B0612AF4}) (Version: 2.04.0000 - CASIO COMPUTER CO., LTD.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CrystalDiskInfo 6.6.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.6.1 - Crystal Dew World)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.2 - Bloodshed Software)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.2.0.5.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.2 Alpha - ETS2MP Team)
F1 2014 (HKLM-x32\...\Steam App 226580) (Version: - Codemasters)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
FireStorm version V1.0.46.005 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.46.005 - )
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.5.323 - DVDVideoSoft Ltd.)
Free Video to Flash Converter version 5.0.55.113 (HKLM-x32\...\Free Video to Flash Converter_is1) (Version: 5.0.55.113 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.51.1215 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.51.1215 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.59 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
LibreOffice 5.1.4.2 (HKLM-x32\...\{D5D4AC5C-C757-4EB2-857C-B021DB22482C}) (Version: 5.1.4.2 - The Document Foundation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6129.5001 - Microsoft Corporation)
Microsoft PowerPoint Home and Student 2010 (HKLM-x32\...\Office14.POWERPOINTR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2016 Management Objects (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{7F6DCED8-6A2B-4436-AF20-8F659D04E388}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Netzwerkhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Netg) (Version: - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.1 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.7 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PlanetSide 2 (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7640 - Realtek Semiconductor Corp.)
Recordify 2016 (HKLM-x32\...\{E25B0FAA-66E5-4D2E-9B48-3B85B31543BF}_is1) (Version: 1.54 - Abelssoft)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Roslyn Language Services - x86 (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
Samsung Kies (x32 Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Scansoft PDF Professional (x32 Version: - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINTR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Spotify) (Version: 1.0.39.157.g674ae377 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25521 - Microsoft) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechSmith Screen Capture Codec (x32 Version: 3.1.0 - TechSmith Corporation) Hidden
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com)
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00EC848C-86C9-47BC-B85B-13FA387FDF59} - kein Dateipfad
Task: {031FE6EA-3811-413F-9C38-968399449312} - System32\Tasks\{E6D8422F-5911-48C8-A2CB-4839FC783C13} => C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
Task: {049E94B2-F0AB-43A3-A7E3-ABFDCFB2C1CE} - kein Dateipfad
Task: {04DB3C46-6919-4F66-945A-81B4A588BFE7} - System32\Tasks\{A13D3229-3538-4A9B-BC9D-4D7E46FEA6D1} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {053D44B9-7A00-49D6-9344-FD129CD575D1} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {073795C9-8A8F-499A-A1E9-4F464494A6E4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0BA0124E-9A6D-4875-BCC6-5F9AB9333055} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {0C3D1C09-F503-40AB-B1E9-5A5D061F520E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {0DE5621F-D1D7-472C-96B2-658556860924} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {17B7F027-9973-4196-8D91-ADE023D54742} - System32\Tasks\{1AE02D85-E364-45B6-92B0-A30EC8FDDDC9} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {17C6AD99-1673-4817-AD75-8F22CE4F1F18} - System32\Tasks\{9CF80396-B379-427D-9DBE-54858E636648} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {196EB3B7-F969-44FB-8904-FC3FFEBCEA36} - System32\Tasks\{E61D7DD5-0347-491C-94EE-5B2A55F53E7F} => pcalua.exe -a "C:\Users\admin\Desktop\lgs510 (1).exe" -d C:\Users\admin\Desktop
Task: {1B373374-5B77-4BD2-9CAC-A088601DAAA0} - \SimpleFiles Installer Starter -> Keine Datei <==== ACHTUNG
Task: {1C57893A-73C3-488F-B526-A8887F2953A7} - kein Dateipfad
Task: {1EC1E15D-F018-4723-9070-4D369E8FEC5C} - System32\Tasks\{DD61DBDB-E610-4BA6-A9B8-8B08C63A417E} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {2567BB02-4670-455E-9C02-C931857870E6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {2B1E6290-3296-4B86-934C-BC5EDCE018AD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2BF4E1F4-BBF9-4735-A379-CD2D2324F79A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {2C95B80B-A51B-4ADF-A2CC-7EBA09197059} - System32\Tasks\ACC => C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat [2015-06-22] () <==== ACHTUNG
Task: {35931239-6C01-4EB9-9F06-B5E34733FB8A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {3835EB9A-A64B-475E-8C88-55D172209009} - System32\Tasks\{BE51D640-5212-4286-940E-DCA2AE9961AB} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {3A147D4D-2142-4D6A-8909-CE683B68FE9A} - System32\Tasks\{A3A353F9-9F9B-44FE-B96D-31646B313523} => pcalua.exe -a C:\Users\admin\Downloads\lgs510.exe -d C:\Users\admin\Downloads
Task: {3ACDCFF8-92A6-4952-A33F-65AF05026115} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29] (Oracle Corporation)
Task: {3BA6A0E0-A338-4CA3-B585-0615270FA949} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {41EBF101-ACE4-4536-8696-90E37984A3E8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {48B78AE7-76A1-472C-8530-AAED256A3D7D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {4B4680D9-E2FE-4D78-8188-B1D11D741EBF} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4D52F5DD-1E4E-4B32-B1B5-BD1C7C4887A1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4ED0E3B6-4DC7-469D-9BD7-A7DA52E08299} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {4FE790BC-A8CB-4349-9629-E4036E9775AF} - System32\Tasks\{39F95DBA-5A4E-4CD2-BB4A-CCE9B94F3079} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {52861456-C744-4ECB-9338-A5EEADA219FA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {557BC2D0-F3F2-4A25-B697-21EC090FDE04} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {56EA4D43-A086-4470-B96E-9FB1768E6ED3} - System32\Tasks\{78912F09-9E09-46ED-8941-11871D4D0C4F} => C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
Task: {57E88640-41B7-4F5D-B851-AFD2838B1C63} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {5E324125-D66E-4D57-8894-976BA96DA865} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5EDE42A2-4A64-484D-800F-C420FA956798} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {67E03967-E26A-4558-8EAB-94C6D7F4330E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {6CFCB68E-50BB-4EC0-85D2-F81762436F24} - System32\Tasks\{47953A5F-E19D-43A8-9964-E39351028038} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {70125431-E640-4C46-8962-AB99C000B9DD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {70278F75-C037-45E7-BF31-69E4C0C8AE56} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {70CE0011-D1AA-42E4-953D-619628912C34} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {75C6EF2C-5336-4D15-964D-A3FA8A1B8BDE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {77F56DD3-E368-46A5-953A-04C3CC67DFDB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-12] (Google Inc.)
Task: {7A28B1AA-97A0-44B4-98F5-467B1CB68A43} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7BBA2D3D-7FA5-4DB4-98CB-C570319C1451} - System32\Tasks\{BC2D6434-8781-46B3-A9A1-BA1C57245AF3} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {878BFAD2-5A40-4B5D-8ADA-E9454C0B39A6} - kein Dateipfad
Task: {8838DCD1-B08E-428D-BF01-24E3B9250A53} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {88F45939-0423-4D4B-96F8-374FF864A93E} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {8B63AD8C-9FAF-4D05-AA3F-27B212A2DFCC} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8F02CB1D-35C4-4102-82B6-66D4C8008C1C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8F430278-2F26-4A86-B85E-42AAEE59C70A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {94670801-FB2B-4E67-AF37-4058B0DCE01A} - System32\Tasks\{F602CB6B-B3B2-4743-AF06-2F66C7BE8499} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {98198969-9034-402D-A679-29DA601446CB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9D5C522B-37BD-46E3-A442-AC23F73592B2} - System32\Tasks\{5C3EC2B9-4AC5-4839-8D87-302FA3C3ACBE} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {AA88E7A4-D1C3-4D6A-A6E3-DA77B9294E7A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AC033A59-1DF9-4ED5-BCFA-794A7A14E327} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {AE2CC07B-7448-4E97-8DFB-A9AF57990CC7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AEB1413A-1D68-4FF8-926E-D120A0757E6E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation)
Task: {AFDBEA67-0843-4AB5-BD1D-9CA29F285BBD} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {B30CA99E-2FB7-4A1F-9310-5086E459D3E4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {B47DB38F-7D31-430C-9BBE-8D3C4ABF9FB3} - System32\Tasks\{7992860A-8431-4122-927D-23C50BAB92FB} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {B558C71A-7D97-4074-92B9-1D455069D76A} - System32\Tasks\{E2612081-8FB6-438B-922C-0A1CE766B7A5} => pcalua.exe -a C:\Users\admin\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=smt
Task: {B7A19E07-846D-409F-B7F6-DEEFFA568013} - System32\Tasks\{7D4F9702-F680-43B7-B33D-5D0B50533B71} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {BA7A3D4D-05B7-4289-8E31-C295248928FE} - System32\Tasks\{45951CB7-774E-4695-A9EB-B860317AA6D3} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {C250493C-00EE-4DDB-9199-E8025EFF9C17} - System32\Tasks\Aufgaben der Ereignisanzeige\System_Service Control Manager_7001 => C:\Program Files (x86)\Dev-Cpp\devcpp.exe [2014-11-01] (Bloodshed Software)
Task: {C8F39163-2C68-480A-942F-B9FBC1D1FE6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-12] (Google Inc.)
Task: {CB36B87D-3291-4E1F-9773-48A3A334D53A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CEA0DE1F-289A-4695-A878-D208156D0A94} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {CFB8ABEC-6757-46E6-8EFC-E0BE2EDF389D} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {D9A1225A-818F-490E-A8D2-87CDB5D762B8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation)
Task: {DD422558-2E0D-41BD-B876-DD539DF6525E} - System32\Tasks\{2B222A2F-11BC-41E4-B2DF-21B4FC5268D1} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {DE537368-396A-4F53-B6D5-96B4AD35DE41} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E2484FC4-A3C9-4BAF-8E8C-15E6D2B8018B} - System32\Tasks\{36036BFE-A7D1-4FEC-9723-E0E4A6990D8E} => pcalua.exe -a C:\Users\admin\Downloads\ensharpendecoder_win.exe -d C:\Users\admin\Downloads
Task: {E7D0D2C6-A37C-487D-A5C3-98BE9DE6BA04} - System32\Tasks\{9ECFA4AD-89C0-4631-8D5F-B2FBE5DAA7BD} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {EC581E02-D4D8-41BB-9CD8-CBFBF873D645} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F3B427A6-5261-478B-A816-B72D733BC307} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FBCF94F8-5346-4EBD-8FF9-0D3B616042BB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FD8AE7A9-F8A2-4A3F-8C71-265A9D8A58A9} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE90EA90-D163-4504-94C1-EDDC81748B3F} - System32\Tasks\{D7330FEA-6FA4-4A05-862C-DE04F8EE8934} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV\Go to OpenIV web site.lnk -> hxxp://openiv.com/
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f47c86c9d3240056\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=berjuspgraatherfufit
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d6731079c9ca4513\Tim - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=lejutplovshprohey
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-13 00:34 - 2015-12-10 18:08 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-09-14 19:34 - 2016-09-30 06:24 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-14 19:34 - 2016-09-30 06:24 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-14 19:35 - 2016-09-30 06:24 - 00418240 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2015-01-19 15:51 - 2005-04-22 06:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2016-01-08 16:47 - 2016-10-25 22:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-14 11:07 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-14 11:07 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-02-28 11:14 - 2016-10-26 15:28 - 00174872 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\quazip.dll
2014-08-04 15:43 - 2016-10-26 15:28 - 00103192 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 15:43 - 2016-10-26 15:28 - 00107800 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-08-04 15:46 - 2016-10-26 15:28 - 00312088 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-09-17 17:52 - 2015-09-17 17:52 - 00486912 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\plugins\soundboard.dll
2014-08-04 15:46 - 2016-10-26 15:28 - 00485656 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2016-10-20 14:13 - 2016-10-12 07:56 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.59\libglesv2.dll
2016-10-20 14:13 - 2016-10-12 07:56 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.59\libegl.dll
2016-08-22 11:24 - 2015-08-05 10:04 - 00020288 _____ () C:\Program Files\CCleaner\branding.dll
2015-07-17 19:34 - 2015-07-17 19:34 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-12-13 00:34 - 2016-10-29 21:07 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-12-13 00:34 - 2015-12-10 18:08 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-12-26 22:29 - 2016-03-23 15:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2014-12-26 22:29 - 2016-03-23 15:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-12-26 22:29 - 2016-03-23 15:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2014-12-26 22:29 - 2016-03-23 15:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-12-26 22:29 - 2016-03-23 15:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2014-12-26 22:29 - 2016-03-23 15:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-01-08 16:48 - 2016-09-30 06:24 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-14 19:35 - 2016-09-29 19:20 - 00500792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-14 19:35 - 2016-09-29 19:20 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-14 19:35 - 2016-09-29 19:20 - 02801208 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-14 19:35 - 2016-09-29 19:20 - 00244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-14 19:35 - 2016-09-29 19:20 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-14 19:35 - 2016-09-29 19:20 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-14 19:35 - 2016-09-29 19:20 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-09-14 19:35 - 2016-09-30 06:23 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2015-08-12 17:21 - 2015-07-20 17:15 - 00057344 _____ () C:\Program Files (x86)\Skiller PRO\lan.dll
2015-08-12 17:21 - 2012-08-14 22:41 - 00061440 _____ () C:\Program Files (x86)\Skiller PRO\hiddriver.dll
2014-12-25 19:10 - 2016-09-08 05:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-21 15:16 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-12-25 19:10 - 2016-10-13 03:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2014-12-25 19:10 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-25 19:10 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-25 19:10 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-25 19:10 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-12-25 19:10 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-01-21 15:16 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-21 15:16 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-12-25 19:10 - 2016-10-13 03:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-11 18:54 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-10-24 16:22 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2015-01-21 15:16 - 2015-09-25 01:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\Temp:$DATA [16]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\sony.com -> sony.com
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-10-29 16:19 - 00003845 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\Downloads\OgFbo9.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: Amazon Music => "C:\Users\admin\AppData\Local\Amazon Music\Amazon Music Helper.exe"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "FireStormStartUpAutoRun"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\StartupFolder: => "OMSI Addon Manager.lnk"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "GalaxyClient"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{02C426C7-9C4E-4A46-BD30-BF2CB5EF4DD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{E842F5E6-2B29-4074-9BF2-B355FD57CFE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{BE839E79-17A6-44E9-BD8C-744EDA451B12}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ED4D5EED-E19E-4B6D-BBC4-BD8EEFEE7381}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8FBBDFE3-4CB1-4C44-B130-9F4E3F691FAC}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E1761EA9-656C-45B2-B863-546C635E23F1}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{669459B0-4C41-4592-8E72-A0FB0805CD8C}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{752A7395-9B28-4E39-BCF6-7E3DD8054A8F}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6B8081F3-87E9-4699-87CF-57090607BD27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{71DC30A2-BC07-4ABA-BDA2-63EEE592F38B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [UDP Query User{FF3FF898-C74B-4BCA-B925-FE7B4D0F9193}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{8AC22E5D-7405-449A-8388-77E105A7FE3F}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{A670B346-EA46-4CAC-BF18-9BEF4316F6AE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0CDA39B9-771A-404F-89FE-D53CB2DF686A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B6DDF0D4-02B1-418B-B571-607D5A78445A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7DE4A39E-7657-462E-8DD9-DE820B7DD6BD}] => (Allow) LPort=80
FirewallRules: [{ECF6FA0C-4E01-41DD-A7F2-140111367D8E}] => (Allow) LPort=443
FirewallRules: [{DE1D9E03-8B7F-4268-8F96-9D9AA50517C4}] => (Allow) LPort=20010
FirewallRules: [{6758E0B6-6176-480E-9BD0-5588169E534A}] => (Allow) LPort=3478
FirewallRules: [{E2BECC4D-BF05-4A53-8EE8-FB929BE83063}] => (Allow) LPort=7850
FirewallRules: [{5E150AAC-48A4-42EF-A89E-E176DC0A97D2}] => (Allow) LPort=7852
FirewallRules: [{B49401C2-80B7-4D07-AE02-5957A1596873}] => (Allow) LPort=7853
FirewallRules: [{88985BEC-DDAD-4887-B7CD-4F130BB6118F}] => (Allow) LPort=27022
FirewallRules: [{7BA48D57-BBD5-4901-9C1F-E5BF4AAFD049}] => (Allow) LPort=6881
FirewallRules: [{3BE55950-CB5E-4CF2-9CAC-EF312DB32D00}] => (Allow) LPort=33333
FirewallRules: [{0AAF2623-F139-4A7D-916D-4069E7F8C1AC}] => (Allow) LPort=20443
FirewallRules: [{68DA44FA-FB2A-4903-AEC6-5D94CF1B949F}] => (Allow) LPort=8090
FirewallRules: [{F8C76348-E4E0-441E-A1FF-CF88497A089F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{6FC93E4D-5540-43D1-89EB-A96BD31D0F1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{D626B09E-7F01-42A0-AD69-CC6BE3770C29}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{59D57AD8-BBF7-47F9-873E-DE7AB528406E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D38884A6-7B75-4271-AA3B-71D8920FAABE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{23707E11-254F-44DA-AD9A-5457B22B8AFA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{84A71B2D-C33C-4F54-A1EE-F65495F71620}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{6026356A-7674-43FC-8085-74D21AEC89E2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{0239E52D-A3B7-4126-B38D-13D5E4242B3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{070B69FA-53FB-42E3-BDD8-8538E7CC30B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{98106D20-060A-48F3-8359-991D1DE45EE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{D0DBCDE8-177C-4A8B-B38F-9F4B49C7C324}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{7BEC5473-494D-40F1-A37E-7A367D96E928}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{EE651D0F-2E98-4B07-BDAA-C862782EBF74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{0A5056C0-4DB0-4206-B872-924322C961B6}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{0ADABA06-D9B3-4FC5-9E64-163A4837B7F9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B881BF59-13EC-4FEB-B124-A313EE74C6B7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{EFC84F2E-9AF3-4AAD-B1CC-BADD16C6A4F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{0DF3284A-B5EB-44AF-A5EF-9FBE6A91FE96}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{98999DE2-D041-446D-B6DB-D1598A3A560C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{CA9CEFFD-7057-4EA3-8E17-4C2DA545D13A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{4D460F5B-1E4D-435A-A2D7-12DDF57B93E6}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{C2CD94CE-1158-4F41-B6C8-61F0F264BB14}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{1B41650B-8C0A-417B-9EE0-26A0CA7900DF}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{EDAACE47-D7CC-436F-B457-BC3E0D182D33}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{641126E5-7F8E-47F5-A691-E1879DE5DFFF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{BAAF648D-A884-4BDD-BFB4-7C23E3F2D419}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{6C9FBCC4-DDA9-4DD9-844C-1710FE6F0DE7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E7B3426-674E-4744-8A34-8FEC5D89E744}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{04B12B99-4B38-47DF-AFFC-5BEE580B5E06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{112ED707-0790-4C38-A0C1-47772EA9E61F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2DEC3BC6-5A7F-451C-84F4-FD5985360ECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2014\F1_2014.exe
FirewallRules: [{29D97B07-E473-46E2-9397-3B88065E54A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2014\F1_2014.exe
FirewallRules: [{8AAAC971-5D08-488F-A9CB-4C3E83EBE438}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{A4C04855-1259-4E93-95DF-B3D7ABAE27D8}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [TCP Query User{238B3ED3-2017-4B3C-8774-004E2F2B4B6A}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{24118DF0-B1A6-40F9-AF54-ADDC6D6A7696}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{182D7FB5-34AC-41B1-B80D-3E14A7C3284D}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{A38DC822-8450-4E90-B948-763473EBFE62}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{34C8DCA4-9CB4-44EB-BDA4-2243B6A94638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{460924A2-DAB1-4BDE-B6F1-EBDAE9624B00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{52E7285A-54BF-4106-B38A-D532E6665E86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{55C59A32-7325-4163-9BBA-CECB8AC28884}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{69AADE24-7EB2-4BA0-B3E2-5022DBB3A73F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{4650E401-DB1C-4EE4-83FF-38ADA29F2284}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{D00893C0-8221-4E36-AE8E-207288F031D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{9FF1999F-00BA-459E-AE40-2778EB9B185F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{7D58F99F-B3EE-401F-9AAD-2F279AD69E15}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DDFC01D2-2BFA-4485-B57F-A3D08551180F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D12B0F98-80C9-414C-9231-12FF2EBD8733}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{9733224E-A078-49E6-964F-6532CBB534D0}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{C2A1FE85-9E02-45CC-AD6F-848DC061BD60}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{CFD11295-DA2F-430B-882A-978CE9849D24}] => (Block) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{6B332141-CA19-461B-AD50-22159F724AFA}] => (Block) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{9958D6F7-0D3E-439E-948B-1DA972AE7C93}] => (Allow) LPort=8317
FirewallRules: [{E2363DDC-96F7-4E0E-862B-0174D03365D5}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{459DC2E5-725B-42DD-8765-1001B4E93F6D}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [TCP Query User{41731BD2-7856-4EC2-8C24-868437B044B5}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5A1E15B3-7ABC-42A3-8DEC-94BCC3EE5989}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9C8281FE-3507-4B1B-96D5-1D4B179C6794}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{393A4BCA-8F94-4A5F-85EF-946A9827A55A}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7E95AA5A-3F59-4CA4-96C2-81D1682A08CD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{815E643C-390A-46F8-8F85-5E9E6F7473F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{160CD63E-1ED4-4CFB-A225-6D27F11A3F1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{7113C531-C03B-4057-B84A-C9CA43320428}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D0C966EC-3480-46FC-A3A5-4DF6EAC62FBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{44561A87-45DB-4C4D-8EF4-40DEAF86E3C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
==================== Wiederherstellungspunkte =========================
29-10-2016 23:09:58 Removed Vegas Pro 12.0 (64-bit)
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/29/2016 11:10:28 PM) (Source: MsiInstaller) (EventID: 11723) (User: ADMIN-PC)
Description: Produkt: Vegas Pro 12.0 (64-bit) -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SfMSILib_IsProcessRunning, Eintrag: SfMSILib_IsProcessRunning, Bibliothek: C:\ProgramData\Sony\customaction_x64.dll
Error: (10/29/2016 11:10:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (10/29/2016 11:07:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/29/2016 11:07:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/29/2016 11:07:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/29/2016 11:07:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/29/2016 11:07:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/29/2016 11:07:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Music.UI.exe, Version: 10.16092.1031.0, Zeitstempel: 0x5806afe7
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.494, Zeitstempel: 0x5775e4c5
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000000000071f28
ID des fehlerhaften Prozesses: 0x19fc
Startzeit der fehlerhaften Anwendung: 0x01d2322872225338
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16092.10311.0_x64__8wekyb3d8bbwe\Music.UI.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\KERNELBASE.dll
Berichtskennung: 05e230e1-649c-4da8-99aa-1a2590f666bc
Vollständiger Name des fehlerhaften Pakets: Microsoft.ZuneMusic_10.16092.10311.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.ZuneMusic
Error: (10/29/2016 11:07:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/29/2016 11:02:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (10/29/2016 11:07:25 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Microsoft.ZuneMusic.AppXg7frm9cyrqhbagxce6zrshkx8fn0ycca.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/29/2016 11:07:24 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/29/2016 11:07:24 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/29/2016 11:07:24 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/29/2016 11:07:24 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/29/2016 11:07:24 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App.AppXtjcey7sh4wvcw7hy21b0nmp0bq18dyzd.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/29/2016 11:02:32 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "CortanaUI" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/29/2016 11:02:31 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/29/2016 11:02:30 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "CortanaUI" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/29/2016 11:02:28 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2016-10-29 16:08:14.036
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-29 16:08:14.026
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-29 16:08:14.014
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-29 16:08:13.678
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-29 16:08:10.935
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-20 14:49:58.122
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-20 14:49:58.109
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-20 14:49:58.096
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-20 14:49:58.068
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-20 14:49:58.055
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8129.95 MB
Verfügbarer physikalischer RAM: 5282.64 MB
Summe virtueller Speicher: 16321.95 MB
Verfügbarer virtueller Speicher: 13321.01 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.44 GB) (Free:253.28 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive h: (Tevion) (Removable) (Total:7.4 GB) (Free:6.56 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3B0461CD)
Partition 1: (Active) - (Size=203 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 2 (Size: 7.4 GB) (Disk ID: 66205247)
No partition Table on disk 2.
==================== Ende von Addition.txt ============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2016
durchgeführt von admin (Administrator) auf ADMIN-PC (29-10-2016 23:10:37)
Gestartet von C:\Users\admin\Desktop
Geladene Profile: admin (Verfügbare Profile: admin & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Sharkoon Technologies) C:\Program Files (x86)\Skiller PRO\Monitor.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(TeamSpeak Systems GmbH) C:\Users\admin\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1842624 2016-09-30] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-02-28] (Power Software Ltd)
HKLM-x32\...\Run: [Skiller PRO] => C:\Program Files (x86)\Skiller PRO\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278528 2015-12-07] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [Spotify Web Helper] => C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1483888 2016-10-19] (Spotify Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [Spotify] => C:\Users\admin\AppData\Roaming\Spotify\Spotify.exe [6884976 2016-10-19] (Spotify Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [4090944 2016-09-20] (GOG.com)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\MountPoints2: {4c30d469-9739-11e4-bb0a-382c4a739a73} - "F:\pushinst.exe"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1aec2684-a865-4e41-9c8d-e825774221ec}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{1aec2684-a865-4e41-9c8d-e825774221ec}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5f030b30-5b32-48cf-92e1-9d9ca305ca6d}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8ba5c6f2-89a0-4423-9b49-1493df0677f5}: [DhcpNameServer] 192.168.178.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131124827243312315&GUID=5059F630-8847-C004-A9EE-042B72110A1F
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131124827243338633&GUID=5059F630-8847-C004-A9EE-042B72110A1F
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\grq6bzao.default [2016-10-29]
FF Extension: (Adblock Plus) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\grq6bzao.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-28]
FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{8C679308-89F3-402C-9323-8D9B3B6D57B2}] - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi
FF Extension: (Recordify Title Discover) - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi [2016-01-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-12] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: lejutplovshprohey
CHR HomePage: lejutplovshprohey -> hxxp://www.trotux.com/?z=79abb8c81d8fbf04419bec9g5zamee5q7e6e9m6z2z&from=fss&uid=WDCXWD10EZEX-00WN4A0_WD-WCC6Y4CVNXHVVNXHV&type=hp
CHR StartupUrls: lejutplovshprohey -> "hxxps://www.google.com/"
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit [2016-10-29] <==== ACHTUNG
CHR Extension: (Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-12]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-12]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-12]
CHR Extension: (Google Mail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-12]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey [2016-10-29] <==== ACHTUNG
CHR Extension: (Recordify Title Discover) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\kkgbclpocodjecojibeaaglcgndegljl [2016-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-29]
CHR HKLM-x32\...\Chrome\Extension: [kkgbclpocodjecojibeaaglcgndegljl] - C:\Program Files (x86)\Recordify\Extensions\recordify_chrome_0.3.18.crx [2016-09-17]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\admin\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-12-28]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2015-12-10] ()
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave Ltd.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [281152 2016-09-20] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6411840 2016-09-19] (GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-09-30] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-09-04] (Electronic Arts)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 vmicvss; C:\WINDOWS\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-26] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 abelssoft_recordify; C:\WINDOWS\system32\drivers\recordify.sys [68536 2016-03-30] (Abelssoft)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-12-10] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-04-10] (Phoenix Technologies) [Datei ist nicht signiert]
S3 fwlanusb5; C:\WINDOWS\system32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH) [Datei ist nicht signiert]
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
R3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-09-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-09-02] (NVIDIA Corporation)
S3 PVUSB; C:\WINDOWS\System32\drivers\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2000-01-01] (Realtek )
S3 scramby; C:\WINDOWS\System32\drivers\scramby.sys [29480 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\WINDOWS\System32\drivers\scramby_out.sys [34336 2007-08-08] (RapidSolution Software AG)
R3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R3 Sftfs; C:\WINDOWS\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation)
R3 Sftplay; C:\WINDOWS\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation)
R3 Sftredir; C:\WINDOWS\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation)
R3 Sftvol; C:\WINDOWS\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2000-01-01] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [16056 2016-10-29] (SlimWare Utilities, Inc.)
S1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102576 2015-08-26] ()
S1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25904 2015-08-26] ()
S1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [701232 2015-08-26] ()
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Datei ist nicht signiert]
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-10-29 23:05 - 2016-10-29 23:10 - 00022418 _____ C:\Users\admin\Desktop\FRST.txt
2016-10-29 23:05 - 2016-10-29 23:10 - 00000000 ____D C:\FRST
2016-10-29 23:04 - 2016-10-29 23:04 - 02408448 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2016-10-29 23:04 - 2016-10-29 23:04 - 02408448 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2016-10-29 22:57 - 2016-10-29 22:57 - 00036731 _____ C:\Users\admin\Downloads\Logs.rar
2016-10-29 21:10 - 2016-10-29 21:11 - 00406582 _____ C:\Users\admin\Downloads\startmenu.diagcab
2016-10-29 16:36 - 2016-10-29 16:36 - 00003756 _____ C:\WINDOWS\System32\Tasks\ACC
2016-10-29 16:36 - 2016-10-29 16:36 - 00000000 ____D C:\ProgramData\SlimWare Utilities, Inc
2016-10-29 16:36 - 2016-10-29 16:36 - 00000000 ____D C:\ProgramData\DriverSetupUtility
2016-10-29 16:36 - 2016-10-29 16:36 - 00000000 ____D C:\Program Files\DriverSetupUtility
2016-10-29 16:34 - 2016-10-29 16:34 - 00016056 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2016-10-29 16:34 - 2016-10-29 16:34 - 00000000 ____D C:\Users\admin\AppData\Local\SlimWare Utilities Inc
2016-10-29 16:33 - 2016-10-29 16:33 - 03910208 _____ C:\Users\admin\Downloads\adwcleaner_6.030.exe
2016-10-29 16:28 - 2016-10-29 16:28 - 00041208 _____ C:\Users\admin\Documents\cc_20161029_162824.reg
2016-10-29 12:57 - 2016-10-29 12:57 - 00002210 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-10-29 12:57 - 2016-10-25 22:00 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-10-29 12:57 - 2016-09-09 20:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-10-29 12:57 - 2016-09-09 20:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-10-29 12:57 - 2016-09-09 20:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-10-29 12:57 - 2016-09-09 20:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-10-29 12:56 - 2016-10-29 12:56 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-10-29 12:54 - 2016-10-26 03:09 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 40123840 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 35224632 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 28202040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 20718400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 17577728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 14516216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 10912232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 10782952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 10332664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 09120512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 08913512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 08723968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 02940352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 02574784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437570.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437570.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00617696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00572584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00470584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00390200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00384448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00172920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00150784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00131720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-10-29 12:54 - 2016-10-25 23:40 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-10-29 12:54 - 2016-10-25 23:40 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-10-26 16:20 - 2016-10-26 16:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-25 20:41 - 2016-10-25 20:41 - 13165792 _____ (Microsoft Corporation) C:\Users\admin\Downloads\Silverlight_x64.exe
2016-10-24 16:04 - 2016-10-24 16:09 - 00009631 _____ C:\Users\admin\Documents\Italiensich Spicker v.1.odt
2016-10-20 14:47 - 2016-10-20 14:47 - 00071140 _____ C:\Users\admin\Downloads\TradeMan 1.22h4-6-1-22.zip
2016-10-20 14:41 - 2016-10-20 14:42 - 38827969 _____ C:\Users\admin\Downloads\E3FX V7-23-7.zip
2016-10-20 14:37 - 2016-10-20 14:38 - 41576087 _____ C:\Users\admin\Downloads\E3FX 8.5 (Alternative Bloom)-23-8-5.zip
2016-10-20 14:33 - 2016-10-20 14:33 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2 (2).exe
2016-10-20 14:32 - 2016-10-20 14:33 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2 (1).exe
2016-10-20 14:22 - 2016-10-20 14:22 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2.exe
2016-10-20 14:21 - 2016-10-20 14:44 - 00000000 ____D C:\Users\admin\Desktop\Witcher .dll
2016-10-18 17:37 - 2016-10-18 17:38 - 02891915 _____ C:\Users\admin\Downloads\Fair Sale - Better sale prices v1.03 -4-1-03.7z
2016-10-10 19:01 - 2016-10-01 23:11 - 01935808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437306.dll
2016-10-10 19:01 - 2016-10-01 23:11 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437306.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-10-29 23:07 - 2015-01-13 18:44 - 00000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2016-10-29 22:45 - 2015-01-24 13:20 - 00000000 ____D C:\Users\admin\AppData\Roaming\TS3Client
2016-10-29 21:18 - 2014-12-25 19:09 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-29 21:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-29 21:13 - 2015-12-13 00:39 - 02087808 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-29 21:13 - 2015-10-30 20:35 - 00888452 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-29 21:13 - 2015-10-30 20:35 - 00197278 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-29 21:13 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-10-29 21:11 - 2015-01-25 19:59 - 00000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2016-10-29 21:08 - 2016-08-12 18:27 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-29 21:08 - 2015-12-13 00:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-29 21:07 - 2015-12-13 00:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-29 16:57 - 2016-09-18 12:48 - 00000000 ____D C:\ProgramData\updater2
2016-10-29 16:42 - 2015-12-13 00:30 - 04995152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-29 16:38 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-10-29 16:37 - 2015-08-01 18:21 - 00000000 ____D C:\AdwCleaner
2016-10-29 16:29 - 2016-01-16 21:44 - 00000000 ____D C:\WINDOWS\Minidump
2016-10-29 16:27 - 2016-01-21 17:52 - 00000000 ____D C:\Program Files\CCleaner
2016-10-29 16:19 - 2015-12-13 00:40 - 00000000 ____D C:\Users\admin
2016-10-29 15:51 - 2015-01-11 16:40 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-29 15:29 - 2016-09-07 14:12 - 00000000 ____D C:\Users\admin\Documents\The Witcher 3
2016-10-29 12:57 - 2016-09-04 12:58 - 00000000 ____D C:\WINDOWS\LastGood
2016-10-29 12:57 - 2016-01-08 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-10-29 12:57 - 2015-12-13 00:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-10-29 12:56 - 2015-12-13 00:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-10-29 12:56 - 2015-12-13 00:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-29 12:56 - 2015-04-07 22:02 - 00000000 ____D C:\Users\admin\AppData\Local\NVIDIA Corporation
2016-10-28 16:04 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-28 03:22 - 2010-11-21 05:27 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-10-27 00:16 - 2016-01-08 16:46 - 14159928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-10-26 16:36 - 2014-11-08 18:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-26 16:36 - 2014-11-08 18:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-26 16:36 - 2014-11-08 18:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-26 15:28 - 2014-12-27 20:56 - 00000000 ____D C:\Users\admin\AppData\Local\TeamSpeak 3 Client
2016-10-26 03:09 - 2015-11-12 18:25 - 01595456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-10-26 03:09 - 2015-11-12 18:25 - 00212936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-10-25 23:40 - 2016-01-08 16:46 - 24365624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-10-25 23:40 - 2016-01-08 16:46 - 03927288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-10-25 23:40 - 2016-01-08 16:46 - 03468736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-10-25 23:40 - 2016-01-08 16:46 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2016-10-25 22:17 - 2016-01-08 16:47 - 06386232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-10-25 22:17 - 2016-01-08 16:47 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-10-25 22:17 - 2016-01-08 16:47 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-10-25 22:17 - 2016-01-08 16:47 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-10-25 22:17 - 2016-01-08 16:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-10-25 22:17 - 2016-01-08 16:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-10-25 22:17 - 2016-01-08 16:47 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-10-25 22:13 - 2016-09-14 19:34 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-10-25 20:41 - 2014-11-08 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-24 08:31 - 2016-01-08 16:47 - 07507695 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-10-21 11:23 - 2016-09-08 14:08 - 00002004 _____ C:\Users\admin\Desktop\The Witcher® 3 - Wild Hunt.lnk
2016-10-20 14:13 - 2016-08-12 18:28 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-20 14:13 - 2016-08-12 18:28 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-19 23:00 - 2016-04-07 19:50 - 00000000 ____D C:\Users\admin\AppData\Local\Spotify
2016-10-19 22:58 - 2016-09-17 09:53 - 00000000 ____D C:\Users\admin\Documents\Recordify
2016-10-19 22:32 - 2016-04-07 19:49 - 00000000 ____D C:\Users\admin\AppData\Roaming\Spotify
2016-10-18 17:42 - 2016-09-23 14:09 - 00000931 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-10-18 17:42 - 2016-09-23 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-10-18 17:42 - 2016-09-23 14:09 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-10-10 18:46 - 2016-09-22 18:17 - 00003736 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 18:46 - 2016-09-14 19:35 - 00003924 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 18:46 - 2016-09-14 19:35 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-10-10 18:46 - 2016-09-14 19:34 - 00003988 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 18:46 - 2016-09-14 19:34 - 00003960 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 18:46 - 2016-09-14 19:34 - 00003898 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 18:46 - 2016-09-14 19:34 - 00003694 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-06 18:53 - 2016-09-04 19:11 - 00000000 ____D C:\Users\admin\Desktop\Memes
2016-09-30 06:24 - 2016-09-14 19:35 - 01842624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-09-30 06:24 - 2016-09-14 19:35 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-09-30 06:24 - 2016-09-14 19:35 - 01444288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-09-30 06:24 - 2016-09-14 19:35 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-09-30 06:24 - 2016-09-14 19:35 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-22 18:24 - 2015-04-22 18:24 - 0549471 _____ () C:\Program Files\vac414demo.zip
2015-08-01 18:08 - 2015-08-01 18:29 - 6420480 _____ () C:\Program Files (x86)\GUT20.tmp
2014-10-10 14:07 - 2014-10-10 14:07 - 0000000 _____ () C:\Users\admin\AppData\Roaming\gdfw.log
2014-10-10 14:07 - 2014-10-10 14:07 - 0000779 _____ () C:\Users\admin\AppData\Roaming\gdscan.log
2016-03-20 14:57 - 2016-03-20 14:57 - 0003584 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-10 15:36 - 2015-04-10 15:36 - 0000058 _____ () C:\Users\admin\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-05-26 21:44 - 2015-12-12 18:05 - 0007601 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2015-12-13 00:35 - 2015-12-13 00:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-30 20:56 - 2015-03-01 20:57 - 0000032 ____R () C:\ProgramData\hash.dat
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\hash.dat
Einige Dateien in TEMP:
====================
C:\Users\admin\AppData\Local\Temp\libeay32.dll
C:\Users\admin\AppData\Local\Temp\msvcr120.dll
C:\Users\admin\AppData\Local\Temp\Nexus Mod Manager-0.63.1.exe
C:\Users\admin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\admin\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\admin\AppData\Local\Temp\nvStInst.exe
C:\Users\admin\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-22 15:01
==================== Ende von FRST.txt ============================
|
|
30.10.2016, 11:45
| #2 |
| /// TB-Ausbilder   | Windows 10: CMD Konsole öffnet sich von alleine mit BSOD Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Du hast da Einiges an Adware drauf. Dein Google Chrome ist schwer mit Adware infiziert. Bitte alle Schritte genau so ausführen, auch MBAM nochmal. Bei Schritt 1 bitte alle Optionen setzen wie aufgelistet. Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
30.10.2016, 12:36
| #3 |
| | Windows 10: CMD Konsole öffnet sich von alleine mit BSOD Hallo,
__________________Hier sind einmal die Logs von: mbam: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 30.10.2016 Suchlaufzeit: 12:03 Protokolldatei: MBAM.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.10.30.06 Rootkit-Datenbank: v2016.09.26.02 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: admin Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 392847 Abgelaufene Zeit: 13 Min., 20 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 10 Pro x64
Ran by admin (Administrator) on 30.10.2016 at 12:22:29,81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 9
Successfully deleted: C:\ProgramData\55410810300555510 (Folder)
Successfully deleted: C:\ProgramData\lgcalmneccjkphmfagifiiahpghbalbg (Folder)
Successfully deleted: C:\Users\admin\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\admin\Appdata\LocalLow\company (Folder)
Successfully deleted: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\grq6bzao.default\extensions\trash (Folder)
Successfully deleted: C:\WINDOWS\hgfs.sys (File)
Successfully deleted: C:\WINDOWS\prleth.sys (File)
Successfully deleted: C:\Program Files (x86)\GUT20.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\RENE651.tmp (File)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.10.2016 at 12:25:04,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v6.030 - Bericht erstellt am 30/10/2016 um 11:59:18
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-10-30.1 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : admin - ADMIN-PC
# Gestartet von : C:\Users\admin\Desktop\AdwCleaner_6.030 (1).exe
# Modus: Löschen
# Unterstützung : hxxps://www.malwarebytes.com/support
***** [ Dienste ] *****
[-] Dienst gelöscht: swdumon
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\admin\AppData\Local\slimware utilities inc
[#] Ordner mit Neustart gelöscht: C:\Users\admin\AppData\Local\SlimWare Utilities Inc
[-] Ordner gelöscht: C:\Program Files\DriverSetupUtility
[-] Ordner gelöscht: C:\ProgramData\DriverSetupUtility
[-] Ordner gelöscht: C:\ProgramData\SlimWare Utilities, Inc
***** [ Dateien ] *****
[-] Datei gelöscht: C:\WINDOWS\SysNative\drivers\swdumon.sys
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [14204 Bytes] - [12/07/2016 21:31:30]
C:\AdwCleaner\AdwCleaner[C2].txt - [3326 Bytes] - [18/09/2016 18:54:57]
C:\AdwCleaner\AdwCleaner[C3].txt - [2280 Bytes] - [29/10/2016 15:37:32]
C:\AdwCleaner\AdwCleaner[C4].txt - [1673 Bytes] - [30/10/2016 11:59:18]
C:\AdwCleaner\AdwCleaner[R0].txt - [9667 Bytes] - [01/08/2015 17:22:02]
C:\AdwCleaner\AdwCleaner[S0].txt - [9475 Bytes] - [01/08/2015 17:29:11]
C:\AdwCleaner\AdwCleaner[S1].txt - [16242 Bytes] - [12/07/2016 21:20:54]
C:\AdwCleaner\AdwCleaner[S2].txt - [4588 Bytes] - [18/09/2016 18:53:22]
C:\AdwCleaner\AdwCleaner[S3].txt - [2313 Bytes] - [29/10/2016 15:35:25]
C:\AdwCleaner\AdwCleaner[S4].txt - [2186 Bytes] - [30/10/2016 11:54:39]
C:\AdwCleaner\AdwCleaner[S5].txt - [2259 Bytes] - [30/10/2016 11:58:41]
########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [2258 Bytes] ##########
Code:
ATTFilter ==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8129.95 MB
Verfügbarer physikalischer RAM: 5837.43 MB
Summe virtueller Speicher: 16321.95 MB
Verfügbarer virtueller Speicher: 14193.93 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.44 GB) (Free:251.07 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive h: (Tevion) (Removable) (Total:7.4 GB) (Free:6.56 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3B0461CD)
Partition 1: (Active) - (Size=203 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 2 (Size: 7.4 GB) (Disk ID: 66205247)
No partition Table on disk 2.
==================== Ende von Addition.txt ============================
Code:
ATTFilter
LastRegBack: 2016-08-22 14:01
==================== Ende von FRST.txt ============================
|
|
31.10.2016, 15:35
| #4 |
| /// TB-Ausbilder | Windows 10: CMD Konsole öffnet sich von alleine mit BSOD Servus, FRST.txt und Addition.txt sind unvollständig. Bitte vollständig nachreichen. |
|
31.10.2016, 16:05
| #5 |
| | Windows 10: CMD Konsole öffnet sich von alleine mit BSOD Hups... da ist wohl was schief gelaufen  Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-10-2016
durchgeführt von admin (31-10-2016 15:55:31)
Gestartet von C:\Users\admin\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-12 23:10:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
admin (S-1-5-21-2499327049-1345700090-1954953358-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-2499327049-1345700090-1954953358-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2499327049-1345700090-1954953358-503 - Limited - Disabled)
Gast (S-1-5-21-2499327049-1345700090-1954953358-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Active Directory Authentication Library für SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library für SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Benutzerhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Useg) (Version: - )
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.7 - BlueJ Team)
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version: - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation)
CASIO FA-124 (HKLM-x32\...\{FB47E710-6249-4EFA-BE36-E922B0612AF4}) (Version: 2.04.0000 - CASIO COMPUTER CO., LTD.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CrystalDiskInfo 6.6.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.6.1 - Crystal Dew World)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.2 - Bloodshed Software)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.2.0.5.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.2 Alpha - ETS2MP Team)
F1 2014 (HKLM-x32\...\Steam App 226580) (Version: - Codemasters)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
FireStorm version V1.0.46.005 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.46.005 - )
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.5.323 - DVDVideoSoft Ltd.)
Free Video to Flash Converter version 5.0.55.113 (HKLM-x32\...\Free Video to Flash Converter_is1) (Version: 5.0.55.113 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.51.1215 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.51.1215 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.59 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
LibreOffice 5.1.4.2 (HKLM-x32\...\{D5D4AC5C-C757-4EB2-857C-B021DB22482C}) (Version: 5.1.4.2 - The Document Foundation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6129.5001 - Microsoft Corporation)
Microsoft PowerPoint Home and Student 2010 (HKLM-x32\...\Office14.POWERPOINTR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2016 Management Objects (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{7F6DCED8-6A2B-4436-AF20-8F659D04E388}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Netzwerkhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Netg) (Version: - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.1 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.7 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PlanetSide 2 (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7640 - Realtek Semiconductor Corp.)
Recordify 2016 (HKLM-x32\...\{E25B0FAA-66E5-4D2E-9B48-3B85B31543BF}_is1) (Version: 1.54 - Abelssoft)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Roslyn Language Services - x86 (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
Samsung Kies (x32 Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Scansoft PDF Professional (x32 Version: - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINTR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Spotify) (Version: 1.0.39.157.g674ae377 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25521 - Microsoft) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechSmith Screen Capture Codec (x32 Version: 3.1.0 - TechSmith Corporation) Hidden
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com)
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00EC848C-86C9-47BC-B85B-13FA387FDF59} - kein Dateipfad
Task: {031FE6EA-3811-413F-9C38-968399449312} - System32\Tasks\{E6D8422F-5911-48C8-A2CB-4839FC783C13} => C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
Task: {049E94B2-F0AB-43A3-A7E3-ABFDCFB2C1CE} - kein Dateipfad
Task: {04DB3C46-6919-4F66-945A-81B4A588BFE7} - System32\Tasks\{A13D3229-3538-4A9B-BC9D-4D7E46FEA6D1} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {053D44B9-7A00-49D6-9344-FD129CD575D1} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {073795C9-8A8F-499A-A1E9-4F464494A6E4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0BA0124E-9A6D-4875-BCC6-5F9AB9333055} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {0C3D1C09-F503-40AB-B1E9-5A5D061F520E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {0DE5621F-D1D7-472C-96B2-658556860924} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {17B7F027-9973-4196-8D91-ADE023D54742} - System32\Tasks\{1AE02D85-E364-45B6-92B0-A30EC8FDDDC9} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {17C6AD99-1673-4817-AD75-8F22CE4F1F18} - System32\Tasks\{9CF80396-B379-427D-9DBE-54858E636648} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {196EB3B7-F969-44FB-8904-FC3FFEBCEA36} - System32\Tasks\{E61D7DD5-0347-491C-94EE-5B2A55F53E7F} => pcalua.exe -a "C:\Users\admin\Desktop\lgs510 (1).exe" -d C:\Users\admin\Desktop
Task: {1B373374-5B77-4BD2-9CAC-A088601DAAA0} - \SimpleFiles Installer Starter -> Keine Datei <==== ACHTUNG
Task: {1C57893A-73C3-488F-B526-A8887F2953A7} - kein Dateipfad
Task: {1EC1E15D-F018-4723-9070-4D369E8FEC5C} - System32\Tasks\{DD61DBDB-E610-4BA6-A9B8-8B08C63A417E} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {2567BB02-4670-455E-9C02-C931857870E6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {2B1E6290-3296-4B86-934C-BC5EDCE018AD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2BF4E1F4-BBF9-4735-A379-CD2D2324F79A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {35931239-6C01-4EB9-9F06-B5E34733FB8A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {3835EB9A-A64B-475E-8C88-55D172209009} - System32\Tasks\{BE51D640-5212-4286-940E-DCA2AE9961AB} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {3A147D4D-2142-4D6A-8909-CE683B68FE9A} - System32\Tasks\{A3A353F9-9F9B-44FE-B96D-31646B313523} => pcalua.exe -a C:\Users\admin\Downloads\lgs510.exe -d C:\Users\admin\Downloads
Task: {3ACDCFF8-92A6-4952-A33F-65AF05026115} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29] (Oracle Corporation)
Task: {3BA6A0E0-A338-4CA3-B585-0615270FA949} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {41EBF101-ACE4-4536-8696-90E37984A3E8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {48B78AE7-76A1-472C-8530-AAED256A3D7D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {4B4680D9-E2FE-4D78-8188-B1D11D741EBF} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4D52F5DD-1E4E-4B32-B1B5-BD1C7C4887A1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4ED0E3B6-4DC7-469D-9BD7-A7DA52E08299} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {4FE790BC-A8CB-4349-9629-E4036E9775AF} - System32\Tasks\{39F95DBA-5A4E-4CD2-BB4A-CCE9B94F3079} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {52861456-C744-4ECB-9338-A5EEADA219FA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {557BC2D0-F3F2-4A25-B697-21EC090FDE04} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {56EA4D43-A086-4470-B96E-9FB1768E6ED3} - System32\Tasks\{78912F09-9E09-46ED-8941-11871D4D0C4F} => C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
Task: {57E88640-41B7-4F5D-B851-AFD2838B1C63} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {5E324125-D66E-4D57-8894-976BA96DA865} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5EDE42A2-4A64-484D-800F-C420FA956798} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {67E03967-E26A-4558-8EAB-94C6D7F4330E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {6CFCB68E-50BB-4EC0-85D2-F81762436F24} - System32\Tasks\{47953A5F-E19D-43A8-9964-E39351028038} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {70125431-E640-4C46-8962-AB99C000B9DD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {70278F75-C037-45E7-BF31-69E4C0C8AE56} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {70CE0011-D1AA-42E4-953D-619628912C34} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {75C6EF2C-5336-4D15-964D-A3FA8A1B8BDE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {77F56DD3-E368-46A5-953A-04C3CC67DFDB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-12] (Google Inc.)
Task: {7A28B1AA-97A0-44B4-98F5-467B1CB68A43} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7BBA2D3D-7FA5-4DB4-98CB-C570319C1451} - System32\Tasks\{BC2D6434-8781-46B3-A9A1-BA1C57245AF3} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {878BFAD2-5A40-4B5D-8ADA-E9454C0B39A6} - kein Dateipfad
Task: {8838DCD1-B08E-428D-BF01-24E3B9250A53} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {88F45939-0423-4D4B-96F8-374FF864A93E} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {8B63AD8C-9FAF-4D05-AA3F-27B212A2DFCC} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8F02CB1D-35C4-4102-82B6-66D4C8008C1C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8F430278-2F26-4A86-B85E-42AAEE59C70A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {94670801-FB2B-4E67-AF37-4058B0DCE01A} - System32\Tasks\{F602CB6B-B3B2-4743-AF06-2F66C7BE8499} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {98198969-9034-402D-A679-29DA601446CB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9D5C522B-37BD-46E3-A442-AC23F73592B2} - System32\Tasks\{5C3EC2B9-4AC5-4839-8D87-302FA3C3ACBE} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {AA88E7A4-D1C3-4D6A-A6E3-DA77B9294E7A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AC033A59-1DF9-4ED5-BCFA-794A7A14E327} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {AE2CC07B-7448-4E97-8DFB-A9AF57990CC7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AEB1413A-1D68-4FF8-926E-D120A0757E6E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation)
Task: {AFDBEA67-0843-4AB5-BD1D-9CA29F285BBD} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {B30CA99E-2FB7-4A1F-9310-5086E459D3E4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {B47DB38F-7D31-430C-9BBE-8D3C4ABF9FB3} - System32\Tasks\{7992860A-8431-4122-927D-23C50BAB92FB} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {B558C71A-7D97-4074-92B9-1D455069D76A} - System32\Tasks\{E2612081-8FB6-438B-922C-0A1CE766B7A5} => pcalua.exe -a C:\Users\admin\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=smt
Task: {B7A19E07-846D-409F-B7F6-DEEFFA568013} - System32\Tasks\{7D4F9702-F680-43B7-B33D-5D0B50533B71} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {BA7A3D4D-05B7-4289-8E31-C295248928FE} - System32\Tasks\{45951CB7-774E-4695-A9EB-B860317AA6D3} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {C250493C-00EE-4DDB-9199-E8025EFF9C17} - System32\Tasks\Aufgaben der Ereignisanzeige\System_Service Control Manager_7001 => C:\Program Files (x86)\Dev-Cpp\devcpp.exe [2014-11-01] (Bloodshed Software)
Task: {C8F39163-2C68-480A-942F-B9FBC1D1FE6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-12] (Google Inc.)
Task: {CB36B87D-3291-4E1F-9773-48A3A334D53A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CEA0DE1F-289A-4695-A878-D208156D0A94} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {CFB8ABEC-6757-46E6-8EFC-E0BE2EDF389D} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {D9A1225A-818F-490E-A8D2-87CDB5D762B8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation)
Task: {DD422558-2E0D-41BD-B876-DD539DF6525E} - System32\Tasks\{2B222A2F-11BC-41E4-B2DF-21B4FC5268D1} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {DE537368-396A-4F53-B6D5-96B4AD35DE41} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E2484FC4-A3C9-4BAF-8E8C-15E6D2B8018B} - System32\Tasks\{36036BFE-A7D1-4FEC-9723-E0E4A6990D8E} => pcalua.exe -a C:\Users\admin\Downloads\ensharpendecoder_win.exe -d C:\Users\admin\Downloads
Task: {E7D0D2C6-A37C-487D-A5C3-98BE9DE6BA04} - System32\Tasks\{9ECFA4AD-89C0-4631-8D5F-B2FBE5DAA7BD} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {EC581E02-D4D8-41BB-9CD8-CBFBF873D645} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F3B427A6-5261-478B-A816-B72D733BC307} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FBCF94F8-5346-4EBD-8FF9-0D3B616042BB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FD8AE7A9-F8A2-4A3F-8C71-265A9D8A58A9} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE90EA90-D163-4504-94C1-EDDC81748B3F} - System32\Tasks\{D7330FEA-6FA4-4A05-862C-DE04F8EE8934} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV\Go to OpenIV web site.lnk -> hxxp://openiv.com/
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f47c86c9d3240056\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=berjuspgraatherfufit
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d6731079c9ca4513\Tim - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=lejutplovshprohey
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-12 23:34 - 2015-12-10 17:08 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-09-14 18:34 - 2016-09-30 05:24 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-14 18:34 - 2016-09-30 05:24 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-14 18:35 - 2016-09-30 05:24 - 00418240 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2015-01-19 14:51 - 2005-04-22 05:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2016-07-14 10:07 - 2016-07-01 05:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-14 10:07 - 2016-07-01 05:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-08 15:47 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-20 13:13 - 2016-10-12 06:56 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.59\libglesv2.dll
2016-10-20 13:13 - 2016-10-12 06:56 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.59\libegl.dll
2015-12-12 23:34 - 2016-10-31 15:00 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-12-12 23:34 - 2015-12-10 17:08 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-01-08 15:48 - 2016-09-30 05:24 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-12 16:21 - 2015-07-20 16:15 - 00057344 _____ () C:\Program Files (x86)\Skiller PRO\lan.dll
2015-08-12 16:21 - 2012-08-14 21:41 - 00061440 _____ () C:\Program Files (x86)\Skiller PRO\hiddriver.dll
2016-09-14 18:35 - 2016-09-30 05:23 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-09-14 18:35 - 2016-09-29 18:20 - 00500792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-14 18:35 - 2016-09-29 18:20 - 02801208 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\Temp:$DATA [16]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\sony.com -> sony.com
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-10-29 15:19 - 00003845 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\Downloads\OgFbo9.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: Amazon Music => "C:\Users\admin\AppData\Local\Amazon Music\Amazon Music Helper.exe"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "FireStormStartUpAutoRun"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\StartupFolder: => "OMSI Addon Manager.lnk"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "GalaxyClient"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{02C426C7-9C4E-4A46-BD30-BF2CB5EF4DD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{E842F5E6-2B29-4074-9BF2-B355FD57CFE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{BE839E79-17A6-44E9-BD8C-744EDA451B12}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ED4D5EED-E19E-4B6D-BBC4-BD8EEFEE7381}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8FBBDFE3-4CB1-4C44-B130-9F4E3F691FAC}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E1761EA9-656C-45B2-B863-546C635E23F1}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{669459B0-4C41-4592-8E72-A0FB0805CD8C}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{752A7395-9B28-4E39-BCF6-7E3DD8054A8F}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6B8081F3-87E9-4699-87CF-57090607BD27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{71DC30A2-BC07-4ABA-BDA2-63EEE592F38B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [UDP Query User{FF3FF898-C74B-4BCA-B925-FE7B4D0F9193}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{8AC22E5D-7405-449A-8388-77E105A7FE3F}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{A670B346-EA46-4CAC-BF18-9BEF4316F6AE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0CDA39B9-771A-404F-89FE-D53CB2DF686A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B6DDF0D4-02B1-418B-B571-607D5A78445A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7DE4A39E-7657-462E-8DD9-DE820B7DD6BD}] => (Allow) LPort=80
FirewallRules: [{ECF6FA0C-4E01-41DD-A7F2-140111367D8E}] => (Allow) LPort=443
FirewallRules: [{DE1D9E03-8B7F-4268-8F96-9D9AA50517C4}] => (Allow) LPort=20010
FirewallRules: [{6758E0B6-6176-480E-9BD0-5588169E534A}] => (Allow) LPort=3478
FirewallRules: [{E2BECC4D-BF05-4A53-8EE8-FB929BE83063}] => (Allow) LPort=7850
FirewallRules: [{5E150AAC-48A4-42EF-A89E-E176DC0A97D2}] => (Allow) LPort=7852
FirewallRules: [{B49401C2-80B7-4D07-AE02-5957A1596873}] => (Allow) LPort=7853
FirewallRules: [{88985BEC-DDAD-4887-B7CD-4F130BB6118F}] => (Allow) LPort=27022
FirewallRules: [{7BA48D57-BBD5-4901-9C1F-E5BF4AAFD049}] => (Allow) LPort=6881
FirewallRules: [{3BE55950-CB5E-4CF2-9CAC-EF312DB32D00}] => (Allow) LPort=33333
FirewallRules: [{0AAF2623-F139-4A7D-916D-4069E7F8C1AC}] => (Allow) LPort=20443
FirewallRules: [{68DA44FA-FB2A-4903-AEC6-5D94CF1B949F}] => (Allow) LPort=8090
FirewallRules: [{F8C76348-E4E0-441E-A1FF-CF88497A089F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{6FC93E4D-5540-43D1-89EB-A96BD31D0F1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{D626B09E-7F01-42A0-AD69-CC6BE3770C29}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{59D57AD8-BBF7-47F9-873E-DE7AB528406E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D38884A6-7B75-4271-AA3B-71D8920FAABE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{23707E11-254F-44DA-AD9A-5457B22B8AFA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{84A71B2D-C33C-4F54-A1EE-F65495F71620}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{6026356A-7674-43FC-8085-74D21AEC89E2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{0239E52D-A3B7-4126-B38D-13D5E4242B3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{070B69FA-53FB-42E3-BDD8-8538E7CC30B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{98106D20-060A-48F3-8359-991D1DE45EE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{D0DBCDE8-177C-4A8B-B38F-9F4B49C7C324}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{7BEC5473-494D-40F1-A37E-7A367D96E928}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{EE651D0F-2E98-4B07-BDAA-C862782EBF74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{0A5056C0-4DB0-4206-B872-924322C961B6}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{0ADABA06-D9B3-4FC5-9E64-163A4837B7F9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B881BF59-13EC-4FEB-B124-A313EE74C6B7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{EFC84F2E-9AF3-4AAD-B1CC-BADD16C6A4F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{0DF3284A-B5EB-44AF-A5EF-9FBE6A91FE96}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{98999DE2-D041-446D-B6DB-D1598A3A560C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{CA9CEFFD-7057-4EA3-8E17-4C2DA545D13A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{4D460F5B-1E4D-435A-A2D7-12DDF57B93E6}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{C2CD94CE-1158-4F41-B6C8-61F0F264BB14}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{1B41650B-8C0A-417B-9EE0-26A0CA7900DF}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{EDAACE47-D7CC-436F-B457-BC3E0D182D33}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{641126E5-7F8E-47F5-A691-E1879DE5DFFF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{BAAF648D-A884-4BDD-BFB4-7C23E3F2D419}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{6C9FBCC4-DDA9-4DD9-844C-1710FE6F0DE7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E7B3426-674E-4744-8A34-8FEC5D89E744}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{04B12B99-4B38-47DF-AFFC-5BEE580B5E06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{112ED707-0790-4C38-A0C1-47772EA9E61F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2DEC3BC6-5A7F-451C-84F4-FD5985360ECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2014\F1_2014.exe
FirewallRules: [{29D97B07-E473-46E2-9397-3B88065E54A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2014\F1_2014.exe
FirewallRules: [{8AAAC971-5D08-488F-A9CB-4C3E83EBE438}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{A4C04855-1259-4E93-95DF-B3D7ABAE27D8}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [TCP Query User{238B3ED3-2017-4B3C-8774-004E2F2B4B6A}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{24118DF0-B1A6-40F9-AF54-ADDC6D6A7696}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{182D7FB5-34AC-41B1-B80D-3E14A7C3284D}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{A38DC822-8450-4E90-B948-763473EBFE62}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{34C8DCA4-9CB4-44EB-BDA4-2243B6A94638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{460924A2-DAB1-4BDE-B6F1-EBDAE9624B00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{52E7285A-54BF-4106-B38A-D532E6665E86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{55C59A32-7325-4163-9BBA-CECB8AC28884}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{69AADE24-7EB2-4BA0-B3E2-5022DBB3A73F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{4650E401-DB1C-4EE4-83FF-38ADA29F2284}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{D00893C0-8221-4E36-AE8E-207288F031D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{9FF1999F-00BA-459E-AE40-2778EB9B185F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{7D58F99F-B3EE-401F-9AAD-2F279AD69E15}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DDFC01D2-2BFA-4485-B57F-A3D08551180F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D12B0F98-80C9-414C-9231-12FF2EBD8733}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{9733224E-A078-49E6-964F-6532CBB534D0}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{C2A1FE85-9E02-45CC-AD6F-848DC061BD60}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{CFD11295-DA2F-430B-882A-978CE9849D24}] => (Block) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{6B332141-CA19-461B-AD50-22159F724AFA}] => (Block) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{9958D6F7-0D3E-439E-948B-1DA972AE7C93}] => (Allow) LPort=8317
FirewallRules: [{E2363DDC-96F7-4E0E-862B-0174D03365D5}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{459DC2E5-725B-42DD-8765-1001B4E93F6D}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [TCP Query User{41731BD2-7856-4EC2-8C24-868437B044B5}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5A1E15B3-7ABC-42A3-8DEC-94BCC3EE5989}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9C8281FE-3507-4B1B-96D5-1D4B179C6794}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{393A4BCA-8F94-4A5F-85EF-946A9827A55A}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7E95AA5A-3F59-4CA4-96C2-81D1682A08CD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{815E643C-390A-46F8-8F85-5E9E6F7473F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{160CD63E-1ED4-4CFB-A225-6D27F11A3F1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{7113C531-C03B-4057-B84A-C9CA43320428}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D0C966EC-3480-46FC-A3A5-4DF6EAC62FBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{44561A87-45DB-4C4D-8EF4-40DEAF86E3C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
==================== Wiederherstellungspunkte =========================
29-10-2016 22:09:58 Removed Vegas Pro 12.0 (64-bit)
30-10-2016 12:22:32 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/31/2016 03:50:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 03:45:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 03:45:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 03:45:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 03:45:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 03:45:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 03:45:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Microsoft.Photos.exe, Version: 1.0.1607.22006, Zeitstempel: 0x57929979
Name des fehlerhaften Moduls: mrt100_app.dll, Version: 1.0.23901.0, Zeitstempel: 0x56d4ea70
Ausnahmecode: 0xc0000602
Fehleroffset: 0x000000000000329f
ID des fehlerhaften Prozesses: 0x1278
Startzeit der fehlerhaften Anwendung: 0x01d233855dc669d5
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.1.3_1.3.23901.0_x64__8wekyb3d8bbwe\mrt100_app.dll
Berichtskennung: c5b5e734-8fea-42a7-8882-2f4c85e87806
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (10/31/2016 03:45:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 03:34:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 03:34:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (10/31/2016 03:50:00 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 03:45:05 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 03:45:04 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 03:45:04 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 03:45:04 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 03:45:04 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 03:45:04 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App.AppXtjcey7sh4wvcw7hy21b0nmp0bq18dyzd.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 03:34:14 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 03:34:13 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 03:34:13 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2016-10-30 12:18:27.360
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 12:18:27.348
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 12:18:27.337
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 12:18:27.055
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 12:18:26.677
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 11:58:22.472
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 11:58:22.462
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 11:58:22.451
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 11:58:21.988
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 11:58:21.894
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8129.95 MB
Verfügbarer physikalischer RAM: 5913.52 MB
Summe virtueller Speicher: 16321.95 MB
Verfügbarer virtueller Speicher: 14276.22 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.44 GB) (Free:249.59 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive h: (Tevion) (Removable) (Total:7.4 GB) (Free:6.56 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3B0461CD)
Partition 1: (Active) - (Size=203 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 2 (Size: 7.4 GB) (Disk ID: 66205247)
No partition Table on disk 2.
==================== Ende von Addition.txt ============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2016
durchgeführt von admin (Administrator) auf ADMIN-PC (31-10-2016 15:54:28)
Gestartet von C:\Users\admin\Desktop
Geladene Profile: admin (Verfügbare Profile: admin & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Sharkoon Technologies) C:\Program Files (x86)\Skiller PRO\Monitor.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1842624 2016-09-30] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-02-28] (Power Software Ltd)
HKLM-x32\...\Run: [Skiller PRO] => C:\Program Files (x86)\Skiller PRO\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278528 2015-12-07] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [Spotify Web Helper] => C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1483888 2016-10-19] (Spotify Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [Spotify] => C:\Users\admin\AppData\Roaming\Spotify\Spotify.exe [6884976 2016-10-19] (Spotify Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [4090944 2016-09-20] (GOG.com)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\MountPoints2: {4c30d469-9739-11e4-bb0a-382c4a739a73} - "F:\pushinst.exe"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1aec2684-a865-4e41-9c8d-e825774221ec}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{1aec2684-a865-4e41-9c8d-e825774221ec}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5f030b30-5b32-48cf-92e1-9d9ca305ca6d}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8ba5c6f2-89a0-4423-9b49-1493df0677f5}: [DhcpNameServer] 192.168.178.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131124827243312315&GUID=5059F630-8847-C004-A9EE-042B72110A1F
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131124827243338633&GUID=5059F630-8847-C004-A9EE-042B72110A1F
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\grq6bzao.default [2016-10-29]
FF Extension: (Adblock Plus) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\grq6bzao.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-28]
FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{8C679308-89F3-402C-9323-8D9B3B6D57B2}] - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi
FF Extension: (Recordify Title Discover) - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi [2016-01-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-12] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: lejutplovshprohey
CHR HomePage: lejutplovshprohey -> hxxp://www.trotux.com/?z=79abb8c81d8fbf04419bec9g5zamee5q7e6e9m6z2z&from=fss&uid=WDCXWD10EZEX-00WN4A0_WD-WCC6Y4CVNXHVVNXHV&type=hp
CHR StartupUrls: lejutplovshprohey -> "hxxps://www.google.com/"
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit [2016-10-29] <==== ACHTUNG
CHR Extension: (Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-12]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-12]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-12]
CHR Extension: (Google Mail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-12]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey [2016-10-31] <==== ACHTUNG
CHR Extension: (uBlock Origin) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-10-30]
CHR Extension: (AdBlock) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-10-30]
CHR Extension: (Recordify Title Discover) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\kkgbclpocodjecojibeaaglcgndegljl [2016-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-29]
CHR HKLM-x32\...\Chrome\Extension: [kkgbclpocodjecojibeaaglcgndegljl] - C:\Program Files (x86)\Recordify\Extensions\recordify_chrome_0.3.18.crx [2016-09-17]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\admin\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-12-28]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2015-12-10] ()
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave Ltd.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [281152 2016-09-20] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6411840 2016-09-19] (GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-09-30] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-09-04] (Electronic Arts)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 vmicvss; C:\WINDOWS\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-26] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 abelssoft_recordify; C:\WINDOWS\system32\drivers\recordify.sys [68536 2016-03-30] (Abelssoft)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-12-10] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-04-10] (Phoenix Technologies) [Datei ist nicht signiert]
S3 fwlanusb5; C:\WINDOWS\system32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH) [Datei ist nicht signiert]
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-30] (Malwarebytes)
R3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-09-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-09-02] (NVIDIA Corporation)
S3 PVUSB; C:\WINDOWS\System32\drivers\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2000-01-01] (Realtek )
S3 scramby; C:\WINDOWS\System32\drivers\scramby.sys [29480 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\WINDOWS\System32\drivers\scramby_out.sys [34336 2007-08-08] (RapidSolution Software AG)
R3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R3 Sftfs; C:\WINDOWS\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation)
R3 Sftplay; C:\WINDOWS\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation)
R3 Sftredir; C:\WINDOWS\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation)
R3 Sftvol; C:\WINDOWS\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2000-01-01] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102576 2015-08-26] ()
S1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25904 2015-08-26] ()
S1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [701232 2015-08-26] ()
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Datei ist nicht signiert]
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-10-31 15:54 - 2016-10-31 15:54 - 00000000 ____D C:\Users\admin\Desktop\FRST-OlderVersion
2016-10-30 21:27 - 2016-10-30 21:28 - 00397804 _____ C:\WINDOWS\Minidump\103016-21390-01.dmp
2016-10-30 21:27 - 2016-10-30 21:27 - 878092529 _____ C:\WINDOWS\MEMORY.DMP
2016-10-30 12:29 - 2016-10-31 15:54 - 00022134 _____ C:\Users\admin\Desktop\FRST.txt
2016-10-30 12:29 - 2016-10-30 12:29 - 00001249 _____ C:\Users\admin\Desktop\Addition.txt
2016-10-30 12:25 - 2016-10-30 12:25 - 00001191 _____ C:\Users\admin\Desktop\JRT.txt
2016-10-30 12:18 - 2016-10-30 12:18 - 00001196 _____ C:\Users\admin\Desktop\mbam.txt
2016-10-30 12:01 - 2016-10-30 12:01 - 00002340 _____ C:\Users\admin\Desktop\AdwCleaner[C4].txt
2016-10-30 11:51 - 2016-10-30 12:22 - 01631928 _____ (Malwarebytes) C:\Users\admin\Desktop\JRT.exe
2016-10-30 11:50 - 2016-10-30 11:51 - 01631928 _____ (Malwarebytes) C:\Users\admin\Downloads\JRT.exe
2016-10-30 11:48 - 2016-10-30 11:49 - 22851472 _____ (Malwarebytes ) C:\Users\admin\Downloads\mbam-setup-2.2.1.1043.exe
2016-10-30 11:47 - 2016-10-30 11:51 - 03910208 _____ C:\Users\admin\Desktop\AdwCleaner_6.030 (1).exe
2016-10-30 11:47 - 2016-10-30 11:47 - 03910208 _____ C:\Users\admin\Downloads\AdwCleaner_6.030 (1).exe
2016-10-29 22:05 - 2016-10-31 15:54 - 00000000 ____D C:\FRST
2016-10-29 22:04 - 2016-10-31 15:54 - 02408960 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2016-10-29 22:04 - 2016-10-29 22:04 - 02408448 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2016-10-29 21:57 - 2016-10-29 21:57 - 00036731 _____ C:\Users\admin\Downloads\Logs.rar
2016-10-29 20:10 - 2016-10-29 20:11 - 00406582 _____ C:\Users\admin\Downloads\startmenu.diagcab
2016-10-29 15:33 - 2016-10-29 15:33 - 03910208 _____ C:\Users\admin\Downloads\adwcleaner_6.030.exe
2016-10-29 15:28 - 2016-10-29 15:28 - 00041208 _____ C:\Users\admin\Documents\cc_20161029_162824.reg
2016-10-29 11:57 - 2016-10-29 11:57 - 00002210 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-10-29 11:57 - 2016-10-25 21:00 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-10-29 11:57 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-10-29 11:57 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-10-29 11:57 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-10-29 11:57 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-10-29 11:56 - 2016-10-29 11:56 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-10-29 11:54 - 2016-10-26 02:09 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 40123840 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 35224632 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 28202040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 20718400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 17577728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 14516216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 10912232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 10782952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 10332664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 09120512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 08913512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 08723968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 02940352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 02574784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437570.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437570.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00617696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00572584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00470584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00390200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00384448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00172920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00150784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00131720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-10-29 11:54 - 2016-10-25 22:40 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-10-26 15:20 - 2016-10-26 15:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-25 19:41 - 2016-10-25 19:41 - 13165792 _____ (Microsoft Corporation) C:\Users\admin\Downloads\Silverlight_x64.exe
2016-10-24 15:04 - 2016-10-24 15:09 - 00009631 _____ C:\Users\admin\Documents\Italiensich Spicker v.1.odt
2016-10-20 13:47 - 2016-10-20 13:47 - 00071140 _____ C:\Users\admin\Downloads\TradeMan 1.22h4-6-1-22.zip
2016-10-20 13:41 - 2016-10-20 13:42 - 38827969 _____ C:\Users\admin\Downloads\E3FX V7-23-7.zip
2016-10-20 13:37 - 2016-10-20 13:38 - 41576087 _____ C:\Users\admin\Downloads\E3FX 8.5 (Alternative Bloom)-23-8-5.zip
2016-10-20 13:33 - 2016-10-20 13:33 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2 (2).exe
2016-10-20 13:32 - 2016-10-20 13:33 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2 (1).exe
2016-10-20 13:22 - 2016-10-20 13:22 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2.exe
2016-10-18 16:37 - 2016-10-18 16:38 - 02891915 _____ C:\Users\admin\Downloads\Fair Sale - Better sale prices v1.03 -4-1-03.7z
2016-10-10 18:01 - 2016-10-01 22:11 - 01935808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437306.dll
2016-10-10 18:01 - 2016-10-01 22:11 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437306.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-10-31 15:45 - 2015-01-13 17:44 - 00000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2016-10-31 15:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-31 15:04 - 2015-12-12 23:39 - 02087808 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-31 15:04 - 2015-10-30 19:35 - 00888452 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-31 15:04 - 2015-10-30 19:35 - 00197278 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-31 15:04 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-31 15:04 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-10-31 15:01 - 2016-08-12 17:27 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-31 15:01 - 2015-12-12 23:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-31 15:00 - 2015-12-12 23:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-30 21:27 - 2016-01-16 20:44 - 00000000 ____D C:\WINDOWS\Minidump
2016-10-30 21:22 - 2014-12-25 18:09 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-30 15:11 - 2016-09-07 13:12 - 00000000 ____D C:\Users\admin\Documents\The Witcher 3
2016-10-30 12:55 - 2015-01-24 12:20 - 00000000 ____D C:\Users\admin\AppData\Roaming\TS3Client
2016-10-30 12:03 - 2015-01-11 15:40 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-30 11:59 - 2016-07-08 21:51 - 00000008 __RSH C:\Users\admin\ntuser.pol
2016-10-30 11:59 - 2016-07-08 21:11 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-10-30 11:59 - 2015-12-12 23:40 - 00000000 ____D C:\Users\admin
2016-10-30 11:59 - 2015-10-30 07:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-10-30 11:59 - 2015-08-01 17:21 - 00000000 ____D C:\AdwCleaner
2016-10-30 11:50 - 2015-07-09 11:23 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-10-30 11:50 - 2015-01-11 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-10-30 11:50 - 2015-01-11 15:40 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-10-29 20:11 - 2015-01-25 18:59 - 00000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2016-10-29 15:57 - 2016-09-18 11:48 - 00000000 ____D C:\ProgramData\updater2
2016-10-29 15:42 - 2015-12-12 23:30 - 04995152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-29 15:27 - 2016-01-21 16:52 - 00000000 ____D C:\Program Files\CCleaner
2016-10-29 11:57 - 2016-09-04 11:58 - 00000000 ____D C:\WINDOWS\LastGood
2016-10-29 11:57 - 2016-01-08 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-10-29 11:57 - 2015-12-12 23:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-10-29 11:56 - 2015-12-12 23:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-10-29 11:56 - 2015-12-12 23:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-29 11:56 - 2015-04-07 21:02 - 00000000 ____D C:\Users\admin\AppData\Local\NVIDIA Corporation
2016-10-28 02:22 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-10-26 23:16 - 2016-01-08 15:46 - 14159928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-10-26 15:36 - 2014-11-08 17:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-26 15:36 - 2014-11-08 17:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-26 15:36 - 2014-11-08 17:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-26 14:28 - 2014-12-27 19:56 - 00000000 ____D C:\Users\admin\AppData\Local\TeamSpeak 3 Client
2016-10-26 02:09 - 2015-11-12 17:25 - 01595456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-10-26 02:09 - 2015-11-12 17:25 - 00212936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-10-25 22:40 - 2016-01-08 15:46 - 24365624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-10-25 22:40 - 2016-01-08 15:46 - 03927288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-10-25 22:40 - 2016-01-08 15:46 - 03468736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-10-25 22:40 - 2016-01-08 15:46 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2016-10-25 21:17 - 2016-01-08 15:47 - 06386232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-10-25 21:13 - 2016-09-14 18:34 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-10-25 19:41 - 2014-11-08 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-24 07:31 - 2016-01-08 15:47 - 07507695 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-10-21 10:23 - 2016-09-08 13:08 - 00002004 _____ C:\Users\admin\Desktop\The Witcher® 3 - Wild Hunt.lnk
2016-10-20 13:13 - 2016-08-12 17:28 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-20 13:13 - 2016-08-12 17:28 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-19 22:00 - 2016-04-07 18:50 - 00000000 ____D C:\Users\admin\AppData\Local\Spotify
2016-10-19 21:58 - 2016-09-17 08:53 - 00000000 ____D C:\Users\admin\Documents\Recordify
2016-10-19 21:32 - 2016-04-07 18:49 - 00000000 ____D C:\Users\admin\AppData\Roaming\Spotify
2016-10-18 16:42 - 2016-09-23 13:09 - 00000931 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-10-18 16:42 - 2016-09-23 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-10-18 16:42 - 2016-09-23 13:09 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-10-10 17:46 - 2016-09-22 17:17 - 00003736 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:35 - 00003924 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:35 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-10-10 17:46 - 2016-09-14 18:34 - 00003988 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:34 - 00003960 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:34 - 00003898 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:34 - 00003694 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-06 17:53 - 2016-09-04 18:11 - 00000000 ____D C:\Users\admin\Desktop\Memes
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-22 17:24 - 2015-04-22 17:24 - 0549471 _____ () C:\Program Files\vac414demo.zip
2014-10-10 13:07 - 2014-10-10 13:07 - 0000000 _____ () C:\Users\admin\AppData\Roaming\gdfw.log
2014-10-10 13:07 - 2014-10-10 13:07 - 0000779 _____ () C:\Users\admin\AppData\Roaming\gdscan.log
2016-03-20 13:57 - 2016-03-20 13:57 - 0003584 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-10 14:36 - 2015-04-10 14:36 - 0000058 _____ () C:\Users\admin\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-05-26 20:44 - 2015-12-12 17:05 - 0007601 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2015-12-12 23:35 - 2015-12-12 23:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-30 19:56 - 2015-03-01 19:57 - 0000032 ____R () C:\ProgramData\hash.dat
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\hash.dat
Einige Dateien in TEMP:
====================
C:\Users\admin\AppData\Local\Temp\libeay32.dll
C:\Users\admin\AppData\Local\Temp\msvcr120.dll
C:\Users\admin\AppData\Local\Temp\Nexus Mod Manager-0.63.1.exe
C:\Users\admin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\admin\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\admin\AppData\Local\Temp\nvStInst.exe
C:\Users\admin\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-22 14:01
==================== Ende von FRST.txt ============================
|
|
31.10.2016, 16:14
| #6 |
| /// TB-Ausbilder | Windows 10: CMD Konsole öffnet sich von alleine mit BSOD Servus, ist ja nicht schlimm.  Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei
C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufi
C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey
CHR HomePage: lejutplovshprohey -> hxxp://www.trotux.com/?z=79abb8c81d8fbf04419bec9g5zamee5q7e6e9m6z2z&from=fss&uid=WDCXWD10EZEX-00WN4A0_WD-WCC6Y4CVNXHVVNXHV&type=hp
CHR StartupUrls: lejutplovshprohey -> "hxxps://www.google.com/"
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f47c86c9d3240056\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=berjuspgraatherfufit
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d6731079c9ca4513\Tim - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=lejutplovshprohey
Task: {878BFAD2-5A40-4B5D-8ADA-E9454C0B39A6} - kein Dateipfad
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "C:\Users\admin\AppData\Local\Google\Chrome\User Data"
Unlock: C:\FRST
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2
Schritt 3 Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
31.10.2016, 17:42
| #7 |
| | Windows 10: CMD Konsole öffnet sich von alleine mit BSOD Hi M-K-D-B, Hier die LOGs: Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-10-2016
durchgeführt von admin (31-10-2016 17:29:32)
Gestartet von C:\Users\admin\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-12 23:10:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
admin (S-1-5-21-2499327049-1345700090-1954953358-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-2499327049-1345700090-1954953358-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2499327049-1345700090-1954953358-503 - Limited - Disabled)
Gast (S-1-5-21-2499327049-1345700090-1954953358-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Active Directory Authentication Library für SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library für SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Benutzerhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Useg) (Version: - )
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.7 - BlueJ Team)
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version: - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation)
CASIO FA-124 (HKLM-x32\...\{FB47E710-6249-4EFA-BE36-E922B0612AF4}) (Version: 2.04.0000 - CASIO COMPUTER CO., LTD.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CrystalDiskInfo 6.6.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.6.1 - Crystal Dew World)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.2 - Bloodshed Software)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.2.0.5.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.2 Alpha - ETS2MP Team)
F1 2014 (HKLM-x32\...\Steam App 226580) (Version: - Codemasters)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
FireStorm version V1.0.46.005 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.46.005 - )
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.5.323 - DVDVideoSoft Ltd.)
Free Video to Flash Converter version 5.0.55.113 (HKLM-x32\...\Free Video to Flash Converter_is1) (Version: 5.0.55.113 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.51.1215 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.51.1215 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.59 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
LibreOffice 5.1.4.2 (HKLM-x32\...\{D5D4AC5C-C757-4EB2-857C-B021DB22482C}) (Version: 5.1.4.2 - The Document Foundation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6129.5001 - Microsoft Corporation)
Microsoft PowerPoint Home and Student 2010 (HKLM-x32\...\Office14.POWERPOINTR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2016 Management Objects (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{7F6DCED8-6A2B-4436-AF20-8F659D04E388}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Netzwerkhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Netg) (Version: - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.1 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.7 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PlanetSide 2 (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7640 - Realtek Semiconductor Corp.)
Recordify 2016 (HKLM-x32\...\{E25B0FAA-66E5-4D2E-9B48-3B85B31543BF}_is1) (Version: 1.54 - Abelssoft)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Roslyn Language Services - x86 (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
Samsung Kies (x32 Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Scansoft PDF Professional (x32 Version: - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINTR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Spotify) (Version: 1.0.39.157.g674ae377 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25521 - Microsoft) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechSmith Screen Capture Codec (x32 Version: 3.1.0 - TechSmith Corporation) Hidden
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com)
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00EC848C-86C9-47BC-B85B-13FA387FDF59} - kein Dateipfad
Task: {031FE6EA-3811-413F-9C38-968399449312} - System32\Tasks\{E6D8422F-5911-48C8-A2CB-4839FC783C13} => C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
Task: {049E94B2-F0AB-43A3-A7E3-ABFDCFB2C1CE} - kein Dateipfad
Task: {04DB3C46-6919-4F66-945A-81B4A588BFE7} - System32\Tasks\{A13D3229-3538-4A9B-BC9D-4D7E46FEA6D1} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {053D44B9-7A00-49D6-9344-FD129CD575D1} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {073795C9-8A8F-499A-A1E9-4F464494A6E4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0BA0124E-9A6D-4875-BCC6-5F9AB9333055} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {0C3D1C09-F503-40AB-B1E9-5A5D061F520E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {0DE5621F-D1D7-472C-96B2-658556860924} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {17B7F027-9973-4196-8D91-ADE023D54742} - System32\Tasks\{1AE02D85-E364-45B6-92B0-A30EC8FDDDC9} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {17C6AD99-1673-4817-AD75-8F22CE4F1F18} - System32\Tasks\{9CF80396-B379-427D-9DBE-54858E636648} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {196EB3B7-F969-44FB-8904-FC3FFEBCEA36} - System32\Tasks\{E61D7DD5-0347-491C-94EE-5B2A55F53E7F} => pcalua.exe -a "C:\Users\admin\Desktop\lgs510 (1).exe" -d C:\Users\admin\Desktop
Task: {1B373374-5B77-4BD2-9CAC-A088601DAAA0} - \SimpleFiles Installer Starter -> Keine Datei <==== ACHTUNG
Task: {1C57893A-73C3-488F-B526-A8887F2953A7} - kein Dateipfad
Task: {1EC1E15D-F018-4723-9070-4D369E8FEC5C} - System32\Tasks\{DD61DBDB-E610-4BA6-A9B8-8B08C63A417E} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {2567BB02-4670-455E-9C02-C931857870E6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {2B1E6290-3296-4B86-934C-BC5EDCE018AD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2BF4E1F4-BBF9-4735-A379-CD2D2324F79A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {35931239-6C01-4EB9-9F06-B5E34733FB8A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {3835EB9A-A64B-475E-8C88-55D172209009} - System32\Tasks\{BE51D640-5212-4286-940E-DCA2AE9961AB} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {3A147D4D-2142-4D6A-8909-CE683B68FE9A} - System32\Tasks\{A3A353F9-9F9B-44FE-B96D-31646B313523} => pcalua.exe -a C:\Users\admin\Downloads\lgs510.exe -d C:\Users\admin\Downloads
Task: {3ACDCFF8-92A6-4952-A33F-65AF05026115} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29] (Oracle Corporation)
Task: {3BA6A0E0-A338-4CA3-B585-0615270FA949} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {41EBF101-ACE4-4536-8696-90E37984A3E8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {48B78AE7-76A1-472C-8530-AAED256A3D7D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {4B4680D9-E2FE-4D78-8188-B1D11D741EBF} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4D52F5DD-1E4E-4B32-B1B5-BD1C7C4887A1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4ED0E3B6-4DC7-469D-9BD7-A7DA52E08299} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {4FE790BC-A8CB-4349-9629-E4036E9775AF} - System32\Tasks\{39F95DBA-5A4E-4CD2-BB4A-CCE9B94F3079} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {52861456-C744-4ECB-9338-A5EEADA219FA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {557BC2D0-F3F2-4A25-B697-21EC090FDE04} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {56EA4D43-A086-4470-B96E-9FB1768E6ED3} - System32\Tasks\{78912F09-9E09-46ED-8941-11871D4D0C4F} => C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
Task: {57E88640-41B7-4F5D-B851-AFD2838B1C63} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {5E324125-D66E-4D57-8894-976BA96DA865} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5EDE42A2-4A64-484D-800F-C420FA956798} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {67E03967-E26A-4558-8EAB-94C6D7F4330E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {6CFCB68E-50BB-4EC0-85D2-F81762436F24} - System32\Tasks\{47953A5F-E19D-43A8-9964-E39351028038} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {70125431-E640-4C46-8962-AB99C000B9DD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {70278F75-C037-45E7-BF31-69E4C0C8AE56} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {70CE0011-D1AA-42E4-953D-619628912C34} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {75C6EF2C-5336-4D15-964D-A3FA8A1B8BDE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {77F56DD3-E368-46A5-953A-04C3CC67DFDB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-12] (Google Inc.)
Task: {7A28B1AA-97A0-44B4-98F5-467B1CB68A43} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7BBA2D3D-7FA5-4DB4-98CB-C570319C1451} - System32\Tasks\{BC2D6434-8781-46B3-A9A1-BA1C57245AF3} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {8838DCD1-B08E-428D-BF01-24E3B9250A53} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {88F45939-0423-4D4B-96F8-374FF864A93E} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {8B63AD8C-9FAF-4D05-AA3F-27B212A2DFCC} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8F02CB1D-35C4-4102-82B6-66D4C8008C1C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8F430278-2F26-4A86-B85E-42AAEE59C70A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {94670801-FB2B-4E67-AF37-4058B0DCE01A} - System32\Tasks\{F602CB6B-B3B2-4743-AF06-2F66C7BE8499} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {98198969-9034-402D-A679-29DA601446CB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9D5C522B-37BD-46E3-A442-AC23F73592B2} - System32\Tasks\{5C3EC2B9-4AC5-4839-8D87-302FA3C3ACBE} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {AA88E7A4-D1C3-4D6A-A6E3-DA77B9294E7A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AC033A59-1DF9-4ED5-BCFA-794A7A14E327} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {AE2CC07B-7448-4E97-8DFB-A9AF57990CC7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AEB1413A-1D68-4FF8-926E-D120A0757E6E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation)
Task: {AFDBEA67-0843-4AB5-BD1D-9CA29F285BBD} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {B30CA99E-2FB7-4A1F-9310-5086E459D3E4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {B47DB38F-7D31-430C-9BBE-8D3C4ABF9FB3} - System32\Tasks\{7992860A-8431-4122-927D-23C50BAB92FB} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {B558C71A-7D97-4074-92B9-1D455069D76A} - System32\Tasks\{E2612081-8FB6-438B-922C-0A1CE766B7A5} => pcalua.exe -a C:\Users\admin\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=smt
Task: {B7A19E07-846D-409F-B7F6-DEEFFA568013} - System32\Tasks\{7D4F9702-F680-43B7-B33D-5D0B50533B71} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {BA7A3D4D-05B7-4289-8E31-C295248928FE} - System32\Tasks\{45951CB7-774E-4695-A9EB-B860317AA6D3} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {C250493C-00EE-4DDB-9199-E8025EFF9C17} - System32\Tasks\Aufgaben der Ereignisanzeige\System_Service Control Manager_7001 => C:\Program Files (x86)\Dev-Cpp\devcpp.exe [2014-11-01] (Bloodshed Software)
Task: {C8F39163-2C68-480A-942F-B9FBC1D1FE6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-12] (Google Inc.)
Task: {CB36B87D-3291-4E1F-9773-48A3A334D53A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CEA0DE1F-289A-4695-A878-D208156D0A94} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {CFB8ABEC-6757-46E6-8EFC-E0BE2EDF389D} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {D9A1225A-818F-490E-A8D2-87CDB5D762B8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation)
Task: {DD422558-2E0D-41BD-B876-DD539DF6525E} - System32\Tasks\{2B222A2F-11BC-41E4-B2DF-21B4FC5268D1} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {DE537368-396A-4F53-B6D5-96B4AD35DE41} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E2484FC4-A3C9-4BAF-8E8C-15E6D2B8018B} - System32\Tasks\{36036BFE-A7D1-4FEC-9723-E0E4A6990D8E} => pcalua.exe -a C:\Users\admin\Downloads\ensharpendecoder_win.exe -d C:\Users\admin\Downloads
Task: {E7D0D2C6-A37C-487D-A5C3-98BE9DE6BA04} - System32\Tasks\{9ECFA4AD-89C0-4631-8D5F-B2FBE5DAA7BD} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {EC581E02-D4D8-41BB-9CD8-CBFBF873D645} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F3B427A6-5261-478B-A816-B72D733BC307} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FBCF94F8-5346-4EBD-8FF9-0D3B616042BB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FD8AE7A9-F8A2-4A3F-8C71-265A9D8A58A9} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE90EA90-D163-4504-94C1-EDDC81748B3F} - System32\Tasks\{D7330FEA-6FA4-4A05-862C-DE04F8EE8934} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV\Go to OpenIV web site.lnk -> hxxp://openiv.com/
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-12 23:34 - 2015-12-10 17:08 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-09-14 18:34 - 2016-09-30 05:24 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-14 18:34 - 2016-09-30 05:24 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-14 18:35 - 2016-09-30 05:24 - 00418240 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2015-01-19 14:51 - 2005-04-22 05:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2016-01-08 15:47 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-14 10:07 - 2016-07-01 05:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-14 10:07 - 2016-07-01 05:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-10-20 13:13 - 2016-10-12 06:56 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.59\libglesv2.dll
2016-10-20 13:13 - 2016-10-12 06:56 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.59\libegl.dll
2016-10-31 16:29 - 2016-10-31 16:30 - 00165376 _____ () C:\Users\admin\Downloads\SystemLook_x64.exe
2015-12-12 23:34 - 2016-10-31 16:21 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-12-12 23:34 - 2015-12-10 17:08 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-01-08 15:48 - 2016-09-30 05:24 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-14 18:35 - 2016-09-29 18:20 - 00500792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-14 18:35 - 2016-09-29 18:20 - 02801208 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-09-14 18:35 - 2016-09-30 05:23 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2015-08-12 16:21 - 2015-07-20 16:15 - 00057344 _____ () C:\Program Files (x86)\Skiller PRO\lan.dll
2015-08-12 16:21 - 2012-08-14 21:41 - 00061440 _____ () C:\Program Files (x86)\Skiller PRO\hiddriver.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\Temp:$DATA [16]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\sony.com -> sony.com
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-10-29 15:19 - 00003845 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\Downloads\OgFbo9.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: Amazon Music => "C:\Users\admin\AppData\Local\Amazon Music\Amazon Music Helper.exe"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "FireStormStartUpAutoRun"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\StartupFolder: => "OMSI Addon Manager.lnk"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "GalaxyClient"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{02C426C7-9C4E-4A46-BD30-BF2CB5EF4DD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{E842F5E6-2B29-4074-9BF2-B355FD57CFE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{BE839E79-17A6-44E9-BD8C-744EDA451B12}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ED4D5EED-E19E-4B6D-BBC4-BD8EEFEE7381}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8FBBDFE3-4CB1-4C44-B130-9F4E3F691FAC}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E1761EA9-656C-45B2-B863-546C635E23F1}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{669459B0-4C41-4592-8E72-A0FB0805CD8C}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{752A7395-9B28-4E39-BCF6-7E3DD8054A8F}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6B8081F3-87E9-4699-87CF-57090607BD27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{71DC30A2-BC07-4ABA-BDA2-63EEE592F38B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [UDP Query User{FF3FF898-C74B-4BCA-B925-FE7B4D0F9193}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{8AC22E5D-7405-449A-8388-77E105A7FE3F}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{A670B346-EA46-4CAC-BF18-9BEF4316F6AE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0CDA39B9-771A-404F-89FE-D53CB2DF686A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B6DDF0D4-02B1-418B-B571-607D5A78445A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7DE4A39E-7657-462E-8DD9-DE820B7DD6BD}] => (Allow) LPort=80
FirewallRules: [{ECF6FA0C-4E01-41DD-A7F2-140111367D8E}] => (Allow) LPort=443
FirewallRules: [{DE1D9E03-8B7F-4268-8F96-9D9AA50517C4}] => (Allow) LPort=20010
FirewallRules: [{6758E0B6-6176-480E-9BD0-5588169E534A}] => (Allow) LPort=3478
FirewallRules: [{E2BECC4D-BF05-4A53-8EE8-FB929BE83063}] => (Allow) LPort=7850
FirewallRules: [{5E150AAC-48A4-42EF-A89E-E176DC0A97D2}] => (Allow) LPort=7852
FirewallRules: [{B49401C2-80B7-4D07-AE02-5957A1596873}] => (Allow) LPort=7853
FirewallRules: [{88985BEC-DDAD-4887-B7CD-4F130BB6118F}] => (Allow) LPort=27022
FirewallRules: [{7BA48D57-BBD5-4901-9C1F-E5BF4AAFD049}] => (Allow) LPort=6881
FirewallRules: [{3BE55950-CB5E-4CF2-9CAC-EF312DB32D00}] => (Allow) LPort=33333
FirewallRules: [{0AAF2623-F139-4A7D-916D-4069E7F8C1AC}] => (Allow) LPort=20443
FirewallRules: [{68DA44FA-FB2A-4903-AEC6-5D94CF1B949F}] => (Allow) LPort=8090
FirewallRules: [{F8C76348-E4E0-441E-A1FF-CF88497A089F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{6FC93E4D-5540-43D1-89EB-A96BD31D0F1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{D626B09E-7F01-42A0-AD69-CC6BE3770C29}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{59D57AD8-BBF7-47F9-873E-DE7AB528406E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D38884A6-7B75-4271-AA3B-71D8920FAABE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{23707E11-254F-44DA-AD9A-5457B22B8AFA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{84A71B2D-C33C-4F54-A1EE-F65495F71620}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{6026356A-7674-43FC-8085-74D21AEC89E2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{0239E52D-A3B7-4126-B38D-13D5E4242B3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{070B69FA-53FB-42E3-BDD8-8538E7CC30B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{98106D20-060A-48F3-8359-991D1DE45EE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{D0DBCDE8-177C-4A8B-B38F-9F4B49C7C324}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{7BEC5473-494D-40F1-A37E-7A367D96E928}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{EE651D0F-2E98-4B07-BDAA-C862782EBF74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{0A5056C0-4DB0-4206-B872-924322C961B6}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{0ADABA06-D9B3-4FC5-9E64-163A4837B7F9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B881BF59-13EC-4FEB-B124-A313EE74C6B7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{EFC84F2E-9AF3-4AAD-B1CC-BADD16C6A4F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{0DF3284A-B5EB-44AF-A5EF-9FBE6A91FE96}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{98999DE2-D041-446D-B6DB-D1598A3A560C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{CA9CEFFD-7057-4EA3-8E17-4C2DA545D13A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{4D460F5B-1E4D-435A-A2D7-12DDF57B93E6}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{C2CD94CE-1158-4F41-B6C8-61F0F264BB14}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{1B41650B-8C0A-417B-9EE0-26A0CA7900DF}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{EDAACE47-D7CC-436F-B457-BC3E0D182D33}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{641126E5-7F8E-47F5-A691-E1879DE5DFFF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{BAAF648D-A884-4BDD-BFB4-7C23E3F2D419}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{6C9FBCC4-DDA9-4DD9-844C-1710FE6F0DE7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E7B3426-674E-4744-8A34-8FEC5D89E744}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{04B12B99-4B38-47DF-AFFC-5BEE580B5E06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{112ED707-0790-4C38-A0C1-47772EA9E61F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2DEC3BC6-5A7F-451C-84F4-FD5985360ECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2014\F1_2014.exe
FirewallRules: [{29D97B07-E473-46E2-9397-3B88065E54A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2014\F1_2014.exe
FirewallRules: [{8AAAC971-5D08-488F-A9CB-4C3E83EBE438}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{A4C04855-1259-4E93-95DF-B3D7ABAE27D8}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [TCP Query User{238B3ED3-2017-4B3C-8774-004E2F2B4B6A}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{24118DF0-B1A6-40F9-AF54-ADDC6D6A7696}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{182D7FB5-34AC-41B1-B80D-3E14A7C3284D}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{A38DC822-8450-4E90-B948-763473EBFE62}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{34C8DCA4-9CB4-44EB-BDA4-2243B6A94638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{460924A2-DAB1-4BDE-B6F1-EBDAE9624B00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{52E7285A-54BF-4106-B38A-D532E6665E86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{55C59A32-7325-4163-9BBA-CECB8AC28884}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{69AADE24-7EB2-4BA0-B3E2-5022DBB3A73F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{4650E401-DB1C-4EE4-83FF-38ADA29F2284}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{D00893C0-8221-4E36-AE8E-207288F031D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{9FF1999F-00BA-459E-AE40-2778EB9B185F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{7D58F99F-B3EE-401F-9AAD-2F279AD69E15}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DDFC01D2-2BFA-4485-B57F-A3D08551180F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D12B0F98-80C9-414C-9231-12FF2EBD8733}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{9733224E-A078-49E6-964F-6532CBB534D0}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{C2A1FE85-9E02-45CC-AD6F-848DC061BD60}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{CFD11295-DA2F-430B-882A-978CE9849D24}] => (Block) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{6B332141-CA19-461B-AD50-22159F724AFA}] => (Block) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{9958D6F7-0D3E-439E-948B-1DA972AE7C93}] => (Allow) LPort=8317
FirewallRules: [{E2363DDC-96F7-4E0E-862B-0174D03365D5}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{459DC2E5-725B-42DD-8765-1001B4E93F6D}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [TCP Query User{41731BD2-7856-4EC2-8C24-868437B044B5}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5A1E15B3-7ABC-42A3-8DEC-94BCC3EE5989}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9C8281FE-3507-4B1B-96D5-1D4B179C6794}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{393A4BCA-8F94-4A5F-85EF-946A9827A55A}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7E95AA5A-3F59-4CA4-96C2-81D1682A08CD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{815E643C-390A-46F8-8F85-5E9E6F7473F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{160CD63E-1ED4-4CFB-A225-6D27F11A3F1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{7113C531-C03B-4057-B84A-C9CA43320428}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D0C966EC-3480-46FC-A3A5-4DF6EAC62FBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{44561A87-45DB-4C4D-8EF4-40DEAF86E3C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
==================== Wiederherstellungspunkte =========================
29-10-2016 22:09:58 Removed Vegas Pro 12.0 (64-bit)
30-10-2016 12:22:32 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/31/2016 05:19:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 05:19:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 05:19:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 05:19:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HxTsr.exe, Version: 16.0.7369.4079, Zeitstempel: 0x57fd796c
Name des fehlerhaften Moduls: Mso20Imm.dll, Version: 16.0.7329.1013, Zeitstempel: 0x57e535af
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005567d
ID des fehlerhaften Prozesses: 0x44c
Startzeit der fehlerhaften Anwendung: 0x01d2339280be4373
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7369.40791.0_x64__8wekyb3d8bbwe\HxTsr.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7369.40791.0_x64__8wekyb3d8bbwe\Mso20Imm.dll
Berichtskennung: 9cb70f8c-303e-4e03-8c02-e6fb1dddda7f
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.7369.40791.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (10/31/2016 05:19:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 05:19:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 05:19:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 05:19:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HxTsr.exe, Version: 16.0.7369.4079, Zeitstempel: 0x57fd796c
Name des fehlerhaften Moduls: Mso20Imm.dll, Version: 16.0.7329.1013, Zeitstempel: 0x57e535af
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005567d
ID des fehlerhaften Prozesses: 0x8d0
Startzeit der fehlerhaften Anwendung: 0x01d233927dbb797a
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7369.40791.0_x64__8wekyb3d8bbwe\HxTsr.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7369.40791.0_x64__8wekyb3d8bbwe\Mso20Imm.dll
Berichtskennung: ac6601a9-7659-4860-aa22-5f0093515d7e
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.7369.40791.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (10/31/2016 05:17:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 05:17:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Microsoft.Photos.exe, Version: 1.0.1607.22006, Zeitstempel: 0x57929979
Name des fehlerhaften Moduls: mrt100_app.dll, Version: 1.0.23901.0, Zeitstempel: 0x56d4ea70
Ausnahmecode: 0xc0000602
Fehleroffset: 0x000000000000329f
ID des fehlerhaften Prozesses: 0xf4
Startzeit der fehlerhaften Anwendung: 0x01d2339237f4628c
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.1.3_1.3.23901.0_x64__8wekyb3d8bbwe\mrt100_app.dll
Berichtskennung: 1565caf1-65ca-4bf8-b319-78283132204b
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Systemfehler:
=============
Error: (10/31/2016 05:19:09 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:19:06 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:19:06 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:19:02 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:19:01 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:19:01 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:17:11 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:17:05 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:17:04 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:17:04 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2016-10-30 12:18:27.360
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 12:18:27.348
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 12:18:27.337
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 12:18:27.055
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 12:18:26.677
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 11:58:22.472
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 11:58:22.462
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 11:58:22.451
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 11:58:21.988
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 11:58:21.894
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 8129.95 MB
Verfügbarer physikalischer RAM: 4427.31 MB
Summe virtueller Speicher: 16321.95 MB
Verfügbarer virtueller Speicher: 12898.93 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.44 GB) (Free:250.32 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive h: (Tevion) (Removable) (Total:7.4 GB) (Free:6.56 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3B0461CD)
Partition 1: (Active) - (Size=203 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 2 (Size: 7.4 GB) (Disk ID: 66205247)
No partition Table on disk 2.
==================== Ende von Addition.txt ============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2016
durchgeführt von admin (Administrator) auf ADMIN-PC (31-10-2016 17:28:54)
Gestartet von C:\Users\admin\Desktop
Geladene Profile: admin (Verfügbare Profile: admin & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Sharkoon Technologies) C:\Program Files (x86)\Skiller PRO\Monitor.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Users\admin\Downloads\SystemLook_x64.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1842624 2016-09-30] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-02-28] (Power Software Ltd)
HKLM-x32\...\Run: [Skiller PRO] => C:\Program Files (x86)\Skiller PRO\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278528 2015-12-07] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [Spotify Web Helper] => C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1483888 2016-10-19] (Spotify Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [Spotify] => C:\Users\admin\AppData\Roaming\Spotify\Spotify.exe [6884976 2016-10-19] (Spotify Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [4090944 2016-09-20] (GOG.com)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\MountPoints2: {4c30d469-9739-11e4-bb0a-382c4a739a73} - "F:\pushinst.exe"
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1aec2684-a865-4e41-9c8d-e825774221ec}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{1aec2684-a865-4e41-9c8d-e825774221ec}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5f030b30-5b32-48cf-92e1-9d9ca305ca6d}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8ba5c6f2-89a0-4423-9b49-1493df0677f5}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131124827243312315&GUID=5059F630-8847-C004-A9EE-042B72110A1F
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131124827243338633&GUID=5059F630-8847-C004-A9EE-042B72110A1F
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\grq6bzao.default [2016-10-31]
FF Extension: (Adblock Plus) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\grq6bzao.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-28]
FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{8C679308-89F3-402C-9323-8D9B3B6D57B2}] - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi
FF Extension: (Recordify Title Discover) - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi [2016-01-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-12] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: lejutplovshprohey
CHR StartupUrls: lejutplovshprohey -> "hxxps://www.google.de/"
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit [2016-10-31] <==== ACHTUNG
CHR Extension: (Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-12]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-12]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-12]
CHR Extension: (Google Mail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-12]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey [2016-10-31] <==== ACHTUNG
CHR Extension: (Google Präsentationen) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-31]
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-31]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-31]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-31]
CHR Extension: (Google Tabellen) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-31]
CHR Extension: (Google Docs Offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-31]
CHR Extension: (Recordify Title Discover) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\kkgbclpocodjecojibeaaglcgndegljl [2016-10-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-31]
CHR Extension: (Amazon) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2016-10-31]
CHR Extension: (Google Mail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-31]
CHR HKLM-x32\...\Chrome\Extension: [kkgbclpocodjecojibeaaglcgndegljl] - C:\Program Files (x86)\Recordify\Extensions\recordify_chrome_0.3.18.crx [2016-09-17]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\admin\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-12-28]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2015-12-10] ()
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave Ltd.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [281152 2016-09-20] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6411840 2016-09-19] (GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-09-30] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-09-04] (Electronic Arts)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 vmicvss; C:\WINDOWS\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 abelssoft_recordify; C:\WINDOWS\system32\drivers\recordify.sys [68536 2016-03-30] (Abelssoft)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-12-10] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-04-10] (Phoenix Technologies) [Datei ist nicht signiert]
S3 fwlanusb5; C:\WINDOWS\system32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH) [Datei ist nicht signiert]
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-30] (Malwarebytes)
R3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-09-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-09-02] (NVIDIA Corporation)
S3 PVUSB; C:\WINDOWS\System32\drivers\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2000-01-01] (Realtek )
S3 scramby; C:\WINDOWS\System32\drivers\scramby.sys [29480 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\WINDOWS\System32\drivers\scramby_out.sys [34336 2007-08-08] (RapidSolution Software AG)
R3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R3 Sftfs; C:\WINDOWS\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation)
R3 Sftplay; C:\WINDOWS\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation)
R3 Sftredir; C:\WINDOWS\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation)
R3 Sftvol; C:\WINDOWS\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2000-01-01] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102576 2015-08-26] ()
S1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25904 2015-08-26] ()
S1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [701232 2015-08-26] ()
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Datei ist nicht signiert]
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-10-31 17:28 - 2016-10-31 17:28 - 00013070 _____ C:\Users\admin\Desktop\SystemLook.txt
2016-10-31 17:19 - 2016-10-31 17:27 - 00013068 _____ C:\Users\admin\Downloads\SystemLook.txt
2016-10-31 16:29 - 2016-10-31 16:30 - 00165376 _____ C:\Users\admin\Downloads\SystemLook_x64.exe
2016-10-31 16:29 - 2016-10-31 16:29 - 00165376 _____ C:\Users\admin\Downloads\SystemLook_x64 (2).exe
2016-10-31 16:29 - 2016-10-31 16:29 - 00165376 _____ C:\Users\admin\Downloads\SystemLook_x64 (1).exe
2016-10-31 16:27 - 2016-10-31 16:28 - 424747146 _____ C:\Users\admin\Desktop\Quarantine.zip
2016-10-31 16:26 - 2016-10-31 16:26 - 00001058 _____ C:\Users\admin\Desktop\Windows Defender.lnk
2016-10-31 16:20 - 2016-10-31 16:20 - 00029104 _____ C:\Users\admin\Desktop\Fixlog.txt
2016-10-31 15:54 - 2016-10-31 15:54 - 00000000 ____D C:\Users\admin\Desktop\FRST-OlderVersion
2016-10-30 21:27 - 2016-10-30 21:28 - 00397804 _____ C:\WINDOWS\Minidump\103016-21390-01.dmp
2016-10-30 21:27 - 2016-10-30 21:27 - 878092529 _____ C:\WINDOWS\MEMORY.DMP
2016-10-30 12:29 - 2016-10-31 17:28 - 00022539 _____ C:\Users\admin\Desktop\FRST.txt
2016-10-30 12:29 - 2016-10-31 15:57 - 00069038 _____ C:\Users\admin\Desktop\Addition.txt
2016-10-30 12:25 - 2016-10-30 12:25 - 00001191 _____ C:\Users\admin\Desktop\JRT.txt
2016-10-30 12:18 - 2016-10-30 12:18 - 00001196 _____ C:\Users\admin\Desktop\mbam.txt
2016-10-30 12:01 - 2016-10-30 12:01 - 00002340 _____ C:\Users\admin\Desktop\AdwCleaner[C4].txt
2016-10-30 11:51 - 2016-10-30 12:22 - 01631928 _____ (Malwarebytes) C:\Users\admin\Desktop\JRT.exe
2016-10-30 11:50 - 2016-10-30 11:51 - 01631928 _____ (Malwarebytes) C:\Users\admin\Downloads\JRT.exe
2016-10-30 11:48 - 2016-10-30 11:49 - 22851472 _____ (Malwarebytes ) C:\Users\admin\Downloads\mbam-setup-2.2.1.1043.exe
2016-10-30 11:47 - 2016-10-30 11:51 - 03910208 _____ C:\Users\admin\Desktop\AdwCleaner_6.030 (1).exe
2016-10-30 11:47 - 2016-10-30 11:47 - 03910208 _____ C:\Users\admin\Downloads\AdwCleaner_6.030 (1).exe
2016-10-29 22:05 - 2016-10-31 17:28 - 00000000 ____D C:\FRST
2016-10-29 22:04 - 2016-10-31 15:54 - 02408960 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2016-10-29 22:04 - 2016-10-29 22:04 - 02408448 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2016-10-29 21:57 - 2016-10-29 21:57 - 00036731 _____ C:\Users\admin\Downloads\Logs.rar
2016-10-29 20:10 - 2016-10-29 20:11 - 00406582 _____ C:\Users\admin\Downloads\startmenu.diagcab
2016-10-29 15:33 - 2016-10-29 15:33 - 03910208 _____ C:\Users\admin\Downloads\adwcleaner_6.030.exe
2016-10-29 15:28 - 2016-10-29 15:28 - 00041208 _____ C:\Users\admin\Documents\cc_20161029_162824.reg
2016-10-29 11:57 - 2016-10-29 11:57 - 00002210 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-10-29 11:57 - 2016-10-25 21:00 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-10-29 11:57 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-10-29 11:57 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-10-29 11:57 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-10-29 11:57 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-10-29 11:56 - 2016-10-29 11:56 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-10-29 11:54 - 2016-10-26 02:09 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 40123840 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 35224632 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 28202040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 20718400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 17577728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 14516216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 10912232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 10782952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 10332664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 09120512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 08913512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 08723968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 02940352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 02574784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437570.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437570.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00617696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00572584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00470584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00390200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00384448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00172920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00150784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00131720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-10-29 11:54 - 2016-10-25 22:40 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-10-26 15:20 - 2016-10-26 15:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-25 19:41 - 2016-10-25 19:41 - 13165792 _____ (Microsoft Corporation) C:\Users\admin\Downloads\Silverlight_x64.exe
2016-10-24 15:04 - 2016-10-24 15:09 - 00009631 _____ C:\Users\admin\Documents\Italiensich Spicker v.1.odt
2016-10-20 13:47 - 2016-10-20 13:47 - 00071140 _____ C:\Users\admin\Downloads\TradeMan 1.22h4-6-1-22.zip
2016-10-20 13:41 - 2016-10-20 13:42 - 38827969 _____ C:\Users\admin\Downloads\E3FX V7-23-7.zip
2016-10-20 13:37 - 2016-10-20 13:38 - 41576087 _____ C:\Users\admin\Downloads\E3FX 8.5 (Alternative Bloom)-23-8-5.zip
2016-10-20 13:33 - 2016-10-20 13:33 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2 (2).exe
2016-10-20 13:32 - 2016-10-20 13:33 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2 (1).exe
2016-10-20 13:22 - 2016-10-20 13:22 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2.exe
2016-10-18 16:37 - 2016-10-18 16:38 - 02891915 _____ C:\Users\admin\Downloads\Fair Sale - Better sale prices v1.03 -4-1-03.7z
2016-10-10 18:01 - 2016-10-01 22:11 - 01935808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437306.dll
2016-10-10 18:01 - 2016-10-01 22:11 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437306.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-10-31 17:19 - 2015-01-13 17:44 - 00000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2016-10-31 16:27 - 2015-12-12 23:39 - 02087808 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-31 16:27 - 2015-10-30 19:35 - 00888452 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-31 16:27 - 2015-10-30 19:35 - 00197278 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-31 16:27 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-10-31 16:22 - 2016-08-12 17:27 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-31 16:22 - 2015-12-12 23:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-31 16:21 - 2015-12-12 23:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-31 16:20 - 2015-10-30 07:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-10-31 15:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-31 15:04 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-30 21:27 - 2016-01-16 20:44 - 00000000 ____D C:\WINDOWS\Minidump
2016-10-30 21:22 - 2014-12-25 18:09 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-30 15:11 - 2016-09-07 13:12 - 00000000 ____D C:\Users\admin\Documents\The Witcher 3
2016-10-30 12:55 - 2015-01-24 12:20 - 00000000 ____D C:\Users\admin\AppData\Roaming\TS3Client
2016-10-30 12:03 - 2015-01-11 15:40 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-30 11:59 - 2016-07-08 21:51 - 00000008 __RSH C:\Users\admin\ntuser.pol
2016-10-30 11:59 - 2016-07-08 21:11 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-10-30 11:59 - 2015-12-12 23:40 - 00000000 ____D C:\Users\admin
2016-10-30 11:59 - 2015-08-01 17:21 - 00000000 ____D C:\AdwCleaner
2016-10-30 11:50 - 2015-07-09 11:23 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-10-30 11:50 - 2015-01-11 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-10-30 11:50 - 2015-01-11 15:40 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-10-29 20:11 - 2015-01-25 18:59 - 00000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2016-10-29 15:57 - 2016-09-18 11:48 - 00000000 ____D C:\ProgramData\updater2
2016-10-29 15:42 - 2015-12-12 23:30 - 04995152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-29 15:27 - 2016-01-21 16:52 - 00000000 ____D C:\Program Files\CCleaner
2016-10-29 11:57 - 2016-09-04 11:58 - 00000000 ____D C:\WINDOWS\LastGood
2016-10-29 11:57 - 2016-01-08 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-10-29 11:57 - 2015-12-12 23:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-10-29 11:56 - 2015-12-12 23:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-10-29 11:56 - 2015-12-12 23:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-29 11:56 - 2015-04-07 21:02 - 00000000 ____D C:\Users\admin\AppData\Local\NVIDIA Corporation
2016-10-28 02:22 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-10-26 23:16 - 2016-01-08 15:46 - 14159928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-10-26 15:36 - 2014-11-08 17:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-26 15:36 - 2014-11-08 17:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-26 15:36 - 2014-11-08 17:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-26 14:28 - 2014-12-27 19:56 - 00000000 ____D C:\Users\admin\AppData\Local\TeamSpeak 3 Client
2016-10-26 02:09 - 2015-11-12 17:25 - 01595456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-10-26 02:09 - 2015-11-12 17:25 - 00212936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-10-25 22:40 - 2016-01-08 15:46 - 24365624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-10-25 22:40 - 2016-01-08 15:46 - 03927288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-10-25 22:40 - 2016-01-08 15:46 - 03468736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-10-25 22:40 - 2016-01-08 15:46 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2016-10-25 21:17 - 2016-01-08 15:47 - 06386232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-10-25 21:13 - 2016-09-14 18:34 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-10-25 19:41 - 2014-11-08 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-24 07:31 - 2016-01-08 15:47 - 07507695 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-10-21 10:23 - 2016-09-08 13:08 - 00002004 _____ C:\Users\admin\Desktop\The Witcher® 3 - Wild Hunt.lnk
2016-10-20 13:13 - 2016-08-12 17:28 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-20 13:13 - 2016-08-12 17:28 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-19 22:00 - 2016-04-07 18:50 - 00000000 ____D C:\Users\admin\AppData\Local\Spotify
2016-10-19 21:58 - 2016-09-17 08:53 - 00000000 ____D C:\Users\admin\Documents\Recordify
2016-10-19 21:32 - 2016-04-07 18:49 - 00000000 ____D C:\Users\admin\AppData\Roaming\Spotify
2016-10-18 16:42 - 2016-09-23 13:09 - 00000931 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-10-18 16:42 - 2016-09-23 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-10-18 16:42 - 2016-09-23 13:09 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-10-10 17:46 - 2016-09-22 17:17 - 00003736 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:35 - 00003924 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:35 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-10-10 17:46 - 2016-09-14 18:34 - 00003988 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:34 - 00003960 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:34 - 00003898 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:34 - 00003694 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-06 17:53 - 2016-09-04 18:11 - 00000000 ____D C:\Users\admin\Desktop\Memes
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-22 17:24 - 2015-04-22 17:24 - 0549471 _____ () C:\Program Files\vac414demo.zip
2014-10-10 13:07 - 2014-10-10 13:07 - 0000000 _____ () C:\Users\admin\AppData\Roaming\gdfw.log
2014-10-10 13:07 - 2014-10-10 13:07 - 0000779 _____ () C:\Users\admin\AppData\Roaming\gdscan.log
2016-03-20 13:57 - 2016-03-20 13:57 - 0003584 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-10 14:36 - 2015-04-10 14:36 - 0000058 _____ () C:\Users\admin\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-05-26 20:44 - 2015-12-12 17:05 - 0007601 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2015-12-12 23:35 - 2015-12-12 23:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-30 19:56 - 2015-03-01 19:57 - 0000032 ____R () C:\ProgramData\hash.dat
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\hash.dat
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-22 14:01
==================== Ende von FRST.txt ============================
Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 17:19 on 31/10/2016 by admin
Administrator - Elevation successful
========== filefind ==========
Searching for "*SlimWare*"
No files found.
Searching for "*DriverSetupUtility*"
No files found.
Searching for "*lejutplovshprohey*"
No files found.
Searching for "*berjuspgraatherfufi*"
No files found.
========== folderfind ==========
Searching for "*SlimWare*"
No folders found.
Searching for "*DriverSetupUtility*"
No folders found.
Searching for "*lejutplovshprohey*"
C:\FRST\Quarantine\C\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey d------ [14:44 25/12/2014]
C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey d------ [15:23 31/10/2016]
Searching for "*berjuspgraatherfufi*"
C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit d------ [20:15 12/07/2016]
========== regfind ==========
Searching for "SlimWare"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\952BA647474611149866C1269F6A0E36\InstallProperties]
"Publisher"="SlimWare Utilities, Inc."
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{746AB259-6474-4111-8966-1C62F9A6E063}]
"Publisher"="SlimWare Utilities, Inc."
Searching for "DriverSetupUtility"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\DriverSetupUtility\FUB\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\DriverSetupUtility\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BCA54414D85CCD4BA470C00DF8ABE34]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\FUB.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1581BD06EE19F0A49A756BCC0E523251]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\LiveUpdate.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\413C9810C8243BA46ACD761B24057875]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\DiagnosticEvent.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4661330A6D81B0F4E9C43623EF6E1690]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\LogDebug.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\533EE321A4198764E85F9A7EA50BB1FB]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\ACCPlugin.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5A95336BE4C06E64DBD1282AC156E221]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\LogDll.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\651B665F1569DCB4792824703B812035]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\SharpBITS.Base.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65546D56A04F9E44F94E17DB3AE653DD]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\FUB.bat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\80266C0C4DCE4CD4689BF2E086645DB6]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\82B714016F6354A49A293D740A529A06]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\ManagedNativeUtilities.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C78AEE94E49F3F4FB42B8869274C2BB]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\DiagnosticPlugin.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6CB15808A8754749B4C65A7478EC402]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\ADCommonType.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C96C454C7299FFB4CB9FAB84D515A053]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\LiveUpdateChecker.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1F0A5CD4BBDC4D4B8029209B07C046B]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\ACCUtilities.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}]
"Comments"=" DriverSetupUtility"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}]
"InstallLocation"="C:\Program Files\Other\Other DriverSetupUtility\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}]
"UninstallString"="Msiexec.exe /i {2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6} ACER=1 PRODUCTNAME=" DriverSetupUtility" REMOVEUSEC=1 BOOTSTRATOR=1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}]
"DisplayName"=" DriverSetupUtility"
Searching for "lejutplovshprohey"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search]
"JumpListChangedAppIds"="Microsoft.Windows.ControlPanel Chrome.UserData.lejutplovshprohey {6D809377-6AF0-444B-8957-A3773F02200E}\CCleaner\CCleaner64.exe E7CF176E110C211B {7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Steam\Steam.exe {6D809377-6AF0-444B-8957-A3773F02200E}\WinRAR\WinRAR.exe {1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\notepad.exe"
[HKEY_USERS\S-1-5-21-2499327049-1345700090-1954953358-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Search]
"JumpListChangedAppIds"="Microsoft.Windows.ControlPanel Chrome.UserData.lejutplovshprohey {6D809377-6AF0-444B-8957-A3773F02200E}\CCleaner\CCleaner64.exe E7CF176E110C211B {7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Steam\Steam.exe {6D809377-6AF0-444B-8957-A3773F02200E}\WinRAR\WinRAR.exe {1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\notepad.exe"
Searching for "berjuspgraatherfufi"
No data found.
-= EOF =-
|
|
31.10.2016, 17:43
| #8 |
| | Windows 10: CMD Konsole öffnet sich von alleine mit BSOD Und hier noch der Fixlog: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-10-2016
durchgeführt von admin (31-10-2016 16:20:16) Run:1
Gestartet von C:\Users\admin\Desktop
Geladene Profile: admin (Verfügbare Profile: admin & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei
C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufi
C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey
CHR HomePage: lejutplovshprohey -> hxxp://www.trotux.com/?z=79abb8c81d8fbf04419bec9g5zamee5q7e6e9m6z2z&from=fss&uid=WDCXWD10EZEX-00WN4A0_WD-WCC6Y4CVNXHVVNXHV&type=hp
CHR StartupUrls: lejutplovshprohey -> "hxxps://www.google.com/"
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f47c86c9d3240056\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=berjuspgraatherfufit
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d6731079c9ca4513\Tim - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=lejutplovshprohey
Task: {878BFAD2-5A40-4B5D-8ADA-E9454C0B39A6} - kein Dateipfad
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "C:\Users\admin\AppData\Local\Google\Chrome\User Data"
Unlock: C:\FRST
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Schlüssel nicht gefunden.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => Schlüssel nicht gefunden.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => Schlüssel nicht gefunden.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending" => Schlüssel erfolgreich entfernt
HKCR\Wow6432Node\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Schlüssel nicht gefunden.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced" => Schlüssel erfolgreich entfernt
HKCR\Wow6432Node\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => Schlüssel nicht gefunden.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing" => Schlüssel erfolgreich entfernt
HKCR\Wow6432Node\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => Schlüssel nicht gefunden.
"C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufi" => nicht gefunden.
C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey => erfolgreich verschoben
Chrome HomePage => nicht gefunden.
Chrome StartupUrls => nicht gefunden.
C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f47c86c9d3240056\Google Chrome.lnk => Verknüpfung Eigenschaft erfolgreich entfernt.
C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d6731079c9ca4513\Tim - Chrome.lnk => Verknüpfung Eigenschaft erfolgreich entfernt.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{878BFAD2-5A40-4B5D-8ADA-E9454C0B39A6}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{878BFAD2-5A40-4B5D-8ADA-E9454C0B39A6}" => Schlüssel erfolgreich entfernt
========= dir "%ProgramFiles%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: A54F-5E32
Verzeichnis von C:\Program Files
30.10.2016 11:59 <DIR> .
30.10.2016 11:59 <DIR> ..
23.03.2015 18:43 <DIR> 7-Zip
12.12.2015 23:34 <DIR> ASUS
09.05.2015 15:58 <DIR> Battoexe
29.10.2016 15:27 <DIR> CCleaner
14.07.2016 13:10 <DIR> CMAK
13.09.2016 20:40 <DIR> Common Files
06.08.2016 22:07 <DIR> DIFX
16.01.2015 14:30 <DIR> Epson Software
16.01.2015 14:28 <DIR> EpsonNet
05.08.2016 20:11 <DIR> IIS
06.08.2015 09:18 <DIR> Intel
11.08.2016 02:31 <DIR> Internet Explorer
13.10.2015 17:30 <DIR> iTunes
07.02.2016 14:29 <DIR> Java
05.06.2015 13:19 <DIR> Logitech
10.04.2015 11:35 <DIR> Logitech Gaming Software
10.10.2014 13:15 <DIR> Microsoft Office
26.10.2016 15:36 <DIR> Microsoft Silverlight
05.08.2016 20:32 <DIR> Microsoft SQL Server
05.08.2016 20:20 <DIR> Microsoft SQL Server Compact Edition
25.11.2015 17:29 <DIR> Microsoft Synchronization Services
12.12.2015 23:23 <DIR> MSBuild
18.10.2016 16:42 <DIR> Nexus Mod Manager
19.01.2015 14:49 <DIR> Nuance
29.10.2016 11:56 <DIR> NVIDIA Corporation
12.12.2015 14:37 <DIR> OBS
25.02.2015 21:21 <DIR> paint.net
20.01.2016 17:21 <DIR> Paragon Software
09.07.2015 11:42 <DIR> PowerISO
15.06.2015 17:42 <DIR> Python34
18.09.2016 11:31 <DIR> Realtek
12.12.2015 23:23 <DIR> Reference Assemblies
14.07.2016 12:03 <DIR> Rockstar Games
14.02.2015 15:25 <DIR> Sony
17.09.2016 11:51 <DIR> Synaptics
17.11.2015 17:14 <DIR> TAP-Windows
22.04.2015 17:24 549.471 vac414demo.zip
14.07.2016 13:10 <DIR> Windows Defender
11.08.2016 02:31 <DIR> Windows Journal
14.07.2016 13:10 <DIR> Windows Mail
09.03.2016 20:55 <DIR> Windows Media Player
09.03.2016 20:55 <DIR> Windows Multimedia Platform
13.12.2015 00:05 <DIR> Windows NT
14.07.2016 13:10 <DIR> Windows Photo Viewer
09.03.2016 20:55 <DIR> Windows Portable Devices
19.02.2015 13:47 <DIR> WinRAR
1 Datei(en), 549.471 Bytes
47 Verzeichnis(se), 268.000.186.368 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramFiles(x86)%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: A54F-5E32
Verzeichnis von C:\Program Files (x86)
30.10.2016 12:23 <DIR> .
30.10.2016 12:23 <DIR> ..
16.01.2015 14:35 <DIR> ABBYY FineReader 9.0 Sprint
12.12.2015 14:32 <DIR> Adobe
27.11.2014 20:32 <DIR> AGEIA Technologies
27.06.2016 16:16 <DIR> Apple Software Update
12.12.2015 23:34 <DIR> ASUS
21.01.2016 16:58 <DIR> Audacity
15.12.2015 16:14 <DIR> avmwlanstick
08.09.2016 12:46 <DIR> BlueJ
27.11.2015 15:49 <DIR> booddanet
19.01.2015 14:51 <DIR> Brother
19.01.2015 14:51 <DIR> Browny02
31.08.2016 15:29 <DIR> CASIO
14.07.2016 13:10 <DIR> CMAK
22.08.2016 10:47 <DIR> Common Files
19.01.2015 14:51 <DIR> ControlCenter4
07.01.2016 13:57 <DIR> CrystalDiskInfo
09.07.2015 10:59 <DIR> Crytek
19.08.2015 17:25 <DIR> Dev-Cpp
25.03.2016 12:24 <DIR> DVDVideoSoft
27.12.2014 09:46 <DIR> Dxtory Software
16.01.2015 14:28 <DIR> epson
16.01.2015 14:30 <DIR> Epson Software
29.01.2016 11:25 <DIR> Euro Truck Simulator 2 Multiplayer
18.02.2015 20:08 <DIR> Faster Chrome Pro
10.01.2015 19:49 <DIR> Free Codec Pack
25.03.2016 12:24 <DIR> FreeCodecPack
21.01.2016 16:58 <DIR> Futuremark
08.11.2014 17:17 <DIR> G Data
20.09.2016 17:25 <DIR> GOG Galaxy
12.08.2016 17:27 <DIR> Google
01.08.2015 17:08 <DIR> GUMFFA2.tmp
05.08.2016 20:11 <DIR> IIS
22.08.2016 10:39 <DIR> IIS Express
12.12.2015 14:34 <DIR> Intel
11.08.2016 02:31 <DIR> Internet Explorer
07.02.2016 14:29 <DIR> Java
28.08.2016 17:12 <DIR> LibreOffice 5
30.10.2016 11:50 <DIR> Malwarebytes Anti-Malware
07.02.2015 15:36 <DIR> MarkAny
29.05.2015 16:34 <DIR> MaxiVista Demo Anzeigeprogramm
08.06.2015 18:24 <DIR> Microsoft Application Virtualization Client
22.08.2016 10:40 <DIR> Microsoft ASP.NET
08.04.2015 20:46 <DIR> Microsoft Games
05.08.2016 20:05 <DIR> Microsoft Help Viewer
04.01.2015 11:58 <DIR> Microsoft Office
22.08.2016 10:46 <DIR> Microsoft SDKs
26.10.2016 15:36 <DIR> Microsoft Silverlight
05.08.2016 20:32 <DIR> Microsoft SQL Server
05.08.2016 20:20 <DIR> Microsoft SQL Server Compact Edition
04.01.2015 11:59 <DIR> Microsoft Synchronization Services
22.08.2016 10:35 <DIR> Microsoft Visual Studio 12.0
22.08.2016 10:47 <DIR> Microsoft Visual Studio 14.0
02.12.2015 12:20 <DIR> Microsoft XNA
05.08.2016 20:02 <DIR> Microsoft.NET
26.10.2016 15:27 <DIR> Mozilla Firefox
26.10.2016 15:36 <DIR> Mozilla Maintenance Service
22.08.2016 10:46 <DIR> MSBuild
19.01.2015 14:46 <DIR> MSXML 4.0
15.02.2015 20:11 <DIR> Notepad++
19.01.2015 14:48 <DIR> Nuance
29.10.2016 11:56 <DIR> NVIDIA Corporation
12.12.2015 14:37 <DIR> OMSI Addon Manager
15.03.2015 17:54 <DIR> Opera
04.09.2016 11:42 <DIR> Origin
22.08.2016 10:56 <DIR> QuickTime
08.07.2016 20:44 <DIR> R.G. Mechanics
17.09.2016 10:56 <DIR> Realtek
17.09.2016 08:50 <DIR> Recordify
12.12.2015 23:23 <DIR> Reference Assemblies
14.07.2016 12:03 <DIR> Rockstar Games
17.06.2015 17:16 <DIR> Samsung
16.01.2016 23:30 <DIR> Seagate
12.08.2015 16:21 <DIR> Skiller PRO
22.08.2016 10:56 <DIR> Skype
14.02.2015 15:25 <DIR> Sony
08.07.2016 21:51 <DIR> Stardock
30.10.2016 21:22 <DIR> Steam
22.08.2016 10:58 <DIR> SystemRequirementsLab
05.02.2016 19:28 <DIR> TechSmith
22.08.2016 10:59 <DIR> Ubisoft
27.11.2014 21:25 <DIR> VIA
29.10.2016 11:56 <DIR> VulkanRT
14.07.2016 13:10 <DIR> Windows Defender
22.08.2016 10:46 <DIR> Windows Kits
14.07.2016 13:10 <DIR> Windows Mail
30.10.2015 19:35 <DIR> Windows Media Player
09.03.2016 20:55 <DIR> Windows Multimedia Platform
30.10.2015 08:24 <DIR> Windows NT
14.07.2016 13:10 <DIR> Windows Photo Viewer
09.03.2016 20:55 <DIR> Windows Portable Devices
30.04.2015 20:03 <DIR> World of Warcraft
08.01.2016 16:02 <DIR> ZotacFireStorm
0 Datei(en), 0 Bytes
94 Verzeichnis(se), 268.000.182.272 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramData%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: A54F-5E32
Verzeichnis von C:\ProgramData
16.01.2015 14:33 <DIR> ABBYY
17.09.2016 08:49 <DIR> Abelssoft
18.09.2016 11:48 <DIR> acer
12.12.2015 14:31 <DIR> Adobe
12.12.2015 14:25 <DIR> Apple
10.01.2015 20:20 <DIR> AVS4YOU
06.01.2015 14:47 <DIR> Battle.net
06.01.2015 14:48 <DIR> Blizzard Entertainment
29.07.2016 19:52 <DIR> BlueStacksSetup
06.08.2015 09:59 <DIR> boost_interprocess
19.01.2015 14:52 <DIR> Brother
12.06.2015 16:24 <DIR> Codemasters
30.10.2015 08:24 <DIR> Comms
19.01.2015 14:51 <DIR> ControlCenter4
01.05.2015 12:49 <DIR> DAEMON Tools Lite
27.11.2014 23:38 <DIR> Downloaded Installations
04.09.2016 11:36 <DIR> Electronic Arts
16.01.2015 14:26 <DIR> EPSON
20.01.2016 17:03 <DIR> explauncher
19.01.2015 14:47 <DIR> FLEXnet
08.11.2014 17:17 <DIR> G Data
26.06.2015 18:36 <DIR> GFACE
06.09.2016 20:05 <DIR> GOG.com
01.03.2015 19:57 32 hash.dat
25.11.2015 17:30 <DIR> Intel
20.01.2016 17:12 <DIR> launcher
10.04.2015 11:36 <DIR> LogiShrd
30.04.2015 16:01 <DIR> LogMeIn
18.02.2015 19:08 <DIR> Logs
11.01.2015 15:40 <DIR> Malwarebytes
20.12.2015 20:21 <DIR> McAfee
05.08.2016 20:18 <DIR> Microsoft DNX
24.08.2016 18:41 <DIR> Microsoft Help
06.08.2015 09:47 <DIR> Microsoft OneDrive
08.11.2014 17:18 <DIR> Mozilla
20.01.2016 17:21 <DIR> newbackup
20.01.2016 19:44 <DIR> newrestore
25.02.2015 19:44 <DIR> Norton
15.03.2015 10:50 <DIR> NortonInstaller
25.01.2015 13:24 <DIR> Nuance
31.10.2016 15:01 <DIR> NVIDIA
29.10.2016 11:57 <DIR> NVIDIA Corporation
14.10.2015 10:52 <DIR> OMSI AM
07.02.2016 14:30 <DIR> Oracle
06.09.2016 05:02 <DIR> Origin
07.09.2016 12:57 <DIR> Package Cache
13.02.2015 19:28 <DIR> RapidSolution
21.01.2016 17:07 <DIR> Razer
12.12.2015 23:51 <DIR> regid.1986-12.com.adobe
22.08.2016 10:48 <DIR> regid.1991-06.com.microsoft
05.02.2016 19:28 <DIR> regid.1995-08.com.techsmith
03.01.2015 19:50 <DIR> Riot Games
20.01.2016 19:49 <DIR> rmbwizard
28.12.2014 16:49 <DIR> Samsung
19.01.2015 14:48 <DIR> ScanSoft
12.11.2015 16:11 <DIR> Screaming Bee
14.10.2015 16:43 <DIR> Skype
18.09.2016 11:32 <DIR> SoftwareDistribution
14.02.2015 15:28 <DIR> Sony
08.07.2016 21:08 <DIR> Stardock
20.11.2015 22:57 <DIR> Steam
03.01.2015 20:11 <DIR> Sun
05.02.2016 19:28 <DIR> TechSmith
18.02.2015 19:08 <DIR> TEMP
20.05.2015 15:32 <DIR> TmForever
28.12.2014 16:23 <DIR> TuneUp Software
16.01.2015 14:31 <DIR> UDL
28.08.2016 16:46 <DIR> UniqueId
29.10.2016 15:57 <DIR> updater2
12.12.2015 23:43 <DIR> USOPrivate
10.07.2015 13:22 <DIR> USOShared
25.12.2014 17:43 <DIR> VirtualizedApplications
13.10.2015 17:24 <DIR> WindSolutions
28.08.2016 16:54 <DIR> WinZip
29.12.2014 17:43 <DIR> XDMessagingv4
19.01.2015 14:48 <DIR> zeon
1 Datei(en), 32 Bytes
75 Verzeichnis(se), 268.000.178.176 Bytes frei
========= Ende von CMD: =========
========= dir "%Appdata%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: A54F-5E32
Verzeichnis von C:\Users\admin\AppData\Roaming
29.10.2016 14:56 <DIR> .
29.10.2016 14:56 <DIR> ..
16.01.2016 18:12 <DIR> .minecraft
29.12.2014 17:43 <DIR> Abelssoft
12.12.2015 14:32 <DIR> Adobe
15.03.2015 09:56 <DIR> Apple Computer
02.01.2016 19:55 <DIR> Audacity
07.08.2015 14:28 <DIR> avidemux
10.01.2015 20:20 <DIR> AVS4YOU
09.05.2015 15:59 <DIR> Bat To Exe Converter
06.01.2015 14:50 <DIR> Battle.net
07.08.2015 19:08 <DIR> BrawlhallaAir
10.06.2015 17:54 <DIR> Brother
19.01.2015 14:57 <DIR> ControlCenter4
08.07.2016 21:11 <DIR> Desktop
29.12.2014 17:43 <DIR> DesktopIconAmazon
19.08.2015 17:37 <DIR> Dev-Cpp
28.12.2014 20:24 <DIR> dlg
10.04.2015 14:36 <DIR> DonationCoder
24.08.2016 16:22 <DIR> DVDVideoSoft
16.01.2015 19:06 <DIR> Epson
17.02.2015 13:29 <DIR> FileZilla
10.01.2015 20:00 <DIR> FlashIntegro
19.01.2015 14:56 <DIR> FLEXnet
01.07.2015 19:59 <DIR> ftblauncher
10.10.2014 13:07 0 gdfw.log
10.10.2014 13:07 779 gdscan.log
09.10.2014 20:54 <DIR> Identities
22.02.2016 14:00 <DIR> Infamous GTAV Menu
16.01.2015 14:27 <DIR> InstallShield
25.12.2014 15:48 <DIR> java
16.03.2015 18:09 <DIR> LibreOffice
10.04.2015 11:28 <DIR> Logishrd
10.04.2015 11:28 <DIR> Logitech
16.11.2015 15:34 <DIR> LolClient
04.01.2015 00:18 <DIR> Macromedia
24.01.2015 09:57 <DIR> MAXON
21.11.2010 08:16 <DIR> Media Center Programs
14.02.2015 12:02 <DIR> Minecraft Skin Viewer
21.01.2015 15:27 <DIR> MMFApplications
08.11.2014 17:28 <DIR> Mozilla
12.12.2015 14:38 <DIR> New Technology Studio
20.05.2015 20:25 <DIR> Notepad++
22.08.2016 10:52 <DIR> Nox
19.01.2015 14:48 <DIR> Nuance
08.01.2016 18:02 <DIR> NVIDIA
15.03.2015 17:54 <DIR> Opera Software
05.09.2016 15:54 <DIR> Origin
21.02.2015 22:59 <DIR> PDAppFlex
01.05.2015 12:54 <DIR> PowerISO
18.09.2016 18:54 <DIR> Profiles
14.02.2015 15:35 <DIR> Publish Providers
29.05.2015 20:20 <DIR> Python-Eggs
16.11.2015 13:55 <DIR> Riot Games
17.06.2015 17:16 <DIR> Samsung
12.11.2015 16:11 <DIR> Screaming Bee
22.02.2016 13:07 <DIR> Skype
14.02.2015 14:29 <DIR> skyz
28.09.2016 20:14 <DIR> SoftGrid Client
14.02.2015 21:19 <DIR> Sony
19.10.2016 21:32 <DIR> Spotify
08.07.2016 21:08 <DIR> Stardock
01.02.2016 13:50 <DIR> Sun
10.01.2015 20:48 <DIR> TechSmith
10.10.2014 13:16 <DIR> TP
30.10.2016 12:55 <DIR> TS3Client
28.12.2014 16:23 <DIR> TuneUp Software
12.03.2016 09:59 <DIR> uTorrent
10.01.2015 20:00 <DIR> VideoEditor
13.10.2015 17:30 <DIR> WindSolutions
27.12.2014 09:44 <DIR> WinRAR
2 Datei(en), 779 Bytes
69 Verzeichnis(se), 268.000.174.080 Bytes frei
========= Ende von CMD: =========
========= dir "%LocalAppdata%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: A54F-5E32
Verzeichnis von C:\Users\admin\AppData\Local
30.10.2016 12:23 <DIR> .
30.10.2016 12:23 <DIR> ..
16.01.2015 14:34 <DIR> ABBYY
17.09.2016 08:50 <DIR> Abelssoft
13.12.2015 00:14 <DIR> ActiveSync
20.12.2015 20:21 <DIR> Adobe
21.01.2016 16:57 <DIR> Amazon Music
14.03.2015 19:13 <DIR> Apple
14.03.2015 19:15 <DIR> Apple Computer
07.01.2015 19:18 <DIR> Battle.net
23.09.2016 13:09 <DIR> Black_Tree_Gaming
06.01.2015 14:48 <DIR> Blizzard Entertainment
29.07.2016 19:50 <DIR> Bluestacks
01.08.2015 17:45 <DIR> CEF
24.08.2015 15:03 <DIR> Comms
31.10.2016 16:19 <DIR> CrashDumps
12.03.2016 09:48 <DIR> Daybreak Game Company
20.03.2016 13:57 3.584 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
08.07.2016 14:23 <DIR> Diagnostics
10.04.2015 14:36 58 DonationCoder_ScreenshotCaptor_InstallInfo.dat
20.01.2016 17:04 <DIR> Downloaded Installations
09.07.2015 10:55 <DIR> Dxtory Software
29.10.2016 20:11 <DIR> ElevatedDiagnostics
03.01.2016 20:24 <DIR> Fallout4
01.07.2015 20:15 <DIR> ftblauncher
10.04.2015 13:28 <DIR> Futuremark
07.09.2016 13:12 <DIR> GalaxyCommunicationService
18.06.2016 14:00 <DIR> GameMaker8.1
29.04.2015 18:25 87.728 GDIPFONTCACHEV1.DAT
06.08.2016 15:56 <DIR> GMap.NET
14.09.2015 13:46 <DIR> Google
09.06.2015 13:59 <DIR> GWX
10.04.2015 13:28 <DIR> IsolatedStorage
12.07.2016 21:12 <DIR> levispmenoycazuk
05.06.2015 13:24 <DIR> Logitech
30.04.2015 16:01 <DIR> LogMeIn
21.01.2016 17:10 <DIR> LogMeIn Hamachi
20.12.2015 20:21 <DIR> Macromedia
11.09.2015 15:13 <DIR> Mega Limited
22.08.2016 10:45 <DIR> Microsoft
18.06.2015 19:35 <DIR> Microsoft Help
06.08.2015 10:02 <DIR> MicrosoftEdge
08.11.2014 17:28 <DIR> Mozilla
06.08.2015 10:01 <DIR> NetworkTiles
07.08.2015 20:37 <DIR> New Technology Studio
22.08.2016 10:52 <DIR> Nox
25.02.2015 20:50 <DIR> NPE
14.09.2016 18:37 <DIR> NVIDIA
29.10.2016 11:56 <DIR> NVIDIA Corporation
15.03.2015 17:54 <DIR> Opera Software
04.09.2016 11:44 <DIR> Origin
18.09.2016 19:18 <DIR> Packages
14.02.2015 12:02 <DIR> paint.net
08.08.2015 10:33 <DIR> PeerDistRepub
15.06.2015 17:41 <DIR> pip
29.08.2016 14:58 <DIR> PokemonGo
26.08.2016 19:28 <DIR> Profiles
27.11.2014 21:24 <DIR> Programs
06.08.2015 09:44 <DIR> Publishers
25.12.2014 19:15 <DIR> PunkBuster
21.01.2016 17:07 <DIR> Razer
28.12.2014 01:21 <DIR> Razer_Inc
12.12.2015 17:05 7.601 Resmon.ResmonCfg
16.04.2015 17:57 <DIR> Rockstar Games
28.12.2014 16:50 <DIR> Samsung
10.05.2015 12:00 <DIR> SCE
25.12.2014 15:53 <DIR> Skype
20.03.2016 18:29 <DIR> SniperV2
10.10.2014 13:18 <DIR> SoftGrid Client
14.02.2015 15:33 <DIR> Sony
14.01.2016 16:09 <DIR> speech
19.10.2016 22:00 <DIR> Spotify
08.07.2016 21:08 <DIR> Stardock
12.12.2015 17:52 <DIR> Steam
26.10.2016 14:28 <DIR> TeamSpeak 3 Client
10.01.2015 20:48 <DIR> TechSmith
31.10.2016 16:20 <DIR> Temp
28.12.2014 16:13 <DIR> Temp18322e7517f8435cad2c742dfda4ce1e
28.12.2014 16:15 <DIR> Temp2aa1736f2fe21d7fd56ba2526444a3fe
06.08.2015 09:43 <DIR> TileDataLayer
28.12.2014 16:23 <DIR> TuneUp Software
22.08.2016 10:59 <DIR> Ubisoft Game Launcher
07.08.2016 21:11 <DIR> Video4you
27.02.2015 13:45 <DIR> VirtualStore
22.08.2016 10:44 <DIR> vsixinstaller
18.06.2016 14:03 <DIR> YoYo_Games_Ltd
4 Datei(en), 98.971 Bytes
82 Verzeichnis(se), 268.000.169.984 Bytes frei
========= Ende von CMD: =========
========= dir "C:\Users\admin\AppData\Local\Google\Chrome\User Data" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: A54F-5E32
Verzeichnis von C:\Users\admin\AppData\Local\Google\Chrome\User Data
31.10.2016 16:20 <DIR> .
31.10.2016 16:20 <DIR> ..
08.07.2016 21:36 <DIR> Avatars
29.10.2016 15:30 <DIR> berjuspgraatherfufit
04.03.2015 17:30 <DIR> Caps
31.10.2016 15:59 200.883 Certificate Revocation Lists
31.10.2016 15:59 <DIR> CertificateTransparency
16.03.2016 19:42 <DIR> Crashpad
25.12.2014 15:49 6.811.094 de-DE-3-0.bdic
09.09.2015 18:19 <DIR> EVWhitelist
29.10.2016 21:07 <DIR> FileTypePolicies
25.12.2014 15:44 0 First Run
31.10.2016 16:18 58.221 Local State
19.10.2016 10:44 308 nacl_validation_cache.bin
05.08.2016 21:15 <DIR> OriginTrials
29.10.2016 20:16 <DIR> PepperFlash
29.10.2016 22:32 <DIR> pnacl
19.10.2016 10:44 <DIR> PnaclTranslationCache
31.10.2016 15:55 15.347.956 Safe Browsing Bloom
31.10.2016 15:55 3.621.248 Safe Browsing Bloom Prefix Set
05.08.2016 21:17 5.120 Safe Browsing Channel IDs
31.10.2016 16:19 7.168 Safe Browsing Cookies
31.10.2016 16:19 0 Safe Browsing Cookies-journal
31.10.2016 15:55 128.356 Safe Browsing Csd Whitelist
31.10.2016 15:55 207.956 Safe Browsing Download
31.10.2016 15:55 22.476 Safe Browsing Download Whitelist
31.10.2016 15:55 64.960 Safe Browsing Extension Blacklist
31.10.2016 15:55 112 Safe Browsing IP Blacklist
31.10.2016 15:55 50.752 Safe Browsing Module Whitelist
31.10.2016 15:55 1.180 Safe Browsing Resource Blacklist
31.10.2016 15:55 1.413.216 Safe Browsing UwS List
31.10.2016 15:55 310.838 Safe Browsing UwS List Prefix Set
26.10.2016 16:49 <DIR> ShaderCache
01.06.2015 15:50 <DIR> SwiftShader
30.10.2016 11:44 <DIR> SwReporter
30.10.2016 18:56 <DIR> Webstore Downloads
22.09.2016 13:41 <DIR> WidevineCDM
19 Datei(en), 28.251.844 Bytes
18 Verzeichnis(se), 268.000.165.888 Bytes frei
========= Ende von CMD: =========
"C:\FRST" => wurde entsperrt
========= RemoveProxy: =========
HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => Wert erfolgreich entfernt
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 38639067 B
Java, Flash, Steam htmlcache => 567142577 B
Windows/system/drivers => 3235092 B
Edge => 3342488 B
Chrome => 1572864 B
Firefox => 18471818 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6168 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 15601258 B
admin => 852836813 B
DefaultAppPool => 6168 B
RecycleBin => 1238475 B
EmptyTemp: => 1.4 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 16:20:29 ====
|
|
01.11.2016, 10:01
| #9 |
| /// TB-Ausbilder |  Windows 10: CMD Konsole öffnet sich von alleine mit BSOD Servus, gut gemacht.  Allerdings hast du den Upload nicht durchgeführt. wir entfernen die letzten Reste und kontrollieren nochmal alles. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit
C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{746AB259-6474-4111-8966-1C62F9A6E063}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\952BA647474611149866C1269F6A0E36
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2
Schritt 3
Schritt 4 ESET Online Scanner
Schritt 5 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 6
Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
01.11.2016, 18:36
| #10 |
| | Windows 10: CMD Konsole öffnet sich von alleine mit BSOD Hi M-K-D-B, Ich habe die Quarantine.zip hochgeladen oder besser gesagt versucht hochzuladen... habe keine Bestätigung des Uploads. (Wie beim letzten Mal)  Die Probleme scheinen größtenteils beseitigt zu sein da ich lange keinen Bluescreen mehr hatte was mir am meisten Probleme gemacht hat.  Das einzige was immer noch nicht funktioniert ist die Task leiste samt Windowstaste, Suchfeld und unten rechts die normalerweise anklickbaren Elemente. (Datum, Uhrzeit, Wlan-Status, etc.)  Hier die Logs: HitmanPro: Code:
ATTFilter
Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-10-2016
durchgeführt von admin (01-11-2016 12:37:46) Run:2
Gestartet von C:\Users\admin\Desktop
Geladene Profile: admin (Verfügbare Profile: admin & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit
C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{746AB259-6474-4111-8966-1C62F9A6E063}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\952BA647474611149866C1269F6A0E36
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit => erfolgreich verschoben
C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey => erfolgreich verschoben
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{746AB259-6474-4111-8966-1C62F9A6E063} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\952BA647474611149866C1269F6A0E36 => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\952BA647474611149866C1269F6A0E36 => Schlüssel erfolgreich entfernt
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7525130 B
Java, Flash, Steam htmlcache => 362296498 B
Windows/system/drivers => 8790 B
Edge => 0 B
Chrome => 0 B
Firefox => 3095536 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 5058 B
admin => 257505202 B
DefaultAppPool => 0 B
RecycleBin => 0 B
EmptyTemp: => 601.2 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 12:37:56 ====
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=acf1a165a1be134ba75b1e7a54ee3c5e
# end=init
# utc_time=2016-11-01 12:57:29
# local_time=2016-11-01 01:57:29 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 31265
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=acf1a165a1be134ba75b1e7a54ee3c5e
# end=updated
# utc_time=2016-11-01 01:34:20
# local_time=2016-11-01 02:34:20 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=acf1a165a1be134ba75b1e7a54ee3c5e
# engine=31265
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-11-01 04:36:47
# local_time=2016-11-01 05:36:47 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 15821 31832350 0 0
# scanned=493466
# found=6
# cleaned=0
# scan_time=10947
sh=DDD7E789E67132CF6C5D8169B2F46E3498FCA60F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\admin\AppData\Roaming\SKYZND.vir"
sh=9413821E4285C46DAF48156B472065FC2D763FE8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\admin\AppData\Roaming\ZUFBV.vir"
sh=45AEFD879AE8AB81242599BA114A63171A4BE5E8 ft=1 fh=33ca0960da750fe5 vn="Variante von MSIL/Adware.OxyPumper.R Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\files\dpenurzhfadnkcrfyuvfwnyczakykmqg\Service.exe"
sh=1E30EE88964BA2B1A93E91A04C20F1778398230B ft=1 fh=7f0be657413da77f vn="Win64/HackTool.GameHack.C Trojaner" ac=I fn="C:\Program Files\Rockstar Games\Grand Theft Auto V\GTAV_NATIVE.dll"
sh=25CB4A2407CF273AEF640A478CCE5AA77E3051C7 ft=1 fh=3bf2d10400a3ed9f vn="Variante von MSIL/Adware.OxyPumper.P Anwendung" ac=I fn="C:\Users\admin\AppData\Local\Video4you\vload.exe"
sh=BED8CB151A6CCA7654A056E9F6BAABF979A68C36 ft=0 fh=0000000000000000 vn="Win64/HackTool.GameHack.C Trojaner" ac=I fn="C:\Users\admin\AppData\Roaming\Skype\My Skype Received Files\GTA 5 Infamous Menu 1.28.rar"
|
|
01.11.2016, 18:38
| #11 |
| | Windows 10: CMD Konsole öffnet sich von alleine mit BSOD Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-10-2016
durchgeführt von admin (01-11-2016 18:24:28)
Gestartet von C:\Users\admin\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-12 23:10:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
admin (S-1-5-21-2499327049-1345700090-1954953358-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-2499327049-1345700090-1954953358-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2499327049-1345700090-1954953358-503 - Limited - Disabled)
Gast (S-1-5-21-2499327049-1345700090-1954953358-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Active Directory Authentication Library für SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library für SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Benutzerhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Useg) (Version: - )
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.7 - BlueJ Team)
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version: - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation)
CASIO FA-124 (HKLM-x32\...\{FB47E710-6249-4EFA-BE36-E922B0612AF4}) (Version: 2.04.0000 - CASIO COMPUTER CO., LTD.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CrystalDiskInfo 6.6.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.6.1 - Crystal Dew World)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.2 - Bloodshed Software)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.2.0.5.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.2 Alpha - ETS2MP Team)
F1 2014 (HKLM-x32\...\Steam App 226580) (Version: - Codemasters)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
FireStorm version V1.0.46.005 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.46.005 - )
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.5.323 - DVDVideoSoft Ltd.)
Free Video to Flash Converter version 5.0.55.113 (HKLM-x32\...\Free Video to Flash Converter_is1) (Version: 5.0.55.113 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.51.1215 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.51.1215 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
LibreOffice 5.1.4.2 (HKLM-x32\...\{D5D4AC5C-C757-4EB2-857C-B021DB22482C}) (Version: 5.1.4.2 - The Document Foundation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6129.5001 - Microsoft Corporation)
Microsoft PowerPoint Home and Student 2010 (HKLM-x32\...\Office14.POWERPOINTR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2016 Management Objects (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{7F6DCED8-6A2B-4436-AF20-8F659D04E388}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Netzwerkhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Netg) (Version: - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.1 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.7 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PlanetSide 2 (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7640 - Realtek Semiconductor Corp.)
Recordify 2016 (HKLM-x32\...\{E25B0FAA-66E5-4D2E-9B48-3B85B31543BF}_is1) (Version: 1.54 - Abelssoft)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Roslyn Language Services - x86 (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
Samsung Kies (x32 Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Scansoft PDF Professional (x32 Version: - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINTR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Spotify) (Version: 1.0.39.157.g674ae377 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25521 - Microsoft) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechSmith Screen Capture Codec (x32 Version: 3.1.0 - TechSmith Corporation) Hidden
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com)
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00EC848C-86C9-47BC-B85B-13FA387FDF59} - kein Dateipfad
Task: {031FE6EA-3811-413F-9C38-968399449312} - System32\Tasks\{E6D8422F-5911-48C8-A2CB-4839FC783C13} => C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
Task: {049E94B2-F0AB-43A3-A7E3-ABFDCFB2C1CE} - kein Dateipfad
Task: {04DB3C46-6919-4F66-945A-81B4A588BFE7} - System32\Tasks\{A13D3229-3538-4A9B-BC9D-4D7E46FEA6D1} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {053D44B9-7A00-49D6-9344-FD129CD575D1} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {073795C9-8A8F-499A-A1E9-4F464494A6E4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0BA0124E-9A6D-4875-BCC6-5F9AB9333055} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {0C3D1C09-F503-40AB-B1E9-5A5D061F520E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {0DE5621F-D1D7-472C-96B2-658556860924} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {17B7F027-9973-4196-8D91-ADE023D54742} - System32\Tasks\{1AE02D85-E364-45B6-92B0-A30EC8FDDDC9} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {17C6AD99-1673-4817-AD75-8F22CE4F1F18} - System32\Tasks\{9CF80396-B379-427D-9DBE-54858E636648} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {196EB3B7-F969-44FB-8904-FC3FFEBCEA36} - System32\Tasks\{E61D7DD5-0347-491C-94EE-5B2A55F53E7F} => pcalua.exe -a "C:\Users\admin\Desktop\lgs510 (1).exe" -d C:\Users\admin\Desktop
Task: {1B373374-5B77-4BD2-9CAC-A088601DAAA0} - \SimpleFiles Installer Starter -> Keine Datei <==== ACHTUNG
Task: {1C57893A-73C3-488F-B526-A8887F2953A7} - kein Dateipfad
Task: {1EC1E15D-F018-4723-9070-4D369E8FEC5C} - System32\Tasks\{DD61DBDB-E610-4BA6-A9B8-8B08C63A417E} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {2567BB02-4670-455E-9C02-C931857870E6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {25FAE78B-6ACC-46F8-A2DD-9BE9CA6DE96A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-01] (Google Inc.)
Task: {2B1E6290-3296-4B86-934C-BC5EDCE018AD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2BF4E1F4-BBF9-4735-A379-CD2D2324F79A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {35931239-6C01-4EB9-9F06-B5E34733FB8A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {3835EB9A-A64B-475E-8C88-55D172209009} - System32\Tasks\{BE51D640-5212-4286-940E-DCA2AE9961AB} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {3A147D4D-2142-4D6A-8909-CE683B68FE9A} - System32\Tasks\{A3A353F9-9F9B-44FE-B96D-31646B313523} => pcalua.exe -a C:\Users\admin\Downloads\lgs510.exe -d C:\Users\admin\Downloads
Task: {3ACDCFF8-92A6-4952-A33F-65AF05026115} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29] (Oracle Corporation)
Task: {3BA6A0E0-A338-4CA3-B585-0615270FA949} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {41EBF101-ACE4-4536-8696-90E37984A3E8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {48B78AE7-76A1-472C-8530-AAED256A3D7D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {4A830BC6-2C33-42ED-B89C-F2637F524AA0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-01] (Google Inc.)
Task: {4B4680D9-E2FE-4D78-8188-B1D11D741EBF} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4D52F5DD-1E4E-4B32-B1B5-BD1C7C4887A1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4ED0E3B6-4DC7-469D-9BD7-A7DA52E08299} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {4FE790BC-A8CB-4349-9629-E4036E9775AF} - System32\Tasks\{39F95DBA-5A4E-4CD2-BB4A-CCE9B94F3079} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {52861456-C744-4ECB-9338-A5EEADA219FA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {557BC2D0-F3F2-4A25-B697-21EC090FDE04} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {56EA4D43-A086-4470-B96E-9FB1768E6ED3} - System32\Tasks\{78912F09-9E09-46ED-8941-11871D4D0C4F} => C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
Task: {57E88640-41B7-4F5D-B851-AFD2838B1C63} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {5E324125-D66E-4D57-8894-976BA96DA865} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5EDE42A2-4A64-484D-800F-C420FA956798} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {67E03967-E26A-4558-8EAB-94C6D7F4330E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {6CFCB68E-50BB-4EC0-85D2-F81762436F24} - System32\Tasks\{47953A5F-E19D-43A8-9964-E39351028038} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {70125431-E640-4C46-8962-AB99C000B9DD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {70278F75-C037-45E7-BF31-69E4C0C8AE56} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {70CE0011-D1AA-42E4-953D-619628912C34} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {75C6EF2C-5336-4D15-964D-A3FA8A1B8BDE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7A28B1AA-97A0-44B4-98F5-467B1CB68A43} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7BBA2D3D-7FA5-4DB4-98CB-C570319C1451} - System32\Tasks\{BC2D6434-8781-46B3-A9A1-BA1C57245AF3} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {8838DCD1-B08E-428D-BF01-24E3B9250A53} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {88F45939-0423-4D4B-96F8-374FF864A93E} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {8B63AD8C-9FAF-4D05-AA3F-27B212A2DFCC} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8F02CB1D-35C4-4102-82B6-66D4C8008C1C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8F430278-2F26-4A86-B85E-42AAEE59C70A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {94670801-FB2B-4E67-AF37-4058B0DCE01A} - System32\Tasks\{F602CB6B-B3B2-4743-AF06-2F66C7BE8499} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {98198969-9034-402D-A679-29DA601446CB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9D5C522B-37BD-46E3-A442-AC23F73592B2} - System32\Tasks\{5C3EC2B9-4AC5-4839-8D87-302FA3C3ACBE} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {AA88E7A4-D1C3-4D6A-A6E3-DA77B9294E7A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AC033A59-1DF9-4ED5-BCFA-794A7A14E327} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {AE2CC07B-7448-4E97-8DFB-A9AF57990CC7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AEB1413A-1D68-4FF8-926E-D120A0757E6E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation)
Task: {AFDBEA67-0843-4AB5-BD1D-9CA29F285BBD} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {B30CA99E-2FB7-4A1F-9310-5086E459D3E4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {B47DB38F-7D31-430C-9BBE-8D3C4ABF9FB3} - System32\Tasks\{7992860A-8431-4122-927D-23C50BAB92FB} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {B558C71A-7D97-4074-92B9-1D455069D76A} - System32\Tasks\{E2612081-8FB6-438B-922C-0A1CE766B7A5} => pcalua.exe -a C:\Users\admin\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=smt
Task: {B7A19E07-846D-409F-B7F6-DEEFFA568013} - System32\Tasks\{7D4F9702-F680-43B7-B33D-5D0B50533B71} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {BA7A3D4D-05B7-4289-8E31-C295248928FE} - System32\Tasks\{45951CB7-774E-4695-A9EB-B860317AA6D3} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {C250493C-00EE-4DDB-9199-E8025EFF9C17} - System32\Tasks\Aufgaben der Ereignisanzeige\System_Service Control Manager_7001 => C:\Program Files (x86)\Dev-Cpp\devcpp.exe [2014-11-01] (Bloodshed Software)
Task: {CB36B87D-3291-4E1F-9773-48A3A334D53A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CEA0DE1F-289A-4695-A878-D208156D0A94} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {CFB8ABEC-6757-46E6-8EFC-E0BE2EDF389D} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {D9A1225A-818F-490E-A8D2-87CDB5D762B8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation)
Task: {DD422558-2E0D-41BD-B876-DD539DF6525E} - System32\Tasks\{2B222A2F-11BC-41E4-B2DF-21B4FC5268D1} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {DE537368-396A-4F53-B6D5-96B4AD35DE41} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E2484FC4-A3C9-4BAF-8E8C-15E6D2B8018B} - System32\Tasks\{36036BFE-A7D1-4FEC-9723-E0E4A6990D8E} => pcalua.exe -a C:\Users\admin\Downloads\ensharpendecoder_win.exe -d C:\Users\admin\Downloads
Task: {E7D0D2C6-A37C-487D-A5C3-98BE9DE6BA04} - System32\Tasks\{9ECFA4AD-89C0-4631-8D5F-B2FBE5DAA7BD} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {EC581E02-D4D8-41BB-9CD8-CBFBF873D645} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F3B427A6-5261-478B-A816-B72D733BC307} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FBCF94F8-5346-4EBD-8FF9-0D3B616042BB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FD8AE7A9-F8A2-4A3F-8C71-265A9D8A58A9} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE90EA90-D163-4504-94C1-EDDC81748B3F} - System32\Tasks\{D7330FEA-6FA4-4A05-862C-DE04F8EE8934} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV\Go to OpenIV web site.lnk -> hxxp://openiv.com/
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-12 23:34 - 2015-12-10 17:08 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-09-14 18:34 - 2016-09-30 05:24 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-14 18:34 - 2016-09-30 05:24 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-14 18:35 - 2016-09-30 05:24 - 00418240 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2015-01-19 14:51 - 2005-04-22 05:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2016-01-08 15:47 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-14 10:07 - 2016-07-01 05:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-14 10:07 - 2016-07-01 05:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-11-01 13:53 - 2016-10-20 09:56 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libglesv2.dll
2016-11-01 13:53 - 2016-10-20 09:56 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libegl.dll
2015-12-12 23:34 - 2016-11-01 13:51 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-12-12 23:34 - 2015-12-10 17:08 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-01-08 15:48 - 2016-09-30 05:24 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-14 18:35 - 2016-09-29 18:20 - 00500792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-14 18:35 - 2016-09-29 18:20 - 02801208 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-09-14 18:35 - 2016-09-30 05:23 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2015-08-12 16:21 - 2015-07-20 16:15 - 00057344 _____ () C:\Program Files (x86)\Skiller PRO\lan.dll
2015-08-12 16:21 - 2012-08-14 21:41 - 00061440 _____ () C:\Program Files (x86)\Skiller PRO\hiddriver.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\Temp:$DATA [16]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\sony.com -> sony.com
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-10-29 15:19 - 00003845 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\Downloads\OgFbo9.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: Amazon Music => "C:\Users\admin\AppData\Local\Amazon Music\Amazon Music Helper.exe"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "FireStormStartUpAutoRun"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\StartupFolder: => "OMSI Addon Manager.lnk"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "GalaxyClient"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{02C426C7-9C4E-4A46-BD30-BF2CB5EF4DD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{E842F5E6-2B29-4074-9BF2-B355FD57CFE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{BE839E79-17A6-44E9-BD8C-744EDA451B12}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ED4D5EED-E19E-4B6D-BBC4-BD8EEFEE7381}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8FBBDFE3-4CB1-4C44-B130-9F4E3F691FAC}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E1761EA9-656C-45B2-B863-546C635E23F1}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{669459B0-4C41-4592-8E72-A0FB0805CD8C}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{752A7395-9B28-4E39-BCF6-7E3DD8054A8F}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6B8081F3-87E9-4699-87CF-57090607BD27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{71DC30A2-BC07-4ABA-BDA2-63EEE592F38B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [UDP Query User{FF3FF898-C74B-4BCA-B925-FE7B4D0F9193}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{8AC22E5D-7405-449A-8388-77E105A7FE3F}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{A670B346-EA46-4CAC-BF18-9BEF4316F6AE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0CDA39B9-771A-404F-89FE-D53CB2DF686A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B6DDF0D4-02B1-418B-B571-607D5A78445A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7DE4A39E-7657-462E-8DD9-DE820B7DD6BD}] => (Allow) LPort=80
FirewallRules: [{ECF6FA0C-4E01-41DD-A7F2-140111367D8E}] => (Allow) LPort=443
FirewallRules: [{DE1D9E03-8B7F-4268-8F96-9D9AA50517C4}] => (Allow) LPort=20010
FirewallRules: [{6758E0B6-6176-480E-9BD0-5588169E534A}] => (Allow) LPort=3478
FirewallRules: [{E2BECC4D-BF05-4A53-8EE8-FB929BE83063}] => (Allow) LPort=7850
FirewallRules: [{5E150AAC-48A4-42EF-A89E-E176DC0A97D2}] => (Allow) LPort=7852
FirewallRules: [{B49401C2-80B7-4D07-AE02-5957A1596873}] => (Allow) LPort=7853
FirewallRules: [{88985BEC-DDAD-4887-B7CD-4F130BB6118F}] => (Allow) LPort=27022
FirewallRules: [{7BA48D57-BBD5-4901-9C1F-E5BF4AAFD049}] => (Allow) LPort=6881
FirewallRules: [{3BE55950-CB5E-4CF2-9CAC-EF312DB32D00}] => (Allow) LPort=33333
FirewallRules: [{0AAF2623-F139-4A7D-916D-4069E7F8C1AC}] => (Allow) LPort=20443
FirewallRules: [{68DA44FA-FB2A-4903-AEC6-5D94CF1B949F}] => (Allow) LPort=8090
FirewallRules: [{F8C76348-E4E0-441E-A1FF-CF88497A089F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{6FC93E4D-5540-43D1-89EB-A96BD31D0F1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{D626B09E-7F01-42A0-AD69-CC6BE3770C29}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{59D57AD8-BBF7-47F9-873E-DE7AB528406E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D38884A6-7B75-4271-AA3B-71D8920FAABE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{23707E11-254F-44DA-AD9A-5457B22B8AFA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{84A71B2D-C33C-4F54-A1EE-F65495F71620}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{6026356A-7674-43FC-8085-74D21AEC89E2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{0239E52D-A3B7-4126-B38D-13D5E4242B3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{070B69FA-53FB-42E3-BDD8-8538E7CC30B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{98106D20-060A-48F3-8359-991D1DE45EE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{D0DBCDE8-177C-4A8B-B38F-9F4B49C7C324}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{7BEC5473-494D-40F1-A37E-7A367D96E928}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{EE651D0F-2E98-4B07-BDAA-C862782EBF74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{0A5056C0-4DB0-4206-B872-924322C961B6}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{0ADABA06-D9B3-4FC5-9E64-163A4837B7F9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B881BF59-13EC-4FEB-B124-A313EE74C6B7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{EFC84F2E-9AF3-4AAD-B1CC-BADD16C6A4F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{0DF3284A-B5EB-44AF-A5EF-9FBE6A91FE96}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{98999DE2-D041-446D-B6DB-D1598A3A560C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{CA9CEFFD-7057-4EA3-8E17-4C2DA545D13A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{4D460F5B-1E4D-435A-A2D7-12DDF57B93E6}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{C2CD94CE-1158-4F41-B6C8-61F0F264BB14}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{1B41650B-8C0A-417B-9EE0-26A0CA7900DF}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{EDAACE47-D7CC-436F-B457-BC3E0D182D33}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{641126E5-7F8E-47F5-A691-E1879DE5DFFF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{BAAF648D-A884-4BDD-BFB4-7C23E3F2D419}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{6C9FBCC4-DDA9-4DD9-844C-1710FE6F0DE7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E7B3426-674E-4744-8A34-8FEC5D89E744}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{04B12B99-4B38-47DF-AFFC-5BEE580B5E06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{112ED707-0790-4C38-A0C1-47772EA9E61F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2DEC3BC6-5A7F-451C-84F4-FD5985360ECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2014\F1_2014.exe
FirewallRules: [{29D97B07-E473-46E2-9397-3B88065E54A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2014\F1_2014.exe
FirewallRules: [{8AAAC971-5D08-488F-A9CB-4C3E83EBE438}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{A4C04855-1259-4E93-95DF-B3D7ABAE27D8}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [TCP Query User{238B3ED3-2017-4B3C-8774-004E2F2B4B6A}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{24118DF0-B1A6-40F9-AF54-ADDC6D6A7696}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{182D7FB5-34AC-41B1-B80D-3E14A7C3284D}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{A38DC822-8450-4E90-B948-763473EBFE62}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{34C8DCA4-9CB4-44EB-BDA4-2243B6A94638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{460924A2-DAB1-4BDE-B6F1-EBDAE9624B00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{52E7285A-54BF-4106-B38A-D532E6665E86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{55C59A32-7325-4163-9BBA-CECB8AC28884}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{69AADE24-7EB2-4BA0-B3E2-5022DBB3A73F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{4650E401-DB1C-4EE4-83FF-38ADA29F2284}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{D00893C0-8221-4E36-AE8E-207288F031D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{9FF1999F-00BA-459E-AE40-2778EB9B185F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{7D58F99F-B3EE-401F-9AAD-2F279AD69E15}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DDFC01D2-2BFA-4485-B57F-A3D08551180F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D12B0F98-80C9-414C-9231-12FF2EBD8733}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{9733224E-A078-49E6-964F-6532CBB534D0}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{C2A1FE85-9E02-45CC-AD6F-848DC061BD60}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{CFD11295-DA2F-430B-882A-978CE9849D24}] => (Block) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{6B332141-CA19-461B-AD50-22159F724AFA}] => (Block) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{9958D6F7-0D3E-439E-948B-1DA972AE7C93}] => (Allow) LPort=8317
FirewallRules: [{E2363DDC-96F7-4E0E-862B-0174D03365D5}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{459DC2E5-725B-42DD-8765-1001B4E93F6D}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [TCP Query User{41731BD2-7856-4EC2-8C24-868437B044B5}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5A1E15B3-7ABC-42A3-8DEC-94BCC3EE5989}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9C8281FE-3507-4B1B-96D5-1D4B179C6794}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{393A4BCA-8F94-4A5F-85EF-946A9827A55A}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7E95AA5A-3F59-4CA4-96C2-81D1682A08CD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{160CD63E-1ED4-4CFB-A225-6D27F11A3F1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{7113C531-C03B-4057-B84A-C9CA43320428}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D0C966EC-3480-46FC-A3A5-4DF6EAC62FBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{44561A87-45DB-4C4D-8EF4-40DEAF86E3C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{299BB911-9B4C-4ADC-A6CA-77AC78330858}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
29-10-2016 22:09:58 Removed Vegas Pro 12.0 (64-bit)
30-10-2016 12:22:32 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/01/2016 06:22:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/01/2016 06:22:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/01/2016 06:22:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/01/2016 06:19:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/01/2016 06:19:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/01/2016 06:19:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/01/2016 06:19:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HxTsr.exe, Version: 16.0.7369.4079, Zeitstempel: 0x57fd796c
Name des fehlerhaften Moduls: Mso20Imm.dll, Version: 16.0.7329.1013, Zeitstempel: 0x57e535af
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005567d
ID des fehlerhaften Prozesses: 0x6ec
Startzeit der fehlerhaften Anwendung: 0x01d234640da6e9fe
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7369.40791.0_x64__8wekyb3d8bbwe\HxTsr.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7369.40791.0_x64__8wekyb3d8bbwe\Mso20Imm.dll
Berichtskennung: e52c2fd1-2d1b-4a87-b09c-a75edcacb30c
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.7369.40791.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (11/01/2016 06:19:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/01/2016 06:19:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/01/2016 06:19:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (11/01/2016 06:22:36 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/01/2016 06:22:36 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/01/2016 06:22:36 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App.AppXtjcey7sh4wvcw7hy21b0nmp0bq18dyzd.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/01/2016 06:19:08 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/01/2016 06:19:07 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/01/2016 06:19:07 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/01/2016 06:19:02 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/01/2016 06:19:01 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/01/2016 06:19:01 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/01/2016 06:13:07 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2016-11-01 18:03:05.563
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-01 18:03:05.551
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-01 18:03:05.536
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-01 18:02:48.161
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-01 18:02:48.097
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-01 18:02:39.353
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-01 18:02:39.290
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-01 18:02:30.017
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-01 18:02:29.882
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-11-01 18:02:28.492
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8129.95 MB
Verfügbarer physikalischer RAM: 5340.89 MB
Summe virtueller Speicher: 16321.95 MB
Verfügbarer virtueller Speicher: 13557.41 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.44 GB) (Free:248.38 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive h: (Tevion) (Removable) (Total:7.4 GB) (Free:6.56 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3B0461CD)
Partition 1: (Active) - (Size=203 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 2 (Size: 7.4 GB) (Disk ID: 66205247)
No partition Table on disk 2.
==================== Ende von Addition.txt ============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2016
durchgeführt von admin (Administrator) auf ADMIN-PC (01-11-2016 18:23:23)
Gestartet von C:\Users\admin\Desktop
Geladene Profile: admin & DefaultAppPool (Verfügbare Profile: admin & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Sharkoon Technologies) C:\Program Files (x86)\Skiller PRO\Monitor.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1842624 2016-09-30] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-02-28] (Power Software Ltd)
HKLM-x32\...\Run: [Skiller PRO] => C:\Program Files (x86)\Skiller PRO\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278528 2015-12-07] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [Spotify Web Helper] => C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1483888 2016-10-19] (Spotify Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [Spotify] => C:\Users\admin\AppData\Roaming\Spotify\Spotify.exe [6884976 2016-10-19] (Spotify Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [4090944 2016-09-20] (GOG.com)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\MountPoints2: {4c30d469-9739-11e4-bb0a-382c4a739a73} - "F:\pushinst.exe"
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1aec2684-a865-4e41-9c8d-e825774221ec}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{1aec2684-a865-4e41-9c8d-e825774221ec}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5f030b30-5b32-48cf-92e1-9d9ca305ca6d}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8ba5c6f2-89a0-4423-9b49-1493df0677f5}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131124827243312315&GUID=5059F630-8847-C004-A9EE-042B72110A1F
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131124827243338633&GUID=5059F630-8847-C004-A9EE-042B72110A1F
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\grq6bzao.default [2016-11-01]
FF Extension: (Adblock Plus) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\grq6bzao.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-28]
FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{8C679308-89F3-402C-9323-8D9B3B6D57B2}] - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi
FF Extension: (Recordify Title Discover) - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi [2016-01-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-01] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2016-11-01]
CHR Extension: (Google Präsentationen) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-01]
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-01]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-01]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-01]
CHR Extension: (Google Tabellen) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-01]
CHR Extension: (Google Docs Offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-01]
CHR Extension: (Recordify Title Discover) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkgbclpocodjecojibeaaglcgndegljl [2016-11-01]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-01]
CHR Extension: (Amazon) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2016-11-01]
CHR Extension: (Google Mail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-01]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-01]
CHR HKLM-x32\...\Chrome\Extension: [kkgbclpocodjecojibeaaglcgndegljl] - C:\Program Files (x86)\Recordify\Extensions\recordify_chrome_0.3.18.crx [2016-09-17]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\admin\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-12-28]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2015-12-10] ()
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave Ltd.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [281152 2016-09-20] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6411840 2016-09-19] (GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-09-30] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-09-04] (Electronic Arts)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 vmicvss; C:\WINDOWS\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-26] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 abelssoft_recordify; C:\WINDOWS\system32\drivers\recordify.sys [68536 2016-03-30] (Abelssoft)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-12-10] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-04-10] (Phoenix Technologies) [Datei ist nicht signiert]
S3 fwlanusb5; C:\WINDOWS\system32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH) [Datei ist nicht signiert]
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-30] (Malwarebytes)
R3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-09-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-09-02] (NVIDIA Corporation)
S3 PVUSB; C:\WINDOWS\System32\drivers\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2000-01-01] (Realtek )
S3 scramby; C:\WINDOWS\System32\drivers\scramby.sys [29480 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\WINDOWS\System32\drivers\scramby_out.sys [34336 2007-08-08] (RapidSolution Software AG)
R3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R3 Sftfs; C:\WINDOWS\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation)
R3 Sftplay; C:\WINDOWS\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation)
R3 Sftredir; C:\WINDOWS\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation)
R3 Sftvol; C:\WINDOWS\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2000-01-01] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102576 2015-08-26] ()
S1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25904 2015-08-26] ()
S1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [701232 2015-08-26] ()
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Datei ist nicht signiert]
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-11-01 17:57 - 2016-11-01 18:23 - 00000000 ____D C:\ProgramData\HitmanPro
2016-11-01 17:57 - 2016-11-01 17:57 - 11579432 _____ (SurfRight B.V.) C:\Users\admin\Desktop\HitmanPro_x64.exe
2016-11-01 17:56 - 2016-11-01 17:57 - 11579432 _____ (SurfRight B.V.) C:\Users\admin\Downloads\HitmanPro_x64.exe
2016-11-01 13:57 - 2016-11-01 13:57 - 02870984 _____ (ESET) C:\Users\admin\Desktop\esetsmartinstaller_deu.exe
2016-11-01 13:57 - 2016-11-01 13:57 - 00000000 ____D C:\Program Files (x86)\ESET
2016-11-01 13:56 - 2016-11-01 13:57 - 02870984 _____ (ESET) C:\Users\admin\Downloads\esetsmartinstaller_deu.exe
2016-11-01 13:53 - 2016-11-01 17:58 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-01 13:53 - 2016-11-01 13:58 - 00001122 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-01 13:53 - 2016-11-01 13:53 - 00004184 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-11-01 13:53 - 2016-11-01 13:53 - 00003952 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-11-01 13:53 - 2016-11-01 13:53 - 00002340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-01 13:53 - 2016-11-01 13:53 - 00002328 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-01 13:52 - 2016-11-01 13:53 - 01065376 _____ (Google Inc.) C:\Users\admin\Downloads\ChromeSetup.exe
2016-11-01 13:48 - 2016-11-01 13:48 - 00000000 ____D C:\Users\admin\AppData\Local\Deployment
2016-11-01 13:48 - 2016-11-01 13:48 - 00000000 ____D C:\Users\admin\AppData\Local\Apps\2.0
2016-11-01 12:43 - 2016-11-01 12:44 - 424747664 _____ C:\Users\admin\Desktop\Quarantine.zip
2016-11-01 12:35 - 2016-11-01 12:35 - 00000000 ____D C:\Users\admin\Documents\ETS2MP
2016-10-31 17:28 - 2016-10-31 17:28 - 00013070 _____ C:\Users\admin\Desktop\SystemLook.txt
2016-10-31 17:19 - 2016-10-31 17:27 - 00013068 _____ C:\Users\admin\Downloads\SystemLook.txt
2016-10-31 16:29 - 2016-10-31 16:30 - 00165376 _____ C:\Users\admin\Downloads\SystemLook_x64.exe
2016-10-31 16:29 - 2016-10-31 16:29 - 00165376 _____ C:\Users\admin\Downloads\SystemLook_x64 (2).exe
2016-10-31 16:29 - 2016-10-31 16:29 - 00165376 _____ C:\Users\admin\Downloads\SystemLook_x64 (1).exe
2016-10-31 16:26 - 2016-10-31 16:26 - 00001058 _____ C:\Users\admin\Desktop\Windows Defender.lnk
2016-10-31 16:20 - 2016-11-01 12:37 - 00002601 _____ C:\Users\admin\Desktop\Fixlog.txt
2016-10-31 15:54 - 2016-10-31 15:54 - 00000000 ____D C:\Users\admin\Desktop\FRST-OlderVersion
2016-10-30 21:27 - 2016-10-30 21:28 - 00397804 _____ C:\WINDOWS\Minidump\103016-21390-01.dmp
2016-10-30 21:27 - 2016-10-30 21:27 - 878092529 _____ C:\WINDOWS\MEMORY.DMP
2016-10-30 12:29 - 2016-11-01 18:23 - 00021617 _____ C:\Users\admin\Desktop\FRST.txt
2016-10-30 12:29 - 2016-10-31 17:29 - 00069995 _____ C:\Users\admin\Desktop\Addition.txt
2016-10-30 12:25 - 2016-10-30 12:25 - 00001191 _____ C:\Users\admin\Desktop\JRT.txt
2016-10-30 12:18 - 2016-10-30 12:18 - 00001196 _____ C:\Users\admin\Desktop\mbam.txt
2016-10-30 12:01 - 2016-10-30 12:01 - 00002340 _____ C:\Users\admin\Desktop\AdwCleaner[C4].txt
2016-10-30 11:51 - 2016-10-30 12:22 - 01631928 _____ (Malwarebytes) C:\Users\admin\Desktop\JRT.exe
2016-10-30 11:50 - 2016-10-30 11:51 - 01631928 _____ (Malwarebytes) C:\Users\admin\Downloads\JRT.exe
2016-10-30 11:48 - 2016-10-30 11:49 - 22851472 _____ (Malwarebytes ) C:\Users\admin\Downloads\mbam-setup-2.2.1.1043.exe
2016-10-30 11:47 - 2016-10-30 11:51 - 03910208 _____ C:\Users\admin\Desktop\AdwCleaner_6.030 (1).exe
2016-10-30 11:47 - 2016-10-30 11:47 - 03910208 _____ C:\Users\admin\Downloads\AdwCleaner_6.030 (1).exe
2016-10-29 22:05 - 2016-11-01 18:23 - 00000000 ____D C:\FRST
2016-10-29 22:04 - 2016-10-31 15:54 - 02408960 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2016-10-29 22:04 - 2016-10-29 22:04 - 02408448 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2016-10-29 21:57 - 2016-10-29 21:57 - 00036731 _____ C:\Users\admin\Downloads\Logs.rar
2016-10-29 20:10 - 2016-10-29 20:11 - 00406582 _____ C:\Users\admin\Downloads\startmenu.diagcab
2016-10-29 15:33 - 2016-10-29 15:33 - 03910208 _____ C:\Users\admin\Downloads\adwcleaner_6.030.exe
2016-10-29 15:28 - 2016-10-29 15:28 - 00041208 _____ C:\Users\admin\Documents\cc_20161029_162824.reg
2016-10-29 11:57 - 2016-10-29 11:57 - 00002210 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-10-29 11:57 - 2016-10-25 21:00 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-10-29 11:57 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-10-29 11:57 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-10-29 11:57 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-10-29 11:57 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-10-29 11:56 - 2016-10-29 11:56 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-10-29 11:54 - 2016-10-26 02:09 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 40123840 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 35224632 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 28202040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 20718400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 17577728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 14516216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 10912232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 10782952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 10332664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 09120512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 08913512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 08723968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 02940352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 02574784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437570.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437570.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00617696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00572584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00470584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00390200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00384448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00172920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00150784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00131720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-10-29 11:54 - 2016-10-25 22:40 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-10-26 15:20 - 2016-10-26 15:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-25 19:41 - 2016-10-25 19:41 - 13165792 _____ (Microsoft Corporation) C:\Users\admin\Downloads\Silverlight_x64.exe
2016-10-24 15:04 - 2016-10-24 15:09 - 00009631 _____ C:\Users\admin\Documents\Italiensich Spicker v.1.odt
2016-10-20 13:47 - 2016-10-20 13:47 - 00071140 _____ C:\Users\admin\Downloads\TradeMan 1.22h4-6-1-22.zip
2016-10-20 13:41 - 2016-10-20 13:42 - 38827969 _____ C:\Users\admin\Downloads\E3FX V7-23-7.zip
2016-10-20 13:37 - 2016-10-20 13:38 - 41576087 _____ C:\Users\admin\Downloads\E3FX 8.5 (Alternative Bloom)-23-8-5.zip
2016-10-20 13:33 - 2016-10-20 13:33 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2 (2).exe
2016-10-20 13:32 - 2016-10-20 13:33 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2 (1).exe
2016-10-20 13:22 - 2016-10-20 13:22 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2.exe
2016-10-18 16:37 - 2016-10-18 16:38 - 02891915 _____ C:\Users\admin\Downloads\Fair Sale - Better sale prices v1.03 -4-1-03.7z
2016-10-10 18:01 - 2016-10-01 22:11 - 01935808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437306.dll
2016-10-10 18:01 - 2016-10-01 22:11 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437306.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-11-01 18:19 - 2015-01-13 17:44 - 00000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2016-11-01 16:11 - 2015-04-05 19:28 - 00000000 ____D C:\Users\admin\Desktop\OMSI 2
2016-11-01 13:55 - 2015-12-12 23:39 - 02087808 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-01 13:55 - 2015-10-30 19:35 - 00888452 _____ C:\WINDOWS\system32\perfh007.dat
2016-11-01 13:55 - 2015-10-30 19:35 - 00197278 _____ C:\WINDOWS\system32\perfc007.dat
2016-11-01 13:55 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-11-01 13:53 - 2014-12-25 15:43 - 00000000 ____D C:\Users\admin\AppData\Local\Google
2016-11-01 13:53 - 2014-12-25 15:43 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-01 13:52 - 2015-12-12 23:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-01 13:51 - 2015-12-12 23:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-01 13:25 - 2015-12-01 16:42 - 00000000 ____D C:\Users\admin\Documents\Euro Truck Simulator 2
2016-11-01 13:16 - 2014-12-25 18:09 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-01 12:32 - 2016-09-07 13:12 - 00000000 ____D C:\Users\admin\Documents\The Witcher 3
2016-11-01 11:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-01 02:05 - 2016-04-07 18:50 - 00000000 ____D C:\Users\admin\AppData\Local\Spotify
2016-11-01 01:48 - 2016-04-07 18:49 - 00000000 ____D C:\Users\admin\AppData\Roaming\Spotify
2016-10-31 16:20 - 2015-10-30 07:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-10-31 15:04 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-30 21:27 - 2016-01-16 20:44 - 00000000 ____D C:\WINDOWS\Minidump
2016-10-30 12:55 - 2015-01-24 12:20 - 00000000 ____D C:\Users\admin\AppData\Roaming\TS3Client
2016-10-30 12:03 - 2015-01-11 15:40 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-30 11:59 - 2016-07-08 21:51 - 00000008 __RSH C:\Users\admin\ntuser.pol
2016-10-30 11:59 - 2016-07-08 21:11 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-10-30 11:59 - 2015-12-12 23:40 - 00000000 ____D C:\Users\admin
2016-10-30 11:59 - 2015-08-01 17:21 - 00000000 ____D C:\AdwCleaner
2016-10-30 11:50 - 2015-07-09 11:23 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-10-30 11:50 - 2015-01-11 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-10-30 11:50 - 2015-01-11 15:40 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-10-29 20:11 - 2015-01-25 18:59 - 00000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2016-10-29 15:57 - 2016-09-18 11:48 - 00000000 ____D C:\ProgramData\updater2
2016-10-29 15:42 - 2015-12-12 23:30 - 04995152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-29 15:27 - 2016-01-21 16:52 - 00000000 ____D C:\Program Files\CCleaner
2016-10-29 11:57 - 2016-09-04 11:58 - 00000000 ____D C:\WINDOWS\LastGood
2016-10-29 11:57 - 2016-01-08 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-10-29 11:57 - 2015-12-12 23:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-10-29 11:56 - 2015-12-12 23:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-10-29 11:56 - 2015-12-12 23:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-29 11:56 - 2015-04-07 21:02 - 00000000 ____D C:\Users\admin\AppData\Local\NVIDIA Corporation
2016-10-28 02:22 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-10-26 23:16 - 2016-01-08 15:46 - 14159928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-10-26 15:36 - 2014-11-08 17:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-26 15:36 - 2014-11-08 17:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-26 15:36 - 2014-11-08 17:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-26 14:28 - 2014-12-27 19:56 - 00000000 ____D C:\Users\admin\AppData\Local\TeamSpeak 3 Client
2016-10-26 02:09 - 2015-11-12 17:25 - 01595456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-10-26 02:09 - 2015-11-12 17:25 - 00212936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-10-25 22:40 - 2016-01-08 15:46 - 24365624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-10-25 22:40 - 2016-01-08 15:46 - 03927288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-10-25 22:40 - 2016-01-08 15:46 - 03468736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-10-25 22:40 - 2016-01-08 15:46 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2016-10-25 21:17 - 2016-01-08 15:47 - 06386232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-10-25 21:13 - 2016-09-14 18:34 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-10-25 19:41 - 2014-11-08 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-24 07:31 - 2016-01-08 15:47 - 07507695 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-10-21 10:23 - 2016-09-08 13:08 - 00002004 _____ C:\Users\admin\Desktop\The Witcher® 3 - Wild Hunt.lnk
2016-10-19 21:58 - 2016-09-17 08:53 - 00000000 ____D C:\Users\admin\Documents\Recordify
2016-10-18 16:42 - 2016-09-23 13:09 - 00000931 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-10-18 16:42 - 2016-09-23 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-10-18 16:42 - 2016-09-23 13:09 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-10-10 17:46 - 2016-09-22 17:17 - 00003736 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:35 - 00003924 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:35 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-10-10 17:46 - 2016-09-14 18:34 - 00003988 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:34 - 00003960 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:34 - 00003898 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:34 - 00003694 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-06 17:53 - 2016-09-04 18:11 - 00000000 ____D C:\Users\admin\Desktop\Memes
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-22 17:24 - 2015-04-22 17:24 - 0549471 _____ () C:\Program Files\vac414demo.zip
2014-10-10 13:07 - 2014-10-10 13:07 - 0000000 _____ () C:\Users\admin\AppData\Roaming\gdfw.log
2014-10-10 13:07 - 2014-10-10 13:07 - 0000779 _____ () C:\Users\admin\AppData\Roaming\gdscan.log
2016-03-20 13:57 - 2016-03-20 13:57 - 0003584 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-10 14:36 - 2015-04-10 14:36 - 0000058 _____ () C:\Users\admin\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-05-26 20:44 - 2015-12-12 17:05 - 0007601 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2015-12-12 23:35 - 2015-12-12 23:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-30 19:56 - 2015-03-01 19:57 - 0000032 ____R () C:\ProgramData\hash.dat
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\hash.dat
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-22 14:01
==================== Ende von FRST.txt ============================
|
|
01.11.2016, 19:10
| #12 | ||||||||||
| /// TB-Ausbilder | Windows 10: CMD Konsole öffnet sich von alleine mit BSOD Servus, wir versuchen das mit dem Upload nochmal... irgendwie hat das nicht funktioniert... und ich hätte so gerne diese Dateien...  Windows Defender vor dem Upload bitte auch mal deaktivieren, sonst nichts am Rechner machen! Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
C:\Users\admin\AppData\Local\Video4you
Task: {00EC848C-86C9-47BC-B85B-13FA387FDF59} - kein Dateipfad
Task: {049E94B2-F0AB-43A3-A7E3-ABFDCFB2C1CE} - kein Dateipfad
Task: {196EB3B7-F969-44FB-8904-FC3FFEBCEA36} - System32\Tasks\{E61D7DD5-0347-491C-94EE-5B2A55F53E7F} => pcalua.exe -a "C:\Users\admin\Desktop\lgs510 (1).exe" -d C:\Users\admin\Desktop
Task: {1B373374-5B77-4BD2-9CAC-A088601DAAA0} - \SimpleFiles Installer Starter -> Keine Datei <==== ACHTUNG
Task: {1C57893A-73C3-488F-B526-A8887F2953A7} - kein Dateipfad
Task: {2567BB02-4670-455E-9C02-C931857870E6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {35931239-6C01-4EB9-9F06-B5E34733FB8A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {3A147D4D-2142-4D6A-8909-CE683B68FE9A} - System32\Tasks\{A3A353F9-9F9B-44FE-B96D-31646B313523} => pcalua.exe -a C:\Users\admin\Downloads\lgs510.exe -d C:\Users\admin\Downloads
Task: {48B78AE7-76A1-472C-8530-AAED256A3D7D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {57E88640-41B7-4F5D-B851-AFD2838B1C63} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {5E324125-D66E-4D57-8894-976BA96DA865} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5EDE42A2-4A64-484D-800F-C420FA956798} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {70125431-E640-4C46-8962-AB99C000B9DD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {7A28B1AA-97A0-44B4-98F5-467B1CB68A43} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {8F02CB1D-35C4-4102-82B6-66D4C8008C1C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {B30CA99E-2FB7-4A1F-9310-5086E459D3E4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {CEA0DE1F-289A-4695-A878-D208156D0A94} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {E2484FC4-A3C9-4BAF-8E8C-15E6D2B8018B} - System32\Tasks\{36036BFE-A7D1-4FEC-9723-E0E4A6990D8E} => pcalua.exe -a C:\Users\admin\Downloads\ensharpendecoder_win.exe -d C:\Users\admin\Downloads
DeleteKey: HKLM\SOFTWARE\Classes\AppID\mseff32.DLL
DeleteKey: HKLM\SOFTWARE\Classes\AppID\{94CB6BE7-AE1A-4751-AE74-1EDD6B567264}
DeleteKey: HKLM\SOFTWARE\Classes\CLSID\{08ACFB57-8187-47f0-AF93-56360D03634A}
DeleteKey: HKLM\SOFTWARE\Classes\WOW6432Node\AppID\mseff32.DLL
DeleteKey: HKLM\SOFTWARE\Classes\WOW6432Node\AppID\{94CB6BE7-AE1A-4751-AE74-1EDD6B567264}
DeleteKey: HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
DeleteKey: HKLM\SYSTEM\ControlSet001\Services\EventLog\Application\Torntv
DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Torntv
DeleteKey: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Stats\{5081D2D4-1637-404c-B74F-50526718257D}
DeleteKey: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\SOFTWARE\Microsoft\Internet Explorer\Stats\{5081D2D4-1637-404c-B74F-50526718257D}
Unlock: C:\FRST
Reboot:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird! Schritt 2
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen:
Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
01.11.2016, 19:18
| #13 |
| | Windows 10: CMD Konsole öffnet sich von alleine mit BSOD Hi, Reicht es bei Windows Defender den Echtzeitschutz zu deaktivieren oder muss ich noch irgendetwas beachten? MfG Fixlog: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-10-2016
durchgeführt von admin (01-11-2016 19:20:37) Run:3
Gestartet von C:\Users\admin\Desktop
Geladene Profile: admin & DefaultAppPool (Verfügbare Profile: admin & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
C:\Users\admin\AppData\Local\Video4you
Task: {00EC848C-86C9-47BC-B85B-13FA387FDF59} - kein Dateipfad
Task: {049E94B2-F0AB-43A3-A7E3-ABFDCFB2C1CE} - kein Dateipfad
Task: {196EB3B7-F969-44FB-8904-FC3FFEBCEA36} - System32\Tasks\{E61D7DD5-0347-491C-94EE-5B2A55F53E7F} => pcalua.exe -a "C:\Users\admin\Desktop\lgs510 (1).exe" -d C:\Users\admin\Desktop
Task: {1B373374-5B77-4BD2-9CAC-A088601DAAA0} - \SimpleFiles Installer Starter -> Keine Datei <==== ACHTUNG
Task: {1C57893A-73C3-488F-B526-A8887F2953A7} - kein Dateipfad
Task: {2567BB02-4670-455E-9C02-C931857870E6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {35931239-6C01-4EB9-9F06-B5E34733FB8A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {3A147D4D-2142-4D6A-8909-CE683B68FE9A} - System32\Tasks\{A3A353F9-9F9B-44FE-B96D-31646B313523} => pcalua.exe -a C:\Users\admin\Downloads\lgs510.exe -d C:\Users\admin\Downloads
Task: {48B78AE7-76A1-472C-8530-AAED256A3D7D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {57E88640-41B7-4F5D-B851-AFD2838B1C63} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {5E324125-D66E-4D57-8894-976BA96DA865} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5EDE42A2-4A64-484D-800F-C420FA956798} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {70125431-E640-4C46-8962-AB99C000B9DD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {7A28B1AA-97A0-44B4-98F5-467B1CB68A43} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {8F02CB1D-35C4-4102-82B6-66D4C8008C1C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {B30CA99E-2FB7-4A1F-9310-5086E459D3E4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {CEA0DE1F-289A-4695-A878-D208156D0A94} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {E2484FC4-A3C9-4BAF-8E8C-15E6D2B8018B} - System32\Tasks\{36036BFE-A7D1-4FEC-9723-E0E4A6990D8E} => pcalua.exe -a C:\Users\admin\Downloads\ensharpendecoder_win.exe -d C:\Users\admin\Downloads
DeleteKey: HKLM\SOFTWARE\Classes\AppID\mseff32.DLL
DeleteKey: HKLM\SOFTWARE\Classes\AppID\{94CB6BE7-AE1A-4751-AE74-1EDD6B567264}
DeleteKey: HKLM\SOFTWARE\Classes\CLSID\{08ACFB57-8187-47f0-AF93-56360D03634A}
DeleteKey: HKLM\SOFTWARE\Classes\WOW6432Node\AppID\mseff32.DLL
DeleteKey: HKLM\SOFTWARE\Classes\WOW6432Node\AppID\{94CB6BE7-AE1A-4751-AE74-1EDD6B567264}
DeleteKey: HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
DeleteKey: HKLM\SYSTEM\ControlSet001\Services\EventLog\Application\Torntv
DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Torntv
DeleteKey: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Stats\{5081D2D4-1637-404c-B74F-50526718257D}
DeleteKey: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\SOFTWARE\Microsoft\Internet Explorer\Stats\{5081D2D4-1637-404c-B74F-50526718257D}
Unlock: C:\FRST
Reboot:
end
*****************
Prozess erfolgreich geschlossen.
C:\Users\admin\AppData\Local\Video4you => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{00EC848C-86C9-47BC-B85B-13FA387FDF59}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00EC848C-86C9-47BC-B85B-13FA387FDF59}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{049E94B2-F0AB-43A3-A7E3-ABFDCFB2C1CE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{049E94B2-F0AB-43A3-A7E3-ABFDCFB2C1CE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{196EB3B7-F969-44FB-8904-FC3FFEBCEA36}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{196EB3B7-F969-44FB-8904-FC3FFEBCEA36}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{E61D7DD5-0347-491C-94EE-5B2A55F53E7F} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E61D7DD5-0347-491C-94EE-5B2A55F53E7F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1B373374-5B77-4BD2-9CAC-A088601DAAA0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B373374-5B77-4BD2-9CAC-A088601DAAA0}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SimpleFiles Installer Starter => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1C57893A-73C3-488F-B526-A8887F2953A7}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C57893A-73C3-488F-B526-A8887F2953A7}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2567BB02-4670-455E-9C02-C931857870E6}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2567BB02-4670-455E-9C02-C931857870E6}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35931239-6C01-4EB9-9F06-B5E34733FB8A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35931239-6C01-4EB9-9F06-B5E34733FB8A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3A147D4D-2142-4D6A-8909-CE683B68FE9A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A147D4D-2142-4D6A-8909-CE683B68FE9A}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{A3A353F9-9F9B-44FE-B96D-31646B313523} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A3A353F9-9F9B-44FE-B96D-31646B313523}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48B78AE7-76A1-472C-8530-AAED256A3D7D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48B78AE7-76A1-472C-8530-AAED256A3D7D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57E88640-41B7-4F5D-B851-AFD2838B1C63}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57E88640-41B7-4F5D-B851-AFD2838B1C63}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5E324125-D66E-4D57-8894-976BA96DA865}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E324125-D66E-4D57-8894-976BA96DA865}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5EDE42A2-4A64-484D-800F-C420FA956798}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EDE42A2-4A64-484D-800F-C420FA956798}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{70125431-E640-4C46-8962-AB99C000B9DD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70125431-E640-4C46-8962-AB99C000B9DD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A28B1AA-97A0-44B4-98F5-467B1CB68A43}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A28B1AA-97A0-44B4-98F5-467B1CB68A43}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F02CB1D-35C4-4102-82B6-66D4C8008C1C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F02CB1D-35C4-4102-82B6-66D4C8008C1C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B30CA99E-2FB7-4A1F-9310-5086E459D3E4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B30CA99E-2FB7-4A1F-9310-5086E459D3E4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEA0DE1F-289A-4695-A878-D208156D0A94}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEA0DE1F-289A-4695-A878-D208156D0A94}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2484FC4-A3C9-4BAF-8E8C-15E6D2B8018B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2484FC4-A3C9-4BAF-8E8C-15E6D2B8018B}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{36036BFE-A7D1-4FEC-9723-E0E4A6990D8E} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{36036BFE-A7D1-4FEC-9723-E0E4A6990D8E}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\AppID\mseff32.DLL => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\AppID\{94CB6BE7-AE1A-4751-AE74-1EDD6B567264} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\CLSID\{08ACFB57-8187-47f0-AF93-56360D03634A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\WOW6432Node\AppID\mseff32.DLL => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Classes\WOW6432Node\AppID\{94CB6BE7-AE1A-4751-AE74-1EDD6B567264} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF} => Schlüssel erfolgreich entfernt
HKLM\SYSTEM\ControlSet001\Services\EventLog\Application\Torntv => Schlüssel erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Torntv => Schlüssel nicht gefunden.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Stats\{5081D2D4-1637-404c-B74F-50526718257D} => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Stats\{5081D2D4-1637-404c-B74F-50526718257D} => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\SOFTWARE\Microsoft\Internet Explorer\Stats\{5081D2D4-1637-404c-B74F-50526718257D} => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\SOFTWARE\Microsoft\Internet Explorer\Stats\{5081D2D4-1637-404c-B74F-50526718257D} => Schlüssel erfolgreich entfernt
"C:\FRST" => wurde entsperrt
Das System musste neu gestartet werden.
==== Ende von Fixlog 19:20:55 ====
Geändert von Tedelmann (01.11.2016 um 19:28 Uhr) |
|
02.11.2016, 13:23
| #14 |
| /// TB-Ausbilder | Windows 10: CMD Konsole öffnet sich von alleine mit BSOD Servus, es sollte reichen, den Echtzeitschutz zu deaktivieren. |
|
06.11.2016, 13:19
| #15 |
| /// TB-Ausbilder | Windows 10: CMD Konsole öffnet sich von alleine mit BSOD Ich bin froh, dass wir helfen konnten  In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank! Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
| Themen zu Windows 10: CMD Konsole öffnet sich von alleine mit BSOD |
| abstürzen, bluescreen of the death, cmd öffnet automatisch, converter, cpu, defender, explorer, firefox, flash player, helper, helper.exe, home, homepage, installation, internet explorer, mp3, node.js, nvcontainer, registry, rundll, scan, security, server, services.exe, software, stick, taskleiste anklicken, temp, virus, windows, windowsapps, wlan |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
