![]() |
|
Log-Analyse und Auswertung: Windows 10: CMD Konsole öffnet sich von alleine mit BSODWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
| ![]() Windows 10: CMD Konsole öffnet sich von alleine mit BSOD Hallo zusammen, Ich habe folgendes Problem... seit einigen Tagen nun öffnet sich auf meinem Rechner willkürlich das CMD-Fenster für einen Bruchteil einer Sekunde und schließt sich wieder. Außerdem bekomme ich in letzter Zeit immer häufiger Bluescreens die dann zum abstürzen des Computers führen. Dazu kommt noch, dass ich seit heute morgen die Windows Taste - sprich unten Links - nicht mehr anklicken kann sowie alles andere in der Taskleiste. Ich befürchte dass ich mir irgendwo einen Virus o.ä. eingefangen habe. PS: Habe schonmal Malwarebytes durchlaufen lassen. (siehe Anhang da sonst zu lang) Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-10-2016 durchgeführt von admin (29-10-2016 23:11:18) Gestartet von C:\Users\admin\Desktop Windows 10 Pro Version 1511 (X64) (2015-12-12 23:10:16) Start-Modus: Normal ========================================================== ==================== Konten: ============================= admin (S-1-5-21-2499327049-1345700090-1954953358-1000 - Administrator - Enabled) => C:\Users\admin Administrator (S-1-5-21-2499327049-1345700090-1954953358-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2499327049-1345700090-1954953358-503 - Limited - Disabled) Gast (S-1-5-21-2499327049-1345700090-1954953358-501 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY) ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden Active Directory Authentication Library für SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden Active Directory Authentication Library für SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Ansel (Version: 375.70 - NVIDIA Corporation) Hidden Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin) Benutzerhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Useg) (Version: - ) BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.7 - BlueJ Team) Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version: - Treyarch) Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward) Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward) Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation) CASIO FA-124 (HKLM-x32\...\{FB47E710-6249-4EFA-BE36-E922B0612AF4}) (Version: 2.04.0000 - CASIO COMPUTER CO., LTD.) CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CrystalDiskInfo 6.6.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.6.1 - Crystal Dew World) Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.2 - Bloodshed Software) DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated) Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation) Erforderliche Komponenten für SSDT (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation) Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software) Euro Truck Simulator 2 Multiplayer 0.2.0.5.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.2 Alpha - ETS2MP Team) F1 2014 (HKLM-x32\...\Steam App 226580) (Version: - Codemasters) Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios) FireStorm version V1.0.46.005 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.46.005 - ) Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.5.323 - DVDVideoSoft Ltd.) Free Video to Flash Converter version 5.0.55.113 (HKLM-x32\...\Free Video to Flash Converter_is1) (Version: 5.0.55.113 - DVDVideoSoft Ltd.) Free YouTube Download version 3.2.51.1215 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.51.1215 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.59 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation) Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation) Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation) LibreOffice 5.1.4.2 (HKLM-x32\...\{D5D4AC5C-C757-4EB2-857C-B021DB22482C}) (Version: 5.1.4.2 - The Document Foundation) Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech) Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.) Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation) Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation) Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation) Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6129.5001 - Microsoft Corporation) Microsoft PowerPoint Home and Student 2010 (HKLM-x32\...\Office14.POWERPOINTR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2016 LocalDB (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation) Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation) Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation) Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2016 Management Objects (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{7F6DCED8-6A2B-4436-AF20-8F659D04E388}) (Version: 12.0.2402.29 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation) Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Netzwerkhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Netg) (Version: - ) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.1 - Black Tree Gaming) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.7 - Notepad++ Team) Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.) Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc) NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation) NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation) NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) Hidden NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation) PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.) PlanetSide 2 (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment) Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7640 - Realtek Semiconductor Corp.) Recordify 2016 (HKLM-x32\...\{E25B0FAA-66E5-4D2E-9B48-3B85B31543BF}_is1) (Version: 1.54 - Abelssoft) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games) Roslyn Language Services - x86 (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden Samsung Kies (x32 Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.) Scansoft PDF Professional (x32 Version: - ) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINTR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) Hidden Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies) Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.) SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.) Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Smart Switch (x32 Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve) South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment) Spotify (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Spotify) (Version: 1.0.39.157.g674ae377 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25521 - Microsoft) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TechSmith Screen Capture Codec (x32 Version: 3.1.0 - TechSmith Corporation) Hidden Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com) The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com) The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com) The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com) TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {00EC848C-86C9-47BC-B85B-13FA387FDF59} - kein Dateipfad Task: {031FE6EA-3811-413F-9C38-968399449312} - System32\Tasks\{E6D8422F-5911-48C8-A2CB-4839FC783C13} => C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe Task: {049E94B2-F0AB-43A3-A7E3-ABFDCFB2C1CE} - kein Dateipfad Task: {04DB3C46-6919-4F66-945A-81B4A588BFE7} - System32\Tasks\{A13D3229-3538-4A9B-BC9D-4D7E46FEA6D1} => C:\Games\Rising World v0.5.3.1\Rising World.exe Task: {053D44B9-7A00-49D6-9344-FD129CD575D1} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation) Task: {073795C9-8A8F-499A-A1E9-4F464494A6E4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0BA0124E-9A6D-4875-BCC6-5F9AB9333055} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {0C3D1C09-F503-40AB-B1E9-5A5D061F520E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {0DE5621F-D1D7-472C-96B2-658556860924} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation) Task: {17B7F027-9973-4196-8D91-ADE023D54742} - System32\Tasks\{1AE02D85-E364-45B6-92B0-A30EC8FDDDC9} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe Task: {17C6AD99-1673-4817-AD75-8F22CE4F1F18} - System32\Tasks\{9CF80396-B379-427D-9DBE-54858E636648} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd) Task: {196EB3B7-F969-44FB-8904-FC3FFEBCEA36} - System32\Tasks\{E61D7DD5-0347-491C-94EE-5B2A55F53E7F} => pcalua.exe -a "C:\Users\admin\Desktop\lgs510 (1).exe" -d C:\Users\admin\Desktop Task: {1B373374-5B77-4BD2-9CAC-A088601DAAA0} - \SimpleFiles Installer Starter -> Keine Datei <==== ACHTUNG Task: {1C57893A-73C3-488F-B526-A8887F2953A7} - kein Dateipfad Task: {1EC1E15D-F018-4723-9070-4D369E8FEC5C} - System32\Tasks\{DD61DBDB-E610-4BA6-A9B8-8B08C63A417E} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe Task: {2567BB02-4670-455E-9C02-C931857870E6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {2B1E6290-3296-4B86-934C-BC5EDCE018AD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {2BF4E1F4-BBF9-4735-A379-CD2D2324F79A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {2C95B80B-A51B-4ADF-A2CC-7EBA09197059} - System32\Tasks\ACC => C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat [2015-06-22] () <==== ACHTUNG Task: {35931239-6C01-4EB9-9F06-B5E34733FB8A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {3835EB9A-A64B-475E-8C88-55D172209009} - System32\Tasks\{BE51D640-5212-4286-940E-DCA2AE9961AB} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe Task: {3A147D4D-2142-4D6A-8909-CE683B68FE9A} - System32\Tasks\{A3A353F9-9F9B-44FE-B96D-31646B313523} => pcalua.exe -a C:\Users\admin\Downloads\lgs510.exe -d C:\Users\admin\Downloads Task: {3ACDCFF8-92A6-4952-A33F-65AF05026115} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29] (Oracle Corporation) Task: {3BA6A0E0-A338-4CA3-B585-0615270FA949} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {41EBF101-ACE4-4536-8696-90E37984A3E8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd) Task: {48B78AE7-76A1-472C-8530-AAED256A3D7D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {4B4680D9-E2FE-4D78-8188-B1D11D741EBF} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {4D52F5DD-1E4E-4B32-B1B5-BD1C7C4887A1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {4ED0E3B6-4DC7-469D-9BD7-A7DA52E08299} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated) Task: {4FE790BC-A8CB-4349-9629-E4036E9775AF} - System32\Tasks\{39F95DBA-5A4E-4CD2-BB4A-CCE9B94F3079} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe Task: {52861456-C744-4ECB-9338-A5EEADA219FA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {557BC2D0-F3F2-4A25-B697-21EC090FDE04} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {56EA4D43-A086-4470-B96E-9FB1768E6ED3} - System32\Tasks\{78912F09-9E09-46ED-8941-11871D4D0C4F} => C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe Task: {57E88640-41B7-4F5D-B851-AFD2838B1C63} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {5E324125-D66E-4D57-8894-976BA96DA865} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {5EDE42A2-4A64-484D-800F-C420FA956798} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {67E03967-E26A-4558-8EAB-94C6D7F4330E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation) Task: {6CFCB68E-50BB-4EC0-85D2-F81762436F24} - System32\Tasks\{47953A5F-E19D-43A8-9964-E39351028038} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd) Task: {70125431-E640-4C46-8962-AB99C000B9DD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {70278F75-C037-45E7-BF31-69E4C0C8AE56} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {70CE0011-D1AA-42E4-953D-619628912C34} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {75C6EF2C-5336-4D15-964D-A3FA8A1B8BDE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {77F56DD3-E368-46A5-953A-04C3CC67DFDB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-12] (Google Inc.) Task: {7A28B1AA-97A0-44B4-98F5-467B1CB68A43} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {7BBA2D3D-7FA5-4DB4-98CB-C570319C1451} - System32\Tasks\{BC2D6434-8781-46B3-A9A1-BA1C57245AF3} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe Task: {878BFAD2-5A40-4B5D-8ADA-E9454C0B39A6} - kein Dateipfad Task: {8838DCD1-B08E-428D-BF01-24E3B9250A53} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation) Task: {88F45939-0423-4D4B-96F8-374FF864A93E} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {8B63AD8C-9FAF-4D05-AA3F-27B212A2DFCC} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {8F02CB1D-35C4-4102-82B6-66D4C8008C1C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {8F430278-2F26-4A86-B85E-42AAEE59C70A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation) Task: {94670801-FB2B-4E67-AF37-4058B0DCE01A} - System32\Tasks\{F602CB6B-B3B2-4743-AF06-2F66C7BE8499} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe Task: {98198969-9034-402D-A679-29DA601446CB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {9D5C522B-37BD-46E3-A442-AC23F73592B2} - System32\Tasks\{5C3EC2B9-4AC5-4839-8D87-302FA3C3ACBE} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe Task: {AA88E7A4-D1C3-4D6A-A6E3-DA77B9294E7A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {AC033A59-1DF9-4ED5-BCFA-794A7A14E327} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {AE2CC07B-7448-4E97-8DFB-A9AF57990CC7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {AEB1413A-1D68-4FF8-926E-D120A0757E6E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation) Task: {AFDBEA67-0843-4AB5-BD1D-9CA29F285BBD} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe Task: {B30CA99E-2FB7-4A1F-9310-5086E459D3E4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {B47DB38F-7D31-430C-9BBE-8D3C4ABF9FB3} - System32\Tasks\{7992860A-8431-4122-927D-23C50BAB92FB} => C:\Games\Rising World v0.5.3.1\Rising World.exe Task: {B558C71A-7D97-4074-92B9-1D455069D76A} - System32\Tasks\{E2612081-8FB6-438B-922C-0A1CE766B7A5} => pcalua.exe -a C:\Users\admin\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=smt Task: {B7A19E07-846D-409F-B7F6-DEEFFA568013} - System32\Tasks\{7D4F9702-F680-43B7-B33D-5D0B50533B71} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe Task: {BA7A3D4D-05B7-4289-8E31-C295248928FE} - System32\Tasks\{45951CB7-774E-4695-A9EB-B860317AA6D3} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd) Task: {C250493C-00EE-4DDB-9199-E8025EFF9C17} - System32\Tasks\Aufgaben der Ereignisanzeige\System_Service Control Manager_7001 => C:\Program Files (x86)\Dev-Cpp\devcpp.exe [2014-11-01] (Bloodshed Software) Task: {C8F39163-2C68-480A-942F-B9FBC1D1FE6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-12] (Google Inc.) Task: {CB36B87D-3291-4E1F-9773-48A3A334D53A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {CEA0DE1F-289A-4695-A878-D208156D0A94} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {CFB8ABEC-6757-46E6-8EFC-E0BE2EDF389D} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe Task: {D9A1225A-818F-490E-A8D2-87CDB5D762B8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation) Task: {DD422558-2E0D-41BD-B876-DD539DF6525E} - System32\Tasks\{2B222A2F-11BC-41E4-B2DF-21B4FC5268D1} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd) Task: {DE537368-396A-4F53-B6D5-96B4AD35DE41} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E2484FC4-A3C9-4BAF-8E8C-15E6D2B8018B} - System32\Tasks\{36036BFE-A7D1-4FEC-9723-E0E4A6990D8E} => pcalua.exe -a C:\Users\admin\Downloads\ensharpendecoder_win.exe -d C:\Users\admin\Downloads Task: {E7D0D2C6-A37C-487D-A5C3-98BE9DE6BA04} - System32\Tasks\{9ECFA4AD-89C0-4631-8D5F-B2FBE5DAA7BD} => C:\Games\Rising World v0.5.3.1\Rising World.exe Task: {EC581E02-D4D8-41BB-9CD8-CBFBF873D645} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {F3B427A6-5261-478B-A816-B72D733BC307} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {FBCF94F8-5346-4EBD-8FF9-0D3B616042BB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {FD8AE7A9-F8A2-4A3F-8C71-265A9D8A58A9} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {FE90EA90-D163-4504-94C1-EDDC81748B3F} - System32\Tasks\{D7330FEA-6FA4-4A05-862C-DE04F8EE8934} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV\Go to OpenIV web site.lnk -> hxxp://openiv.com/ ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f47c86c9d3240056\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=berjuspgraatherfufit ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d6731079c9ca4513\Tim - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=lejutplovshprohey ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-13 00:34 - 2015-12-10 18:08 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 2016-09-14 19:34 - 2016-09-30 06:24 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2016-09-14 19:34 - 2016-09-30 06:24 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-09-14 19:35 - 2016-09-30 06:24 - 00418240 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll 2015-01-19 15:51 - 2005-04-22 06:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll 2016-01-08 16:47 - 2016-10-25 22:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-07-14 11:07 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-07-14 11:07 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2014-02-28 11:14 - 2016-10-26 15:28 - 00174872 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\quazip.dll 2014-08-04 15:43 - 2016-10-26 15:28 - 00103192 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win64.dll 2014-08-04 15:43 - 2016-10-26 15:28 - 00107800 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll 2014-08-04 15:46 - 2016-10-26 15:28 - 00312088 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll 2015-09-17 17:52 - 2015-09-17 17:52 - 00486912 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\plugins\soundboard.dll 2014-08-04 15:46 - 2016-10-26 15:28 - 00485656 _____ () C:\Users\admin\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll 2016-10-20 14:13 - 2016-10-12 07:56 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.59\libglesv2.dll 2016-10-20 14:13 - 2016-10-12 07:56 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.59\libegl.dll 2016-08-22 11:24 - 2015-08-05 10:04 - 00020288 _____ () C:\Program Files\CCleaner\branding.dll 2015-07-17 19:34 - 2015-07-17 19:34 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2015-12-13 00:34 - 2016-10-29 21:07 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2015-12-13 00:34 - 2015-12-10 18:08 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll 2014-12-26 22:29 - 2016-03-23 15:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll 2014-12-26 22:29 - 2016-03-23 15:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2014-12-26 22:29 - 2016-03-23 15:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll 2014-12-26 22:29 - 2016-03-23 15:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2014-12-26 22:29 - 2016-03-23 15:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2014-12-26 22:29 - 2016-03-23 15:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2016-01-08 16:48 - 2016-09-30 06:24 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-09-14 19:35 - 2016-09-29 19:20 - 00500792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2016-09-14 19:35 - 2016-09-29 19:20 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2016-09-14 19:35 - 2016-09-29 19:20 - 02801208 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2016-09-14 19:35 - 2016-09-29 19:20 - 00244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2016-09-14 19:35 - 2016-09-29 19:20 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2016-09-14 19:35 - 2016-09-29 19:20 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2016-09-14 19:35 - 2016-09-29 19:20 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node 2016-09-14 19:35 - 2016-09-30 06:23 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2015-08-12 17:21 - 2015-07-20 17:15 - 00057344 _____ () C:\Program Files (x86)\Skiller PRO\lan.dll 2015-08-12 17:21 - 2012-08-14 22:41 - 00061440 _____ () C:\Program Files (x86)\Skiller PRO\hiddriver.dll 2014-12-25 19:10 - 2016-09-08 05:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-01-21 15:16 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2014-12-25 19:10 - 2016-10-13 03:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll 2014-12-25 19:10 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2014-12-25 19:10 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2014-12-25 19:10 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2014-12-25 19:10 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2014-12-25 19:10 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-01-21 15:16 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-01-21 15:16 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2014-12-25 19:10 - 2016-10-13 03:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-03-11 18:54 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2016-10-24 16:22 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll 2015-01-21 15:16 - 2015-09-25 01:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\WINDOWS\Temp:$DATA [16] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\sony.com -> sony.com ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2016-10-29 16:19 - 00003845 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\Downloads\OgFbo9.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == MSCONFIG\startupreg: Amazon Music => "C:\Users\admin\AppData\Local\Amazon Music\Amazon Music Helper.exe" HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" HKLM\...\StartupApproved\Run32: => "EEventManager" HKLM\...\StartupApproved\Run32: => "ControlCenter4" HKLM\...\StartupApproved\Run32: => "BrStsMon00" HKLM\...\StartupApproved\Run32: => "BCSSync" HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE" HKLM\...\StartupApproved\Run32: => "BlueStacks Agent" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "FireStormStartUpAutoRun" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\StartupFolder: => "OMSI Addon Manager.lnk" HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57" HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "ISUSPM" HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "BlueStacks Agent" HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "GalaxyClient" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{02C426C7-9C4E-4A46-BD30-BF2CB5EF4DD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{E842F5E6-2B29-4074-9BF2-B355FD57CFE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{BE839E79-17A6-44E9-BD8C-744EDA451B12}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{ED4D5EED-E19E-4B6D-BBC4-BD8EEFEE7381}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8FBBDFE3-4CB1-4C44-B130-9F4E3F691FAC}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E1761EA9-656C-45B2-B863-546C635E23F1}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{669459B0-4C41-4592-8E72-A0FB0805CD8C}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{752A7395-9B28-4E39-BCF6-7E3DD8054A8F}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6B8081F3-87E9-4699-87CF-57090607BD27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe FirewallRules: [{71DC30A2-BC07-4ABA-BDA2-63EEE592F38B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe FirewallRules: [UDP Query User{FF3FF898-C74B-4BCA-B925-FE7B4D0F9193}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe FirewallRules: [TCP Query User{8AC22E5D-7405-449A-8388-77E105A7FE3F}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe FirewallRules: [{A670B346-EA46-4CAC-BF18-9BEF4316F6AE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{0CDA39B9-771A-404F-89FE-D53CB2DF686A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{B6DDF0D4-02B1-418B-B571-607D5A78445A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{7DE4A39E-7657-462E-8DD9-DE820B7DD6BD}] => (Allow) LPort=80 FirewallRules: [{ECF6FA0C-4E01-41DD-A7F2-140111367D8E}] => (Allow) LPort=443 FirewallRules: [{DE1D9E03-8B7F-4268-8F96-9D9AA50517C4}] => (Allow) LPort=20010 FirewallRules: [{6758E0B6-6176-480E-9BD0-5588169E534A}] => (Allow) LPort=3478 FirewallRules: [{E2BECC4D-BF05-4A53-8EE8-FB929BE83063}] => (Allow) LPort=7850 FirewallRules: [{5E150AAC-48A4-42EF-A89E-E176DC0A97D2}] => (Allow) LPort=7852 FirewallRules: [{B49401C2-80B7-4D07-AE02-5957A1596873}] => (Allow) LPort=7853 FirewallRules: [{88985BEC-DDAD-4887-B7CD-4F130BB6118F}] => (Allow) LPort=27022 FirewallRules: [{7BA48D57-BBD5-4901-9C1F-E5BF4AAFD049}] => (Allow) LPort=6881 FirewallRules: [{3BE55950-CB5E-4CF2-9CAC-EF312DB32D00}] => (Allow) LPort=33333 FirewallRules: [{0AAF2623-F139-4A7D-916D-4069E7F8C1AC}] => (Allow) LPort=20443 FirewallRules: [{68DA44FA-FB2A-4903-AEC6-5D94CF1B949F}] => (Allow) LPort=8090 FirewallRules: [{F8C76348-E4E0-441E-A1FF-CF88497A089F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe FirewallRules: [{6FC93E4D-5540-43D1-89EB-A96BD31D0F1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe FirewallRules: [{D626B09E-7F01-42A0-AD69-CC6BE3770C29}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{59D57AD8-BBF7-47F9-873E-DE7AB528406E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{D38884A6-7B75-4271-AA3B-71D8920FAABE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{23707E11-254F-44DA-AD9A-5457B22B8AFA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{84A71B2D-C33C-4F54-A1EE-F65495F71620}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{6026356A-7674-43FC-8085-74D21AEC89E2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{0239E52D-A3B7-4126-B38D-13D5E4242B3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe FirewallRules: [{070B69FA-53FB-42E3-BDD8-8538E7CC30B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe FirewallRules: [{98106D20-060A-48F3-8359-991D1DE45EE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe FirewallRules: [{D0DBCDE8-177C-4A8B-B38F-9F4B49C7C324}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe FirewallRules: [{7BEC5473-494D-40F1-A37E-7A367D96E928}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe FirewallRules: [{EE651D0F-2E98-4B07-BDAA-C862782EBF74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe FirewallRules: [{0A5056C0-4DB0-4206-B872-924322C961B6}] => (Allow) LPort=54925 FirewallRules: [TCP Query User{0ADABA06-D9B3-4FC5-9E64-163A4837B7F9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{B881BF59-13EC-4FEB-B124-A313EE74C6B7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{EFC84F2E-9AF3-4AAD-B1CC-BADD16C6A4F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{0DF3284A-B5EB-44AF-A5EF-9FBE6A91FE96}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{98999DE2-D041-446D-B6DB-D1598A3A560C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{CA9CEFFD-7057-4EA3-8E17-4C2DA545D13A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{4D460F5B-1E4D-435A-A2D7-12DDF57B93E6}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe FirewallRules: [{C2CD94CE-1158-4F41-B6C8-61F0F264BB14}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe FirewallRules: [TCP Query User{1B41650B-8C0A-417B-9EE0-26A0CA7900DF}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{EDAACE47-D7CC-436F-B457-BC3E0D182D33}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe FirewallRules: [{641126E5-7F8E-47F5-A691-E1879DE5DFFF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{BAAF648D-A884-4BDD-BFB4-7C23E3F2D419}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{6C9FBCC4-DDA9-4DD9-844C-1710FE6F0DE7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{4E7B3426-674E-4744-8A34-8FEC5D89E744}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{04B12B99-4B38-47DF-AFFC-5BEE580B5E06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{112ED707-0790-4C38-A0C1-47772EA9E61F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{2DEC3BC6-5A7F-451C-84F4-FD5985360ECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2014\F1_2014.exe FirewallRules: [{29D97B07-E473-46E2-9397-3B88065E54A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2014\F1_2014.exe FirewallRules: [{8AAAC971-5D08-488F-A9CB-4C3E83EBE438}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe FirewallRules: [{A4C04855-1259-4E93-95DF-B3D7ABAE27D8}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe FirewallRules: [TCP Query User{238B3ED3-2017-4B3C-8774-004E2F2B4B6A}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe FirewallRules: [UDP Query User{24118DF0-B1A6-40F9-AF54-ADDC6D6A7696}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe FirewallRules: [{182D7FB5-34AC-41B1-B80D-3E14A7C3284D}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe FirewallRules: [{A38DC822-8450-4E90-B948-763473EBFE62}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe FirewallRules: [{34C8DCA4-9CB4-44EB-BDA4-2243B6A94638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{460924A2-DAB1-4BDE-B6F1-EBDAE9624B00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{52E7285A-54BF-4106-B38A-D532E6665E86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{55C59A32-7325-4163-9BBA-CECB8AC28884}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{69AADE24-7EB2-4BA0-B3E2-5022DBB3A73F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{4650E401-DB1C-4EE4-83FF-38ADA29F2284}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{D00893C0-8221-4E36-AE8E-207288F031D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{9FF1999F-00BA-459E-AE40-2778EB9B185F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{7D58F99F-B3EE-401F-9AAD-2F279AD69E15}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{DDFC01D2-2BFA-4485-B57F-A3D08551180F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D12B0F98-80C9-414C-9231-12FF2EBD8733}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{9733224E-A078-49E6-964F-6532CBB534D0}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe FirewallRules: [UDP Query User{C2A1FE85-9E02-45CC-AD6F-848DC061BD60}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe FirewallRules: [{CFD11295-DA2F-430B-882A-978CE9849D24}] => (Block) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe FirewallRules: [{6B332141-CA19-461B-AD50-22159F724AFA}] => (Block) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe FirewallRules: [{9958D6F7-0D3E-439E-948B-1DA972AE7C93}] => (Allow) LPort=8317 FirewallRules: [{E2363DDC-96F7-4E0E-862B-0174D03365D5}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{459DC2E5-725B-42DD-8765-1001B4E93F6D}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [TCP Query User{41731BD2-7856-4EC2-8C24-868437B044B5}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{5A1E15B3-7ABC-42A3-8DEC-94BCC3EE5989}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{9C8281FE-3507-4B1B-96D5-1D4B179C6794}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{393A4BCA-8F94-4A5F-85EF-946A9827A55A}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe FirewallRules: [{7E95AA5A-3F59-4CA4-96C2-81D1682A08CD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{815E643C-390A-46F8-8F85-5E9E6F7473F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{160CD63E-1ED4-4CFB-A225-6D27F11A3F1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{7113C531-C03B-4057-B84A-C9CA43320428}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{D0C966EC-3480-46FC-A3A5-4DF6EAC62FBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{44561A87-45DB-4C4D-8EF4-40DEAF86E3C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe ==================== Wiederherstellungspunkte ========================= 29-10-2016 23:09:58 Removed Vegas Pro 12.0 (64-bit) ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (10/29/2016 11:10:28 PM) (Source: MsiInstaller) (EventID: 11723) (User: ADMIN-PC) Description: Produkt: Vegas Pro 12.0 (64-bit) -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SfMSILib_IsProcessRunning, Eintrag: SfMSILib_IsProcessRunning, Bibliothek: C:\ProgramData\Sony\customaction_x64.dll Error: (10/29/2016 11:10:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (10/29/2016 11:07:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC) Description: Bei der Aktivierung der App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (10/29/2016 11:07:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (10/29/2016 11:07:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (10/29/2016 11:07:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (10/29/2016 11:07:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (10/29/2016 11:07:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Music.UI.exe, Version: 10.16092.1031.0, Zeitstempel: 0x5806afe7 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.494, Zeitstempel: 0x5775e4c5 Ausnahmecode: 0xe06d7363 Fehleroffset: 0x0000000000071f28 ID des fehlerhaften Prozesses: 0x19fc Startzeit der fehlerhaften Anwendung: 0x01d2322872225338 Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16092.10311.0_x64__8wekyb3d8bbwe\Music.UI.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\KERNELBASE.dll Berichtskennung: 05e230e1-649c-4da8-99aa-1a2590f666bc Vollständiger Name des fehlerhaften Pakets: Microsoft.ZuneMusic_10.16092.10311.0_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.ZuneMusic Error: (10/29/2016 11:07:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (10/29/2016 11:02:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Systemfehler: ============= Error: (10/29/2016 11:07:25 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC) Description: Der Server "Microsoft.ZuneMusic.AppXg7frm9cyrqhbagxce6zrshkx8fn0ycca.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (10/29/2016 11:07:24 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC) Description: Der Server "App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (10/29/2016 11:07:24 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC) Description: Der Server "App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (10/29/2016 11:07:24 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC) Description: Der Server "App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (10/29/2016 11:07:24 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC) Description: Der Server "App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (10/29/2016 11:07:24 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC) Description: Der Server "App.AppXtjcey7sh4wvcw7hy21b0nmp0bq18dyzd.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (10/29/2016 11:02:32 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC) Description: Der Server "CortanaUI" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (10/29/2016 11:02:31 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC) Description: Der Server "App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (10/29/2016 11:02:30 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC) Description: Der Server "CortanaUI" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (10/29/2016 11:02:28 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC) Description: Der Server "App" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. CodeIntegrity: =================================== Date: 2016-10-29 16:08:14.036 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-29 16:08:14.026 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-29 16:08:14.014 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-29 16:08:13.678 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-29 16:08:10.935 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-20 14:49:58.122 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-20 14:49:58.109 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-20 14:49:58.096 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-20 14:49:58.068 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-20 14:49:58.055 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz Prozentuale Nutzung des RAM: 35% Installierter physikalischer RAM: 8129.95 MB Verfügbarer physikalischer RAM: 5282.64 MB Summe virtueller Speicher: 16321.95 MB Verfügbarer virtueller Speicher: 13321.01 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:930.44 GB) (Free:253.28 GB) NTFS Drive d: (System-reserviert) (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive h: (Tevion) (Removable) (Total:7.4 GB) (Free:6.56 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3B0461CD) Partition 1: (Active) - (Size=203 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=930.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 2 (Size: 7.4 GB) (Disk ID: 66205247) No partition Table on disk 2. ==================== Ende von Addition.txt ============================ Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2016 durchgeführt von admin (Administrator) auf ADMIN-PC (29-10-2016 23:10:37) Gestartet von C:\Users\admin\Desktop Geladene Profile: admin (Verfügbare Profile: admin & DefaultAppPool) Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Sharkoon Technologies) C:\Program Files (x86)\Skiller PRO\Monitor.EXE (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (TeamSpeak Systems GmbH) C:\Users\admin\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\SrTasks.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1842624 2016-09-30] (NVIDIA Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2000-01-01] (Realtek Semiconductor) HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-02-28] (Power Software Ltd) HKLM-x32\...\Run: [Skiller PRO] => C:\Program Files (x86)\Skiller PRO\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies) HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278528 2015-12-07] (PC Partner Co.Ltd) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [Spotify Web Helper] => C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1483888 2016-10-19] (Spotify Ltd) HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [Spotify] => C:\Users\admin\AppData\Roaming\Spotify\Spotify.exe [6884976 2016-10-19] (Spotify Ltd) HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd) HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [4090944 2016-09-20] (GOG.com) HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\MountPoints2: {4c30d469-9739-11e4-bb0a-382c4a739a73} - "F:\pushinst.exe" ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei GroupPolicy: Beschränkung - Chrome <======= ACHTUNG CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{1aec2684-a865-4e41-9c8d-e825774221ec}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{1aec2684-a865-4e41-9c8d-e825774221ec}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{5f030b30-5b32-48cf-92e1-9d9ca305ca6d}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{8ba5c6f2-89a0-4423-9b49-1493df0677f5}: [DhcpNameServer] 192.168.178.1 ManualProxies: Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131124827243312315&GUID=5059F630-8847-C004-A9EE-042B72110A1F HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131124827243338633&GUID=5059F630-8847-C004-A9EE-042B72110A1F BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\grq6bzao.default [2016-10-29] FF Extension: (Adblock Plus) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\grq6bzao.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-28] FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{8C679308-89F3-402C-9323-8D9B3B6D57B2}] - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi FF Extension: (Recordify Title Discover) - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi [2016-01-08] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] () FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] () FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-12] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-12] (Google Inc.) Chrome: ======= CHR DefaultProfile: lejutplovshprohey CHR HomePage: lejutplovshprohey -> hxxp://www.trotux.com/?z=79abb8c81d8fbf04419bec9g5zamee5q7e6e9m6z2z&from=fss&uid=WDCXWD10EZEX-00WN4A0_WD-WCC6Y4CVNXHVVNXHV&type=hp CHR StartupUrls: lejutplovshprohey -> "hxxps://www.google.com/" CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit [2016-10-29] <==== ACHTUNG CHR Extension: (Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-12] CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-12] CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-12] CHR Extension: (Google Mail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-12] CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey [2016-10-29] <==== ACHTUNG CHR Extension: (Recordify Title Discover) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\kkgbclpocodjecojibeaaglcgndegljl [2016-10-29] CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-29] CHR HKLM-x32\...\Chrome\Extension: [kkgbclpocodjecojibeaaglcgndegljl] - C:\Program Files (x86)\Recordify\Extensions\recordify_chrome_0.3.18.crx [2016-09-17] CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\admin\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-12-28] ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2015-12-10] () S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert] R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave Ltd.) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [281152 2016-09-20] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6411840 2016-09-19] (GOG.com) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation) R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-09-30] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-09-04] (Electronic Arts) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.) S3 vmicvss; C:\WINDOWS\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation) S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-26] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 abelssoft_recordify; C:\WINDOWS\system32\drivers\recordify.sys [68536 2016-03-30] (Abelssoft) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-12-10] () S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.) S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-04-10] (Phoenix Technologies) [Datei ist nicht signiert] S3 fwlanusb5; C:\WINDOWS\system32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH) [Datei ist nicht signiert] S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.) S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes) R3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-09-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-09-02] (NVIDIA Corporation) S3 PVUSB; C:\WINDOWS\System32\drivers\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2000-01-01] (Realtek ) S3 scramby; C:\WINDOWS\System32\drivers\scramby.sys [29480 2007-02-13] (RapidSolution Software AG) S3 scramby_out; C:\WINDOWS\System32\drivers\scramby_out.sys [34336 2007-08-08] (RapidSolution Software AG) R3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation) R3 Sftfs; C:\WINDOWS\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation) R3 Sftplay; C:\WINDOWS\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation) R3 Sftredir; C:\WINDOWS\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation) R3 Sftvol; C:\WINDOWS\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2000-01-01] (Synaptics Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.) S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [16056 2016-10-29] (SlimWare Utilities, Inc.) S1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102576 2015-08-26] () S1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25904 2015-08-26] () S1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [701232 2015-08-26] () S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Datei ist nicht signiert] R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X] U3 idsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-10-29 23:05 - 2016-10-29 23:10 - 00022418 _____ C:\Users\admin\Desktop\FRST.txt 2016-10-29 23:05 - 2016-10-29 23:10 - 00000000 ____D C:\FRST 2016-10-29 23:04 - 2016-10-29 23:04 - 02408448 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe 2016-10-29 23:04 - 2016-10-29 23:04 - 02408448 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe 2016-10-29 22:57 - 2016-10-29 22:57 - 00036731 _____ C:\Users\admin\Downloads\Logs.rar 2016-10-29 21:10 - 2016-10-29 21:11 - 00406582 _____ C:\Users\admin\Downloads\startmenu.diagcab 2016-10-29 16:36 - 2016-10-29 16:36 - 00003756 _____ C:\WINDOWS\System32\Tasks\ACC 2016-10-29 16:36 - 2016-10-29 16:36 - 00000000 ____D C:\ProgramData\SlimWare Utilities, Inc 2016-10-29 16:36 - 2016-10-29 16:36 - 00000000 ____D C:\ProgramData\DriverSetupUtility 2016-10-29 16:36 - 2016-10-29 16:36 - 00000000 ____D C:\Program Files\DriverSetupUtility 2016-10-29 16:34 - 2016-10-29 16:34 - 00016056 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys 2016-10-29 16:34 - 2016-10-29 16:34 - 00000000 ____D C:\Users\admin\AppData\Local\SlimWare Utilities Inc 2016-10-29 16:33 - 2016-10-29 16:33 - 03910208 _____ C:\Users\admin\Downloads\adwcleaner_6.030.exe 2016-10-29 16:28 - 2016-10-29 16:28 - 00041208 _____ C:\Users\admin\Documents\cc_20161029_162824.reg 2016-10-29 12:57 - 2016-10-29 12:57 - 00002210 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2016-10-29 12:57 - 2016-10-25 22:00 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2016-10-29 12:57 - 2016-09-09 20:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2016-10-29 12:57 - 2016-09-09 20:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll 2016-10-29 12:57 - 2016-09-09 20:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2016-10-29 12:57 - 2016-09-09 20:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe 2016-10-29 12:56 - 2016-10-29 12:56 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-10-29 12:54 - 2016-10-26 03:09 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 40123840 _____ C:\WINDOWS\system32\nvcompiler.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 35224632 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 28202040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 20718400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 17577728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 14516216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 10912232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 10782952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 10332664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 09120512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 08913512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 08723968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 02940352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 02574784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437570.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437570.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00617696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00572584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00470584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00390200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00384448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00172920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00150784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00131720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2016-10-29 12:54 - 2016-10-25 23:40 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2016-10-29 12:54 - 2016-10-25 23:40 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json 2016-10-26 16:20 - 2016-10-26 16:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-10-25 20:41 - 2016-10-25 20:41 - 13165792 _____ (Microsoft Corporation) C:\Users\admin\Downloads\Silverlight_x64.exe 2016-10-24 16:04 - 2016-10-24 16:09 - 00009631 _____ C:\Users\admin\Documents\Italiensich Spicker v.1.odt 2016-10-20 14:47 - 2016-10-20 14:47 - 00071140 _____ C:\Users\admin\Downloads\TradeMan 1.22h4-6-1-22.zip 2016-10-20 14:41 - 2016-10-20 14:42 - 38827969 _____ C:\Users\admin\Downloads\E3FX V7-23-7.zip 2016-10-20 14:37 - 2016-10-20 14:38 - 41576087 _____ C:\Users\admin\Downloads\E3FX 8.5 (Alternative Bloom)-23-8-5.zip 2016-10-20 14:33 - 2016-10-20 14:33 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2 (2).exe 2016-10-20 14:32 - 2016-10-20 14:33 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2 (1).exe 2016-10-20 14:22 - 2016-10-20 14:22 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2.exe 2016-10-20 14:21 - 2016-10-20 14:44 - 00000000 ____D C:\Users\admin\Desktop\Witcher .dll 2016-10-18 17:37 - 2016-10-18 17:38 - 02891915 _____ C:\Users\admin\Downloads\Fair Sale - Better sale prices v1.03 -4-1-03.7z 2016-10-10 19:01 - 2016-10-01 23:11 - 01935808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437306.dll 2016-10-10 19:01 - 2016-10-01 23:11 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437306.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-10-29 23:07 - 2015-01-13 18:44 - 00000000 ____D C:\Users\admin\AppData\Local\CrashDumps 2016-10-29 22:45 - 2015-01-24 13:20 - 00000000 ____D C:\Users\admin\AppData\Roaming\TS3Client 2016-10-29 21:18 - 2014-12-25 19:09 - 00000000 ____D C:\Program Files (x86)\Steam 2016-10-29 21:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-10-29 21:13 - 2015-12-13 00:39 - 02087808 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-10-29 21:13 - 2015-10-30 20:35 - 00888452 _____ C:\WINDOWS\system32\perfh007.dat 2016-10-29 21:13 - 2015-10-30 20:35 - 00197278 _____ C:\WINDOWS\system32\perfc007.dat 2016-10-29 21:13 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-10-29 21:11 - 2015-01-25 19:59 - 00000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics 2016-10-29 21:08 - 2016-08-12 18:27 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-10-29 21:08 - 2015-12-13 00:35 - 00000000 ____D C:\ProgramData\NVIDIA 2016-10-29 21:07 - 2015-12-13 00:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-10-29 16:57 - 2016-09-18 12:48 - 00000000 ____D C:\ProgramData\updater2 2016-10-29 16:42 - 2015-12-13 00:30 - 04995152 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-10-29 16:38 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI 2016-10-29 16:37 - 2015-08-01 18:21 - 00000000 ____D C:\AdwCleaner 2016-10-29 16:29 - 2016-01-16 21:44 - 00000000 ____D C:\WINDOWS\Minidump 2016-10-29 16:27 - 2016-01-21 17:52 - 00000000 ____D C:\Program Files\CCleaner 2016-10-29 16:19 - 2015-12-13 00:40 - 00000000 ____D C:\Users\admin 2016-10-29 15:51 - 2015-01-11 16:40 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-10-29 15:29 - 2016-09-07 14:12 - 00000000 ____D C:\Users\admin\Documents\The Witcher 3 2016-10-29 12:57 - 2016-09-04 12:58 - 00000000 ____D C:\WINDOWS\LastGood 2016-10-29 12:57 - 2016-01-08 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-10-29 12:57 - 2015-12-13 00:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-10-29 12:56 - 2015-12-13 00:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-10-29 12:56 - 2015-12-13 00:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-10-29 12:56 - 2015-04-07 22:02 - 00000000 ____D C:\Users\admin\AppData\Local\NVIDIA Corporation 2016-10-28 16:04 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-10-28 03:22 - 2010-11-21 05:27 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2016-10-27 00:16 - 2016-01-08 16:46 - 14159928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2016-10-26 16:36 - 2014-11-08 18:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-10-26 16:36 - 2014-11-08 18:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-10-26 16:36 - 2014-11-08 18:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-10-26 15:28 - 2014-12-27 20:56 - 00000000 ____D C:\Users\admin\AppData\Local\TeamSpeak 3 Client 2016-10-26 03:09 - 2015-11-12 18:25 - 01595456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2016-10-26 03:09 - 2015-11-12 18:25 - 00212936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2016-10-25 23:40 - 2016-01-08 16:46 - 24365624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2016-10-25 23:40 - 2016-01-08 16:46 - 03927288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2016-10-25 23:40 - 2016-01-08 16:46 - 03468736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2016-10-25 23:40 - 2016-01-08 16:46 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb 2016-10-25 22:17 - 2016-01-08 16:47 - 06386232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2016-10-25 22:17 - 2016-01-08 16:47 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2016-10-25 22:17 - 2016-01-08 16:47 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2016-10-25 22:17 - 2016-01-08 16:47 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2016-10-25 22:17 - 2016-01-08 16:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2016-10-25 22:17 - 2016-01-08 16:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2016-10-25 22:17 - 2016-01-08 16:47 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2016-10-25 22:13 - 2016-09-14 19:34 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2016-10-25 20:41 - 2014-11-08 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-10-24 08:31 - 2016-01-08 16:47 - 07507695 _____ C:\WINDOWS\system32\nvcoproc.bin 2016-10-21 11:23 - 2016-09-08 14:08 - 00002004 _____ C:\Users\admin\Desktop\The Witcher® 3 - Wild Hunt.lnk 2016-10-20 14:13 - 2016-08-12 18:28 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-10-20 14:13 - 2016-08-12 18:28 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-10-19 23:00 - 2016-04-07 19:50 - 00000000 ____D C:\Users\admin\AppData\Local\Spotify 2016-10-19 22:58 - 2016-09-17 09:53 - 00000000 ____D C:\Users\admin\Documents\Recordify 2016-10-19 22:32 - 2016-04-07 19:49 - 00000000 ____D C:\Users\admin\AppData\Roaming\Spotify 2016-10-18 17:42 - 2016-09-23 14:09 - 00000931 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk 2016-10-18 17:42 - 2016-09-23 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager 2016-10-18 17:42 - 2016-09-23 14:09 - 00000000 ____D C:\Program Files\Nexus Mod Manager 2016-10-10 18:46 - 2016-09-22 18:17 - 00003736 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-10-10 18:46 - 2016-09-14 19:35 - 00003924 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-10-10 18:46 - 2016-09-14 19:35 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2016-10-10 18:46 - 2016-09-14 19:34 - 00003988 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-10-10 18:46 - 2016-09-14 19:34 - 00003960 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-10-10 18:46 - 2016-09-14 19:34 - 00003898 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-10-10 18:46 - 2016-09-14 19:34 - 00003694 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-10-06 18:53 - 2016-09-04 19:11 - 00000000 ____D C:\Users\admin\Desktop\Memes 2016-09-30 06:24 - 2016-09-14 19:35 - 01842624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2016-09-30 06:24 - 2016-09-14 19:35 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2016-09-30 06:24 - 2016-09-14 19:35 - 01444288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2016-09-30 06:24 - 2016-09-14 19:35 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2016-09-30 06:24 - 2016-09-14 19:35 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-04-22 18:24 - 2015-04-22 18:24 - 0549471 _____ () C:\Program Files\vac414demo.zip 2015-08-01 18:08 - 2015-08-01 18:29 - 6420480 _____ () C:\Program Files (x86)\GUT20.tmp 2014-10-10 14:07 - 2014-10-10 14:07 - 0000000 _____ () C:\Users\admin\AppData\Roaming\gdfw.log 2014-10-10 14:07 - 2014-10-10 14:07 - 0000779 _____ () C:\Users\admin\AppData\Roaming\gdscan.log 2016-03-20 14:57 - 2016-03-20 14:57 - 0003584 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-04-10 15:36 - 2015-04-10 15:36 - 0000058 _____ () C:\Users\admin\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat 2015-05-26 21:44 - 2015-12-12 18:05 - 0007601 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg 2015-12-13 00:35 - 2015-12-13 00:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-04-30 20:56 - 2015-03-01 20:57 - 0000032 ____R () C:\ProgramData\hash.dat Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\hash.dat Einige Dateien in TEMP: ==================== C:\Users\admin\AppData\Local\Temp\libeay32.dll C:\Users\admin\AppData\Local\Temp\msvcr120.dll C:\Users\admin\AppData\Local\Temp\Nexus Mod Manager-0.63.1.exe C:\Users\admin\AppData\Local\Temp\nvSCPAPI.dll C:\Users\admin\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\admin\AppData\Local\Temp\nvStInst.exe C:\Users\admin\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-08-22 15:01 ==================== Ende von FRST.txt ============================ |
Themen zu Windows 10: CMD Konsole öffnet sich von alleine mit BSOD |
abstürzen, bluescreen of the death, cmd öffnet automatisch, converter, cpu, defender, explorer, firefox, flash player, helper, helper.exe, home, homepage, installation, internet explorer, mp3, node.js, nvcontainer, registry, rundll, scan, security, server, services.exe, software, stick, taskleiste anklicken, temp, virus, windows, windowsapps, wlan |