|
Plagegeister aller Art und deren Bekämpfung: Chrome öffnet ständig Seite namens: x.24.jquery11.comWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
25.03.2017, 18:21 | #1 |
| Chrome öffnet ständig Seite namens: x.24.jquery11.com Hallo, bei meinem Neffen öffnen sich ständig Tabs im Chrome (auch wenn er dort nichts macht) und zwar zeigen die dann die Seite x.24.jquery11.com. Er hatte schon mal was ähnliches, das konnte ich auch bereinigen, aber nach 3 Monaten hat er jetzt wieder was und ich finde dazu nichts und möchte euch darum um Hilfe bitten. LG Gluecki |
25.03.2017, 23:54 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Chrome öffnet ständig Seite namens: x.24.jquery11.com Scan mit Farbar's Recovery Scan Tool (FRST)
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
25.03.2017, 23:54 | #3 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Chrome öffnet ständig Seite namens: x.24.jquery11.com Scan mit Farbar's Recovery Scan Tool (FRST)
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
04.04.2017, 19:54 | #4 |
| Chrome öffnet ständig Seite namens: x.24.jquery11.com FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 durchgeführt von Fritz (Administrator) auf FRITZI-RECHNER (04-04-2017 20:50:45) Gestartet von D:\Downloads Geladene Profile: Fritz (Verfügbare Profile: Fritz) Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe (Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Razer Inc.) D:\Programme\Razer\Razer Cortex\RzKLService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (LogMeIn Inc.) D:\Programme\Hamachi\x64\hamachi-2.exe (LogMeIn, Inc.) D:\Programme\Hamachi\x64\LMIGuardianSvc.exe (Malwarebytes) D:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Malwarebytes) D:\Programme\Malwarebytes\Anti-Malware\mbamtray.exe (MY.COM B.V.) C:\Users\Fritz\AppData\Local\MyComGames\MyComGames.exe (Mixesoft Project) C:\Users\Fritz\AppData\Local\Mixesoft\AppNHost\appnhost.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Mega Limited) C:\Users\Fritz\AppData\Local\MEGAsync\MEGAsync.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe (Razer Inc.) D:\Programme\Razer\Razer Cortex\RazerCortex.exe (Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe (Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe (Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe (MY.COM B.V.) C:\Users\Fritz\AppData\Local\MyComGames\MyComGames.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe (The CefSharp Authors) D:\Programme\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe (Razer Inc.) D:\Programme\Razer\Razer Cortex\FPSRunner32.exe (Razer Inc.) D:\Programme\Razer\Razer Cortex\x64\FPSRunner64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Razer, Inc.) D:\Programme\Razer\Razer Cortex\RzFpsApplet\RzFpsApplet.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe (Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe (Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe (Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) D:\staem.de\Steam\Steam.exe (Valve Corporation) D:\staem.de\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) D:\staem.de\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) D:\staem.de\Steam\bin\cef\cef.win7\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) HKLM\...\Run: [Malwarebytes TrayApp] => D:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2014-03-12] (CyberLink Corp.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-02] (AVAST Software) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-04] (Razer Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) HKLM-x32\...\Run: [RazerCortex] => D:\Programme\Razer\Razer Cortex\CortexLauncher.exe [222160 2016-09-28] (Razer Inc.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programme\Hamachi\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.) HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1 HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Run: [World of Tanks] => D:\Spiele\World_of_Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net) HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Run: [MyComGames] => C:\Users\Fritz\AppData\Local\MyComGames\MyComGames.exe [5357968 2017-03-30] (MY.COM B.V.) HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd) HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Run: [appnhost] => C:\Users\Fritz\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project) HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\MountPoints2: {ad654ec5-2f7f-11e4-8282-806e6f6e6963} - "G:\autorun.exe" HKU\S-1-5-18\...\Run: [AppLauncher] => C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe [969632 2012-08-10] (Ashampoo) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] () ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] () ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] () Startup: C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-03-26] ShortcutTarget: MEGAsync.lnk -> C:\Users\Fritz\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) GroupPolicy: Beschränkung <======= ACHTUNG GroupPolicy\User: Beschränkung <======= ACHTUNG CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{21E9DD45-9C19-4F96-B095-FC6328402E68}: [NameServer] 77.234.40.79 Tcpip\..\Interfaces\{A9470B01-B732-4F7E-99F4-834D4029F35A}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{C6E5E4A7-6E64-471C-A729-B581D98BD2D3}: [NameServer] 5.8.8.85,8.8.8.8 Tcpip\..\Interfaces\{C6E5E4A7-6E64-471C-A729-B581D98BD2D3}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{C7C99009-0D44-4F54-9B12-4918276100D6}: [NameServer] 5.8.8.85,8.8.8.8 Tcpip\..\Interfaces\{C7C99009-0D44-4F54-9B12-4918276100D6}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{F6024DB0-DB82-40D4-8423-C1C0FE57897B}: [NameServer] 5.8.8.85,8.8.8.8 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = SearchScopes: HKLM-x32 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-05] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-02] (AVAST Software) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-05] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-28] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-02] (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-28] (Oracle Corporation) Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Keine Datei StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: hj71rkax.default FF ProfilePath: C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default [2017-04-04] FF NewTab: Mozilla\Firefox\Profiles\hj71rkax.default -> about:newtab FF DefaultSearchEngine: Mozilla\Firefox\Profiles\hj71rkax.default -> ?????@Mail.Ru FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\hj71rkax.default -> Avast Search FF SelectedSearchEngine: Mozilla\Firefox\Profiles\hj71rkax.default -> ?????@Mail.Ru FF Homepage: Mozilla\Firefox\Profiles\hj71rkax.default -> hxxps://mail.ru/cnt/11956636?fr=ffhp1.0.3&gp=811036 FF Keyword.URL: Mozilla\Firefox\Profiles\hj71rkax.default -> hxxp://go.mail.ru/distib/ep/?product_id=%7B6E899E04-9C9B-4A50-9844-D0FFD235B88A%7D&gp=811037 FF Extension: (???????? ???????? Mail.Ru) - C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default\Extensions\homepage@mail.ru [2017-02-23] FF Extension: (?????@Mail.Ru) - C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default\Extensions\search@mail.ru [2017-02-23] FF Extension: (?????????? ???????? @Mail.Ru) - C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default\Extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} [2017-02-23] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-18] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-18] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-27] () FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-05] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-05] (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-27] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-28] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-28] (Oracle Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei] FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-10] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-10] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-26] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-26] (Google Inc.) FF Plugin HKU\S-1-5-21-2589094953-1922200633-4272172180-1001: @my.com/Games -> C:\Users\Fritz\AppData\Local\MyComGames\NPMyComDetector.dll [2017-02-11] (MY.COM B.V.) FF Plugin HKU\S-1-5-21-2589094953-1922200633-4272172180-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Fritz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS) StartMenuInternet: FIREFOX.EXE - D:\Programme\Mozilla Firefox\firefox.exe Chrome: ======= CHR Profile: C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default [2017-04-04] CHR Extension: (Google Präsentationen) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-26] CHR Extension: (Google Docs) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-26] CHR Extension: (Google Drive) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-26] CHR Extension: (YouTube) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-26] CHR Extension: (Avast SafePrice) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-26] CHR Extension: (Google Tabellen) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-26] CHR Extension: (Google Docs Offline) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-26] CHR Extension: (Avast Online Security) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-26] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-26] CHR Extension: (Google Mail) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-26] CHR Extension: (Chrome Media Router) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-26] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] () R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-02] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-02] (AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1489416 2017-03-28] () S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [400656 2017-03-01] (EasyAntiCheat Ltd) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) R2 Hamachi2Svc; D:\Programme\Hamachi\x64\hamachi-2.exe [3416584 2017-03-02] (LogMeIn Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation) R2 MBAMService; D:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-10] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-10] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation) R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2017-02-10] (NVIDIA Corporation) S3 Origin Client Service; D:\Origin\OriginClientService.exe [2122248 2017-03-01] (Electronic Arts) S2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [2184208 2017-03-01] (Electronic Arts) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [69760 2016-06-20] (Razer Inc.) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] () R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] () R2 RzKLService; D:\Programme\Razer\Razer Cortex\RzKLService.exe [133376 2016-09-28] (Razer Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files (x86)\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files (x86)\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-02] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-02] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-02] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-02] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-02] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-02] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-02] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-02] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-02] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-02] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-22] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-02] (AVAST Software) S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [44640 2014-09-30] (The OpenVPN Project) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-01] (Disc Soft Ltd) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-02-27] (LogMeIn Inc.) S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-11] (Malwarebytes) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation) S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-10] (NVIDIA Corporation) R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2017-02-10] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2017-02-10] (NVIDIA Corporation) S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation ) R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [51224 2016-04-07] (Razer Inc) R3 rzmpos; C:\Windows\System32\drivers\rzmpos.sys [47640 2016-04-07] (Razer Inc) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) U3 DfSdkS; kein ImagePath S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-04-04 20:50 - 2017-04-04 20:50 - 00000000 ____D C:\FRST 2017-04-03 16:41 - 2017-04-03 16:41 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC 2017-04-02 21:33 - 2017-04-02 21:33 - 00000000 ____D C:\Users\Fritz\AppData\LocalLow\Temp 2017-03-30 21:34 - 2017-03-30 21:34 - 00000000 ____D C:\Users\Fritz\AppData\LocalLow\Raft 2017-03-26 22:34 - 2017-03-26 22:34 - 00000000 ____D C:\Users\Fritz\Documents\MEGAsync 2017-03-26 22:33 - 2017-03-26 22:33 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync 2017-03-26 22:33 - 2017-03-26 22:33 - 00000000 ____D C:\Users\Fritz\AppData\Local\MEGAsync 2017-03-26 17:57 - 2017-03-26 17:57 - 11127744 _____ C:\Users\Fritz\Downloads\LiquidBounce1.8.8 - b20.5.zip 2017-03-26 17:40 - 2017-03-26 17:40 - 00083260 _____ C:\Users\Fritz\Downloads\Lockette.jar 2017-03-26 17:38 - 2017-03-26 17:39 - 00119583 _____ C:\Users\Fritz\Downloads\WorldBorder (1).jar 2017-03-26 17:34 - 2017-03-26 17:35 - 01032874 _____ C:\Users\Fritz\Downloads\NoCheatPlus.jar 2017-03-26 17:23 - 2017-03-26 17:23 - 00990670 _____ C:\Users\Fritz\Downloads\Essentials.zip 2017-03-26 16:35 - 2017-03-26 16:35 - 00000000 ____D C:\Users\Fritz\AppData\Local\Vitalwerks 2017-03-26 16:34 - 2017-03-26 16:34 - 00241736 _____ C:\Users\Fritz\Downloads\DUCSetup_v4_1_1.exe 2017-03-26 16:22 - 2017-03-26 16:22 - 19758011 _____ C:\Users\Fritz\Downloads\spigot-1.8.8-R0.1-SNAPSHOT-latest.jar 2017-03-26 14:59 - 2017-03-26 14:59 - 00000046 _____ C:\Users\Fritz\Downloads\start(2).bat 2017-03-26 14:57 - 2017-03-26 14:57 - 00000185 _____ C:\Users\Fritz\Downloads\eula.txt 2017-03-26 14:57 - 2017-03-26 14:57 - 00000062 _____ C:\Users\Fritz\Downloads\server.properties 2017-03-26 14:56 - 2017-03-26 14:56 - 19556772 _____ C:\Users\Fritz\Downloads\spigot-1.8.8.jar 2017-03-26 00:37 - 2017-03-26 00:37 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-03-26 00:37 - 2017-03-26 00:37 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-03-26 00:37 - 2017-03-26 00:37 - 00002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-03-26 00:36 - 2017-03-26 00:37 - 00000000 ____D C:\Program Files (x86)\GUM7AE9.tmp 2017-03-24 23:32 - 2017-03-24 23:36 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\DVDVideoSoft 2017-03-24 23:08 - 2017-03-25 19:37 - 00000000 ____D C:\Users\Fritz\Desktop\VID Teil2 2017-03-24 23:01 - 2017-03-24 23:21 - 00000000 ____D C:\Users\Fritz\Desktop\VID 2017-03-24 22:12 - 2017-03-24 22:59 - 00000000 ____D C:\Users\Fritz\Desktop\bilder 2017-03-22 17:18 - 2017-03-22 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2017-03-22 17:18 - 2017-03-02 15:35 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-03-21 21:52 - 2017-03-21 21:55 - 00000000 ____D C:\CFLog 2017-03-21 21:52 - 2017-03-21 21:54 - 00000000 ____D C:\Users\Fritz\Documents\Cross Fire 2017-03-21 21:37 - 2017-03-21 21:49 - 00000000 ____D C:\ProgramData\Solid State Networks 2017-03-19 22:23 - 2017-03-19 22:23 - 00002033 _____ C:\Users\Fritz\AppData\Local\recently-used.xbel 2017-03-16 20:53 - 2017-03-16 20:53 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-03-16 20:53 - 2017-03-16 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-03-16 19:48 - 2017-03-04 09:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-03-16 19:48 - 2017-03-04 08:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-03-16 19:48 - 2017-03-04 06:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-03-16 19:48 - 2017-03-02 20:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-03-16 19:48 - 2017-03-02 19:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-03-16 19:48 - 2017-03-02 19:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-03-16 19:48 - 2017-03-02 19:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-03-16 19:48 - 2017-03-02 18:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-03-16 19:48 - 2017-02-11 07:12 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2017-03-16 19:48 - 2017-02-11 06:58 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-03-16 19:48 - 2017-02-10 07:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-03-16 19:48 - 2017-02-10 07:09 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2017-03-16 19:48 - 2017-02-10 07:00 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-03-16 19:48 - 2017-02-10 06:59 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-03-16 19:47 - 2017-03-04 10:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-03-16 19:47 - 2017-03-04 09:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-03-16 19:47 - 2017-03-04 09:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-03-16 19:47 - 2017-03-04 09:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-03-16 19:47 - 2017-03-04 09:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-03-16 19:47 - 2017-03-04 09:05 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2017-03-16 19:47 - 2017-03-04 08:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-03-16 19:47 - 2017-03-04 08:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-03-16 19:47 - 2017-03-04 08:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-03-16 19:47 - 2017-03-04 08:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-03-16 19:47 - 2017-03-02 19:25 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2017-03-16 19:47 - 2017-03-02 19:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-03-16 19:47 - 2017-03-02 19:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-03-16 19:47 - 2017-03-02 18:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-03-16 19:47 - 2017-03-02 18:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-03-16 19:47 - 2017-02-11 21:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2017-03-16 19:47 - 2017-02-11 07:12 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-03-16 19:47 - 2017-02-11 07:00 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-03-16 19:47 - 2017-02-11 06:56 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-03-16 19:47 - 2017-02-10 21:09 - 04169728 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-03-16 19:47 - 2017-02-10 07:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-03-16 19:47 - 2017-02-10 07:08 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-03-16 19:47 - 2017-02-10 07:01 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-03-16 19:47 - 2017-02-10 03:31 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2017-03-16 19:47 - 2017-02-10 02:12 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2017-03-16 19:47 - 2017-02-09 17:28 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2017-03-16 19:47 - 2017-02-09 17:19 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2017-03-16 19:47 - 2017-02-09 17:16 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2017-03-16 19:47 - 2017-02-09 17:16 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-03-16 19:47 - 2017-02-09 16:59 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2017-03-16 19:47 - 2017-02-09 16:58 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2017-03-16 19:47 - 2017-02-09 16:58 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2017-03-16 19:47 - 2017-02-04 22:32 - 07444832 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-03-16 19:47 - 2017-02-04 22:30 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2017-03-16 19:47 - 2017-02-04 22:30 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2017-03-16 19:47 - 2017-02-04 22:30 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2017-03-16 19:47 - 2017-02-04 22:30 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2017-03-16 19:47 - 2017-02-04 21:32 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll 2017-03-16 19:47 - 2017-02-04 21:30 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2017-03-16 19:47 - 2017-02-04 20:14 - 01001472 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe 2017-03-16 19:47 - 2017-02-04 19:50 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll 2017-03-16 19:47 - 2017-02-04 19:40 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2017-03-16 19:47 - 2017-02-04 19:32 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll 2017-03-16 19:47 - 2017-02-04 19:17 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll 2017-03-16 19:47 - 2017-02-04 19:10 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2017-03-16 19:47 - 2017-02-04 19:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll 2017-03-16 19:47 - 2017-01-21 23:37 - 00567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2017-03-16 19:47 - 2017-01-21 21:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2017-03-16 19:47 - 2017-01-21 21:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2017-03-16 19:47 - 2017-01-21 21:22 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-03-16 19:47 - 2017-01-21 21:20 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-03-16 19:47 - 2017-01-21 20:40 - 00756736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2017-03-16 19:47 - 2017-01-21 20:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2017-03-16 19:47 - 2017-01-21 20:37 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-03-16 19:47 - 2017-01-21 19:58 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-03-16 19:47 - 2017-01-21 19:48 - 01437696 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-03-16 19:47 - 2017-01-14 19:49 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe 2017-03-16 19:47 - 2017-01-11 21:37 - 02345984 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2017-03-16 19:47 - 2017-01-10 21:08 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2017-03-16 19:47 - 2017-01-05 20:20 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2017-03-16 19:47 - 2017-01-05 20:09 - 07076864 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll 2017-03-16 19:47 - 2017-01-05 19:36 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2017-03-16 19:47 - 2017-01-05 19:29 - 05273600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll 2017-03-16 19:47 - 2017-01-05 19:13 - 07796224 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2017-03-16 19:47 - 2017-01-05 18:57 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2017-03-16 19:47 - 2016-11-09 21:22 - 00681472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2017-03-10 20:49 - 2017-03-10 20:49 - 00000000 ____D C:\Users\Fritz\Azure 2017-03-08 15:53 - 2017-03-08 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2017-03-05 02:15 - 2017-03-05 02:15 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-04-04 20:28 - 2015-07-20 17:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2017-04-04 16:07 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2017-04-04 16:00 - 2014-09-30 18:17 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CFB2E40D-C6E0-48A8-8A2A-6E7E44AB2346} 2017-04-04 15:57 - 2017-02-28 19:32 - 00000000 ____D C:\ProgramData\NVIDIA 2017-04-04 15:57 - 2017-02-11 00:23 - 00000000 ____D C:\Users\Fritz\AppData\Local\MyComGames 2017-04-04 15:57 - 2014-09-30 18:09 - 00000000 ___RD C:\Users\Fritz\OneDrive 2017-04-03 20:51 - 2016-08-28 20:06 - 00000000 ____D C:\Users\Fritz\AppData\Local\fabi.me 2017-04-03 20:45 - 2017-01-03 23:52 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\.minecraft 2017-04-03 17:15 - 2014-09-30 18:13 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2589094953-1922200633-4272172180-1001 2017-04-03 14:35 - 2016-02-19 22:14 - 00000000 ____D C:\Users\Fritz\AppData\Local\CrashDumps 2017-04-02 21:19 - 2014-04-28 13:38 - 00765378 _____ C:\Windows\system32\perfh007.dat 2017-04-02 21:19 - 2014-04-28 13:38 - 00159696 _____ C:\Windows\system32\perfc007.dat 2017-04-02 21:19 - 2014-03-18 17:26 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI 2017-04-02 21:19 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2017-04-02 00:24 - 2015-11-21 21:53 - 00000000 ____D C:\Users\Fritz\Documents\TmForever 2017-03-31 22:13 - 2016-11-12 17:19 - 00000000 ____D C:\Users\Fritz\AppData\Local\LogMeIn Hamachi 2017-03-30 16:39 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF 2017-03-28 16:21 - 2017-01-01 21:21 - 00000000 ____D C:\Users\Fritz\Desktop\Spiele 2017-03-28 16:02 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-03-26 13:58 - 2016-03-18 15:13 - 00000000 ____D C:\Users\Fritz\Documents\Euro Truck Simulator 2 2017-03-26 00:37 - 2015-11-21 20:03 - 00000000 ____D C:\Program Files (x86)\Google 2017-03-26 00:37 - 2014-09-30 18:34 - 00000000 ____D C:\Users\Fritz\AppData\Local\Google 2017-03-26 00:36 - 2014-09-30 18:34 - 00000000 ____D C:\Users\Fritz\AppData\Local\Deployment 2017-03-26 00:35 - 2016-12-27 02:46 - 00000000 ____D C:\Users\Fritz\AppData\LocalLow\Mozilla 2017-03-24 23:23 - 2016-04-09 14:14 - 00000000 ____D C:\Users\Public\Documents\Lightworks 2017-03-24 19:54 - 2016-06-04 13:06 - 00000000 ____D C:\ProgramData\Origin 2017-03-24 17:45 - 2017-02-26 00:44 - 00000606 _____ C:\Users\Fritz\Desktop\Script für infoviedio + Codenummer.txt 2017-03-24 13:49 - 2017-03-03 21:30 - 00001023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone 3 Browser.lnk 2017-03-24 13:49 - 2016-01-28 15:19 - 00003926 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1453987192 2017-03-22 17:18 - 2017-03-02 15:35 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2017-03-22 17:18 - 2014-09-30 19:45 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2017-03-19 22:23 - 2017-02-08 23:04 - 00000000 ____D C:\Users\Fritz\AppData\Local\gtk-2.0 2017-03-19 22:23 - 2017-01-12 20:05 - 00000000 ____D C:\Users\Fritz\.gimp-2.8 2017-03-19 20:56 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2017-03-19 10:44 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2017-03-17 19:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2017-03-17 14:25 - 2017-02-28 19:47 - 00347040 _____ C:\Windows\system32\FNTCACHE.DAT 2017-03-16 21:06 - 2014-10-04 14:33 - 00000000 ____D C:\Windows\system32\MRT 2017-03-16 21:06 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2017-03-16 21:05 - 2014-04-24 18:12 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-03-16 20:53 - 2016-07-08 19:59 - 00000000 ____D C:\ProgramData\Skype 2017-03-16 20:53 - 2014-09-30 20:03 - 00000000 ____D C:\ProgramData\Package Cache 2017-03-14 15:35 - 2014-09-30 19:45 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2017-03-13 22:24 - 2015-06-14 16:28 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\Skype 2017-03-13 14:49 - 2014-09-30 19:45 - 00000000 ____D C:\ProgramData\AVAST Software 2017-03-11 14:37 - 2017-01-21 21:04 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-03-11 14:37 - 2017-01-21 21:04 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys 2017-03-10 20:49 - 2014-09-30 18:06 - 00000000 ____D C:\Users\Fritz 2017-03-10 15:35 - 2014-09-30 19:45 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.149019591053109 2017-03-10 06:34 - 2013-08-22 17:38 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-03-10 06:34 - 2013-08-22 17:38 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-03-09 15:51 - 2015-09-23 17:49 - 00000000 ____D C:\temp 2017-03-06 19:25 - 2016-01-02 23:47 - 00000000 ____D C:\Users\Fritz\AppData\Local\ftblauncher 2017-03-05 02:15 - 2016-07-17 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-03-05 02:14 - 2016-07-17 16:10 - 00000000 ____D C:\Program Files\Java 2017-03-05 02:10 - 2016-01-02 23:47 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\ftblauncher ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-12-23 12:26 - 2015-08-25 08:26 - 0000221 _____ () C:\Users\Fritz\AppData\Roaming\WB.CFG 2017-01-27 14:41 - 2017-01-27 14:41 - 0000000 ____H () C:\Users\Fritz\AppData\Local\BIT9584.tmp 2017-01-08 19:50 - 2017-01-08 19:50 - 0003584 _____ () C:\Users\Fritz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-01-02 17:36 - 2017-01-02 17:36 - 0000000 ___SH () C:\Users\Fritz\AppData\Local\LumaEmu 2017-03-19 22:23 - 2017-03-19 22:23 - 0002033 _____ () C:\Users\Fritz\AppData\Local\recently-used.xbel 2014-09-30 19:54 - 2017-01-04 15:12 - 0007605 _____ () C:\Users\Fritz\AppData\Local\resmon.resmoncfg 2017-01-15 23:15 - 2016-11-23 15:37 - 0000570 _____ () C:\Users\Fritz\AppData\Local\TroubleshooterConfig.json 2017-02-03 21:35 - 2017-02-03 22:36 - 0000037 _____ () C:\Users\Fritz\AppData\Local\X-Plane Installer.prf 2017-02-03 22:36 - 2017-02-03 22:37 - 0000015 _____ () C:\Users\Fritz\AppData\Local\X-Plane_drm_11.prf 2017-02-03 21:35 - 2017-02-03 21:35 - 0000023 _____ () C:\Users\Fritz\AppData\Local\x-plane_install_11.txt 2017-01-27 14:41 - 2017-01-27 14:41 - 0000000 _____ () C:\Users\Fritz\AppData\Local\{9D140C0B-B1AE-4EFB-B5ED-86199672863D} 2014-11-26 19:40 - 2014-11-26 19:40 - 0000000 _____ () C:\Users\Fritz\AppData\Local\{AEFF9ACD-116D-4505-98DD-5A29BB9CE78B} 2015-02-09 20:03 - 2015-02-09 20:03 - 0000000 _____ () C:\Users\Fritz\AppData\Local\{E3702F5A-940C-4936-A2B2-32C0F23DA403} 2014-08-19 13:09 - 2014-08-19 13:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-11-30 22:31 - 2016-11-30 22:31 - 0000016 _____ () C:\ProgramData\mntemp 2017-01-01 22:48 - 2017-01-01 22:48 - 0000032 _____ () C:\ProgramData\Temp.log 2014-08-19 13:23 - 2014-08-19 13:23 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log 2014-08-19 13:20 - 2014-08-19 13:20 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log 2014-08-19 13:23 - 2014-08-19 13:23 - 0000032 _____ () C:\ProgramData\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}.log 2014-08-19 13:22 - 2014-08-19 13:22 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log 2014-08-19 13:18 - 2014-08-19 13:18 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2014-08-19 13:22 - 2014-08-19 13:22 - 0000032 _____ () C:\ProgramData\{E1646825-D391-42A0-93AA-27FA810DA093}.log 2014-08-19 13:19 - 2014-08-19 13:19 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log 2014-08-19 13:20 - 2014-08-19 13:20 - 0000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log Einige Dateien in TEMP: ==================== 2017-03-26 18:38 - 2017-03-26 18:38 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-1156133977092190632.dll 2017-03-26 18:12 - 2017-03-26 18:12 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-1183857964705709983.dll 2017-03-26 15:35 - 2017-03-26 15:35 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-1255889390127493652.dll 2017-03-26 15:35 - 2017-03-26 15:35 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-1419921203732016063.dll 2017-03-27 12:15 - 2017-03-27 12:15 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-2237448965582862950.dll 2017-03-26 19:14 - 2017-03-26 19:14 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-2633886668500820597.dll 2017-03-26 18:11 - 2017-03-26 18:11 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-2924941846129932772.dll 2017-03-26 14:56 - 2017-03-26 14:56 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-3339494108290317049.dll 2017-03-26 15:24 - 2017-03-26 15:24 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-4631202162911088074.dll 2017-03-26 18:12 - 2017-03-26 18:12 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-473815464550042425.dll 2017-03-26 18:13 - 2017-03-26 18:13 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-474737885146204927.dll 2017-03-26 16:25 - 2017-03-26 16:25 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-4993673459245968672.dll 2017-03-26 18:33 - 2017-03-26 18:33 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-5204322312476300889.dll 2017-03-26 15:04 - 2017-03-26 15:04 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-5465550519586136679.dll 2017-03-27 12:12 - 2017-03-27 12:12 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-5562341965054720879.dll 2017-03-26 15:37 - 2017-03-26 15:37 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-565764272598991269.dll 2017-03-26 17:04 - 2017-03-26 17:04 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-5792485033925151240.dll 2017-03-26 15:35 - 2017-03-26 15:35 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-6161368520921815246.dll 2017-03-26 14:57 - 2017-03-26 14:57 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-6377810549293930098.dll 2017-03-26 17:53 - 2017-03-26 17:53 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-736355771900536423.dll 2017-03-26 16:25 - 2017-03-26 16:25 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-8072484581763269693.dll 2017-03-26 15:34 - 2017-03-26 15:34 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-812501182027476784.dll 2017-03-26 15:06 - 2017-03-26 15:06 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-8157219306358747475.dll 2017-03-26 17:53 - 2017-03-26 17:53 - 0515584 _____ () C:\Users\Fritz\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-03-29 21:53 ==================== Ende von FRST.txt ============================ |
04.04.2017, 19:55 | #5 |
| Chrome öffnet ständig Seite namens: x.24.jquery11.com Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017 durchgeführt von Fritz (04-04-2017 20:51:08) Gestartet von D:\Downloads Windows 8.1 (Update) (X64) (2014-09-30 16:07:25) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2589094953-1922200633-4272172180-500 - Administrator - Disabled) Fritz (S-1-5-21-2589094953-1922200633-4272172180-1001 - Administrator - Enabled) => C:\Users\Fritz Gast (S-1-5-21-2589094953-1922200633-4272172180-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2589094953-1922200633-4272172180-1003 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7zip Packages (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\7zip Packages) (Version: - ) <==== ACHTUNG Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated) Advanced Omnibus Driver (HKLM-x32\...\{E084E6F2-2B8A-4A71-938F-0C4C808EA439}_is1) (Version: 4.3 - PeDePe) Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft) aerosoft's - OMSI 2 - Drei Generationen (HKLM-x32\...\{C88376AA-BF64-40F4-9AD6-F8A18DA394F2}) (Version: 1.10 - aerosoft) aerosoft's - OMSI 2 - Hamburg (HKLM-x32\...\{5BF6B590-F7F5-46B5-B5F4-B0CA93423AD6}) (Version: 2.01 - aerosoft) AIDA64 Extreme v5.80 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.80 - FinalWire Ltd.) AMD Catalyst Install Manager (HKLM\...\{770EA7C3-0B5A-C557-E641-A09244603B84}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Ansel (Version: 378.66 - NVIDIA Corporation) Hidden Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project) Ashampoo AppLauncher v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG) Ashampoo Burning Studio 11 v.11.0.4 (HKLM-x32\...\Ashampoo Burning Studio 11_is1) (Version: 11.0.4 - Ashampoo GmbH & Co. KG) Ashampoo GetBack Photo v.1.0.1 (HKLM-x32\...\Ashampoo GetBack Photo_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG) Ashampoo HDD Control 2 v.2.1.0 (HKLM-x32\...\Ashampoo HDD Control 2_is1) (Version: 2.1.0 - Ashampoo GmbH & Co. KG) Ashampoo Music Studio 4 v.4.0.1 (HKLM-x32\...\Ashampoo Music Studio 4_is1) (Version: 4.0.1 - Ashampoo GmbH & Co. KG) Ashampoo Photo Commander 10 v.10.1.3 (HKLM-x32\...\Ashampoo Photo Commander 10_is1) (Version: 10.1.3 - Ashampoo GmbH & Co. KG) Ashampoo Photo Optimizer 5 v.5.1.2 (HKLM-x32\...\Ashampoo Photo Optimizer 5_is1) (Version: 5.1.2 - Ashampoo GmbH & Co. KG) Ashampoo Slideshow Studio HD 2 v.2.0.5 (HKLM-x32\...\Ashampoo Slideshow Studio HD 2_is1) (Version: 2.0.5 - Ashampoo GmbH & Co. KG) Ashampoo Snap 5 v.5.1.5 (HKLM-x32\...\Ashampoo Snap 5_is1) (Version: 5.1.5 - Ashampoo GmbH & Co. KG) Ashampoo UnInstaller 4 v.4.30 (HKLM-x32\...\Ashampoo UnInstaller 4_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG) Ashampoo WinOptimizer 2017 (HKLM-x32\...\{4209F371-6CE9-533C-2CDC-94E053273B35}_is1) (Version: 14.00.04 - Ashampoo GmbH & Co. KG) Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Blacklight: Retribution (HKLM\...\Steam App 209870) (Version: - Hardsuit Labs) Blender (HKLM\...\{437221A8-91D1-42A0-9E04-0AD64B502374}) (Version: 2.78.1 - Blender Foundation) CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine) Construction-Simulator 2015 (HKLM-x32\...\Steam App 289950) (Version: - weltenbauer. Software Entwicklung GmbH) CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4430.0 - CyberLink Corp.) CyberLink PhotoDirector 5 (Version: 5.0.4430.0 - CyberLink Corp.) Hidden CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2230.0 - CyberLink Corp.) CyberLink PowerDirector 12 (Version: 12.0.2230.0 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dirty Bomb (HKLM\...\Steam App 333930) (Version: - Splash Damage®) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION) EPSON XP-402 403 405 406 Series Printer Uninstall (HKLM\...\EPSON XP-402 403 405 406 Series) (Version: - SEIKO EPSON Corporation) Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version: - SCS Software) Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software) Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software) EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalleri (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalleriet (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotograf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fraps (HKLM-x32\...\Fraps) (Version: - ) Galeria de Fotografias (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Gameforge Live 2.0.12 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.12 - Gameforge) GFACE Launcher (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH) GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.110 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan) Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.4.2.0 - GIANTS Software) Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 12.6.0.0 - Lightworks) Line of Sight (HKLM\...\Steam App 436520) (Version: - BlackSpot Entertainment) Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.558 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.558 - LogMeIn, Inc.) Hidden Malwarebytes Version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) MorphVOX Pro (HKLM-x32\...\{5a385481-7640-4f10-8ca5-04a2030b4623}) (Version: 4.4.65.20341 - Screaming Bee) MorphVOX Pro (x32 Version: 4.4.65.20341 - Screaming Bee) Hidden Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla) My.com Game Center (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\MyComGames) (Version: 3.194 - My.com B.V.) Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.0.0.0 - Electronic Arts) No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team) NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation) NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation) NVIDIA Grafiktreiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation) NVIDIA Miracast Virtueller Ton 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 378.66 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden OMSI 2 - Addon Wien (HKLM-x32\...\{FFAB9F9B-C38C-4FC2-A1EC-1099D2832D18}) (Version: 1.10 - aerosoft) OMSI 2 (HKLM-x32\...\Steam App 252530) (Version: - MR-Software GbR) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.) paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC) PlanetSide 2 (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment) PlanetSide 2 (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\DGC-PlanetSide 2) (Version: 1.0.3.192 - Daybreak Game Company) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden RaceRoom Racing Experience (HKLM\...\Steam App 211500) (Version: - Sector3 Studios) RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios) Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.7.8 - Razer Inc.) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.6.8.66 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.804 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.) SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden SCANIA Truck Driving Simulator 1.0.0 (HKLM-x32\...\SCANIA Truck Driving Simulator) (Version: 1.0.0 - SCS Software) SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden Shotcut (HKLM-x32\...\Shotcut) (Version: - ) SketchUp 2017 (HKLM\...\{3A83073A-B35A-4497-8DD0-5542C36E052E}) (Version: 17.0.18899 - Trimble Navigation Limited) Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Spintires (HKLM\...\Steam App 263280) (Version: - Oovee® Game Studios) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer) TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo) TP-LINK Archer T2U_T2UH Driver (HKLM-x32\...\{F2496892-5295-4208-AB93-21F1AFD07C97}) (Version: 1.3.1 - TP-LINK) TP-LINK TL-WN725N_TL-WN723N Treiber (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) Train Simulator (HKLM\...\Steam App 24010) (Version: - Dovetail Games) TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team) Unity Web Player (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS) Valokuvavalikoima (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden VirtualDJ 8 (HKLM-x32\...\{1D8DF06F-CCAB-437E-8C99-8D741D04CE74}) (Version: 8.2.3398.0 - Atomix Productions) Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Warface My.Com (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Warface My.Com) (Version: 1.31 - My.com B.V.) WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) World of Tanks (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) Zula Europe (HKLM\...\Steam App 513650) (Version: - Madbyte Games) S?????? f?t???af??? (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1EC06144-9468-D082-12F1-B1EF85889A47} => Keine Datei CustomCLSID: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Fritz\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileCoAuthLib64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {58E99A66-9468-D082-300A-98A985889A47} => Keine Datei ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {02B407E2-29F7-4ACA-903B-DC14349370AF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-10] (NVIDIA Corporation) Task: {06B784D0-9B74-479A-9AF5-BFF1B14D1F6D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-27] (Adobe Systems Incorporated) Task: {1F1C5716-E9C5-4BF3-8AB0-92CE10A02CF2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {25B5FD24-88F0-4BEE-80AF-C99AC02B00EF} - System32\Tasks\Overwolf Updater Task => D:\Programme\Over\Overwolf\OverwolfUpdater.exe Task: {2CA4DAD2-8795-4612-96F7-D25B49B0CDED} - System32\Tasks\{B5C2F6FB-8006-4263-BACB-0047260886B2} => pcalua.exe -a D:\Programme\EHE\everesthome220.exe -d D:\Programme\EHE Task: {34E301E1-48A7-4EBA-98A0-1542446D3977} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2014-05-27] (CyberLink Corp.) Task: {3623BA5F-8512-4880-93D6-AD5968B446AC} - System32\Tasks\journalaboutlifeorgscopem => Chrome.exe journalaboutlife.org/scopem <==== ACHTUNG Task: {47469224-54DB-4834-82CC-D07F6ADF918A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-10] (NVIDIA Corporation) Task: {5DB13895-23E2-468A-B550-20B318320CA1} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12] (Oracle Corporation) Task: {73E73DA3-EC78-46D2-8D85-263A4876E759} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-10] (NVIDIA Corporation) Task: {868BFC48-5462-4B79-82D1-1AAED19F6D62} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-02] (AVAST Software) Task: {8E5A6E72-EAED-4331-A53B-8B82684541CF} - System32\Tasks\{11B5C937-AACC-4DDD-B169-DA6C351787DF} => pcalua.exe -a D:\Downloads\forge-1.7.10-10.13.4.1558-1.7.10-installer-win.exe Task: {A231A173-2493-4BC5-B017-C55ED36751DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd) Task: {A9AC5491-BA37-422F-982B-F07F7A470C21} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {B2317746-99DE-4679-AB30-4B3DD4615C89} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-10] (NVIDIA Corporation) Task: {B8E9E83E-CCE3-4483-865C-AF88A8194E71} - System32\Tasks\{50DBF8D4-40C6-41E5-B84F-9C64C7CA416B} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{5BF6B590-F7F5-46B5-B5F4-B0CA93423AD6}\setup.exe" -c -runfromtemp -l0x0007 -uninst -removeonly Task: {BB71B8D6-F026-4B8A-944B-A4C56DE8BC78} - System32\Tasks\SafeZone scheduled Autoupdate 1453987192 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-03] (Avast Software) Task: {BC2116DD-E2C3-418A-AC1B-860B738A3118} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-26] (Google Inc.) Task: {CA8E826E-7664-4A33-947F-7AFA98699724} - System32\Tasks\{D8F0B4BF-BC21-480B-83A4-2A87254A2F8E} => Chrome.exe hxxp://ui.skype.com/ui/0/7.24.0.104/de/abandoninstall?source=lightinstaller&page=tsInstall Task: {D04AD4D5-652C-48B5-91F7-908F89CFA9FE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-10] (NVIDIA Corporation) Task: {D5D35B28-EE6D-4048-B5CE-172F4D88D04A} - System32\Tasks\{3C52AA0E-ACAB-4535-88EF-7701777DAB15} => pcalua.exe -a "D:\Spiele\Flughafen-Feuerwehr-Simulator 2013\unins000.exe" Task: {D92D22EA-F25E-489F-9380-4D53EEBF724F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software) Task: {D93E1DA5-0A6F-4589-A073-8AC166EECDC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-26] (Google Inc.) Task: {F2369E7C-AF34-4637-A25D-B1E444AD0DB1} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe Task: {FE19AD68-A327-4360-9F41-23D1DAC3CB5C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-10] (NVIDIA Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki Shortcut: C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2014-08-19 13:32 - 2012-07-30 11:48 - 01518504 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe 2017-02-28 19:33 - 2017-02-10 02:52 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-02-28 19:33 - 2017-02-10 02:52 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2017-02-28 19:33 - 2017-02-10 02:52 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll 2016-09-25 01:20 - 2016-09-25 01:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2014-08-19 13:22 - 2012-08-08 22:36 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2017-02-28 19:32 - 2017-02-10 00:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-10-31 21:45 - 2016-10-31 21:45 - 00592384 _____ () C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX64.dll 2017-02-08 04:52 - 2017-02-08 04:52 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2016-06-15 04:39 - 2016-06-15 04:39 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2017-03-26 00:37 - 2017-03-16 06:11 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.110\libglesv2.dll 2017-03-26 00:37 - 2017-03-16 06:11 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.110\libegl.dll 2013-05-09 18:58 - 2013-05-09 18:58 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe 2014-08-19 12:54 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2017-02-28 19:33 - 2017-02-10 02:52 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2017-02-28 19:33 - 2017-02-10 02:52 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll 2017-02-28 19:33 - 2017-02-10 02:52 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-02-28 19:33 - 2017-02-10 02:52 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2017-02-28 19:33 - 2017-02-10 02:52 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2017-02-28 19:33 - 2017-02-10 02:52 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2017-02-28 19:33 - 2017-02-10 02:52 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2017-02-28 19:33 - 2017-02-10 02:52 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2017-02-28 19:33 - 2017-02-10 02:52 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2017-02-28 19:33 - 2017-02-10 02:52 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node 2017-02-11 00:23 - 2017-02-11 00:23 - 00144896 _____ () C:\Users\Fritz\AppData\Local\MyComGames\zlib1.dll 2017-02-11 00:23 - 2017-02-11 00:23 - 00076176 _____ () C:\Users\Fritz\AppData\Local\MyComGames\pxd.dll 2017-02-11 00:23 - 2017-02-11 00:23 - 00186256 _____ () C:\Users\Fritz\AppData\Local\MyComGames\LightUpdate.dll 2017-02-11 00:23 - 2017-03-13 14:24 - 02411408 _____ () C:\Users\Fritz\AppData\Local\MyComGames\BigUp2.dll 2016-05-23 20:36 - 2016-05-23 20:36 - 48962048 _____ () C:\Users\Fritz\AppData\Local\MyComGames\Chrome\3.2623.1401\libcef.dll 2016-04-13 10:38 - 2016-04-13 10:38 - 00482304 _____ () C:\Users\Fritz\AppData\Local\MEGAsync\libsodium.dll 2017-03-02 15:35 - 2017-03-02 15:35 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-09-26 13:34 - 2016-09-26 13:34 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-03-02 15:35 - 2017-03-02 15:35 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-03-02 15:35 - 2017-03-02 15:35 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-07-21 12:43 - 2016-07-21 12:43 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2016-08-23 13:27 - 2015-08-27 23:30 - 40622592 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll 2017-03-08 22:19 - 2016-09-07 22:42 - 50656768 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2017-02-28 20:43 - 2016-08-19 17:12 - 00149352 _____ () D:\Programme\Razer\Razer Cortex\SimbaDeviceControl.dll 2017-02-28 20:43 - 2016-09-28 19:31 - 00989176 _____ () D:\Programme\Razer\Razer Cortex\Cef\CefSharp.Core.dll 2017-02-28 20:43 - 2016-09-28 19:31 - 51063432 _____ () D:\Programme\Razer\Razer Cortex\Cef\libcef.dll 2017-03-08 22:19 - 2016-09-07 22:42 - 01874944 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll 2017-03-08 22:19 - 2016-09-07 22:42 - 00075264 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll 2016-08-23 13:27 - 2015-08-27 23:30 - 00911360 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll 2016-08-23 13:27 - 2015-08-27 23:30 - 00134144 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll 2017-02-28 20:43 - 2016-09-28 19:31 - 00659640 _____ () D:\Programme\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.Core.dll 2017-02-28 20:43 - 2016-09-28 19:31 - 01897704 _____ () D:\Programme\Razer\Razer Cortex\Cef\libglesv2.dll 2017-02-28 20:43 - 2016-09-28 19:31 - 00082216 _____ () D:\Programme\Razer\Razer Cortex\Cef\libegl.dll 2017-02-28 20:44 - 2016-09-07 22:42 - 50656768 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzFpsApplet\cef\libcef.dll 2017-02-28 20:44 - 2016-09-07 22:42 - 01874944 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzFpsApplet\cef\libglesv2.dll 2017-02-28 20:44 - 2016-09-07 22:42 - 00075264 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzFpsApplet\cef\libegl.dll 2010-12-17 13:56 - 2010-12-17 13:56 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll 2013-03-07 13:53 - 2013-03-07 13:53 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll 2010-12-17 13:56 - 2010-12-17 13:56 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll 2010-12-17 13:56 - 2010-12-17 13:56 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll 2010-01-12 17:55 - 2010-01-12 17:55 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll 2010-01-12 17:55 - 2010-01-12 17:55 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll 2010-12-16 13:16 - 2010-12-16 13:16 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll 2010-01-18 00:34 - 2010-01-18 00:34 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll 2013-03-07 13:55 - 2013-03-07 13:55 - 00472576 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll 2013-03-07 13:58 - 2013-03-07 13:58 - 00499488 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll 2013-03-07 13:54 - 2013-03-07 13:54 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll 2010-12-17 13:56 - 2010-12-17 13:56 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll 2010-12-17 13:56 - 2010-12-17 13:56 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll 2010-12-17 13:56 - 2010-12-17 13:56 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll 2017-03-31 13:13 - 2017-03-10 02:13 - 00674592 _____ () D:\staem.de\Steam\SDL2.dll 2017-03-31 13:13 - 2016-09-01 03:02 - 04969248 _____ () D:\staem.de\Steam\v8.dll 2017-03-31 13:13 - 2017-03-23 02:52 - 02465056 _____ () D:\staem.de\Steam\video.dll 2017-03-31 13:13 - 2016-09-01 03:02 - 01563936 _____ () D:\staem.de\Steam\icui18n.dll 2017-03-31 13:13 - 2016-09-01 03:02 - 01195296 _____ () D:\staem.de\Steam\icuuc.dll 2017-03-31 13:13 - 2016-01-27 09:49 - 02549760 _____ () D:\staem.de\Steam\libavcodec-56.dll 2017-03-31 13:13 - 2016-01-27 09:49 - 00491008 _____ () D:\staem.de\Steam\libavformat-56.dll 2017-03-31 13:13 - 2016-01-27 09:49 - 00332800 _____ () D:\staem.de\Steam\libavresample-2.dll 2017-03-31 13:13 - 2016-01-27 09:49 - 00442880 _____ () D:\staem.de\Steam\libavutil-54.dll 2017-03-31 13:13 - 2016-01-27 09:49 - 00485888 _____ () D:\staem.de\Steam\libswscale-3.dll 2017-03-31 13:13 - 2017-03-31 00:46 - 00848672 _____ () D:\staem.de\Steam\bin\chromehtml.DLL 2017-03-31 13:13 - 2016-07-05 00:17 - 00266560 _____ () D:\staem.de\Steam\openvr_api.dll 2017-03-31 13:13 - 2017-01-30 23:41 - 68875552 _____ () D:\staem.de\Steam\bin\cef\cef.win7\libcef.dll 2017-03-31 13:13 - 2017-03-23 02:52 - 00383776 _____ () D:\staem.de\Steam\steam.dll 2017-03-31 13:13 - 2015-09-25 01:52 - 00119208 _____ () D:\staem.de\Steam\winh264.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Windows:nlsPreferences [386] AlternateDataStreams: C:\Users\Fritz:Heroes & Generals [38] AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2017-03-11 19:00 - 00000002 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 5.8.8.85 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == HKLM\...\StartupApproved\StartupFolder: => "TP-LINK-Konfigurationstool.lnk" HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8" HKLM\...\StartupApproved\Run32: => "CLVirtualDrive" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\StartupFolder: => "Product Registration.lnk" HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "Speech Recognition" HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "World of Tanks" HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "Memestar Update Checker (Inactive)" HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "gflauncher" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{FFC0F777-525B-4416-8BC1-E5B95DBB29E8}] => (Allow) LPort=2869 FirewallRules: [{7444B070-8E08-48C8-A0B1-22DE9F908422}] => (Allow) LPort=1900 FirewallRules: [{E1130690-19CB-4121-AF72-AAF876DEBB04}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{A9650492-3927-400A-9603-D8ED4E7CBCDD}] => (Allow) C:\Users\Fritz\steam\Steam.exe FirewallRules: [{5D86B1CC-8C89-457B-97C2-9A864B0059D2}] => (Allow) C:\Users\Fritz\steam\Steam.exe FirewallRules: [{46E30189-3D71-46B8-894F-2F6291A3D9CB}] => (Allow) D:\cbad7ef91886080c4c6a9230\Steam\Steam.exe FirewallRules: [{D7D4653A-0B77-439D-B8AD-7E146D5BF93B}] => (Allow) D:\cbad7ef91886080c4c6a9230\Steam\Steam.exe FirewallRules: [TCP Query User{9058F47D-16BE-46E5-9C55-8CF79E609E0C}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{1C0BFDEA-5735-42D6-8B8A-EF7BD2B1E6C6}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{D99646E2-75C2-4AD0-BAB1-B9A31DD46416}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{986662C3-FF79-4B70-907B-B13892DDBDF9}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{B18A85E1-32DF-49C6-B28B-02DF377071F7}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{E47A500C-7A39-464C-99D5-A437D09B5ED1}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{6E54DAC6-EC1B-464A-8433-5AA0B1A3D5A5}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{E28D9B69-85E5-4943-9CBD-76F24633AC4F}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{D29A0904-6032-4C17-AEC2-578A6A30A933}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{1D9BEBB8-A104-419C-B2BB-0C52A01CE910}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{42E81CC3-4F47-4767-85B3-E305FF3481F3}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{B301D72A-7363-4348-A136-8828E383DAFC}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{47F10786-BFFF-4D84-AB8A-4191302FF1AD}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{83692087-1BCB-47CC-B5C4-E29551BD501B}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{8A055C27-F908-4ABF-8A45-738C6BF8991B}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{535F425E-CBC0-41B4-86E7-4BFB372D464C}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{16E65E5F-0736-415C-876A-C08989BDB2B6}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{8E215670-A1A8-4DE0-82E0-A66F67EA6E5D}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{DE2CA8C9-A7E7-4B2F-BD4F-A91C0FBDCA62}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{11D3D38D-3639-4C5D-98BD-BBD96048BD58}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{9AD5D8F0-2A15-4DA6-9FA9-C03963B11B8B}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{F3BB5A70-8781-4687-8453-7A2E6C9F740B}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{4978C2E6-7B14-4B11-A93B-F6BFF49B27C1}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{FF276E89-B354-4B1D-8836-989E95CF81A6}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{83ACC1AF-D0DF-491E-AA89-F03672540946}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{758064E0-3E29-48CB-83A6-DFB0A1D3634E}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{F36E10F2-83E1-4040-A059-DA3C101FD4BD}] => (Allow) D:\staem.de\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{9EDE79B4-A25E-4263-B987-128297282D63}] => (Allow) D:\staem.de\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{7A4F4F37-E052-4A1F-B30F-081F40552858}] => (Allow) D:\staem.de\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{88B4732A-FED6-452E-BAB3-4907427CB4CF}] => (Allow) D:\staem.de\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{8B4F7E88-DE04-4B8A-808E-433DE2121530}] => (Allow) E:\ETS2 NEU\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{D2CAC890-BD5A-4B18-970C-937AD25E2EAE}] => (Allow) E:\ETS2 NEU\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{C91492AC-43AD-4F8A-9DFA-E3F9A337D3A3}] => (Allow) E:\ETS2 NEU\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{6E92F3EB-8C6F-4A3A-9CFF-59104F0DF5D6}] => (Allow) E:\ETS2 NEU\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [TCP Query User{1A5C5E4C-10EE-4776-BD52-34ADFC4C5BF5}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{E440EE6C-9661-4502-A800-A7D0CFC11133}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{4B4CB57F-92E0-47B1-B796-B34D3F0E2928}D:\spiele\tmnationsforever\tmforever.exe] => (Allow) D:\spiele\tmnationsforever\tmforever.exe FirewallRules: [UDP Query User{AD0B1924-F1C6-4907-B8DB-7A9D2D871352}D:\spiele\tmnationsforever\tmforever.exe] => (Allow) D:\spiele\tmnationsforever\tmforever.exe FirewallRules: [TCP Query User{0C2D5200-F2EE-474F-9C57-1D68A1E6D668}D:\spiele\tmnationsforever\tmforever.exe] => (Block) D:\spiele\tmnationsforever\tmforever.exe FirewallRules: [UDP Query User{9A7DFE99-A5E2-4DDE-AACE-E5181904E14A}D:\spiele\tmnationsforever\tmforever.exe] => (Block) D:\spiele\tmnationsforever\tmforever.exe FirewallRules: [{353B94D8-FFD3-4C21-B1A7-C6ACE640683D}] => (Allow) D:\staem.de\Steam\steamapps\common\ConSim2015\ConSim2015.exe FirewallRules: [{931F2755-9A13-4FC7-8688-D87E98166DCB}] => (Allow) D:\staem.de\Steam\steamapps\common\ConSim2015\ConSim2015.exe FirewallRules: [{CFA1A9FA-B26C-48E5-A8A0-34D657931AB1}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe FirewallRules: [{2E1F08CB-5B01-4760-B90B-2173004C56CE}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe FirewallRules: [{B1811997-354B-469F-8ADE-51A22BE511EC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{BD3183D1-7B59-492A-9F04-FA9CB4EF3E1D}] => (Allow) D:\Spiele\NFS\Need for Speed\NFS16.exe FirewallRules: [{DD0F7A7F-9DD3-4211-B865-A4E98F81DECA}] => (Allow) D:\Spiele\NFS\Need for Speed\NFS16.exe FirewallRules: [{3ACC4120-C2AD-40C7-8DCA-C487A4AA17EF}] => (Allow) D:\Spiele\NFS\Need for Speed\NFS16_trial.exe FirewallRules: [{A79EEF7F-C02F-4FEB-9E4F-237EDE9F8457}] => (Allow) D:\Spiele\NFS\Need for Speed\NFS16_trial.exe FirewallRules: [TCP Query User{E43ABAE4-04D3-46BB-83A5-7D7822953785}D:\spiele\nfs\need for speed\nfs16.exe] => (Block) D:\spiele\nfs\need for speed\nfs16.exe FirewallRules: [UDP Query User{3EFDB123-7955-4B97-A777-B4520C332DF0}D:\spiele\nfs\need for speed\nfs16.exe] => (Block) D:\spiele\nfs\need for speed\nfs16.exe FirewallRules: [{655D3060-B334-4E32-95D5-D2CD5BD7B96B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{4DF27530-63A8-412B-B6FB-B3B4CECD1E34}D:\spiele\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) D:\spiele\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe FirewallRules: [UDP Query User{01583D0F-C8A8-4FD2-B1D8-1DBD26A81C42}D:\spiele\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) D:\spiele\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe FirewallRules: [{0A9BEE98-15D4-490B-9A4B-870C3E5F817E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{B61BB212-F192-4A76-8FD4-DE2AC746EB21}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{CA7732F6-E90D-4C89-8FDA-4F694BAF23AC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{FE84EBDA-7A82-4359-88C8-D83550016CE7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{6289CEAB-0389-45B8-9A6C-09EDB2E26771}] => (Allow) D:\staem.de\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe FirewallRules: [{2F199068-4308-4C26-B0CB-42844B45D59D}] => (Allow) D:\staem.de\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe FirewallRules: [{0CA6FFA4-60C7-44BD-AD93-08B903D23C21}] => (Allow) D:\staem.de\Steam\steamapps\common\blacklightretribution\Binaries\Win32\FoxGame-win32-Shipping.exe FirewallRules: [{BCAA94CF-FE46-49F8-B477-0D403DD4E65F}] => (Allow) D:\staem.de\Steam\steamapps\common\blacklightretribution\Binaries\Win32\FoxGame-win32-Shipping.exe FirewallRules: [{9F994B97-C62F-4280-913E-350EB4047197}] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{099A161F-9056-41EC-9765-1BCB77845FEB}] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{D637AC00-4295-4950-B95A-61EEE0FC17AD}] => (Allow) LPort=25565 FirewallRules: [{E32B07F2-1DB8-4C8B-8BA4-0BD2F0A3F433}] => (Allow) D:\staem.de\Steam\steamapps\common\RailWorks\RailWorks.exe FirewallRules: [{A0D955B4-3334-4BAB-A542-E0261C3E8C6B}] => (Allow) D:\staem.de\Steam\steamapps\common\RailWorks\RailWorks.exe FirewallRules: [{1A12DDCA-BB03-4B34-92B1-C6C11AE203E4}] => (Allow) D:\staem.de\Steam\steamapps\common\Zula EU\zula_launcher.exe FirewallRules: [{D187E17D-1AFC-457B-BE47-E993AF1825F4}] => (Allow) D:\staem.de\Steam\steamapps\common\Zula EU\zula_launcher.exe FirewallRules: [TCP Query User{BE6AEAF9-E8A1-4EDC-BC9E-65684FF2E1BF}D:\staem.de\steam\steamapps\common\omsi 2\omsiplugin.exe] => (Allow) D:\staem.de\steam\steamapps\common\omsi 2\omsiplugin.exe FirewallRules: [UDP Query User{754ED3E4-8611-4EEA-8AC4-ABC19552926C}D:\staem.de\steam\steamapps\common\omsi 2\omsiplugin.exe] => (Allow) D:\staem.de\steam\steamapps\common\omsi 2\omsiplugin.exe FirewallRules: [{67922556-1DD0-4805-B212-BB83196156C5}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{CB0554F5-ACD8-41CE-A4F3-FAAD4306630C}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{560D6E29-71EA-4446-B7BD-18682E1C4C68}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{E30EA182-1F1B-4C70-ABA0-E8AFDA7FBDF6}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{E244783D-B274-4BF8-AED0-017C85CA80C9}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{E570F06E-B6C1-4F80-9608-EDF53867AB39}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{302F3006-3740-42E8-A818-6067E7FA4576}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{71A64C1C-F7B3-4ED1-A2CD-72145A2A3483}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{C1D1DBB8-5694-4116-89BC-79F1F6B3D0A5}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{C6200C32-71F4-414F-A388-6434881D7440}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{75B6DEA5-9D8A-49D8-B587-D95ED9E35DCB}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{4CBF261A-C4C7-49B2-A28B-253C442CD5C6}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{CA212F62-5F2E-4C6F-A11E-4BDDC0635525}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{A4C76A25-1962-4BCB-8E8D-5F22E96E0051}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{CFCB03A3-123E-4E86-9D46-83EFECC5D607}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{DD415E41-1CD6-4000-8519-1464BDCA85FF}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{6C07D6DB-CFD9-4CCE-A239-771A8127F7E3}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [TCP Query User{83744070-C77B-4803-931D-5D7CD436A463}D:\spiele\world_of_tanks\worldoftanks.exe] => (Allow) D:\spiele\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{16859025-1EF8-4937-9197-F20BBFE34B33}D:\spiele\world_of_tanks\worldoftanks.exe] => (Allow) D:\spiele\world_of_tanks\worldoftanks.exe FirewallRules: [{4996CB76-C202-4DCB-A74D-EAC004F1C60F}] => (Allow) D:\Spiele\GameforgeLive\gfl_client.exe FirewallRules: [{0DA3B126-6FB9-4EED-8E0A-2C293D30E05F}] => (Allow) D:\staem.de\Steam\Steam.exe FirewallRules: [{4EDE1659-97CE-4B11-87C8-9B7478D59372}] => (Allow) D:\staem.de\Steam\Steam.exe FirewallRules: [{AB1E843E-9D6A-4219-A5F6-AFC9798C265E}] => (Allow) D:\staem.de\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{953A51A8-DC81-43E3-9104-8AFC41557105}] => (Allow) D:\staem.de\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{2060B6B9-ADA0-4148-998B-3C601758D02E}D:\spiele\world_of_tanks\wotlauncher.exe] => (Block) D:\spiele\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{94471A63-A1DC-492F-B143-E1AA8A989429}D:\spiele\world_of_tanks\wotlauncher.exe] => (Block) D:\spiele\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{64C6DF76-FD33-4F4B-80A3-EBB960B9C6E1}D:\garrysmod.exe] => (Allow) D:\garrysmod.exe FirewallRules: [UDP Query User{31FD5525-888A-48D0-B6C6-113CDD1B6B9F}D:\garrysmod.exe] => (Allow) D:\garrysmod.exe FirewallRules: [{E45132F8-9235-45DE-917A-7D96B4D18F89}] => (Allow) D:\staem.de\Steam\steamapps\common\OMSI 2\Omsi.exe FirewallRules: [{E95273D5-60A2-4106-B6AA-0CC7AD78A47E}] => (Allow) D:\staem.de\Steam\steamapps\common\OMSI 2\Omsi.exe FirewallRules: [TCP Query User{44EB2550-F00F-40BE-B683-01E400BFC62F}D:\spiele\planetside2_x64.exe] => (Allow) D:\spiele\planetside2_x64.exe FirewallRules: [UDP Query User{FF4C42DA-24C6-482A-85B6-96FA68FAF2DC}D:\spiele\planetside2_x64.exe] => (Allow) D:\spiele\planetside2_x64.exe FirewallRules: [{79DFB3B2-0E0B-46B0-8193-6001D3983D09}] => (Allow) D:\staem.de\Steam\steamapps\common\Spintires\SpinTires.exe FirewallRules: [{08A492BF-6B87-44D1-9C8B-AA029C81069E}] => (Allow) D:\staem.de\Steam\steamapps\common\Spintires\SpinTires.exe FirewallRules: [TCP Query User{6AB5431C-6F75-4EBA-9BE4-93730AB7B0ED}C:\users\fritz\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\fritz\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{3F80C7B5-F93B-44E2-9BF0-71DE6C085C65}C:\users\fritz\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\fritz\appdata\local\mycomgames\mycomgames.exe FirewallRules: [{686806E4-EF12-4994-9BB1-AFFA18961BE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{8A28F1EA-35E0-4958-8518-96FF425E1E18}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{0E2131BC-1AC1-47DF-8AF6-502148E98A77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{8A47EDEE-763A-4DE1-8756-8D5A4BD0FFF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8290EA43-CF24-4DA1-A872-B962B6B6EBAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{AFBD03E4-822E-44BA-A9AA-609CA53BB6AB}] => (Allow) D:\staem.de\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe FirewallRules: [{87C06EB8-5EFB-48D4-BB8C-1F71775CECB6}] => (Allow) D:\staem.de\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe FirewallRules: [TCP Query User{29F4CB74-70DD-4B50-A38B-CAE9D695D3C1}D:\staem.de\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) D:\staem.de\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe FirewallRules: [UDP Query User{640EC7D4-CEE5-40F4-ACAA-DF35B966FC2E}D:\staem.de\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) D:\staem.de\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe FirewallRules: [TCP Query User{E9429EE0-3AA0-4EA6-9902-A2EFBD75B5C0}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [UDP Query User{CFF28640-AFC3-490B-9DD2-292C8E01CD49}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [{09682146-7BC7-482C-867C-D8F36E266699}] => (Allow) D:\staem.de\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe FirewallRules: [{0B199E5F-7858-45D8-AEE9-99ED293A33D0}] => (Allow) D:\staem.de\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe FirewallRules: [{48352985-B3CE-45AA-95E6-25B9F60C61CF}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe FirewallRules: [{E811075A-6568-4853-87B6-A18B0CD01E8B}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590_0\SZBrowser.exe FirewallRules: [{AFD22375-0A1B-445C-836D-BF33F263F625}] => (Allow) D:\staem.de\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{B533C653-1DF5-484B-ACD3-891101AA67CE}] => (Allow) D:\staem.de\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{99CE8EF6-0F01-48FA-8C40-CE2BFC2D196C}] => (Allow) D:\staem.de\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{65979547-3ED2-4663-A1CF-8CC46AFB3BAA}] => (Allow) D:\staem.de\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{E3E5EBAF-3F91-4450-98AF-99154B401B24}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{DC4885AA-1800-40BA-946E-0E8DD8455364}C:\users\fritz\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\fritz\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{524A21D5-EA7C-49D4-BCA2-7A2C4EC76C69}C:\users\fritz\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\fritz\appdata\local\mycomgames\mycomgames.exe FirewallRules: [{A50E4149-0DC0-4A3B-B06D-7241A17149A3}] => (Allow) D:\staem.de\Steam\steamapps\common\Line of Sight\Binaries\Win32\LSGame_BE.exe FirewallRules: [{790C28BD-6F9C-42E8-900E-0A172BAA4303}] => (Allow) D:\staem.de\Steam\steamapps\common\Line of Sight\Binaries\Win32\LSGame_BE.exe ==================== Wiederherstellungspunkte ========================= 04-04-2017 18:02:53 Geplanter Prüfpunkt ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: avast! SecureLine TAP Adapter v3 Description: avast! SecureLine TAP Adapter v3 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-Windows Provider V9 Service: aswTap Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (04/04/2017 03:58:28 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector5\kernel\ces\CES_CacheAgent.exe.Manifest". Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (04/04/2017 03:58:28 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector5\kernel\ces\CES_AudioCacheAgent.exe.Manifest". Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (04/03/2017 09:00:58 PM) (Source: SideBySide) (EventID: 63) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "D:\Programme\Razer\Razer Cortex\StreamingServicesAPI.dll.Manifest". Fehler in Manifest- oder Richtliniendatei "D:\Programme\Razer\Razer Cortex\StreamingServicesAPI.dll.Manifest" in Zeile 2. Der Wert "F:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dll" des "name"-Attributs im urn:schemas-microsoft-com:asm.v1^file-Element ist ungültig. Error: (04/03/2017 04:43:37 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector5\kernel\ces\CES_CacheAgent.exe.Manifest". Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (04/03/2017 04:43:37 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector5\kernel\ces\CES_AudioCacheAgent.exe.Manifest". Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (04/03/2017 04:42:23 PM) (Source: SideBySide) (EventID: 63) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "D:\Programme\Razer\Razer Cortex\StreamingServicesAPI.dll.Manifest". Fehler in Manifest- oder Richtliniendatei "D:\Programme\Razer\Razer Cortex\StreamingServicesAPI.dll.Manifest" in Zeile 2. Der Wert "F:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dll" des "name"-Attributs im urn:schemas-microsoft-com:asm.v1^file-Element ist ungültig. Error: (04/03/2017 02:35:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: MinecraftLauncher.exe, Version: 1.0.1.0, Zeitstempel: 0x58c26df9 Name des fehlerhaften Moduls: MinecraftLauncher.exe, Version: 1.0.1.0, Zeitstempel: 0x58c26df9 Ausnahmecode: 0xc0000409 Fehleroffset: 0x00051469 ID des fehlerhaften Prozesses: 0x2954 Startzeit der fehlerhaften Anwendung: 0x01d2ac764a911249 Pfad der fehlerhaften Anwendung: D:\Spiele\Minecraft\MinecraftLauncher.exe Pfad des fehlerhaften Moduls: D:\Spiele\Minecraft\MinecraftLauncher.exe Berichtskennung: 084da5b8-186a-11e7-84b5-c03fd5aa9ee7 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (04/03/2017 01:30:51 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: metin2client.bin, Version: 1.0.27056.0, Zeitstempel: 0x58ca8124 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4e1d Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001debe ID des fehlerhaften Prozesses: 0x984 Startzeit der fehlerhaften Anwendung: 0x01d2ac088ef3a2d7 Pfad der fehlerhaften Anwendung: D:\Metin\GameforgeLive\Games\ROU_ron\Metin2\metin2client.bin Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 67ff46aa-17fc-11e7-84b5-c03fd5aa9ee7 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (04/03/2017 01:25:54 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: PDVD12Serv.exe, Version: 12.0.24034.3720, Zeitstempel: 0x52dcc4ac Name des fehlerhaften Moduls: npggNT.des_unloaded, Version: 2016.10.19.1, Zeitstempel: 0x5806fd14 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000e240 ID des fehlerhaften Prozesses: 0x1088 Startzeit der fehlerhaften Anwendung: 0x01d2aba6777cbe76 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe Pfad des fehlerhaften Moduls: npggNT.des Berichtskennung: b70b37b4-17fb-11e7-84b5-c03fd5aa9ee7 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (04/03/2017 01:25:44 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: WerFault.exe, Version: 6.3.9600.17415, Zeitstempel: 0x54503815 Name des fehlerhaften Moduls: aswhookx.dll, Version: 17.2.2.60911, Zeitstempel: 0x58ac6c5d Ausnahmecode: 0xc0000005 Fehleroffset: 0x00004954 ID des fehlerhaften Prozesses: 0x5a4 Startzeit der fehlerhaften Anwendung: 0x01d2ac087111d6a9 Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\WerFault.exe Pfad des fehlerhaften Moduls: C:\Program Files\AVAST Software\Avast\aswhookx.dll Berichtskennung: b0ff2dc8-17fb-11e7-84b5-c03fd5aa9ee7 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Systemfehler: ============= Error: (04/04/2017 04:07:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneVideo Error: (04/04/2017 04:07:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.BingNews Error: (04/04/2017 04:07:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneVideo Error: (04/04/2017 04:07:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.MicrosoftMinesweeper Error: (04/04/2017 04:07:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneVideo Error: (04/04/2017 04:07:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.BingNews Error: (04/04/2017 04:07:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneVideo Error: (04/04/2017 03:56:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: Der Dienst wurde nicht gestartet. Error: (04/04/2017 03:56:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: Der Dienst wurde nicht gestartet. Error: (04/04/2017 03:56:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: Der Dienst wurde nicht gestartet. CodeIntegrity: =================================== Date: 2016-07-04 15:44:38.593 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Fritz\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-07-04 15:44:38.433 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Programme\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-07-04 15:42:12.993 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Fritz\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-07-04 15:42:12.811 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Programme\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz Prozentuale Nutzung des RAM: 51% Installierter physikalischer RAM: 8144.42 MB Verfügbarer physikalischer RAM: 3957.54 MB Summe virtueller Speicher: 12212.25 MB Verfügbarer virtueller Speicher: 6454.41 MB ==================== Laufwerke ================================ Drive c: (Boot) (Fixed) (Total:57.91 GB) (Free:0.65 GB) NTFS Drive d: (Data) (Fixed) (Total:871.39 GB) (Free:483.13 GB) NTFS Drive e: (Recover) (Fixed) (Total:40.03 GB) (Free:19.5 GB) NTFS Drive g: (FarmingSimulator) (CDROM) (Total:1.91 GB) (Free:0 GB) CDFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 59.6 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ============================ |
04.04.2017, 22:35 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Chrome öffnet ständig Seite namens: x.24.jquery11.com Bitte Avast deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Auch andere Freewareanbieter wie Avira, AVG oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel. Gib Bescheid wenn Avast weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ --> Chrome öffnet ständig Seite namens: x.24.jquery11.com |
07.04.2017, 21:36 | #7 |
| Chrome öffnet ständig Seite namens: x.24.jquery11.com Danke, Avast ist deinstalliert |
08.04.2017, 17:41 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Chrome öffnet ständig Seite namens: x.24.jquery11.com Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
12.04.2017, 17:41 | #9 |
| Chrome öffnet ständig Seite namens: x.24.jquery11.com Ich melde mich in 1,5 Wochen wieder. Mein Neffe ist im Urlaub. Glueckskeks |
23.04.2017, 18:28 | #10 |
| Chrome öffnet ständig Seite namens: x.24.jquery11.com Schade, nichts gefunden. Seite öffnet sich auch immer noch. Grüße Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2017.04.23.04 rootkit: v2017.04.02.01 Windows 8.1 x64 NTFS Internet Explorer 11.0.9600.18618 Fritz :: FRITZI-RECHNER [administrator] 23.04.2017 18:56:38 mbar-log-2017-04-23 (18-56-38).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 298751 Time elapsed: 11 minute(s), 6 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) |
23.04.2017, 19:32 | #11 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Chrome öffnet ständig Seite namens: x.24.jquery11.com Ich werd solche Aussagen nie verstehen. Wie kann man darüber enttäuscht sein, dass der Rechner rootkitfrei ist? Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
Wir haben leider noch ne ältere Anleitung vom adwCleaner, daher das Tool so einstellen wie in diesem Screenshot: 2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
26.04.2017, 18:54 | #12 |
| Chrome öffnet ständig Seite namens: x.24.jquery11.com ADW Cleaner: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v6.046 - Bericht erstellt am 26/04/2017 um 19:44:39 # Aktualisiert am 24/04/2017 von Malwarebytes # Datenbank : 2017-04-25.1 [Server] # Betriebssystem : Windows 8.1 (X64) # Benutzername : Fritz - FRITZI-RECHNER # Gestartet von : C:\Users\Fritz\Desktop\AdwCleaner_6.046.exe # Modus: Löschen # Unterstützung : https://www.malwarebytes.com/support ***** [ Dienste ] ***** ***** [ Ordner ] ***** ***** [ Dateien ] ***** ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel gelöscht: HKLM\SOFTWARE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\amigo.exe ***** [ Browser ] ***** ************************* :: "Tracing" Schlüssel gelöscht :: Winsock Einstellungen zurückgesetzt :: "Prefetch" Dateien gelöscht :: Proxy Einstellungen zurückgesetzt :: Internet Explorer Richtlinien gelöscht :: Chrome Richtlinien gelöscht ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [7205 Bytes] - [24/10/2016 13:48:30] C:\AdwCleaner\AdwCleaner[C2].txt - [3227 Bytes] - [04/12/2016 15:16:56] C:\AdwCleaner\AdwCleaner[C3].txt - [5175 Bytes] - [28/02/2017 19:10:25] C:\AdwCleaner\AdwCleaner[C4].txt - [1271 Bytes] - [26/04/2017 19:44:39] C:\AdwCleaner\AdwCleaner[S0].txt - [6889 Bytes] - [24/10/2016 13:47:55] C:\AdwCleaner\AdwCleaner[S1].txt - [3208 Bytes] - [04/12/2016 15:15:36] C:\AdwCleaner\AdwCleaner[S2].txt - [1622 Bytes] - [06/12/2016 20:54:06] C:\AdwCleaner\AdwCleaner[S3].txt - [1695 Bytes] - [16/12/2016 17:32:42] C:\AdwCleaner\AdwCleaner[S4].txt - [4990 Bytes] - [28/02/2017 19:02:13] C:\AdwCleaner\AdwCleaner[S5].txt - [1941 Bytes] - [26/04/2017 19:44:04] ########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [1782 Bytes] ########## [/CODE] JRT Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.3 (04.10.2017) Operating System: Windows 8.1 x64 Ran by Fritz (Administrator) on 26.04.2017 at 19:50:02,90 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 13 Successfully deleted: C:\ProgramData\mntemp (File) Successfully deleted: C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} (Folder) Successfully deleted: C:\Windows\hgfs.sys (File) Successfully deleted: C:\Windows\prleth.sys (File) Successfully deleted: C:\Program Files\checker (Folder) Successfully deleted: C:\Windows\system32\REN206E.tmp (File) Successfully deleted: C:\Windows\system32\REN7364.tmp (File) Successfully deleted: C:\Windows\system32\REN8F78.tmp (File) Successfully deleted: C:\Windows\system32\RENA120.tmp (File) Successfully deleted: C:\Windows\system32\RENC45E.tmp (File) Successfully deleted: C:\Windows\system32\REND6DC.tmp (File) Successfully deleted: C:\Windows\system32\RENE08.tmp (File) Successfully deleted: C:\Windows\system32\RENFCC9.tmp (File) Deleted the following from C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default\prefs.js user_pref(browser.search.defaultenginename, ?????@Mail.Ru); user_pref(browser.search.selectedEngine, ?????@Mail.Ru); user_pref(browser.startup.homepage, hxxps://mail.ru/cnt/11956636?fr=ffhp1.0.3&gp=811036); user_pref(extensions.homepage@mail.ru.go_metric_url, hxxp://go.mail.ru/distib/mark/?product_id=%7BAB3A925B-FD78-4116-855D-104458D27599%7D&install_id=%7B4DB8C304-D31B-47B1-A user_pref(extensions.homepage@mail.ru.info, {\gp\:\811036\,\product_id\:\{AB3A925B-FD78-4116-855D-104458D27599}\,\install_id\:\{4DB8C304-D31B-47B1-A9D7-DED70AE3D user_pref(extensions.homepage@mail.ru.install_id, {4DB8C304-D31B-47B1-A9D7-DED70AE3D3E3}); user_pref(extensions.homepage@mail.ru.lastHomepage, about:home); user_pref(extensions.homepage@mail.ru.lastPageType, 0); user_pref(extensions.homepage@mail.ru.metric_state_go_metric, {\lastDayNumber\:1,\lastDayDate\:\2017-03-25T00:00:00.000Z\}); user_pref(extensions.homepage@mail.ru.metric_state_mrds_metric, {\lastDayNumber\:1,\lastDayDate\:\2017-03-25T00:00:00.000Z\}); user_pref(extensions.homepage@mail.ru.mrds_metric_url, hxxp://mrds.mail.ru/update/2/version.txt?type=product_online_metric&product_id=%7BAB3A925B-FD78-4116-855D-104458D2759 user_pref(extensions.homepage@mail.ru.partner_product_online_url, hxxp://ec2-54-171-243-238.eu-west-1.compute.amazonaws.com/affect?guid={guid}&sid=16045&homesearch=1&label= user_pref(extensions.homepage@mail.ru.product_id, {AB3A925B-FD78-4116-855D-104458D27599}); user_pref(extensions.homepage@mail.ru.product_type, ff_xtnhp); user_pref(extensions.homepage@mail.ru.rfr, 811036); user_pref(extensions.search@mail.ru.go_metric_url, hxxp://go.mail.ru/distib/mark/?product_id=%7BCFD64415-F148-4E21-A5C9-6421400E55EE%7D&install_id=%7B4DB8C304-D31B-47B1-A9D user_pref(extensions.search@mail.ru.info, {\gp\:\811037\,\product_id\:\{CFD64415-F148-4E21-A5C9-6421400E55EE}\,\install_id\:\{4DB8C304-D31B-47B1-A9D7-DED70AE3D3E user_pref(extensions.search@mail.ru.install_id, {4DB8C304-D31B-47B1-A9D7-DED70AE3D3E3}); user_pref(extensions.search@mail.ru.metric_state_go_metric, {\lastDayNumber\:1,\lastDayDate\:\2017-03-25T00:00:00.000Z\}); user_pref(extensions.search@mail.ru.metric_state_mrds_metric, {\lastDayNumber\:1,\lastDayDate\:\2017-03-25T00:00:00.000Z\}); user_pref(extensions.search@mail.ru.mrds_metric_url, hxxp://mrds.mail.ru/update/2/version.txt?type=product_online_metric&product_id=%7BCFD64415-F148-4E21-A5C9-6421400E55EE% user_pref(extensions.search@mail.ru.partner_product_online_url, hxxp://ec2-54-171-243-238.eu-west-1.compute.amazonaws.com/affect?guid={guid}&sid=16045&homesearch=1&label=81 user_pref(extensions.search@mail.ru.product_id, {CFD64415-F148-4E21-A5C9-6421400E55EE}); user_pref(extensions.search@mail.ru.product_type, ff_xtndse); user_pref(extensions.search@mail.ru.rfr, 811037); user_pref(extensions.xpiState, {\app-profile\:{\homepage@mail.ru\:{\d\:\C:\\\\Users\\\\Fritz\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hj71rkax.defa user_pref(extensions.{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.go_metric_url, hxxp://go.mail.ru/distib/mark/?product_id=%7B53E77BDF-6EB2-41A0-B7C3-61A0671E3FF5%7D&install_id=% user_pref(extensions.{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.info, {\gp\:\811038\,\product_id\:\{53E77BDF-6EB2-41A0-B7C3-61A0671E3FF5}\,\install_id\:\{4DB8C304-D3 user_pref(extensions.{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.mrds_metric_url, hxxp://mrds.mail.ru/update/2/version.txt?type=product_online_metric&product_id=%7B53E77BDF-6EB2 user_pref(keyword.URL, hxxp://go.mail.ru/distib/ep/?product_id=%7B6E899E04-9C9B-4A50-9844-D0FFD235B88A%7D&gp=811037); Registry: 2 Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key) Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 26.04.2017 at 19:51:12,58 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
26.04.2017, 20:54 | #13 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Chrome öffnet ständig Seite namens: x.24.jquery11.com Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
01.05.2017, 19:25 | #14 |
| Chrome öffnet ständig Seite namens: x.24.jquery11.com FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05-2017 durchgeführt von Fritz (Administrator) auf FRITZI-RECHNER (01-05-2017 20:00:48) Gestartet von D:\Downloads Geladene Profile: Fritz (Verfügbare Profile: Fritz) Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe () C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe (Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Razer Inc.) D:\Programme\Razer\Razer Cortex\RzKLService.exe (@ByELDI) D:\Spiele\KMSpico\Service_KMS.exe (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (LogMeIn Inc.) D:\Programme\Hamachi\x64\hamachi-2.exe (LogMeIn, Inc.) D:\Programme\Hamachi\x64\LMIGuardianSvc.exe (Malwarebytes) D:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe (LogMeIn Inc.) D:\Programme\Hamachi\hamachi-2-ui.exe (LogMeIn, Inc.) D:\Programme\Hamachi\LMIGuardianSvc.exe (Malwarebytes) D:\Programme\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (MY.COM B.V.) C:\Users\Fritz\AppData\Local\MyComGames\MyComGames.exe (Mixesoft Project) C:\Users\Fritz\AppData\Local\Mixesoft\AppNHost\appnhost.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Mega Limited) C:\Users\Fritz\AppData\Local\MEGAsync\MEGAsync.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.) D:\Programme\Razer\Razer Cortex\RazerCortex.exe () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe (Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe (Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe (The CefSharp Authors) D:\Programme\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe (MY.COM B.V.) C:\Users\Fritz\AppData\Local\MyComGames\MyComGames.exe (Razer Inc.) D:\Programme\Razer\Razer Cortex\FPSRunner32.exe (Razer Inc.) D:\Programme\Razer\Razer Cortex\x64\FPSRunner64.exe (Razer, Inc.) D:\Programme\Razer\Razer Cortex\RzFpsApplet\RzFpsApplet.exe (Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe (Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe (Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe (Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe (Farbar) D:\Downloads\FRST64 (1).exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor) HKLM\...\Run: [Malwarebytes TrayApp] => D:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15642744 2016-03-30] (Logitech Inc.) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2014-03-12] (CyberLink Corp.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-04] (Razer Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) HKLM-x32\...\Run: [RazerCortex] => D:\Programme\Razer\Razer Cortex\CortexLauncher.exe [222160 2016-09-28] (Razer Inc.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programme\Hamachi\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.) HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1 HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Run: [World of Tanks] => D:\Spiele\World_of_Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net) HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Run: [MyComGames] => C:\Users\Fritz\AppData\Local\MyComGames\MyComGames.exe [5377936 2017-04-23] (MY.COM B.V.) HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd) HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Run: [appnhost] => C:\Users\Fritz\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project) HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\MountPoints2: {57593653-1a15-11e7-84b5-c03fd5aa9ee7} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\MountPoints2: {5759365d-1a15-11e7-84b5-c03fd5aa9ee7} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\MountPoints2: {5759365f-1a15-11e7-84b5-c03fd5aa9ee7} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\MountPoints2: {ad654ec5-2f7f-11e4-8282-806e6f6e6963} - "G:\autorun.exe" HKU\S-1-5-18\...\Run: [AppLauncher] => C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe [969632 2012-08-10] (Ashampoo) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] () ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] () ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] () Startup: C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-03-26] ShortcutTarget: MEGAsync.lnk -> C:\Users\Fritz\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\..\Interfaces\{A9470B01-B732-4F7E-99F4-834D4029F35A}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{C7C99009-0D44-4F54-9B12-4918276100D6}: [NameServer] 5.8.8.85,8.8.8.8 Tcpip\..\Interfaces\{C7C99009-0D44-4F54-9B12-4918276100D6}: [DhcpNameServer] 192.168.0.1 ManualProxies: Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = SearchScopes: HKLM-x32 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-05] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-05] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-28] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-28] (Oracle Corporation) Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Keine Datei StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: hj71rkax.default FF ProfilePath: C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default [2017-05-01] FF NewTab: Mozilla\Firefox\Profiles\hj71rkax.default -> about:newtab FF Extension: (???????? ???????? Mail.Ru) - C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default\Extensions\homepage@mail.ru [2017-02-23] FF Extension: (?????@Mail.Ru) - C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default\Extensions\search@mail.ru [2017-02-23] FF Extension: (Kein Name) - C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} [nicht gefunden] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-27] () FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-05] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-05] (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-27] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-28] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-28] (Oracle Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei] FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-10] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-10] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin HKU\S-1-5-21-2589094953-1922200633-4272172180-1001: @my.com/Games -> C:\Users\Fritz\AppData\Local\MyComGames\NPMyComDetector.dll [2017-02-11] (MY.COM B.V.) FF Plugin HKU\S-1-5-21-2589094953-1922200633-4272172180-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Fritz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS) StartMenuInternet: FIREFOX.EXE - D:\Programme\Mozilla Firefox\firefox.exe Chrome: ======= CHR Profile: C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default [2017-05-01] CHR Extension: (Google Präsentationen) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-26] CHR Extension: (Google Docs) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-26] CHR Extension: (Google Drive) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-26] CHR Extension: (YouTube) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-26] CHR Extension: (Google Tabellen) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-26] CHR Extension: (Google Docs Offline) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-26] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-26] CHR Extension: (Google Mail) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-26] CHR Extension: (Chrome Media Router) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-26] ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] () S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530376 2017-04-07] () S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [400656 2017-03-01] (EasyAntiCheat Ltd) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) R2 Hamachi2Svc; D:\Programme\Hamachi\x64\hamachi-2.exe [3416584 2017-03-02] (LogMeIn Inc.) R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2605176 2017-04-21] (AnchorFree Inc.) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-03-30] (Logitech Inc.) R2 MBAMService; D:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-10] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-10] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation) R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2017-02-10] (NVIDIA Corporation) S3 Origin Client Service; D:\Origin\OriginClientService.exe [2146704 2017-04-27] (Electronic Arts) S2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3115928 2017-04-27] (Electronic Arts) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [69760 2016-06-20] (Razer Inc.) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] () R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] () R2 RzKLService; D:\Programme\Razer\Razer Cortex\RzKLService.exe [133376 2016-09-28] (Razer Inc.) R2 Service KMSELDI; D:\Spiele\KMSpico\Service_KMS.exe [743616 2015-12-02] (@ByELDI) [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files (x86)\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files (x86)\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AFTrafMgr1.2; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_2_64.sys [57272 2017-03-27] (AnchorFree Inc.) S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [44640 2014-09-30] (The OpenVPN Project) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-01] (Disc Soft Ltd) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-02-27] (LogMeIn Inc.) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation) S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-10] (NVIDIA Corporation) R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2017-02-10] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2017-02-10] (NVIDIA Corporation) S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation ) R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [51224 2016-04-07] (Razer Inc) R3 rzmpos; C:\Windows\System32\drivers\rzmpos.sys [47640 2016-04-07] (Razer Inc) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.) R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42064 2017-04-21] (Anchorfree Inc.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) U3 DfSdkS; kein ImagePath S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-05-01 19:58 - 2017-05-01 19:58 - 00347040 _____ C:\Windows\system32\FNTCACHE.DAT 2017-05-01 19:54 - 2017-05-01 19:54 - 00000000 ____D C:\Users\Fritz\Downloads\SafeZone Installer 2017-05-01 14:11 - 2017-05-01 14:11 - 00004608 _____ C:\Windows\SECOH-QAD.exe 2017-05-01 14:11 - 2017-05-01 14:11 - 00003584 _____ C:\Windows\SECOH-QAD.dll 2017-05-01 14:11 - 2017-05-01 14:11 - 00003350 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart 2017-05-01 14:11 - 2017-05-01 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico 2017-05-01 14:11 - 2010-12-06 04:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll 2017-04-29 00:10 - 2017-04-29 00:10 - 00000000 ____D C:\Users\Fritz\AppData\LocalLow\Amistech 2017-04-26 19:51 - 2017-04-26 19:51 - 00005415 _____ C:\Users\Fritz\Desktop\JRT.txt 2017-04-26 19:40 - 2017-04-26 19:39 - 04102600 _____ C:\Users\Fritz\Desktop\AdwCleaner_6.046.exe 2017-04-26 19:40 - 2017-04-26 19:39 - 01663672 _____ (Malwarebytes) C:\Users\Fritz\Desktop\JRT.exe 2017-04-25 21:18 - 2017-04-25 21:19 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield 2017-04-25 21:18 - 2017-04-25 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield 2017-04-25 21:18 - 2017-04-25 21:18 - 00000000 ____D C:\ProgramData\Hotspot Shield 2017-04-25 17:44 - 2017-04-25 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2017-04-23 18:56 - 2017-04-23 19:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2017-04-23 18:55 - 2017-04-23 19:07 - 00000000 ____D C:\Users\Fritz\Desktop\mbar 2017-04-21 16:16 - 2017-04-21 16:16 - 00042064 _____ (Anchorfree Inc.) C:\Windows\system32\Drivers\taphss6.sys 2017-04-04 21:27 - 2017-04-04 21:27 - 00000000 ____D C:\Program Files\Logitech 2017-04-04 21:26 - 2017-04-25 17:46 - 00000000 ____D C:\Program Files\Logitech Gaming Software 2017-04-04 20:50 - 2017-05-01 20:00 - 00000000 ____D C:\FRST 2017-04-03 16:41 - 2017-04-03 16:41 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC 2017-04-02 21:33 - 2017-04-02 21:33 - 00000000 ____D C:\Users\Fritz\AppData\LocalLow\Temp ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-05-01 19:59 - 2017-02-11 00:23 - 00000000 ____D C:\Users\Fritz\AppData\Local\MyComGames 2017-05-01 19:59 - 2016-11-12 17:19 - 00000000 ____D C:\Users\Fritz\AppData\Local\LogMeIn Hamachi 2017-05-01 19:59 - 2014-09-30 18:09 - 00000000 ___RD C:\Users\Fritz\OneDrive 2017-05-01 19:58 - 2017-02-28 19:32 - 00000000 ____D C:\ProgramData\NVIDIA 2017-05-01 19:58 - 2015-12-03 14:49 - 00000000 ____D C:\Program Files\Common Files\AV 2017-05-01 19:58 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-05-01 19:58 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2017-05-01 19:41 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2017-05-01 19:28 - 2015-07-20 17:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2017-05-01 19:05 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2017-05-01 18:52 - 2014-09-30 18:17 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CFB2E40D-C6E0-48A8-8A2A-6E7E44AB2346} 2017-05-01 15:08 - 2016-02-19 22:14 - 00000000 ____D C:\Users\Fritz\AppData\Local\CrashDumps 2017-04-30 20:55 - 2014-09-30 18:13 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2589094953-1922200633-4272172180-1001 2017-04-30 14:26 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2017-04-30 01:05 - 2017-01-03 23:52 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\.minecraft 2017-04-30 00:21 - 2016-01-05 20:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2017-04-29 10:29 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2017-04-28 18:42 - 2017-03-26 00:37 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-04-28 18:42 - 2017-03-26 00:37 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-04-27 21:04 - 2016-06-04 13:06 - 00000000 ____D C:\ProgramData\Origin 2017-04-27 21:03 - 2016-06-04 14:26 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\Origin 2017-04-27 19:43 - 2014-09-30 18:07 - 00000000 ____D C:\Users\Fritz\AppData\Local\VirtualStore 2017-04-27 16:57 - 2017-03-24 22:12 - 00000000 ____D C:\Users\Fritz\Desktop\bilder 2017-04-26 20:00 - 2014-04-28 13:38 - 00765378 _____ C:\Windows\system32\perfh007.dat 2017-04-26 20:00 - 2014-04-28 13:38 - 00159696 _____ C:\Windows\system32\perfc007.dat 2017-04-26 20:00 - 2014-03-18 17:26 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI 2017-04-26 19:47 - 2016-01-05 20:40 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\TeamViewer 2017-04-26 19:44 - 2016-10-24 13:47 - 00000000 ____D C:\AdwCleaner 2017-04-26 19:44 - 2014-12-31 15:55 - 00000008 __RSH C:\ProgramData\ntuser.pol 2017-04-25 21:18 - 2014-09-30 20:03 - 00000000 ____D C:\ProgramData\Package Cache 2017-04-25 19:51 - 2016-08-28 20:06 - 00000000 ____D C:\Users\Fritz\AppData\Local\fabi.me 2017-04-24 19:35 - 2017-02-09 22:06 - 00000000 ____D C:\ProgramData\TruckersMP 2017-04-23 19:13 - 2014-09-30 18:06 - 00000000 ____D C:\Users\Fritz 2017-04-23 18:57 - 2016-12-13 16:44 - 00003184 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 2017-04-23 18:57 - 2016-05-07 12:50 - 00002370 _____ C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2017-04-23 18:57 - 2016-05-06 17:18 - 00003192 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2589094953-1922200633-4272172180-1001 2017-04-23 18:56 - 2017-01-21 21:04 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-04-23 18:56 - 2017-01-21 21:04 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys 2017-04-23 18:56 - 2016-03-17 16:45 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-04-07 14:32 - 2017-01-01 21:21 - 00000000 ____D C:\Users\Fritz\Desktop\Spiele 2017-04-06 15:24 - 2017-03-26 00:37 - 00002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-04-04 21:16 - 2016-09-16 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-12-23 12:26 - 2015-08-25 08:26 - 0000221 _____ () C:\Users\Fritz\AppData\Roaming\WB.CFG 2017-01-08 19:50 - 2017-01-08 19:50 - 0003584 _____ () C:\Users\Fritz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-01-02 17:36 - 2017-01-02 17:36 - 0000000 ___SH () C:\Users\Fritz\AppData\Local\LumaEmu 2017-03-19 22:23 - 2017-03-19 22:23 - 0002033 _____ () C:\Users\Fritz\AppData\Local\recently-used.xbel 2014-09-30 19:54 - 2017-01-04 15:12 - 0007605 _____ () C:\Users\Fritz\AppData\Local\resmon.resmoncfg 2017-01-15 23:15 - 2016-11-23 15:37 - 0000570 _____ () C:\Users\Fritz\AppData\Local\TroubleshooterConfig.json 2017-02-03 21:35 - 2017-02-03 22:36 - 0000037 _____ () C:\Users\Fritz\AppData\Local\X-Plane Installer.prf 2017-02-03 22:36 - 2017-02-03 22:37 - 0000015 _____ () C:\Users\Fritz\AppData\Local\X-Plane_drm_11.prf 2017-02-03 21:35 - 2017-02-03 21:35 - 0000023 _____ () C:\Users\Fritz\AppData\Local\x-plane_install_11.txt 2017-01-27 14:41 - 2017-01-27 14:41 - 0000000 _____ () C:\Users\Fritz\AppData\Local\{9D140C0B-B1AE-4EFB-B5ED-86199672863D} 2014-11-26 19:40 - 2014-11-26 19:40 - 0000000 _____ () C:\Users\Fritz\AppData\Local\{AEFF9ACD-116D-4505-98DD-5A29BB9CE78B} 2015-02-09 20:03 - 2015-02-09 20:03 - 0000000 _____ () C:\Users\Fritz\AppData\Local\{E3702F5A-940C-4936-A2B2-32C0F23DA403} 2014-08-19 13:09 - 2014-08-19 13:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2017-01-01 22:48 - 2017-01-01 22:48 - 0000032 _____ () C:\ProgramData\Temp.log 2014-08-19 13:23 - 2014-08-19 13:23 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log 2014-08-19 13:20 - 2014-08-19 13:20 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log 2014-08-19 13:23 - 2014-08-19 13:23 - 0000032 _____ () C:\ProgramData\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}.log 2014-08-19 13:22 - 2014-08-19 13:22 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log 2014-08-19 13:18 - 2014-08-19 13:18 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2014-08-19 13:22 - 2014-08-19 13:22 - 0000032 _____ () C:\ProgramData\{E1646825-D391-42A0-93AA-27FA810DA093}.log 2014-08-19 13:19 - 2014-08-19 13:19 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log 2014-08-19 13:20 - 2014-08-19 13:20 - 0000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-04-30 14:26 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-05-2017 durchgeführt von Fritz (01-05-2017 20:01:18) Gestartet von D:\Downloads Windows 8.1 (Update) (X64) (2014-09-30 16:07:25) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2589094953-1922200633-4272172180-500 - Administrator - Disabled) Fritz (S-1-5-21-2589094953-1922200633-4272172180-1001 - Administrator - Enabled) => C:\Users\Fritz Gast (S-1-5-21-2589094953-1922200633-4272172180-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2589094953-1922200633-4272172180-1003 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7zip Packages (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\7zip Packages) (Version: - ) <==== ACHTUNG Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated) Advanced Omnibus Driver (HKLM-x32\...\{E084E6F2-2B8A-4A71-938F-0C4C808EA439}_is1) (Version: 4.3 - PeDePe) Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft) aerosoft's - OMSI 2 - Drei Generationen (HKLM-x32\...\{C88376AA-BF64-40F4-9AD6-F8A18DA394F2}) (Version: 1.10 - aerosoft) aerosoft's - OMSI 2 - Hamburg (HKLM-x32\...\{5BF6B590-F7F5-46B5-B5F4-B0CA93423AD6}) (Version: 2.01 - aerosoft) AIDA64 Extreme v5.80 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.80 - FinalWire Ltd.) AMD Catalyst Install Manager (HKLM\...\{770EA7C3-0B5A-C557-E641-A09244603B84}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Ansel (Version: 378.66 - NVIDIA Corporation) Hidden Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project) Ashampoo AppLauncher v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG) Ashampoo Burning Studio 11 v.11.0.4 (HKLM-x32\...\Ashampoo Burning Studio 11_is1) (Version: 11.0.4 - Ashampoo GmbH & Co. KG) Ashampoo GetBack Photo v.1.0.1 (HKLM-x32\...\Ashampoo GetBack Photo_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG) Ashampoo HDD Control 2 v.2.1.0 (HKLM-x32\...\Ashampoo HDD Control 2_is1) (Version: 2.1.0 - Ashampoo GmbH & Co. KG) Ashampoo Music Studio 4 v.4.0.1 (HKLM-x32\...\Ashampoo Music Studio 4_is1) (Version: 4.0.1 - Ashampoo GmbH & Co. KG) Ashampoo Photo Commander 10 v.10.1.3 (HKLM-x32\...\Ashampoo Photo Commander 10_is1) (Version: 10.1.3 - Ashampoo GmbH & Co. KG) Ashampoo Photo Optimizer 5 v.5.1.2 (HKLM-x32\...\Ashampoo Photo Optimizer 5_is1) (Version: 5.1.2 - Ashampoo GmbH & Co. KG) Ashampoo Slideshow Studio HD 2 v.2.0.5 (HKLM-x32\...\Ashampoo Slideshow Studio HD 2_is1) (Version: 2.0.5 - Ashampoo GmbH & Co. KG) Ashampoo Snap 5 v.5.1.5 (HKLM-x32\...\Ashampoo Snap 5_is1) (Version: 5.1.5 - Ashampoo GmbH & Co. KG) Ashampoo UnInstaller 4 v.4.30 (HKLM-x32\...\Ashampoo UnInstaller 4_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG) Ashampoo WinOptimizer 2017 (HKLM-x32\...\{4209F371-6CE9-533C-2CDC-94E053273B35}_is1) (Version: 14.00.04 - Ashampoo GmbH & Co. KG) Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Blacklight: Retribution (HKLM\...\Steam App 209870) (Version: - Hardsuit Labs) Blender (HKLM\...\{437221A8-91D1-42A0-9E04-0AD64B502374}) (Version: 2.78.1 - Blender Foundation) CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine) Construction-Simulator 2015 (HKLM-x32\...\Steam App 289950) (Version: - weltenbauer. Software Entwicklung GmbH) CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4430.0 - CyberLink Corp.) CyberLink PhotoDirector 5 (Version: 5.0.4430.0 - CyberLink Corp.) Hidden CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2230.0 - CyberLink Corp.) CyberLink PowerDirector 12 (Version: 12.0.2230.0 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dirty Bomb (HKLM\...\Steam App 333930) (Version: - Splash Damage®) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION) EPSON XP-402 403 405 406 Series Printer Uninstall (HKLM\...\EPSON XP-402 403 405 406 Series) (Version: - SEIKO EPSON Corporation) Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version: - SCS Software) Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software) Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software) EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalleri (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalleriet (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotograf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fraps (HKLM-x32\...\Fraps) (Version: - ) Galeria de Fotografias (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Gameforge Live 2.0.12 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.12 - Gameforge) GFACE Launcher (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH) GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Hotspot Shield 6.7.1 (HKLM-x32\...\{4f8b3512-f7fa-41c6-9977-ade9d7107247}) (Version: 6.7.1.10444 - AnchorFree Inc.) Hotspot Shield 6.7.1 (x32 Version: 6.7.1 - AnchorFree Inc.) Hidden Hotspot Shield 6.7.1 (x32 Version: 6.7.1.10444 - AnchorFree Inc.) Hidden Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan) Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.4.2.0 - GIANTS Software) Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 12.6.0.0 - Lightworks) Line of Sight (HKLM\...\Steam App 436520) (Version: - BlackSpot Entertainment) Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech) Logitech Gaming Software 8.82 (HKLM\...\Logitech Gaming Software) (Version: 8.82.151 - Logitech Inc.) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.558 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.558 - LogMeIn, Inc.) Hidden Malwarebytes Version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) MorphVOX Pro (HKLM-x32\...\{5a385481-7640-4f10-8ca5-04a2030b4623}) (Version: 4.4.65.20341 - Screaming Bee) MorphVOX Pro (x32 Version: 4.4.65.20341 - Screaming Bee) Hidden Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla) My.com Game Center (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\MyComGames) (Version: 3.194 - My.com B.V.) Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.0.0.0 - Electronic Arts) No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team) NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation) NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation) NVIDIA Grafiktreiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation) NVIDIA Miracast Virtueller Ton 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 378.66 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden OMSI 2 - Addon Wien (HKLM-x32\...\{FFAB9F9B-C38C-4FC2-A1EC-1099D2832D18}) (Version: 1.10 - aerosoft) OMSI 2 (HKLM-x32\...\Steam App 252530) (Version: - MR-Software GbR) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.4.8.36918 - Electronic Arts, Inc.) paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC) PlanetSide 2 (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment) PlanetSide 2 (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\DGC-PlanetSide 2) (Version: 1.0.3.192 - Daybreak Game Company) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden RaceRoom Racing Experience (HKLM\...\Steam App 211500) (Version: - Sector3 Studios) RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios) Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.7.8 - Razer Inc.) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.6.8.66 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.804 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.) SCANIA Truck Driving Simulator 1.0.0 (HKLM-x32\...\SCANIA Truck Driving Simulator) (Version: 1.0.0 - SCS Software) SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden Shotcut (HKLM-x32\...\Shotcut) (Version: - ) SketchUp 2017 (HKLM\...\{3A83073A-B35A-4497-8DD0-5542C36E052E}) (Version: 17.0.18899 - Trimble Navigation Limited) Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Spintires (HKLM\...\Steam App 263280) (Version: - Oovee® Game Studios) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer) TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo) TP-LINK Archer T2U_T2UH Driver (HKLM-x32\...\{F2496892-5295-4208-AB93-21F1AFD07C97}) (Version: 1.3.1 - TP-LINK) TP-LINK TL-WN725N_TL-WN723N Treiber (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) Train Simulator (HKLM\...\Steam App 24010) (Version: - Dovetail Games) TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team) Unity Web Player (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS) Valokuvavalikoima (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden VirtualDJ 8 (HKLM-x32\...\{1D8DF06F-CCAB-437E-8C99-8D741D04CE74}) (Version: 8.2.3398.0 - Atomix Productions) Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Warface My.Com (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Warface My.Com) (Version: 1.34 - My.com B.V.) WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) World of Tanks (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) Zula Europe (HKLM\...\Steam App 513650) (Version: - Madbyte Games) S?????? f?t???af??? (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1EC06144-9468-D082-12F1-B1EF85889A47} => Keine Datei CustomCLSID: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Fritz\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileCoAuthLib64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {58E99A66-9468-D082-300A-98A985889A47} => Keine Datei ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {02B407E2-29F7-4ACA-903B-DC14349370AF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-10] (NVIDIA Corporation) Task: {06B784D0-9B74-479A-9AF5-BFF1B14D1F6D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-27] (Adobe Systems Incorporated) Task: {1F1C5716-E9C5-4BF3-8AB0-92CE10A02CF2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {25B5FD24-88F0-4BEE-80AF-C99AC02B00EF} - System32\Tasks\Overwolf Updater Task => D:\Programme\Over\Overwolf\OverwolfUpdater.exe Task: {2CA4DAD2-8795-4612-96F7-D25B49B0CDED} - System32\Tasks\{B5C2F6FB-8006-4263-BACB-0047260886B2} => pcalua.exe -a D:\Programme\EHE\everesthome220.exe -d D:\Programme\EHE Task: {34E301E1-48A7-4EBA-98A0-1542446D3977} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2014-05-27] (CyberLink Corp.) Task: {3623BA5F-8512-4880-93D6-AD5968B446AC} - System32\Tasks\journalaboutlifeorgscopem => Chrome.exe journalaboutlife.org/scopem <==== ACHTUNG Task: {47469224-54DB-4834-82CC-D07F6ADF918A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-10] (NVIDIA Corporation) Task: {5DB13895-23E2-468A-B550-20B318320CA1} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12] (Oracle Corporation) Task: {73E73DA3-EC78-46D2-8D85-263A4876E759} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-10] (NVIDIA Corporation) Task: {8E5A6E72-EAED-4331-A53B-8B82684541CF} - System32\Tasks\{11B5C937-AACC-4DDD-B169-DA6C351787DF} => pcalua.exe -a D:\Downloads\forge-1.7.10-10.13.4.1558-1.7.10-installer-win.exe Task: {A231A173-2493-4BC5-B017-C55ED36751DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd) Task: {A9AC5491-BA37-422F-982B-F07F7A470C21} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {B2317746-99DE-4679-AB30-4B3DD4615C89} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-10] (NVIDIA Corporation) Task: {B8E9E83E-CCE3-4483-865C-AF88A8194E71} - System32\Tasks\{50DBF8D4-40C6-41E5-B84F-9C64C7CA416B} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{5BF6B590-F7F5-46B5-B5F4-B0CA93423AD6}\setup.exe" -c -runfromtemp -l0x0007 -uninst -removeonly Task: {BC2116DD-E2C3-418A-AC1B-860B738A3118} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-26] (Google Inc.) Task: {C3856F8C-D2A3-4686-8496-C21724E05E28} - System32\Tasks\AutoPico Daily Restart => D:\Spiele\KMSpico\AutoPico.exe [2015-12-02] (@ByELDI) Task: {CA8E826E-7664-4A33-947F-7AFA98699724} - System32\Tasks\{D8F0B4BF-BC21-480B-83A4-2A87254A2F8E} => Chrome.exe hxxp://ui.skype.com/ui/0/7.24.0.104/de/abandoninstall?source=lightinstaller&page=tsInstall Task: {D04AD4D5-652C-48B5-91F7-908F89CFA9FE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-10] (NVIDIA Corporation) Task: {D5D35B28-EE6D-4048-B5CE-172F4D88D04A} - System32\Tasks\{3C52AA0E-ACAB-4535-88EF-7701777DAB15} => pcalua.exe -a "D:\Spiele\Flughafen-Feuerwehr-Simulator 2013\unins000.exe" Task: {D93E1DA5-0A6F-4589-A073-8AC166EECDC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-26] (Google Inc.) Task: {F2369E7C-AF34-4637-A25D-B1E444AD0DB1} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe Task: {FE19AD68-A327-4360-9F41-23D1DAC3CB5C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-10] (NVIDIA Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki Shortcut: C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2017-02-28 19:32 - 2017-02-10 00:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-08-19 13:32 - 2012-07-30 11:48 - 01518504 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe 2017-02-28 19:33 - 2017-02-10 02:52 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-02-28 19:33 - 2017-02-10 02:52 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2017-02-28 19:33 - 2017-02-10 02:52 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll 2016-10-31 21:45 - 2016-10-31 21:45 - 00592384 _____ () C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX64.dll 2016-09-25 01:20 - 2016-09-25 01:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2014-08-19 13:22 - 2012-08-08 22:36 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2016-03-30 19:17 - 2016-03-30 19:17 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2016-03-30 19:17 - 2016-03-30 19:17 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2017-02-08 04:52 - 2017-02-08 04:52 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2016-06-15 04:39 - 2016-06-15 04:39 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2017-04-21 15:53 - 2017-04-21 15:53 - 00166520 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll 2017-02-28 19:33 - 2017-02-10 02:52 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2017-02-28 19:33 - 2017-02-10 02:52 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll 2017-02-28 19:33 - 2017-02-10 02:52 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-02-28 19:33 - 2017-02-10 02:52 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2017-02-28 19:33 - 2017-02-10 02:52 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2017-02-28 19:33 - 2017-02-10 02:52 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2017-02-28 19:33 - 2017-02-10 02:52 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2017-02-28 19:33 - 2017-02-10 02:52 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2017-02-28 19:33 - 2017-02-10 02:52 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2017-02-28 19:33 - 2017-02-10 02:52 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node 2017-02-11 00:23 - 2017-02-11 00:23 - 00144896 _____ () C:\Users\Fritz\AppData\Local\MyComGames\zlib1.dll 2017-02-11 00:23 - 2017-02-11 00:23 - 00076176 _____ () C:\Users\Fritz\AppData\Local\MyComGames\pxd.dll 2017-02-11 00:23 - 2017-02-11 00:23 - 00186256 _____ () C:\Users\Fritz\AppData\Local\MyComGames\LightUpdate.dll 2017-02-11 00:23 - 2017-03-13 14:24 - 02411408 _____ () C:\Users\Fritz\AppData\Local\MyComGames\BigUp2.dll 2016-05-23 20:36 - 2016-05-23 20:36 - 48962048 _____ () C:\Users\Fritz\AppData\Local\MyComGames\Chrome\3.2623.1401\libcef.dll 2016-04-13 10:38 - 2016-04-13 10:38 - 00482304 _____ () C:\Users\Fritz\AppData\Local\MEGAsync\libsodium.dll 2016-07-21 12:43 - 2016-07-21 12:43 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2016-08-23 13:27 - 2015-08-27 23:30 - 40622592 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll 2017-02-28 20:43 - 2016-08-19 17:12 - 00149352 _____ () D:\Programme\Razer\Razer Cortex\SimbaDeviceControl.dll 2017-02-28 20:43 - 2016-09-28 19:31 - 00989176 _____ () D:\Programme\Razer\Razer Cortex\Cef\CefSharp.Core.dll 2017-02-28 20:43 - 2016-09-28 19:31 - 51063432 _____ () D:\Programme\Razer\Razer Cortex\Cef\libcef.dll 2017-03-08 22:19 - 2016-09-07 22:42 - 50656768 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2017-03-08 22:19 - 2016-09-07 22:42 - 01874944 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll 2017-03-08 22:19 - 2016-09-07 22:42 - 00075264 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll 2016-08-23 13:27 - 2015-08-27 23:30 - 00911360 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll 2016-08-23 13:27 - 2015-08-27 23:30 - 00134144 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll 2017-02-28 20:43 - 2016-09-28 19:31 - 00659640 _____ () D:\Programme\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.Core.dll 2017-02-28 20:43 - 2016-09-28 19:31 - 01897704 _____ () D:\Programme\Razer\Razer Cortex\Cef\libglesv2.dll 2017-02-28 20:43 - 2016-09-28 19:31 - 00082216 _____ () D:\Programme\Razer\Razer Cortex\Cef\libegl.dll 2017-02-28 20:44 - 2016-09-07 22:42 - 50656768 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzFpsApplet\cef\libcef.dll 2017-02-28 20:44 - 2016-09-07 22:42 - 01874944 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzFpsApplet\cef\libglesv2.dll 2017-02-28 20:44 - 2016-09-07 22:42 - 00075264 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzFpsApplet\cef\libegl.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Windows:nlsPreferences [386] AlternateDataStreams: C:\Users\Fritz:Heroes & Generals [38] AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2017-03-11 19:00 - 00000002 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 5.8.8.85 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == HKLM\...\StartupApproved\StartupFolder: => "TP-LINK-Konfigurationstool.lnk" HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8" HKLM\...\StartupApproved\Run32: => "CLVirtualDrive" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\StartupFolder: => "Product Registration.lnk" HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "Speech Recognition" HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "World of Tanks" HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "Memestar Update Checker (Inactive)" HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "gflauncher" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{FFC0F777-525B-4416-8BC1-E5B95DBB29E8}] => (Allow) LPort=2869 FirewallRules: [{7444B070-8E08-48C8-A0B1-22DE9F908422}] => (Allow) LPort=1900 FirewallRules: [{E1130690-19CB-4121-AF72-AAF876DEBB04}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{A9650492-3927-400A-9603-D8ED4E7CBCDD}] => (Allow) C:\Users\Fritz\steam\Steam.exe FirewallRules: [{5D86B1CC-8C89-457B-97C2-9A864B0059D2}] => (Allow) C:\Users\Fritz\steam\Steam.exe FirewallRules: [{46E30189-3D71-46B8-894F-2F6291A3D9CB}] => (Allow) D:\cbad7ef91886080c4c6a9230\Steam\Steam.exe FirewallRules: [{D7D4653A-0B77-439D-B8AD-7E146D5BF93B}] => (Allow) D:\cbad7ef91886080c4c6a9230\Steam\Steam.exe FirewallRules: [TCP Query User{9058F47D-16BE-46E5-9C55-8CF79E609E0C}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{1C0BFDEA-5735-42D6-8B8A-EF7BD2B1E6C6}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{D99646E2-75C2-4AD0-BAB1-B9A31DD46416}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{986662C3-FF79-4B70-907B-B13892DDBDF9}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{B18A85E1-32DF-49C6-B28B-02DF377071F7}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{E47A500C-7A39-464C-99D5-A437D09B5ED1}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{6E54DAC6-EC1B-464A-8433-5AA0B1A3D5A5}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{E28D9B69-85E5-4943-9CBD-76F24633AC4F}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{D29A0904-6032-4C17-AEC2-578A6A30A933}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{1D9BEBB8-A104-419C-B2BB-0C52A01CE910}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{42E81CC3-4F47-4767-85B3-E305FF3481F3}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{B301D72A-7363-4348-A136-8828E383DAFC}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{47F10786-BFFF-4D84-AB8A-4191302FF1AD}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{83692087-1BCB-47CC-B5C4-E29551BD501B}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{8A055C27-F908-4ABF-8A45-738C6BF8991B}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{535F425E-CBC0-41B4-86E7-4BFB372D464C}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{16E65E5F-0736-415C-876A-C08989BDB2B6}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{8E215670-A1A8-4DE0-82E0-A66F67EA6E5D}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{DE2CA8C9-A7E7-4B2F-BD4F-A91C0FBDCA62}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{11D3D38D-3639-4C5D-98BD-BBD96048BD58}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{9AD5D8F0-2A15-4DA6-9FA9-C03963B11B8B}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{F3BB5A70-8781-4687-8453-7A2E6C9F740B}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{4978C2E6-7B14-4B11-A93B-F6BFF49B27C1}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{FF276E89-B354-4B1D-8836-989E95CF81A6}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{83ACC1AF-D0DF-491E-AA89-F03672540946}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{758064E0-3E29-48CB-83A6-DFB0A1D3634E}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe FirewallRules: [{F36E10F2-83E1-4040-A059-DA3C101FD4BD}] => (Allow) D:\staem.de\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{9EDE79B4-A25E-4263-B987-128297282D63}] => (Allow) D:\staem.de\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{7A4F4F37-E052-4A1F-B30F-081F40552858}] => (Allow) D:\staem.de\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{88B4732A-FED6-452E-BAB3-4907427CB4CF}] => (Allow) D:\staem.de\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{8B4F7E88-DE04-4B8A-808E-433DE2121530}] => (Allow) E:\ETS2 NEU\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{D2CAC890-BD5A-4B18-970C-937AD25E2EAE}] => (Allow) E:\ETS2 NEU\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{C91492AC-43AD-4F8A-9DFA-E3F9A337D3A3}] => (Allow) E:\ETS2 NEU\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{6E92F3EB-8C6F-4A3A-9CFF-59104F0DF5D6}] => (Allow) E:\ETS2 NEU\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [TCP Query User{1A5C5E4C-10EE-4776-BD52-34ADFC4C5BF5}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{E440EE6C-9661-4502-A800-A7D0CFC11133}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{4B4CB57F-92E0-47B1-B796-B34D3F0E2928}D:\spiele\tmnationsforever\tmforever.exe] => (Allow) D:\spiele\tmnationsforever\tmforever.exe FirewallRules: [UDP Query User{AD0B1924-F1C6-4907-B8DB-7A9D2D871352}D:\spiele\tmnationsforever\tmforever.exe] => (Allow) D:\spiele\tmnationsforever\tmforever.exe FirewallRules: [TCP Query User{0C2D5200-F2EE-474F-9C57-1D68A1E6D668}D:\spiele\tmnationsforever\tmforever.exe] => (Block) D:\spiele\tmnationsforever\tmforever.exe FirewallRules: [UDP Query User{9A7DFE99-A5E2-4DDE-AACE-E5181904E14A}D:\spiele\tmnationsforever\tmforever.exe] => (Block) D:\spiele\tmnationsforever\tmforever.exe FirewallRules: [{353B94D8-FFD3-4C21-B1A7-C6ACE640683D}] => (Allow) D:\staem.de\Steam\steamapps\common\ConSim2015\ConSim2015.exe FirewallRules: [{931F2755-9A13-4FC7-8688-D87E98166DCB}] => (Allow) D:\staem.de\Steam\steamapps\common\ConSim2015\ConSim2015.exe FirewallRules: [{CFA1A9FA-B26C-48E5-A8A0-34D657931AB1}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe FirewallRules: [{2E1F08CB-5B01-4760-B90B-2173004C56CE}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe FirewallRules: [{B1811997-354B-469F-8ADE-51A22BE511EC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{BD3183D1-7B59-492A-9F04-FA9CB4EF3E1D}] => (Allow) D:\Spiele\NFS\Need for Speed\NFS16.exe FirewallRules: [{DD0F7A7F-9DD3-4211-B865-A4E98F81DECA}] => (Allow) D:\Spiele\NFS\Need for Speed\NFS16.exe FirewallRules: [{3ACC4120-C2AD-40C7-8DCA-C487A4AA17EF}] => (Allow) D:\Spiele\NFS\Need for Speed\NFS16_trial.exe FirewallRules: [{A79EEF7F-C02F-4FEB-9E4F-237EDE9F8457}] => (Allow) D:\Spiele\NFS\Need for Speed\NFS16_trial.exe FirewallRules: [TCP Query User{E43ABAE4-04D3-46BB-83A5-7D7822953785}D:\spiele\nfs\need for speed\nfs16.exe] => (Block) D:\spiele\nfs\need for speed\nfs16.exe FirewallRules: [UDP Query User{3EFDB123-7955-4B97-A777-B4520C332DF0}D:\spiele\nfs\need for speed\nfs16.exe] => (Block) D:\spiele\nfs\need for speed\nfs16.exe FirewallRules: [{655D3060-B334-4E32-95D5-D2CD5BD7B96B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{4DF27530-63A8-412B-B6FB-B3B4CECD1E34}D:\spiele\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) D:\spiele\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe FirewallRules: [UDP Query User{01583D0F-C8A8-4FD2-B1D8-1DBD26A81C42}D:\spiele\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) D:\spiele\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe FirewallRules: [{0A9BEE98-15D4-490B-9A4B-870C3E5F817E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{B61BB212-F192-4A76-8FD4-DE2AC746EB21}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{CA7732F6-E90D-4C89-8FDA-4F694BAF23AC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{FE84EBDA-7A82-4359-88C8-D83550016CE7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{6289CEAB-0389-45B8-9A6C-09EDB2E26771}] => (Allow) D:\staem.de\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe FirewallRules: [{2F199068-4308-4C26-B0CB-42844B45D59D}] => (Allow) D:\staem.de\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe FirewallRules: [{0CA6FFA4-60C7-44BD-AD93-08B903D23C21}] => (Allow) D:\staem.de\Steam\steamapps\common\blacklightretribution\Binaries\Win32\FoxGame-win32-Shipping.exe FirewallRules: [{BCAA94CF-FE46-49F8-B477-0D403DD4E65F}] => (Allow) D:\staem.de\Steam\steamapps\common\blacklightretribution\Binaries\Win32\FoxGame-win32-Shipping.exe FirewallRules: [{9F994B97-C62F-4280-913E-350EB4047197}] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{099A161F-9056-41EC-9765-1BCB77845FEB}] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{D637AC00-4295-4950-B95A-61EEE0FC17AD}] => (Allow) LPort=25565 FirewallRules: [{1A12DDCA-BB03-4B34-92B1-C6C11AE203E4}] => (Allow) D:\staem.de\Steam\steamapps\common\Zula EU\zula_launcher.exe FirewallRules: [{D187E17D-1AFC-457B-BE47-E993AF1825F4}] => (Allow) D:\staem.de\Steam\steamapps\common\Zula EU\zula_launcher.exe FirewallRules: [TCP Query User{BE6AEAF9-E8A1-4EDC-BC9E-65684FF2E1BF}D:\staem.de\steam\steamapps\common\omsi 2\omsiplugin.exe] => (Allow) D:\staem.de\steam\steamapps\common\omsi 2\omsiplugin.exe FirewallRules: [UDP Query User{754ED3E4-8611-4EEA-8AC4-ABC19552926C}D:\staem.de\steam\steamapps\common\omsi 2\omsiplugin.exe] => (Allow) D:\staem.de\steam\steamapps\common\omsi 2\omsiplugin.exe FirewallRules: [{67922556-1DD0-4805-B212-BB83196156C5}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{CB0554F5-ACD8-41CE-A4F3-FAAD4306630C}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{560D6E29-71EA-4446-B7BD-18682E1C4C68}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{E30EA182-1F1B-4C70-ABA0-E8AFDA7FBDF6}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{E244783D-B274-4BF8-AED0-017C85CA80C9}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{E570F06E-B6C1-4F80-9608-EDF53867AB39}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{302F3006-3740-42E8-A818-6067E7FA4576}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{71A64C1C-F7B3-4ED1-A2CD-72145A2A3483}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{C1D1DBB8-5694-4116-89BC-79F1F6B3D0A5}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{C6200C32-71F4-414F-A388-6434881D7440}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{75B6DEA5-9D8A-49D8-B587-D95ED9E35DCB}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{4CBF261A-C4C7-49B2-A28B-253C442CD5C6}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{CA212F62-5F2E-4C6F-A11E-4BDDC0635525}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{A4C76A25-1962-4BCB-8E8D-5F22E96E0051}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{CFCB03A3-123E-4E86-9D46-83EFECC5D607}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{DD415E41-1CD6-4000-8519-1464BDCA85FF}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [{6C07D6DB-CFD9-4CCE-A239-771A8127F7E3}] => (Allow) Advanced Omnibus Driver Plugin FirewallRules: [TCP Query User{83744070-C77B-4803-931D-5D7CD436A463}D:\spiele\world_of_tanks\worldoftanks.exe] => (Allow) D:\spiele\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{16859025-1EF8-4937-9197-F20BBFE34B33}D:\spiele\world_of_tanks\worldoftanks.exe] => (Allow) D:\spiele\world_of_tanks\worldoftanks.exe FirewallRules: [{4996CB76-C202-4DCB-A74D-EAC004F1C60F}] => (Allow) D:\Spiele\GameforgeLive\gfl_client.exe FirewallRules: [{0DA3B126-6FB9-4EED-8E0A-2C293D30E05F}] => (Allow) D:\staem.de\Steam\Steam.exe FirewallRules: [{4EDE1659-97CE-4B11-87C8-9B7478D59372}] => (Allow) D:\staem.de\Steam\Steam.exe FirewallRules: [{AB1E843E-9D6A-4219-A5F6-AFC9798C265E}] => (Allow) D:\staem.de\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{953A51A8-DC81-43E3-9104-8AFC41557105}] => (Allow) D:\staem.de\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{2060B6B9-ADA0-4148-998B-3C601758D02E}D:\spiele\world_of_tanks\wotlauncher.exe] => (Block) D:\spiele\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{94471A63-A1DC-492F-B143-E1AA8A989429}D:\spiele\world_of_tanks\wotlauncher.exe] => (Block) D:\spiele\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{64C6DF76-FD33-4F4B-80A3-EBB960B9C6E1}D:\garrysmod.exe] => (Allow) D:\garrysmod.exe FirewallRules: [UDP Query User{31FD5525-888A-48D0-B6C6-113CDD1B6B9F}D:\garrysmod.exe] => (Allow) D:\garrysmod.exe FirewallRules: [{E45132F8-9235-45DE-917A-7D96B4D18F89}] => (Allow) D:\staem.de\Steam\steamapps\common\OMSI 2\Omsi.exe FirewallRules: [{E95273D5-60A2-4106-B6AA-0CC7AD78A47E}] => (Allow) D:\staem.de\Steam\steamapps\common\OMSI 2\Omsi.exe FirewallRules: [TCP Query User{44EB2550-F00F-40BE-B683-01E400BFC62F}D:\spiele\planetside2_x64.exe] => (Allow) D:\spiele\planetside2_x64.exe FirewallRules: [UDP Query User{FF4C42DA-24C6-482A-85B6-96FA68FAF2DC}D:\spiele\planetside2_x64.exe] => (Allow) D:\spiele\planetside2_x64.exe FirewallRules: [{79DFB3B2-0E0B-46B0-8193-6001D3983D09}] => (Allow) D:\staem.de\Steam\steamapps\common\Spintires\SpinTires.exe FirewallRules: [{08A492BF-6B87-44D1-9C8B-AA029C81069E}] => (Allow) D:\staem.de\Steam\steamapps\common\Spintires\SpinTires.exe FirewallRules: [TCP Query User{6AB5431C-6F75-4EBA-9BE4-93730AB7B0ED}C:\users\fritz\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\fritz\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{3F80C7B5-F93B-44E2-9BF0-71DE6C085C65}C:\users\fritz\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\fritz\appdata\local\mycomgames\mycomgames.exe FirewallRules: [{686806E4-EF12-4994-9BB1-AFFA18961BE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{8A28F1EA-35E0-4958-8518-96FF425E1E18}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{0E2131BC-1AC1-47DF-8AF6-502148E98A77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{8A47EDEE-763A-4DE1-8756-8D5A4BD0FFF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8290EA43-CF24-4DA1-A872-B962B6B6EBAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{AFBD03E4-822E-44BA-A9AA-609CA53BB6AB}] => (Allow) D:\staem.de\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe FirewallRules: [{87C06EB8-5EFB-48D4-BB8C-1F71775CECB6}] => (Allow) D:\staem.de\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe FirewallRules: [TCP Query User{29F4CB74-70DD-4B50-A38B-CAE9D695D3C1}D:\staem.de\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) D:\staem.de\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe FirewallRules: [UDP Query User{640EC7D4-CEE5-40F4-ACAA-DF35B966FC2E}D:\staem.de\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) D:\staem.de\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe FirewallRules: [TCP Query User{E9429EE0-3AA0-4EA6-9902-A2EFBD75B5C0}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [UDP Query User{CFF28640-AFC3-490B-9DD2-292C8E01CD49}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [TCP Query User{DC4885AA-1800-40BA-946E-0E8DD8455364}C:\users\fritz\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\fritz\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{524A21D5-EA7C-49D4-BCA2-7A2C4EC76C69}C:\users\fritz\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\fritz\appdata\local\mycomgames\mycomgames.exe FirewallRules: [{A50E4149-0DC0-4A3B-B06D-7241A17149A3}] => (Allow) D:\staem.de\Steam\steamapps\common\Line of Sight\Binaries\Win32\LSGame_BE.exe FirewallRules: [{790C28BD-6F9C-42E8-900E-0A172BAA4303}] => (Allow) D:\staem.de\Steam\steamapps\common\Line of Sight\Binaries\Win32\LSGame_BE.exe FirewallRules: [{4E9BAE2E-6BAF-4603-A96B-2F1BD252D26D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{D1647F80-C232-48BF-ACE5-9AF1A0ADAC3A}] => (Allow) D:\staem.de\Steam\steamapps\common\RailWorks\RailWorks.exe FirewallRules: [{C3B8CC61-98E7-496E-B06F-85D3E23DDDC2}] => (Allow) D:\staem.de\Steam\steamapps\common\RailWorks\RailWorks.exe FirewallRules: [TCP Query User{20C994E8-2315-4340-91FE-187FA4E99140}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{9D79506A-48EB-47A5-B7DB-194AFD954744}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{5BB2D4BE-A470-446C-A319-05A6D11AE23B}] => (Allow) D:\staem.de\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe FirewallRules: [{D9F0273C-31E3-41A2-9577-313CEC76F43B}] => (Allow) D:\staem.de\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe FirewallRules: [{D4D0B0C5-C847-46D1-BA6A-81B44AA53BE7}] => (Allow) D:\staem.de\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{F5C6D476-ACF6-41BE-86F2-FC6FF4C2CB18}] => (Allow) D:\staem.de\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{1D4D353F-0F08-4B96-B0BB-AC8D0194BDB0}] => (Allow) D:\staem.de\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{25A27F21-3F97-4B38-95C7-B4E80ADAAC31}] => (Allow) D:\staem.de\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe ==================== Wiederherstellungspunkte ========================= 30-04-2017 15:02:16 Geplanter Prüfpunkt ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (05/01/2017 07:51:48 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT) Description: There was an error with the Windows Location Provider database Error: (05/01/2017 07:49:10 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2005) (User: NT-AUTORITÄT) Description: There was an error communicating to the Orion DCS server Error: (05/01/2017 05:50:40 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm FarmingSimulator2015Game.exe, Version 6.0.2.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 2470 Startzeit: 01d2c2929939c118 Endzeit: 67 Anwendungspfad: D:\Spiele\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe Berichts-ID: ea6a692b-2e85-11e7-84b8-c03fd5aa9ee7 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/01/2017 03:08:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: FarmingSimulator2015Game.exe, Version: 6.0.2.0, Zeitstempel: 0x56975dfc Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18438, Zeitstempel: 0x57ae642e Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000f1b70 ID des fehlerhaften Prozesses: 0x21d4 Startzeit der fehlerhaften Anwendung: 0x01d2c27a72965680 Pfad der fehlerhaften Anwendung: D:\Spiele\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 445d1c38-2e6f-11e7-84b8-c03fd5aa9ee7 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/01/2017 02:24:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Game.exe, Version: 1.14700.103.34300, Zeitstempel: 0x58f86e6b Name des fehlerhaften Moduls: D3DREF9.DLL_unloaded, Version: 0.0.0.0, Zeitstempel: 0x58678739 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000ab15 ID des fehlerhaften Prozesses: 0x2d24 Startzeit der fehlerhaften Anwendung: 0x01d2c275ba4d012b Pfad der fehlerhaften Anwendung: D:\MyGames\Warface My.Com\Bin32Release\Game.exe Pfad des fehlerhaften Moduls: D3DREF9.DLL Berichtskennung: 2439a68d-2e69-11e7-84b8-c03fd5aa9ee7 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/01/2017 02:23:34 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Game.exe, Version: 1.14700.103.34300, Zeitstempel: 0x58f86e6b Name des fehlerhaften Moduls: D3DREF9.DLL, Version: 0.0.0.0, Zeitstempel: 0x58678739 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000012a5 ID des fehlerhaften Prozesses: 0x2d24 Startzeit der fehlerhaften Anwendung: 0x01d2c275ba4d012b Pfad der fehlerhaften Anwendung: D:\MyGames\Warface My.Com\Bin32Release\Game.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\D3DREF9.DLL Berichtskennung: fe3dfbb1-2e68-11e7-84b8-c03fd5aa9ee7 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/01/2017 02:23:34 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Game.exe, Version: 1.14700.103.34300, Zeitstempel: 0x58f86e6b Name des fehlerhaften Moduls: D3DREF9.DLL, Version: 0.0.0.0, Zeitstempel: 0x58678739 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000012a5 ID des fehlerhaften Prozesses: 0x2d24 Startzeit der fehlerhaften Anwendung: 0x01d2c275ba4d012b Pfad der fehlerhaften Anwendung: D:\MyGames\Warface My.Com\Bin32Release\Game.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\D3DREF9.DLL Berichtskennung: fe0fde10-2e68-11e7-84b8-c03fd5aa9ee7 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/01/2017 02:23:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Game.exe, Version: 1.14700.103.34300, Zeitstempel: 0x58f86e6b Name des fehlerhaften Moduls: D3DREF9.DLL, Version: 0.0.0.0, Zeitstempel: 0x58678739 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000012a5 ID des fehlerhaften Prozesses: 0x2d24 Startzeit der fehlerhaften Anwendung: 0x01d2c275ba4d012b Pfad der fehlerhaften Anwendung: D:\MyGames\Warface My.Com\Bin32Release\Game.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\D3DREF9.DLL Berichtskennung: fde0fd68-2e68-11e7-84b8-c03fd5aa9ee7 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/01/2017 02:23:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Game.exe, Version: 1.14700.103.34300, Zeitstempel: 0x58f86e6b Name des fehlerhaften Moduls: D3DREF9.DLL, Version: 0.0.0.0, Zeitstempel: 0x58678739 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000012a5 ID des fehlerhaften Prozesses: 0x2d24 Startzeit der fehlerhaften Anwendung: 0x01d2c275ba4d012b Pfad der fehlerhaften Anwendung: D:\MyGames\Warface My.Com\Bin32Release\Game.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\D3DREF9.DLL Berichtskennung: fdb26aec-2e68-11e7-84b8-c03fd5aa9ee7 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/01/2017 02:23:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Game.exe, Version: 1.14700.103.34300, Zeitstempel: 0x58f86e6b Name des fehlerhaften Moduls: D3DREF9.DLL, Version: 0.0.0.0, Zeitstempel: 0x58678739 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000012a5 ID des fehlerhaften Prozesses: 0x2d24 Startzeit der fehlerhaften Anwendung: 0x01d2c275ba4d012b Pfad der fehlerhaften Anwendung: D:\MyGames\Warface My.Com\Bin32Release\Game.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\D3DREF9.DLL Berichtskennung: fd84ea86-2e68-11e7-84b8-c03fd5aa9ee7 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Systemfehler: ============= Error: (05/01/2017 07:59:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (05/01/2017 07:59:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht. Error: (05/01/2017 07:05:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneVideo Error: (05/01/2017 07:05:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneVideo Error: (05/01/2017 07:05:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.BingNews Error: (05/01/2017 07:05:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneVideo Error: (05/01/2017 07:05:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.MicrosoftMinesweeper Error: (05/01/2017 07:05:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.BingNews Error: (05/01/2017 07:05:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.BingNews Error: (05/01/2017 07:05:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneVideo CodeIntegrity: =================================== Date: 2016-07-04 15:44:38.593 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Fritz\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-07-04 15:44:38.433 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Programme\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-07-04 15:42:12.993 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Fritz\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-07-04 15:42:12.811 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Programme\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz Prozentuale Nutzung des RAM: 34% Installierter physikalischer RAM: 8144.42 MB Verfügbarer physikalischer RAM: 5314.4 MB Summe virtueller Speicher: 9872.42 MB Verfügbarer virtueller Speicher: 6826.79 MB ==================== Laufwerke ================================ Drive c: (Boot) (Fixed) (Total:57.91 GB) (Free:2.54 GB) NTFS Drive d: (Data) (Fixed) (Total:871.39 GB) (Free:448.15 GB) NTFS Drive e: (Recover) (Fixed) (Total:40.03 GB) (Free:19.5 GB) NTFS Drive g: (FarmingSimulator) (CDROM) (Total:1.91 GB) (Free:0 GB) CDFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 59.6 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ============================ |
01.05.2017, 19:29 | #15 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Chrome öffnet ständig Seite namens: x.24.jquery11.com Lade Dir bitte von hier Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Chrome öffnet ständig Seite namens: x.24.jquery11.com |
.com, bereinige, bereinigen, chrome, hilfe, konnte, meinem, monate, namens, nichts, seite, ähnliches, öffnen, öffnet |