Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 10 - watch4.de wird automatisch in Firefox geöffnet (https://www.trojaner-board.de/172623-windows-10-watch4-de-automatisch-firefox-geoeffnet.html)

Vigilantus 02.11.2015 18:08
Windows 10 - watch4.de wird automatisch in Firefox geöffnet
 
Hallo zusammen,

anscheinend habe ich mir vor ein paar Tagen mit einem Download von chip.de eine Infizierung mit auf den Rechner geholt, wie mehrer Threads zu dem Thema hier im Forum zeigen.

Heute öffnete sich (bislang 2x) in meinem Firefox ein zusätzlicher Tab mit einem Link auf die Seite watch4.de.

Ich habe bisher folgendes erledigt:

Defogger:
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:34 on 02/11/2015 (AmonSul)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Disabled

-=E.O.F=-
FRST-Scan:
FRST.txt
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
durchgeführt von AmonSul (Administrator) auf AMONSUL-PC (02-11-2015 17:34:58)
Gestartet von C:\Users\AmonSul\Desktop
Geladene Profile: AmonSul (Verfügbare Profile: AmonSul & DefaultAppPool)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 2012-10-25] (VIA)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-10-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\Run: [Dropbox Update] => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\Run: [Akamai NetSession Interface] => C:\Users\AmonSul\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\RunOnce: [Uninstall C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\RunOnce: [Uninstall C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 83.169.185.161 83.169.185.225
Tcpip\..\Interfaces\{e5dd4f1d-1660-4262-8ee9-ac91ca13da88}: [DhcpNameServer] 83.169.185.161 83.169.185.225

Internet Explorer:
==================
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001 -> DefaultScope {2E07025E-6A6D-4158-B2E9-2AB82A3EA40D} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001 -> {2E07025E-6A6D-4158-B2E9-2AB82A3EA40D} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

FireFox:
========
FF ProfilePath: C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\abs@avira.com [2015-10-23] [ist nicht signiert]
FF Extension: ChatZilla [de] - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5de} [2015-07-04]
FF Extension: Lightbeam - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-05-27]
FF Extension: NASA Night Launch - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\nasanightlaunch@example.com.xpi [2015-06-29]
FF Extension: NoScript - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-10-27]
FF Extension: Video DownloadHelper - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: Adblock Plus - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF Extension: BetterPrivacy - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-05-30]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2010-09-04] () [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-10-07] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG)
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 getPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll [68000 2010-03-29] (NOS Microsystems Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-07-31] (VIA Technologies, Inc.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-30] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148632 2015-07-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-10-07] (Avira Operations GmbH & Co. KG)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-12] (Disc Soft Ltd)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-30] (Microsoft Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-03-07] (Duplex Secure Ltd.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [35880 2015-10-26] (Wellbia.com Co., Ltd.)
S3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-02 17:34 - 2015-11-02 17:35 - 00016354 _____ C:\Users\AmonSul\Desktop\FRST.txt
2015-11-02 17:34 - 2015-11-02 17:34 - 00000508 _____ C:\Users\AmonSul\Desktop\defogger_disable.log
2015-11-02 17:34 - 2015-11-02 17:34 - 00000020 _____ C:\Users\AmonSul\defogger_reenable
2015-11-02 17:33 - 2015-11-02 17:33 - 00380416 _____ C:\Users\AmonSul\Desktop\240vk9bs.exe
2015-11-02 17:32 - 2015-11-02 17:34 - 00050477 _____ C:\Users\AmonSul\Desktop\Defogger.exe
2015-11-02 17:17 - 2015-11-02 17:34 - 00000000 ____D C:\FRST
2015-11-02 17:16 - 2015-11-02 17:16 - 02198016 _____ (Farbar) C:\Users\AmonSul\Desktop\FRST64.exe
2015-11-02 16:56 - 2015-11-02 16:56 - 00016148 _____ C:\WINDOWS\system32\AMONSUL-PC_AmonSul_HistoryPrediction.bin
2015-11-01 23:09 - 2015-11-01 23:09 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Point of Existence 2
2015-10-31 13:09 - 2015-10-31 13:09 - 00000000 ____D C:\Users\AmonSul\Documents\ANNO 1404 Venedig
2015-10-31 13:07 - 2015-10-31 13:07 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Ubisoft
2015-10-30 19:24 - 2015-10-30 19:25 - 00368110 _____ C:\Users\AmonSul\Downloads\WhatsApp Chat mit Tanja Kreller.txt
2015-10-30 13:37 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 13:37 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 13:37 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 13:37 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 13:37 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 13:37 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 13:37 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 13:37 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 13:37 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 13:37 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 13:37 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 13:37 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 13:37 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 13:37 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 13:37 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 13:37 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 13:37 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 13:37 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 13:37 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 13:37 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 13:37 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 13:37 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 13:37 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 13:37 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 13:37 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 13:37 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 13:37 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 13:37 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 13:37 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 13:37 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 13:37 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 13:37 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 13:37 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 13:37 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-25 13:44 - 2015-10-25 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sir Henry
2015-10-25 13:44 - 2015-10-25 13:44 - 00000000 ____D C:\Program Files (x86)\Anno
2015-10-23 15:44 - 2015-10-23 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-10-23 15:41 - 2015-10-23 15:41 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-10-21 13:34 - 2015-10-21 12:58 - 00001218 _____ C:\Users\AmonSul\Desktop\Runes of Magic.lnk
2015-10-21 13:24 - 2015-10-21 13:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runes of Magic
2015-10-21 12:58 - 2015-11-02 15:52 - 00000000 ____D C:\Program Files (x86)\Runes of Magic
2015-10-21 12:37 - 2015-10-21 12:49 - 00000000 ____D C:\Users\AmonSul\Downloads\RoM
2015-10-21 12:36 - 2015-11-01 23:21 - 00000000 ____D C:\Users\AmonSul\Downloads\BF2
2015-10-20 15:53 - 2015-10-20 15:53 - 00001723 _____ C:\Users\AmonSul\Desktop\Spellforce.lnk
2015-10-20 13:21 - 2015-10-20 13:21 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-17 22:37 - 2015-10-17 22:37 - 03996360 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-10-16 14:34 - 2015-10-16 14:34 - 00077236 _____ C:\Users\AmonSul\Downloads\Versuchsplan Hydrodynamik.xlsx
2015-10-13 19:02 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-13 19:02 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-13 19:02 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-13 19:02 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-13 19:02 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-13 19:02 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-13 19:02 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-13 19:02 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-13 19:02 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-13 19:02 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-13 19:02 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-13 19:02 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-13 19:02 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-13 19:02 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-13 19:02 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-13 19:02 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-13 19:02 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-13 19:02 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-13 19:02 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-13 19:02 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-13 19:02 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-13 19:02 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-13 19:02 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-13 19:02 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-13 19:02 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-13 19:02 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-13 19:02 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-13 19:02 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-13 19:02 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-13 19:02 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-13 19:02 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-13 19:02 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-13 19:02 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-13 19:02 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-13 19:02 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-13 19:02 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-13 19:02 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-13 19:02 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-13 19:02 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-13 19:02 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-13 19:02 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-13 19:02 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-13 19:02 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-13 19:02 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-13 19:02 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-13 19:02 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-13 19:02 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-13 19:02 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-13 19:02 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-13 19:02 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-13 19:02 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-13 19:02 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-12 23:24 - 2015-10-12 23:27 - 00000000 ____D C:\Program Files (x86)\WinISO Computing
2015-10-12 23:24 - 2015-10-12 23:24 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\WinISO Computing
2015-10-12 23:24 - 2015-10-12 23:24 - 00000000 ____D C:\Users\AmonSul\AppData\Local\WinISO Computing
2015-10-12 21:20 - 2015-10-12 21:20 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2015-10-12 20:45 - 2015-10-12 20:45 - 00000000 ____D C:\Users\AmonSul\AppData\Local\Disc_Soft_Ltd
2015-10-12 20:40 - 2015-10-12 23:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI
2015-10-12 20:30 - 2015-10-12 20:30 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2015-10-12 20:30 - 2015-10-12 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-10-12 20:30 - 2015-10-12 20:30 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2015-10-09 18:49 - 2015-10-09 18:49 - 00001474 _____ C:\Users\AmonSul\Desktop\RoM.lnk
2015-10-09 12:30 - 2015-11-01 02:13 - 00000000 ____D C:\Users\AmonSul\Documents\Battlefield 2
2015-10-09 12:26 - 2015-11-01 01:36 - 00000000 ____D C:\Program Files (x86)\EA GAMES
2015-10-09 12:26 - 2015-11-01 01:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2015-10-07 14:27 - 2015-10-03 05:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00376112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00339064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-02 17:34 - 2015-07-30 15:15 - 00000000 ____D C:\Users\AmonSul
2015-11-02 17:33 - 2010-12-02 23:24 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-02 17:19 - 2011-08-29 16:13 - 00000000 ___RD C:\Users\AmonSul\Dropbox
2015-11-02 17:19 - 2010-06-16 12:24 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Skype
2015-11-02 17:05 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-02 17:01 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-02 16:57 - 2012-12-31 21:46 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-02 16:45 - 2015-06-18 12:34 - 00001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001UA.job
2015-11-02 16:37 - 2013-05-20 22:49 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-02 16:27 - 2014-07-23 10:35 - 00000000 ____D C:\Users\AmonSul\AppData\Local\Battle.net
2015-11-02 16:04 - 2014-07-23 10:35 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-02 16:04 - 2011-08-29 16:09 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Dropbox
2015-11-02 15:57 - 2012-12-31 21:46 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-02 15:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-01 22:58 - 2011-02-15 20:10 - 00000000 ____D C:\ProgramData\ts3overlay
2015-11-01 22:11 - 2011-01-22 14:40 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{47C78EDB-43F3-4774-A6E4-9BC251E4A51A}
2015-11-01 19:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-01 14:12 - 2012-04-17 15:32 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\vlc
2015-11-01 14:07 - 2012-05-28 17:37 - 00000000 ____D C:\Users\AmonSul\dwhelper
2015-11-01 01:53 - 2015-07-30 15:12 - 02104920 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-01 01:53 - 2015-07-10 17:34 - 00893894 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-01 01:53 - 2015-07-10 17:34 - 00200430 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-01 01:46 - 2015-07-30 15:02 - 00154184 _____ C:\WINDOWS\PFRO.log
2015-11-01 01:46 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-01 01:45 - 2015-07-10 10:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-11-01 01:43 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-01 01:40 - 2010-06-16 21:06 - 00218536 _____ C:\WINDOWS\DirectX.log
2015-11-01 01:36 - 2010-06-16 22:35 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-01 01:13 - 2015-07-01 10:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-01 01:13 - 2014-12-26 20:05 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-31 10:47 - 2010-08-25 10:18 - 00000000 ____D C:\Users\AmonSul\Documents\SpellForce
2015-10-31 10:45 - 2015-06-18 12:33 - 00001180 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001Core.job
2015-10-30 14:23 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-29 18:29 - 2012-02-02 02:05 - 00000000 ____D C:\Users\AmonSul\Documents\Runes of Magic
2015-10-28 21:37 - 2014-06-04 21:23 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-10-26 10:57 - 2015-08-24 16:17 - 00035880 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2015-10-26 10:47 - 2015-08-21 11:59 - 00000000 ____D C:\Users\AmonSul\AppData\Local\Akamai
2015-10-22 19:21 - 2010-06-16 12:09 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-22 03:40 - 2010-08-25 09:57 - 00002156 _____ C:\Users\AmonSul\Desktop\SpellForce - Platinum Edition.lnk
2015-10-22 01:47 - 2013-11-13 00:44 - 00000000 ____D C:\Users\AmonSul\AppData\Local\NVIDIA Corporation
2015-10-22 01:44 - 2015-07-10 13:20 - 00018724 _____ C:\WINDOWS\setupact.log
2015-10-21 23:53 - 2011-08-21 12:39 - 00000000 ____D C:\Program Files (x86)\ArtMoney
2015-10-21 12:43 - 2010-09-22 21:14 - 00007673 _____ C:\Users\AmonSul\AppData\Local\Resmon.ResmonCfg
2015-10-21 10:54 - 2014-07-23 10:51 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-10-17 21:56 - 2010-06-16 12:23 - 00000000 ____D C:\ProgramData\Skype
2015-10-16 19:12 - 2013-01-22 20:53 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\dvdcss
2015-10-16 08:39 - 2012-10-13 00:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-16 04:10 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-13 20:37 - 2011-01-12 15:10 - 00000000 ____D C:\Data
2015-10-13 19:15 - 2013-09-08 20:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-13 19:10 - 2010-06-16 11:06 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-12 23:35 - 2013-05-08 13:02 - 00000000 ____D C:\Program Files (x86)\KONAMI
2015-10-12 20:33 - 2010-06-16 19:23 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\DAEMON Tools Lite
2015-10-12 13:17 - 2013-07-01 21:32 - 00000000 ____D C:\Users\AmonSul\Downloads\Urbana
2015-10-08 22:32 - 2014-08-07 09:56 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-08 22:32 - 2013-07-29 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-10-07 20:48 - 2013-07-29 11:31 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-10-07 20:48 - 2013-07-29 11:31 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-10-07 14:29 - 2010-06-16 11:48 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-07 11:53 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-07 11:53 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-07 11:53 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-07 11:53 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-07 11:53 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-07 11:52 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-07 11:52 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-07 11:52 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-06 19:45 - 2015-07-31 20:08 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-10-04 09:23 - 2015-07-31 20:16 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-10-04 09:23 - 2015-07-31 20:16 - 01317192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-10-04 09:22 - 2015-07-31 20:16 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-10-04 09:22 - 2015-07-31 20:16 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-10-03 05:58 - 2015-09-24 21:23 - 15803800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-03 05:58 - 2015-07-31 20:15 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-03 05:58 - 2015-07-31 20:15 - 00105264 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-10-03 05:58 - 2015-07-31 20:08 - 18354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-03 05:58 - 2015-07-31 20:08 - 12868120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-03 05:58 - 2015-07-31 20:08 - 03534888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-10-03 05:58 - 2015-07-31 20:08 - 03121144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-10-03 05:58 - 2015-07-31 20:08 - 00034392 _____ C:\WINDOWS\system32\nvinfo.pb
2015-10-03 03:38 - 2015-07-31 20:15 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-10-03 03:38 - 2015-07-31 20:15 - 02982704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-10-03 03:38 - 2015-07-31 20:15 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-10-03 03:38 - 2015-07-31 20:15 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-10-03 03:38 - 2015-07-31 20:15 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-10-03 03:38 - 2015-07-31 20:15 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-10-30 12:26 - 2010-10-30 12:38 - 0000345 _____ () C:\Users\AmonSul\AppData\Roaming\glade-3.conf
2010-09-03 13:46 - 2015-08-26 13:16 - 0033792 _____ () C:\Users\AmonSul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-05 01:45 - 2014-01-05 01:45 - 0000095 _____ () C:\Users\AmonSul\AppData\Local\fusioncache.dat
2015-07-01 10:56 - 2015-07-01 10:56 - 0000337 _____ () C:\Users\AmonSul\AppData\Local\Perfmon.PerfmonCfg
2010-09-22 21:14 - 2015-10-21 12:43 - 0007673 _____ () C:\Users\AmonSul\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\AmonSul\AppData\Local\Temp\997b4640dbd090156ecabec0aaa0df90.dll
C:\Users\AmonSul\AppData\Local\Temp\avgnt.exe
C:\Users\AmonSul\AppData\Local\Temp\d4f5d244a0909d75573750c06e9db24d.dll
C:\Users\AmonSul\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3p9jwh.dll
C:\Users\AmonSul\AppData\Local\Temp\DTLite1010-0074.exe
C:\Users\AmonSul\AppData\Local\Temp\npp.6.8.1.Installer.exe
C:\Users\AmonSul\AppData\Local\Temp\npp.6.8.3.Installer.exe
C:\Users\AmonSul\AppData\Local\Temp\SkypeSetup.exe
C:\Users\AmonSul\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-31 12:12

==================== Ende von FRST.txt ============================
Addition.txt
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-10-2015
durchgeführt von AmonSul (2015-11-02 17:35:24)
Gestartet von C:\Users\AmonSul\Desktop
Windows 10 Pro (X64) (2015-07-30 14:54:01)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1149312127-3900390906-2569845260-500 - Administrator - Disabled)
AmonSul (S-1-5-21-1149312127-3900390906-2569845260-1001 - Administrator - Enabled) => C:\Users\AmonSul
ASPNET (S-1-5-21-1149312127-3900390906-2569845260-1017 - Limited - Enabled)
DefaultAccount (S-1-5-21-1149312127-3900390906-2569845260-503 - Limited - Disabled)
Gast (S-1-5-21-1149312127-3900390906-2569845260-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1149312127-3900390906-2569845260-1007 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Active@ ISO Burner (HKLM-x32\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated)
Adobe Download Manager (HKLM-x32\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.63 - NOS Microsystems Ltd.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AION Free-To-Play (HKLM-x32\...\InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}) (Version: 2.70.0000 - Gameforge)
AION Free-To-Play (x32 Version: 2.70.0000 - Gameforge) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Anno 1404 (HKLM-x32\...\Steam App 33250) (Version:  - Blue Byte)
Anno 1404: Venice (HKLM-x32\...\Steam App 33350) (Version:  - Blue Byte)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04.1 - Ubisoft)
Anno 1701 Version 1.04.1 (HKLM-x32\...\{67DBBEAD-91A0-40C8-B34C-BE1026CABBE2}_is1) (Version: 1.04.1 - Ubisoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArtMoney SE v7.37 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.37 - System SoftLab)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{5dfbeba9-9f22-463d-8c95-c861911810a2}) (Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 2 Server (HKLM-x32\...\{F3CA370F-0B4B-4239-BF5A-2CC751EB5D3C}) (Version: 1.00.001 - EA Games)
Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4809) (Version:  - Canon Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dawn of War - Dark Crusade (HKLM-x32\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ)
Dawn Of War - Winter Assault (HKLM-x32\...\{DD8408E9-9421-484F-979D-DB6361E3E828}) (Version: 1.4 - THQ)
Dawn Of War (HKLM-x32\...\{83F12F73-D52E-40C0-93B1-463C311C4E17}) (Version: 1.40 - THQ)
Dropbox (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Echo of Soul (HKLM-x32\...\Echo of Soul) (Version:  - )
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hellgate: London (HKLM\...\{A2B4455D-1046-4732-BFBC-0821BEFC07BC}) (Version: 1.10.180.3416 - Flagship Studios)
HexEdit (HKLM-x32\...\{083EF76E-0760-4D7A-9508-0B88A3AF1889}) (Version: 4.0.0 - Expert Commercial Software Pty Ltd)
Inquisition Daemonhunt (HKLM-x32\...\Inquisition Daemonhunt) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version:  - Valve)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - Tomorrow Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM-x32\...\NCLauncher_GameForge) (Version:  - NCsoft)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
PlanetSide 2 (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PoE:2 v2.5.0.0 (HKLM-x32\...\PoE:2) (Version: 2.5.0.0 - Point of Existence)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PuTTY version 0.60 (HKLM-x32\...\PuTTY_is1) (Version: 0.60 - Simon Tatham)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
RAD Video Tools (HKLM-x32\...\RADVideo) (Version:  - )
Runes of Magic (HKLM-x32\...\{F57FBE91-C48B-4A86-91C8-A9C3D744E459}_is1) (Version: 6.2.2.2736 - Gameforge Productions GmbH)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Sir Henry's 1701 RDA Packer V1.0 (HKLM-x32\...\Sir Henry's 1701 RDA Packer_is1) (Version:  - Sir Henry)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SpellForce (HKLM-x32\...\SpellForce) (Version: SpellForce v1.52 - JoWooD Productions Software AG)
SpellForce 2 - Shadow Wars (HKLM-x32\...\{1A4E47DC-6701-4A85-AA16-C1F99A44598C}) (Version: 1.00.0000 - Ihr Firmenname)
SpellForce 2 Update v1.02 (HKLM-x32\...\SpellForce 2 Update v1.02) (Version:  - )
Star Wars Battlefront (HKLM-x32\...\{C79CB9C7-10A4-4814-8402-F574672C2192}) (Version: 1.0 - LucasArts)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2S166A0-F031-4E27-A057-C69733219434}_is1) (Version: 18.10.03 - Gameforge Productions GmbH)
TeXnicCenter Version 2.0 Beta 1 (HKLM\...\TeXnicCenter_is1) (Version: 2.0 Beta 1 - The TeXnicCenter Team)
Unreal Anthology (HKLM-x32\...\{14AA72DA-DB40-4A34-93A6-401A81D7AF9E}) (Version: 1.00.0000 - Epic Games, Inc.)
VC 9.0 Runtime (x32 Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
Yu-Gi-Oh! Power of Chaos JOEY THE PASSION (HKLM-x32\...\{336DD6B4-B100-4048-B2B7-FBA7059FD959}) (Version: 1.00.0000 - KONAMI)
Yu-Gi-Oh! Power of Chaos KAIBA THE REVENGE (HKLM-x32\...\{485C9280-B899-4D46-86F3-B3E459636EE5}) (Version: 1.00.0000 - KONAMI)
Yu-Gi-Oh! Power of Chaos YUGI THE DESTINY (HKLM-x32\...\{3571656A-575D-4CED-809D-5547587121FF}) (Version: 1.00.0000 - KONAMI)
ZoneAlarm LTD Toolbar (HKLM\...\ZoneAlarm LTD Toolbar) (Version:  - Check Point Software Technologies)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

30-10-2015 14:18:14 Windows Update
30-10-2015 14:22:03 Windows Update
31-10-2015 22:22:03 Installiert Battlefield 2 Patch v1.41

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0466EC7F-51B9-4FDB-96A0-E1A570A6738B} - System32\Tasks\{AFAE6330-A6D6-4CA9-86AF-615EFE153674} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-09-28] (Skype Technologies S.A.)
Task: {07A540FE-C9C0-42BF-B040-2C730B8405F8} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {0C49E4EE-BB19-4956-B4C9-374410527808} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {16CE7D34-D7B6-42BB-8189-1A680A3260C2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1781FAED-367C-44A1-91FE-46958BAC6554} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {1DEBB65C-F478-4F57-A76E-A899D6B3579B} - System32\Tasks\{FF18F393-02A1-43EE-98F2-65C727D864F6} => pcalua.exe -a C:\Users\AmonSul\Downloads\HiJackThis204.exe -d C:\Users\AmonSul\Downloads
Task: {23CEE39C-E73C-44B5-9A81-38EA353862A7} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {23E34896-6CBA-47BC-99F6-BC62EA354063} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {2D86DF62-52A1-4BF3-8318-0160A986D85B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {2EF61AC2-3318-4042-A826-1B035EC72DC6} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {4A23E7F5-6153-4CF4-AB3C-FC5432EDF8DB} - System32\Tasks\{C63DDF16-D3C8-41C5-960E-773B9CA2A162} => pcalua.exe -a C:\Users\AmonSul\Downloads\Gwyddion-2.21.exe -d C:\Users\AmonSul\Downloads
Task: {539C83E4-7152-4582-88A7-22C1009DD375} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {5885EA78-0F9E-4754-8381-0AC256AF841A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5D567709-E40B-4EF6-8F7A-02A7499E353C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {5D72A9C5-D44E-4043-9FE2-7724290F4895} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {5EA26DEE-6DD1-4BEA-AF63-A52BF340854F} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {70220171-5D72-4034-9780-42722BC13824} - System32\Tasks\{8AF80078-7C5D-4A04-BF6B-FBCEF52257DF} => pcalua.exe -a "C:\Program Files (x86)\gs\uninstgs.exe" -d "C:\Program Files (x86)\gs"
Task: {7410F950-99ED-4645-8BE8-EC192DAC9C7C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {7B3FCB48-74C4-4499-B9E9-D70EA036F5D1} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {7C4C6458-B3D5-4552-9852-8A73A88EE8AB} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {7F0DE0C0-EA9C-4DE0-8DBA-B873B89AB12D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {83E83303-4C10-4628-BEA4-30D0E05500D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {841E8240-564E-4527-8F64-C4CBC345FC45} - System32\Tasks\{8A442661-937D-497C-BCB4-D6A67AE07E6E} => pcalua.exe -a C:\Users\AmonSul\Downloads\HiJackThis.exe -d C:\Users\AmonSul\Downloads
Task: {87615692-2FCA-46B8-B9A7-A9066C57261A} - System32\Tasks\{D9DE0FA9-DAD7-41B6-BB52-D326C16097D2} => C:\Users\AmonSul\Downloads\WebCam\WebCam\Setup.exe
Task: {8E089290-17F9-4A21-83F6-D56E8B5CA3F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {8FD9A9B6-EBBD-4368-9B57-F0B8CC8FBD00} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {984D8A8C-5401-4DB7-A708-0BB28A00C828} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== ACHTUNG
Task: {A2112753-1252-4201-9309-424ECBF9CBA8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {A36E7BF9-8152-461C-AE5B-9A539E482E9F} - System32\Tasks\{EADC11EC-DC8D-4300-8193-0F13E3841811} => pcalua.exe -a C:\Windows\SysWOW64\DivXControlPanelApplet.cpl -c DivX Control Panel
Task: {A6C057E7-E932-4E49-B125-CA405AEC023D} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B46B7A85-73AD-41B5-BC45-2042A2665D9E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B5DD6CB1-AB70-4378-935B-61C13A2CF8C0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {B8A0D74F-7056-41C1-A299-7DF80E798E52} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C01565F9-07D8-4543-A11B-BDE7180ED812} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {C7C1E3BB-8495-4CFD-8E4A-C73D975D6680} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-13] (Microsoft Corporation)
Task: {CEE2A51B-CE2F-42D3-A490-27EE8C02636B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {D1C42257-0E76-41C7-BBB7-E2F483E707D9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {D8CF64B1-D41A-4CE8-8E77-8499AB82FFF5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001Core => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {DAC2BAFF-DDDD-4F7D-AA39-ED14E69F72EA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {DCF204F7-58B8-4D6C-B040-EEAE94ABCF7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {E4D59790-9555-42B8-9056-E651BDC20360} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {F3F6446F-4DA1-4C97-B490-EFD47DB0E264} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {FB2924C5-AE9B-4506-80D0-BD6EACEEA67E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001UA => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {FE0D1C3E-5AD2-42AF-8C85-AE227D58E96F} - System32\Tasks\{DE62D6C2-DD73-40D0-AE7E-248D1DD57C6B} => C:\Users\AmonSul\Downloads\WebCam\WebCam\Setup.exe
Task: {FEEF5B74-6BA1-498B-AF81-599BB44C782F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001Core.job => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001UA.job => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-30 15:55 - 2015-07-30 15:55 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 18:27 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-07-31 20:15 - 2015-10-03 03:38 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-01 21:34 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 21:34 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 21:34 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 21:34 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 21:34 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 21:34 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 21:34 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-23 08:09 - 2015-10-23 08:09 - 03498496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-07-31 20:16 - 2015-10-04 09:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\AmonSul\Cookies:gs5sys
AlternateDataStreams: C:\Users\AmonSul\Desktop\20150802_194842.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\AmonSul\Desktop\20150802_195005.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\AmonSul\Downloads\Jahresinhalt2014.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\AmonSul\Downloads\Mondkalender_2015.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\AmonSul\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\AmonSul\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\AmonSul\Documents\Runes of Magic:com.dropbox.attributes

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\aeriagames.com -> hxxp://aeriagames.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\AmonSul\Downloads\underworld_awakening_2012-wallpaper-1920x1080.jpg
DNS Servers: 83.169.185.161 - 83.169.185.225
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IswSvc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SBSDWSCService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: DivX Download Manager => "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
HKLM\...\StartupApproved\Run32: => "Aeria Ignite"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{60538A48-A9A6-4BA3-B68A-0405094300A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{4578A1EB-5D78-4DFA-A875-AD85E3B7B2E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{1EB5650A-5852-4142-A507-E35408339310}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{8539C43D-790D-4378-A521-0E2FE21A471B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{52F1B24A-8773-4246-92E4-CCAD4799F9F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{C0F5776E-F503-43A7-9B54-B014627158F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{C90D159C-D2B6-4434-BD84-2DFB51E49B4A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{30C8D414-946D-4987-BE4F-7CE0C4D241FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D206394A-7CFE-4D34-8804-5E973FB315F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [{9B23E208-409F-48F2-BBF2-7ABF1C09BEA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [{4159A064-0785-4F04-A379-F5BDBFC2900E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{44A0EF97-BA1A-4C32-BAF2-88B6F29998A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{87F676A8-CC14-489A-8BA9-C367BC915E4A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A5EDDEE3-6840-4448-8508-9C46EB341484}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1B9F5426-1463-4E91-9BCA-FDFFAC5685C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{6EB1D6C5-59FD-49A4-9E17-175FC1E1C715}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{B11820E2-74E4-4475-955E-5AA35CD89E30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5F45CA99-0C87-4772-97E8-38F3E1FD2F51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DA3B01A3-3B9D-4FFD-BDE6-6B75D2584C22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A5FCE1DD-0C0E-4B69-8E3A-633AF7C2D3DC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9A5219E9-B44E-4094-9CC1-098E86341D43}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AE5F66FF-7F49-4981-B85F-FECBC86C506A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{883D1ECC-75D3-4436-A0CD-0D4BE78895B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4EE91ED7-D03E-4BFF-94F6-519B895CB4AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C2C65CDF-7F0A-4BA1-B1FC-D245815BCF0D}] => (Allow) C:\Users\AmonSul\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{C0395405-32E1-4814-AFE8-10447085BB86}] => (Allow) C:\Users\AmonSul\AppData\Roaming\ICQM\icq.exe
FirewallRules: [UDP Query User{454DC57F-0932-42DE-B855-BF2FEB09577D}C:\program files (x86)\ea games\battlefield 2 server\bf2_w32ded.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2 server\bf2_w32ded.exe
FirewallRules: [TCP Query User{631C5AB2-43A9-4A30-8FBC-C4FBD68A2C6B}C:\program files (x86)\ea games\battlefield 2 server\bf2_w32ded.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2 server\bf2_w32ded.exe
FirewallRules: [{51E3615D-ABBE-43B2-B3E5-DADE73CBBB45}] => (Allow) C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{885400D7-E8B7-4F25-8B24-AB43168B8231}] => (Allow) C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{839F0807-38D8-4913-AFE6-6D5605A2FD92}] => (Block) C:\users\amonsul\appdata\local\playata client\playataclient.exe
FirewallRules: [{5F16A607-CF0A-4E84-91C5-0C8A5799C5C0}] => (Block) C:\users\amonsul\appdata\local\playata client\playataclient.exe
FirewallRules: [UDP Query User{B5846FE4-1EAB-4CEE-8CA5-D8A5B8A27803}C:\users\amonsul\appdata\local\playata client\playataclient.exe] => (Allow) C:\users\amonsul\appdata\local\playata client\playataclient.exe
FirewallRules: [TCP Query User{4CA10757-995D-4F5E-BBD4-05DBBD9B9ACF}C:\users\amonsul\appdata\local\playata client\playataclient.exe] => (Allow) C:\users\amonsul\appdata\local\playata client\playataclient.exe
FirewallRules: [{0887AFAA-7402-44DD-903B-1A1335E37F9A}] => (Allow) C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5B5E888F-7BC9-4DEA-96E8-2FE268867259}] => (Allow) C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{53AF6B0A-8C79-48F1-8408-3D84EAB9A2BC}] => (Allow) C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{108C09C4-D0BB-4DEC-98FF-F5A575206A03}] => (Allow) C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8019F585-B76D-4C1B-B93A-E5FB66B8DB8A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{9A010229-B28B-43AF-A696-AD55598900A5}] => (Allow) C:\Program Files (x86)\BlastShark\hellgate\BlastShark.exe
FirewallRules: [{E1B287A4-6CF0-4BFD-81B7-80BB97DEEF02}] => (Allow) C:\Program Files (x86)\BlastShark\hellgate\BlastShark.exe
FirewallRules: [{0FADE70B-6F44-4379-AC1A-A7AEB78D20A4}] => (Allow) C:\Program Files (x86)\BlastShark\hellgate\BlastShark.exe
FirewallRules: [{BC573E65-C796-4D8E-AE08-E1BEA2720D56}] => (Allow) C:\Program Files (x86)\BlastShark\hellgate\BlastShark.exe
FirewallRules: [{B9502817-D671-4889-B69E-8DE5633BEEFD}] => (Allow) C:\Teamspeak Server\ts3server_win64.exe
FirewallRules: [{2C61B131-8096-47F0-A3A8-92A10B3D2D32}] => (Allow) C:\Teamspeak Server\ts3server_win64.exe
FirewallRules: [{9F83DD8B-FA2A-4098-8092-F98EA217A006}] => (Allow) C:\Teamspeak Server\ts3server_win64.exe
FirewallRules: [{517DF004-D087-4AED-BE4E-EE5FD049A736}] => (Allow) C:\Teamspeak Server\ts3server_win64.exe
FirewallRules: [{8BB1BC54-CA7B-425B-AE6A-44ED8B7EB564}] => (Block) C:\program files (x86)\runes of magic\client.exe
FirewallRules: [{D8853763-38AD-4FD1-BE15-2DEF36715BAA}] => (Block) C:\program files (x86)\runes of magic\client.exe
FirewallRules: [UDP Query User{F38EEB39-C2EE-4CB0-8787-E68FAC3A4B09}C:\program files (x86)\runes of magic\client.exe] => (Allow) C:\program files (x86)\runes of magic\client.exe
FirewallRules: [TCP Query User{EC7572CB-77DC-42F7-BA78-B898672F094B}C:\program files (x86)\runes of magic\client.exe] => (Allow) C:\program files (x86)\runes of magic\client.exe
FirewallRules: [{8DA5DDD4-AC06-4C51-8CD1-0AFE90E79DC6}] => (Allow) LPort=1900
FirewallRules: [{61EF1D80-5D92-42AC-A505-DE0182480E39}] => (Allow) LPort=2869
FirewallRules: [{8D8E963B-EC85-466B-A551-24B9EB9F3126}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CD328824-DE02-4640-BE44-DC2E2802F12A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6251FF63-D469-4A33-AAD8-B9555C98EA07}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A845DD47-BC10-4BAC-A875-23D9D1852616}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3F8B7C4F-EC73-41B6-9B09-058419D72810}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{97CB0B94-64F9-427D-A4FD-2E43F23AF017}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D7AE0386-4B3F-4F5B-BA62-343D3F36BA90}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{93EB0F01-8E10-477F-AF02-33D1E67DDB9D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{497199C2-3AC4-4A18-B3E0-1F1502C142D7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E5AC1F31-73EF-47C0-826B-523DEC2DFBBA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A4E1A836-1807-462C-88B8-8895109A7AA4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{072813FA-D04C-419E-8E2F-32E97F89D02E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1FD9E5C6-1EF9-4924-9DDD-292A77FFC7E2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9987B18D-F01C-4E2E-B638-E5FC14F5AF27}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0B08155D-4763-46B9-A851-B9C6FE86ABAD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A95A4A6D-F6F3-44B2-A816-DB9DCEF32AD6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{79C6AF41-72A3-4476-BC4A-FBC4CE0B929B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{88FBD98E-6EDA-4BCA-803C-EE90E5EE0F4D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{063557F0-128B-4D24-AFF9-4AF46C49B40D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{87D6F983-BA19-4D93-8391-A8F439C6F903}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FEE0DEA6-5595-43F7-87AE-30EA50D11A03}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B4FD663D-C7C8-44A5-91F0-412A299202D2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AEE91424-8E2F-4A0E-A907-B9387EC50494}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4E815FC2-5D72-4BFD-AD53-6D824D1DDFF8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{63C10D86-6399-4C4D-8642-71A466EC8E70}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{340F1D1D-E2FB-4A62-913A-10411131EB3C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DC3447D9-49B9-4969-A548-7B7AB5034C8F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{894B8571-791A-428E-96C9-3854B5C58A48}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B26C7C27-21D6-4D0B-81FF-76A7BB5A9C01}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BD27B118-645F-488D-8251-5CA6720B722D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F42B1ACB-9243-4ADE-AE24-B92294838736}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AD219701-ED99-411C-8849-941F9ECF77D4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9480E79B-BE9C-4782-9946-224186515B33}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C8FD14E6-1D6E-4052-8B97-8550CD7C9F20}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C42293CB-CC91-4100-A66D-15524ABD6BD2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C0247BED-BB3A-43AF-B379-C9E81599FEF8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{196ACC13-1347-4720-ADB4-E37690755B2E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{53FF0122-7EC4-43DE-91B2-36D38DB0CF40}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{16CB6D84-70AF-47B8-99CE-952AF0230A0B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{77F32B6F-EF86-4A73-954F-9BA36E6F2EC7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{92102507-425F-47D4-8E23-DC86544A3183}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{57D216F1-EB5C-4B16-8C15-E79BF9C3CC4D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F2B476F3-E848-4DF8-B918-88784544E147}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F66C611F-E611-499B-A642-775F6058FE1A}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{BCF01C43-5DA0-4C03-9264-1106713D6B4B}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{D59C8D5F-F707-4FD7-B8BE-A3A4D68F08D1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B6AD337E-784A-4CD1-A326-4B2CB241C2C8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E4D2C294-50A6-4360-B72E-BFFA838B598F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FEE33F62-929E-43DE-B61D-BFD7BA42B348}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B1C57FF2-C9CD-4C16-A88C-CA79EFE53824}] => (Allow) C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
FirewallRules: [{B764CF85-D11B-4F6B-8810-ACDE71B571FA}] => (Allow) C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
FirewallRules: [{98314C8E-85FB-4C9B-AC45-68EBDD5EC6E0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3F9DCEF3-601F-47E6-8D05-DC2ABF533B34}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1240056F-66A0-4212-9E9A-8603BF6F28BA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{17E96B47-1F6D-437E-8E57-E5021CC941F1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D3D71F68-209E-4AA1-9564-7E367182BE80}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DF094B62-013F-483F-8E40-EA63C7731852}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{786B3AAB-4F4B-4024-9317-23464791E63C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{51620AD7-C97E-45EA-B130-2D041D3FBD17}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9585F106-55E8-4C2F-B97E-6B477E7DED7B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{33C8646C-BEB9-457F-AB49-CBEB7253A2BF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3C00D7C0-3807-4339-9A04-B04867BDAC37}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7F6082AF-1528-42B0-8D39-C9D121D94B94}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C5CACB2E-BBF9-4EF7-9A72-9F62A170CF41}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F67E6124-9C88-4A89-897E-89C9AF7F3939}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F41ACE5D-0F64-4F7A-BD13-F903DB2294A9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EAFF97BE-9BAA-4AF8-9863-5EBFC3CEEFF9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{81620847-0403-4F87-B916-BFF2E1B889BF}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Battlefront\GameData\battlefront.exe
FirewallRules: [{44BE8824-91DD-4090-897D-0410D4BD14C2}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Battlefront\GameData\battlefront.exe
FirewallRules: [{E0548FC4-09BB-4EF5-857E-3E15D5304D54}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F03DA2F7-FADD-4F14-A1F5-F734518ED11F}] => (Allow) C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe
FirewallRules: [{C5CDE098-A5C0-4863-9FFE-585707907986}] => (Allow) C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe
FirewallRules: [{CF71A4B9-01C1-47C5-9335-26B911219CCA}] => (Allow) C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe
FirewallRules: [{FDA209CF-08AA-438A-BB44-6F5C58321BE4}] => (Allow) C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe
FirewallRules: [{AD225CCA-0F0C-48A0-985F-DAFCAC9E1C27}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
FirewallRules: [{32075600-1198-417F-B2A6-1F867984D6CF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{47DDFE1D-6155-4DB7-AB90-110044BD5C25}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A5F89B9-5A14-4E00-AC18-5A24911D8C66}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{FFCFA980-A16F-4C51-90F3-0BAD22B7F599}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [UDP Query User{0DDCD0A5-EA78-44BE-B198-4D264EE4CC27}C:\program files (x86)\xfire\xfire.exe] => (Allow) C:\program files (x86)\xfire\xfire.exe
FirewallRules: [TCP Query User{389FBF55-F258-4B1C-B7F8-042DA1FF1F1D}C:\program files (x86)\xfire\xfire.exe] => (Allow) C:\program files (x86)\xfire\xfire.exe
FirewallRules: [TCP Query User{8ED92A61-5911-4A43-BB5F-0C8713840099}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [UDP Query User{ED89E760-6478-42E5-BFAA-30AA97280B27}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [TCP Query User{92AF7762-3F8F-4922-9675-E4530060C918}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{C9BFF00B-4EA5-49ED-9C78-96EA94B68AD4}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{86B50C29-36A2-4EB2-8A15-3B22E29ECBD3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2941334D-BF2A-48C7-92E3-30E220EFD4DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DB0746F6-E40C-4BDA-913B-5FD7889FD91D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{04F4A1C5-DD7D-4304-823D-D2468D556114}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{27D5DBA8-3883-40B8-BDEE-3C0F7365852A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{724EC400-5FDC-4C0F-9020-F7FF5B31A2D1}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe] => (Allow) C:\program files (x86)\gameforge\nclauncher\nclauncher.exe
FirewallRules: [UDP Query User{8A35B6E5-9F86-4C30-A5B3-90E58109E081}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe] => (Allow) C:\program files (x86)\gameforge\nclauncher\nclauncher.exe
FirewallRules: [TCP Query User{E6D90CD5-A7FC-410F-A2B2-A743A9D17BA1}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [UDP Query User{5F05D39A-72C4-4DD8-B6B3-68BE9C65F8C0}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [TCP Query User{25D1E8CC-58FA-4F2B-9F01-32E6DC9961D2}C:\users\amonsul\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\amonsul\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{E7F0CACB-C18F-4C67-97DE-ABD2FEC2C4EE}C:\users\amonsul\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\amonsul\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{E2E0C355-B6A6-4C41-A095-4EAFE83C4C31}C:\program files (x86)\spellforce\spellforce 2 - shadow wars\spellforce2.exe] => (Allow) C:\program files (x86)\spellforce\spellforce 2 - shadow wars\spellforce2.exe
FirewallRules: [UDP Query User{D85701B6-BA7A-4ED9-80E5-A6AB0D883384}C:\program files (x86)\spellforce\spellforce 2 - shadow wars\spellforce2.exe] => (Allow) C:\program files (x86)\spellforce\spellforce 2 - shadow wars\spellforce2.exe
FirewallRules: [TCP Query User{2C287175-5E7C-4788-B8B6-DA4EBE9B99B4}C:\program files (x86)\jowood\spellforce\spellforce.exe] => (Allow) C:\program files (x86)\jowood\spellforce\spellforce.exe
FirewallRules: [UDP Query User{50FC5FF3-A5A3-40D8-9AA4-D666B7120073}C:\program files (x86)\jowood\spellforce\spellforce.exe] => (Allow) C:\program files (x86)\jowood\spellforce\spellforce.exe
FirewallRules: [TCP Query User{A68942F2-381C-4E50-88B4-1C7F0C66BF6B}C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe
FirewallRules: [UDP Query User{3011B8FC-1AD7-4F8A-8563-D67207BBEF6E}C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe
FirewallRules: [TCP Query User{EF4FBC29-C046-4542-84E9-DB12B4D4892A}C:\users\amonsul\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\amonsul\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{C229706B-FE71-469D-B1AE-D3DF7D9AABA8}C:\users\amonsul\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\amonsul\appdata\local\akamai\netsession_win.exe
FirewallRules: [{F0F96920-0027-4976-A734-CC81BB5576C4}] => (Allow) LPort=56523
FirewallRules: [{77724B4C-A6CB-45F5-BF52-BC1CB5508101}] => (Allow) LPort=5000
FirewallRules: [TCP Query User{BB107E87-D464-4892-B6A2-CF7D1E9E19E6}C:\program files (x86)\ubisoft\anno 1701\anno1701.exe] => (Allow) C:\program files (x86)\ubisoft\anno 1701\anno1701.exe
FirewallRules: [UDP Query User{F3B3E2F0-95D6-47DB-9BCD-F20976BC9EB4}C:\program files (x86)\ubisoft\anno 1701\anno1701.exe] => (Allow) C:\program files (x86)\ubisoft\anno 1701\anno1701.exe
FirewallRules: [{17456301-C88B-46F2-98AB-D5ED3CDF3CEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Anno4.exe
FirewallRules: [{7B3DFA96-9786-4A96-9BE1-5F68E65A9D0B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Anno4.exe
FirewallRules: [{1B6B1D8C-AAC1-4334-A035-9F332D4A1922}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Addon.exe
FirewallRules: [{2FA2C3A4-B62E-4060-AEC9-84047D7BC4E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Addon.exe
FirewallRules: [TCP Query User{638010AE-C9C3-40C7-A86B-912A27C7094C}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [UDP Query User{AB0A571B-AD23-426F-B4FB-09A46183D754}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [{E2E38F85-766A-4BF6-B0BB-EACAD178D31E}] => (Allow) C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe
FirewallRules: [{389B38D3-74A5-4F44-A958-9A62111AC97D}] => (Allow) C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/02/2015 01:56:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AmonSul-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/01/2015 06:50:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AmonSul-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/01/2015 01:13:09 AM) (Source: MsiInstaller) (EventID: 1024) (User: AmonSul-PC)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F094E6D00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/31/2015 10:22:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (10/31/2015 02:27:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AmonSul-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/31/2015 02:27:52 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AmonSul-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/31/2015 02:27:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.10240.16515, Zeitstempel: 0x55fa599a
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.10240.16548, Zeitstempel: 0x56133a14
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000004aee7f
ID des fehlerhaften Prozesses: 0x608
Startzeit der fehlerhaften Anwendung: 0xShellExperienceHost.exe0
Pfad der fehlerhaften Anwendung: ShellExperienceHost.exe1
Pfad des fehlerhaften Moduls: ShellExperienceHost.exe2
Berichtskennung: ShellExperienceHost.exe3
Vollständiger Name des fehlerhaften Pakets: ShellExperienceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ShellExperienceHost.exe5

Error: (10/30/2015 02:22:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (10/30/2015 02:19:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (10/29/2015 06:38:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 7.12.80.101, Zeitstempel: 0x560891d4
Name des fehlerhaften Moduls: mshtml.dll, Version: 11.0.10240.16542, Zeitstempel: 0x5604b5ec
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00459c26
ID des fehlerhaften Prozesses: 0x19cc
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3
Vollständiger Name des fehlerhaften Pakets: Skype.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Skype.exe5


Systemfehler:
=============
Error: (11/02/2015 01:56:57 AM) (Source: DCOM) (EventID: 10010) (User: AmonSul-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (11/02/2015 01:56:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/01/2015 06:50:53 AM) (Source: DCOM) (EventID: 10010) (User: AmonSul-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (11/01/2015 06:50:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/01/2015 02:02:31 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/01/2015 01:46:46 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/01/2015 01:45:57 AM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.

Error: (11/01/2015 01:41:15 AM) (Source: DCOM) (EventID: 10010) (User: AmonSul-PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (11/01/2015 01:41:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session16" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/31/2015 04:04:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session15" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2015-08-11 11:37:31.206
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:29.174
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:29.109
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:25.068
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.982
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.847
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.697
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.597
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.530
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.444
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Prozentuale Nutzung des RAM: 14%
Installierter physikalischer RAM: 12286.05 MB
Verfügbarer physikalischer RAM: 10514.01 MB
Summe virtueller Speicher: 21488.05 MB
Verfügbarer virtueller Speicher: 19512.77 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:384.07 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4D478EF6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================
Vielen Dank schon Mal für die hoffentlich erfolgreiche Hilfe :)

Vigilantus

schrauber 02.11.2015 18:45
hi,

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Vigilantus 02.11.2015 19:50
Vielen Dank für die schnelle Antwort!

Hier die gewünschten Logs:
mbam.txt
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 02.11.2015
Suchlaufzeit: 19:03
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.11.02.04
Rootkit-Datenbank: v2015.10.28.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: AmonSul

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 418361
Abgelaufene Zeit: 18 Min., 6 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 3
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\Toolbar.CT2304157, In Quarantäne, [04388dec305b90a6ec5d61e66f94bf41],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar.CT2304157, In Quarantäne, [ae8e4e2b1279c76f1b2e173018eb1fe1],
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, In Quarantäne, [2e0e6712c1ca63d3cf69b8a1b54e8d73],

Registrierungswerte: 1
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157, In Quarantäne, [2e0e6712c1ca63d3cf69b8a1b54e8d73]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
AdwCleaner[S1]
Code:
# AdwCleaner v5.016 - Bericht erstellt am 02/11/2015 um 19:27:45
# Aktualisiert am 01/11/2015 von Xplode
# Datenbank : 2015-11-01.2 [Server]
# Betriebssystem : Windows 10 Pro  (x64)
# Benutzername : AmonSul - AMONSUL-PC
# Gestartet von : C:\Users\AmonSul\Desktop\AdwCleaner_5.016.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

Ordner Gefunden : C:\Users\AmonSul\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar

***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\S
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{224530A0-C9CB-4AEE-9C0F-54AC1B533211}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8C875948-9C60-4381-9248-0DF180542D53}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C1E58A84-95B3-4630-B8C2-D06B77B7A0FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C900B400-CDFE-11D3-976A-00E02913A9E0}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F9765480-72D1-11D4-A75A-004F49045A87}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FC87A650-207D-4392-A6A1-82ADBC56FA64}
Schlüssel Gefunden : HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Schlüssel Gefunden : HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\AppDataLow\Software\Conduit

***** [ Internetbrowser ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2827 Bytes] ##########
JRT.txt
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.2 (09.14.2015:1)
OS: Windows 10 Pro x64
Ran by AmonSul on 02.11.2015 at 19:32:11,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\AmonSul\Appdata\Local\{BB55C1A7-FF12-465E-A983-B9C07BC1AAFD}
Successfully deleted: [Empty Folder] C:\Users\AmonSul\Appdata\Local\{CADC6721-561A-4871-A0A2-C138DA0A509F}
Successfully deleted: [Folder] C:\Users\AmonSul\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\WINDOWS\SysWOW64\ai_recyclebin



~~~ FireFox

Successfully deleted: [File] C:\Users\AmonSul\AppData\Roaming\mozilla\firefox\profiles\ff705772.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
Emptied folder: C:\Users\AmonSul\AppData\Roaming\mozilla\firefox\profiles\ff705772.default\minidumps [316 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.11.2015 at 19:34:47,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
durchgeführt von AmonSul (Administrator) auf AMONSUL-PC (02-11-2015 19:37:15)
Gestartet von C:\Users\AmonSul\Desktop
Geladene Profile: AmonSul &  (Verfügbare Profile: AmonSul & DefaultAppPool)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 2012-10-25] (VIA)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-10-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\Run: [Dropbox Update] => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\Run: [Akamai NetSession Interface] => C:\Users\AmonSul\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\RunOnce: [Uninstall C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\RunOnce: [Uninstall C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Akamai NetSession Interface] => C:\Users\AmonSul\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Dropbox Update] => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Akamai NetSession Interface] => C:\Users\AmonSul\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [Uninstall C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [Uninstall C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 83.169.185.161 83.169.185.225
Tcpip\..\Interfaces\{e5dd4f1d-1660-4262-8ee9-ac91ca13da88}: [DhcpNameServer] 83.169.185.161 83.169.185.225

Internet Explorer:
==================
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001 -> DefaultScope {2E07025E-6A6D-4158-B2E9-2AB82A3EA40D} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001 -> {2E07025E-6A6D-4158-B2E9-2AB82A3EA40D} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {2E07025E-6A6D-4158-B2E9-2AB82A3EA40D} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {2E07025E-6A6D-4158-B2E9-2AB82A3EA40D} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {2E07025E-6A6D-4158-B2E9-2AB82A3EA40D} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {2E07025E-6A6D-4158-B2E9-2AB82A3EA40D} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

FireFox:
========
FF ProfilePath: C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\abs@avira.com [2015-10-23] [ist nicht signiert]
FF Extension: ChatZilla [de] - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5de} [2015-07-04]
FF Extension: Lightbeam - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-05-27]
FF Extension: NASA Night Launch - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\nasanightlaunch@example.com.xpi [2015-06-29]
FF Extension: NoScript - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-10-27]
FF Extension: Adblock Plus - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF Extension: BetterPrivacy - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-05-30]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2010-09-04] () [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-10-07] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG)
S3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 getPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll [68000 2010-03-29] (NOS Microsystems Ltd.)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-30] (Microsoft Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-07-31] (VIA Technologies, Inc.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-30] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148632 2015-07-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-10-07] (Avira Operations GmbH & Co. KG)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-12] (Disc Soft Ltd)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-30] (Microsoft Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-03-07] (Duplex Secure Ltd.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [35880 2015-10-26] (Wellbia.com Co., Ltd.)
S3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-02 19:37 - 2015-11-02 19:37 - 00019460 _____ C:\Users\AmonSul\Desktop\FRST.txt
2015-11-02 19:34 - 2015-11-02 19:34 - 00001249 _____ C:\Users\AmonSul\Desktop\JRT.txt
2015-11-02 19:30 - 2015-11-02 19:30 - 00002910 _____ C:\Users\AmonSul\Desktop\AdwCleaner[S1].txt
2015-11-02 19:27 - 2015-11-02 19:27 - 00000000 ____D C:\AdwCleaner
2015-11-02 19:23 - 2015-11-02 19:23 - 00001834 _____ C:\Users\AmonSul\Desktop\mbam.txt
2015-11-02 19:17 - 2015-11-02 19:17 - 00016148 _____ C:\WINDOWS\system32\AMONSUL-PC_AmonSul_HistoryPrediction.bin
2015-11-02 19:00 - 2015-11-02 19:02 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-02 19:00 - 2015-11-02 19:00 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-02 19:00 - 2015-11-02 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-02 18:59 - 2015-11-02 19:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-02 18:59 - 2015-11-02 18:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-02 18:59 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-02 18:59 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-02 18:59 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-02 18:56 - 2015-11-02 19:31 - 01798976 _____ (Malwarebytes) C:\Users\AmonSul\Desktop\JRT.exe
2015-11-02 18:56 - 2015-11-02 19:26 - 01708032 _____ C:\Users\AmonSul\Desktop\AdwCleaner_5.016.exe
2015-11-02 18:56 - 2015-11-02 18:58 - 22908888 _____ (Malwarebytes ) C:\Users\AmonSul\Desktop\mbam-setup-2.2.0.1024.exe
2015-11-02 17:34 - 2015-11-02 17:34 - 00000508 _____ C:\Users\AmonSul\Desktop\defogger_disable.log
2015-11-02 17:34 - 2015-11-02 17:34 - 00000020 _____ C:\Users\AmonSul\defogger_reenable
2015-11-02 17:33 - 2015-11-02 17:33 - 00380416 _____ C:\Users\AmonSul\Desktop\240vk9bs.exe
2015-11-02 17:32 - 2015-11-02 17:34 - 00050477 _____ C:\Users\AmonSul\Desktop\Defogger.exe
2015-11-02 17:17 - 2015-11-02 19:37 - 00000000 ____D C:\FRST
2015-11-02 17:16 - 2015-11-02 17:16 - 02198016 _____ (Farbar) C:\Users\AmonSul\Desktop\FRST64.exe
2015-11-01 23:09 - 2015-11-01 23:09 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Point of Existence 2
2015-10-31 13:09 - 2015-10-31 13:09 - 00000000 ____D C:\Users\AmonSul\Documents\ANNO 1404 Venedig
2015-10-31 13:07 - 2015-10-31 13:07 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Ubisoft
2015-10-30 19:24 - 2015-10-30 19:25 - 00368110 _____ C:\Users\AmonSul\Downloads\WhatsApp Chat mit Tanja Kreller.txt
2015-10-30 13:37 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 13:37 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 13:37 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 13:37 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 13:37 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 13:37 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 13:37 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 13:37 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 13:37 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 13:37 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 13:37 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 13:37 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 13:37 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 13:37 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 13:37 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 13:37 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 13:37 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 13:37 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 13:37 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 13:37 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 13:37 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 13:37 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 13:37 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 13:37 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 13:37 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 13:37 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 13:37 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 13:37 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 13:37 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 13:37 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 13:37 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 13:37 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 13:37 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 13:37 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-25 13:44 - 2015-10-25 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sir Henry
2015-10-25 13:44 - 2015-10-25 13:44 - 00000000 ____D C:\Program Files (x86)\Anno
2015-10-23 15:44 - 2015-10-23 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-10-23 15:41 - 2015-10-23 15:41 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-10-21 13:34 - 2015-10-21 12:58 - 00001218 _____ C:\Users\AmonSul\Desktop\Runes of Magic.lnk
2015-10-21 13:24 - 2015-10-21 13:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runes of Magic
2015-10-21 12:58 - 2015-11-02 15:52 - 00000000 ____D C:\Program Files (x86)\Runes of Magic
2015-10-21 12:37 - 2015-10-21 12:49 - 00000000 ____D C:\Users\AmonSul\Downloads\RoM
2015-10-21 12:36 - 2015-11-01 23:21 - 00000000 ____D C:\Users\AmonSul\Downloads\BF2
2015-10-20 15:53 - 2015-10-20 15:53 - 00001723 _____ C:\Users\AmonSul\Desktop\Spellforce.lnk
2015-10-20 13:21 - 2015-10-20 13:21 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-17 22:37 - 2015-10-17 22:37 - 03996360 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-10-16 14:34 - 2015-10-16 14:34 - 00077236 _____ C:\Users\AmonSul\Downloads\Versuchsplan Hydrodynamik.xlsx
2015-10-13 19:02 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-13 19:02 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-13 19:02 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-13 19:02 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-13 19:02 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-13 19:02 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-13 19:02 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-13 19:02 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-13 19:02 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-13 19:02 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-13 19:02 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-13 19:02 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-13 19:02 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-13 19:02 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-13 19:02 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-13 19:02 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-13 19:02 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-13 19:02 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-13 19:02 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-13 19:02 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-13 19:02 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-13 19:02 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-13 19:02 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-13 19:02 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-13 19:02 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-13 19:02 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-13 19:02 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-13 19:02 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-13 19:02 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-13 19:02 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-13 19:02 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-13 19:02 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-13 19:02 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-13 19:02 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-13 19:02 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-13 19:02 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-13 19:02 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-13 19:02 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-13 19:02 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-13 19:02 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-13 19:02 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-13 19:02 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-13 19:02 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-13 19:02 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-13 19:02 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-13 19:02 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-13 19:02 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-13 19:02 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-13 19:02 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-13 19:02 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-13 19:02 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-13 19:02 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-12 23:24 - 2015-10-12 23:27 - 00000000 ____D C:\Program Files (x86)\WinISO Computing
2015-10-12 23:24 - 2015-10-12 23:24 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\WinISO Computing
2015-10-12 23:24 - 2015-10-12 23:24 - 00000000 ____D C:\Users\AmonSul\AppData\Local\WinISO Computing
2015-10-12 21:20 - 2015-10-12 21:20 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2015-10-12 20:45 - 2015-10-12 20:45 - 00000000 ____D C:\Users\AmonSul\AppData\Local\Disc_Soft_Ltd
2015-10-12 20:40 - 2015-10-12 23:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI
2015-10-12 20:30 - 2015-10-12 20:30 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2015-10-12 20:30 - 2015-10-12 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-10-12 20:30 - 2015-10-12 20:30 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2015-10-09 18:49 - 2015-10-09 18:49 - 00001474 _____ C:\Users\AmonSul\Desktop\RoM.lnk
2015-10-09 12:30 - 2015-11-01 02:13 - 00000000 ____D C:\Users\AmonSul\Documents\Battlefield 2
2015-10-09 12:26 - 2015-11-01 01:36 - 00000000 ____D C:\Program Files (x86)\EA GAMES
2015-10-09 12:26 - 2015-11-01 01:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2015-10-07 14:27 - 2015-10-03 05:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00376112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00339064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-02 19:37 - 2013-05-20 22:49 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-02 19:31 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-02 19:00 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-02 18:57 - 2012-12-31 21:46 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-02 18:45 - 2015-06-18 12:34 - 00001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001UA.job
2015-11-02 17:34 - 2015-07-30 15:15 - 00000000 ____D C:\Users\AmonSul
2015-11-02 17:33 - 2010-12-02 23:24 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-02 17:19 - 2011-08-29 16:13 - 00000000 ___RD C:\Users\AmonSul\Dropbox
2015-11-02 17:19 - 2010-06-16 12:24 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Skype
2015-11-02 16:27 - 2014-07-23 10:35 - 00000000 ____D C:\Users\AmonSul\AppData\Local\Battle.net
2015-11-02 16:04 - 2014-07-23 10:35 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-02 16:04 - 2011-08-29 16:09 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Dropbox
2015-11-02 15:57 - 2012-12-31 21:46 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-02 15:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-01 22:58 - 2011-02-15 20:10 - 00000000 ____D C:\ProgramData\ts3overlay
2015-11-01 22:11 - 2011-01-22 14:40 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{47C78EDB-43F3-4774-A6E4-9BC251E4A51A}
2015-11-01 19:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-01 14:12 - 2012-04-17 15:32 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\vlc
2015-11-01 14:07 - 2012-05-28 17:37 - 00000000 ____D C:\Users\AmonSul\dwhelper
2015-11-01 01:53 - 2015-07-30 15:12 - 02104920 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-01 01:53 - 2015-07-10 17:34 - 00893894 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-01 01:53 - 2015-07-10 17:34 - 00200430 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-01 01:46 - 2015-07-30 15:02 - 00154184 _____ C:\WINDOWS\PFRO.log
2015-11-01 01:46 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-01 01:45 - 2015-07-10 10:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-11-01 01:43 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-01 01:40 - 2010-06-16 21:06 - 00218536 _____ C:\WINDOWS\DirectX.log
2015-11-01 01:36 - 2010-06-16 22:35 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-01 01:13 - 2015-07-01 10:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-01 01:13 - 2014-12-26 20:05 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-31 10:47 - 2010-08-25 10:18 - 00000000 ____D C:\Users\AmonSul\Documents\SpellForce
2015-10-31 10:45 - 2015-06-18 12:33 - 00001180 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001Core.job
2015-10-30 14:23 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-29 18:29 - 2012-02-02 02:05 - 00000000 ____D C:\Users\AmonSul\Documents\Runes of Magic
2015-10-28 21:37 - 2014-06-04 21:23 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-10-26 10:57 - 2015-08-24 16:17 - 00035880 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2015-10-26 10:47 - 2015-08-21 11:59 - 00000000 ____D C:\Users\AmonSul\AppData\Local\Akamai
2015-10-22 19:21 - 2010-06-16 12:09 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-22 03:40 - 2010-08-25 09:57 - 00002156 _____ C:\Users\AmonSul\Desktop\SpellForce - Platinum Edition.lnk
2015-10-22 01:47 - 2013-11-13 00:44 - 00000000 ____D C:\Users\AmonSul\AppData\Local\NVIDIA Corporation
2015-10-22 01:44 - 2015-07-10 13:20 - 00018724 _____ C:\WINDOWS\setupact.log
2015-10-21 23:53 - 2011-08-21 12:39 - 00000000 ____D C:\Program Files (x86)\ArtMoney
2015-10-21 12:43 - 2010-09-22 21:14 - 00007673 _____ C:\Users\AmonSul\AppData\Local\Resmon.ResmonCfg
2015-10-21 10:54 - 2014-07-23 10:51 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-10-17 21:56 - 2010-06-16 12:23 - 00000000 ____D C:\ProgramData\Skype
2015-10-16 19:12 - 2013-01-22 20:53 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\dvdcss
2015-10-16 08:39 - 2012-10-13 00:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-16 04:10 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-13 20:37 - 2011-01-12 15:10 - 00000000 ____D C:\Data
2015-10-13 19:15 - 2013-09-08 20:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-13 19:10 - 2010-06-16 11:06 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-12 23:35 - 2013-05-08 13:02 - 00000000 ____D C:\Program Files (x86)\KONAMI
2015-10-12 20:33 - 2010-06-16 19:23 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\DAEMON Tools Lite
2015-10-12 13:17 - 2013-07-01 21:32 - 00000000 ____D C:\Users\AmonSul\Downloads\Urbana
2015-10-08 22:32 - 2014-08-07 09:56 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-08 22:32 - 2013-07-29 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-10-07 20:48 - 2013-07-29 11:31 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-10-07 20:48 - 2013-07-29 11:31 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-10-07 14:29 - 2010-06-16 11:48 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-07 11:53 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-07 11:53 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-07 11:53 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-07 11:53 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-07 11:53 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-07 11:52 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-07 11:52 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-07 11:52 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-06 19:45 - 2015-07-31 20:08 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-10-04 09:23 - 2015-07-31 20:16 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-10-04 09:23 - 2015-07-31 20:16 - 01317192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-10-04 09:22 - 2015-07-31 20:16 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-10-04 09:22 - 2015-07-31 20:16 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-10-03 05:58 - 2015-09-24 21:23 - 15803800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-03 05:58 - 2015-07-31 20:15 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-03 05:58 - 2015-07-31 20:15 - 00105264 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-10-03 05:58 - 2015-07-31 20:08 - 18354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-03 05:58 - 2015-07-31 20:08 - 12868120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-03 05:58 - 2015-07-31 20:08 - 03534888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-10-03 05:58 - 2015-07-31 20:08 - 03121144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-10-03 05:58 - 2015-07-31 20:08 - 00034392 _____ C:\WINDOWS\system32\nvinfo.pb
2015-10-03 03:38 - 2015-07-31 20:15 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-10-03 03:38 - 2015-07-31 20:15 - 02982704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-10-03 03:38 - 2015-07-31 20:15 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-10-03 03:38 - 2015-07-31 20:15 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-10-03 03:38 - 2015-07-31 20:15 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-10-03 03:38 - 2015-07-31 20:15 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-10-30 12:26 - 2010-10-30 12:38 - 0000345 _____ () C:\Users\AmonSul\AppData\Roaming\glade-3.conf
2010-09-03 13:46 - 2015-08-26 13:16 - 0033792 _____ () C:\Users\AmonSul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-05 01:45 - 2014-01-05 01:45 - 0000095 _____ () C:\Users\AmonSul\AppData\Local\fusioncache.dat
2015-07-01 10:56 - 2015-07-01 10:56 - 0000337 _____ () C:\Users\AmonSul\AppData\Local\Perfmon.PerfmonCfg
2010-09-22 21:14 - 2015-10-21 12:43 - 0007673 _____ () C:\Users\AmonSul\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\AmonSul\AppData\Local\Temp\997b4640dbd090156ecabec0aaa0df90.dll
C:\Users\AmonSul\AppData\Local\Temp\avgnt.exe
C:\Users\AmonSul\AppData\Local\Temp\d4f5d244a0909d75573750c06e9db24d.dll
C:\Users\AmonSul\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3p9jwh.dll
C:\Users\AmonSul\AppData\Local\Temp\DTLite1010-0074.exe
C:\Users\AmonSul\AppData\Local\Temp\npp.6.8.1.Installer.exe
C:\Users\AmonSul\AppData\Local\Temp\npp.6.8.3.Installer.exe
C:\Users\AmonSul\AppData\Local\Temp\SkypeSetup.exe
C:\Users\AmonSul\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-31 12:12

==================== Ende von FRST.txt ============================

Vigilantus 02.11.2015 19:51
Addition.txt
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-10-2015
durchgeführt von AmonSul (2015-11-02 19:38:19)
Gestartet von C:\Users\AmonSul\Desktop
Windows 10 Pro (X64) (2015-07-30 14:54:01)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1149312127-3900390906-2569845260-500 - Administrator - Disabled)
AmonSul (S-1-5-21-1149312127-3900390906-2569845260-1001 - Administrator - Enabled) => C:\Users\AmonSul
ASPNET (S-1-5-21-1149312127-3900390906-2569845260-1017 - Limited - Enabled)
DefaultAccount (S-1-5-21-1149312127-3900390906-2569845260-503 - Limited - Disabled)
Gast (S-1-5-21-1149312127-3900390906-2569845260-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1149312127-3900390906-2569845260-1007 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Active@ ISO Burner (HKLM-x32\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated)
Adobe Download Manager (HKLM-x32\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.63 - NOS Microsystems Ltd.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AION Free-To-Play (HKLM-x32\...\InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}) (Version: 2.70.0000 - Gameforge)
AION Free-To-Play (x32 Version: 2.70.0000 - Gameforge) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Akamai) (Version:  - Akamai Technologies, Inc)
Anno 1404 (HKLM-x32\...\Steam App 33250) (Version:  - Blue Byte)
Anno 1404: Venice (HKLM-x32\...\Steam App 33350) (Version:  - Blue Byte)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04.1 - Ubisoft)
Anno 1701 Version 1.04.1 (HKLM-x32\...\{67DBBEAD-91A0-40C8-B34C-BE1026CABBE2}_is1) (Version: 1.04.1 - Ubisoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArtMoney SE v7.37 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.37 - System SoftLab)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{5dfbeba9-9f22-463d-8c95-c861911810a2}) (Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 2 Server (HKLM-x32\...\{F3CA370F-0B4B-4239-BF5A-2CC751EB5D3C}) (Version: 1.00.001 - EA Games)
Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4809) (Version:  - Canon Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dawn of War - Dark Crusade (HKLM-x32\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ)
Dawn Of War - Winter Assault (HKLM-x32\...\{DD8408E9-9421-484F-979D-DB6361E3E828}) (Version: 1.4 - THQ)
Dawn Of War (HKLM-x32\...\{83F12F73-D52E-40C0-93B1-463C311C4E17}) (Version: 1.40 - THQ)
Dropbox (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Echo of Soul (HKLM-x32\...\Echo of Soul) (Version:  - )
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hellgate: London (HKLM\...\{A2B4455D-1046-4732-BFBC-0821BEFC07BC}) (Version: 1.10.180.3416 - Flagship Studios)
HexEdit (HKLM-x32\...\{083EF76E-0760-4D7A-9508-0B88A3AF1889}) (Version: 4.0.0 - Expert Commercial Software Pty Ltd)
Inquisition Daemonhunt (HKLM-x32\...\Inquisition Daemonhunt) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version:  - Valve)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - Tomorrow Corporation)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM-x32\...\NCLauncher_GameForge) (Version:  - NCsoft)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
PlanetSide 2 (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PoE:2 v2.5.0.0 (HKLM-x32\...\PoE:2) (Version: 2.5.0.0 - Point of Existence)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PuTTY version 0.60 (HKLM-x32\...\PuTTY_is1) (Version: 0.60 - Simon Tatham)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
RAD Video Tools (HKLM-x32\...\RADVideo) (Version:  - )
Runes of Magic (HKLM-x32\...\{F57FBE91-C48B-4A86-91C8-A9C3D744E459}_is1) (Version: 6.2.2.2736 - Gameforge Productions GmbH)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Sir Henry's 1701 RDA Packer V1.0 (HKLM-x32\...\Sir Henry's 1701 RDA Packer_is1) (Version:  - Sir Henry)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SpellForce (HKLM-x32\...\SpellForce) (Version: SpellForce v1.52 - JoWooD Productions Software AG)
SpellForce 2 - Shadow Wars (HKLM-x32\...\{1A4E47DC-6701-4A85-AA16-C1F99A44598C}) (Version: 1.00.0000 - Ihr Firmenname)
SpellForce 2 Update v1.02 (HKLM-x32\...\SpellForce 2 Update v1.02) (Version:  - )
Star Wars Battlefront (HKLM-x32\...\{C79CB9C7-10A4-4814-8402-F574672C2192}) (Version: 1.0 - LucasArts)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2S166A0-F031-4E27-A057-C69733219434}_is1) (Version: 18.10.03 - Gameforge Productions GmbH)
TeXnicCenter Version 2.0 Beta 1 (HKLM\...\TeXnicCenter_is1) (Version: 2.0 Beta 1 - The TeXnicCenter Team)
Unreal Anthology (HKLM-x32\...\{14AA72DA-DB40-4A34-93A6-401A81D7AF9E}) (Version: 1.00.0000 - Epic Games, Inc.)
VC 9.0 Runtime (x32 Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
Yu-Gi-Oh! Power of Chaos JOEY THE PASSION (HKLM-x32\...\{336DD6B4-B100-4048-B2B7-FBA7059FD959}) (Version: 1.00.0000 - KONAMI)
Yu-Gi-Oh! Power of Chaos KAIBA THE REVENGE (HKLM-x32\...\{485C9280-B899-4D46-86F3-B3E459636EE5}) (Version: 1.00.0000 - KONAMI)
Yu-Gi-Oh! Power of Chaos YUGI THE DESTINY (HKLM-x32\...\{3571656A-575D-4CED-809D-5547587121FF}) (Version: 1.00.0000 - KONAMI)
ZoneAlarm LTD Toolbar (HKLM\...\ZoneAlarm LTD Toolbar) (Version:  - Check Point Software Technologies)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

30-10-2015 14:18:14 Windows Update
30-10-2015 14:22:03 Windows Update
31-10-2015 22:22:03 Installiert Battlefield 2 Patch v1.41
02-11-2015 19:32:12 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0466EC7F-51B9-4FDB-96A0-E1A570A6738B} - System32\Tasks\{AFAE6330-A6D6-4CA9-86AF-615EFE153674} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-09-28] (Skype Technologies S.A.)
Task: {07A540FE-C9C0-42BF-B040-2C730B8405F8} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {0C49E4EE-BB19-4956-B4C9-374410527808} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {16CE7D34-D7B6-42BB-8189-1A680A3260C2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1781FAED-367C-44A1-91FE-46958BAC6554} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {1DEBB65C-F478-4F57-A76E-A899D6B3579B} - System32\Tasks\{FF18F393-02A1-43EE-98F2-65C727D864F6} => pcalua.exe -a C:\Users\AmonSul\Downloads\HiJackThis204.exe -d C:\Users\AmonSul\Downloads
Task: {23CEE39C-E73C-44B5-9A81-38EA353862A7} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {23E34896-6CBA-47BC-99F6-BC62EA354063} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {2D86DF62-52A1-4BF3-8318-0160A986D85B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {2EF61AC2-3318-4042-A826-1B035EC72DC6} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {4A23E7F5-6153-4CF4-AB3C-FC5432EDF8DB} - System32\Tasks\{C63DDF16-D3C8-41C5-960E-773B9CA2A162} => pcalua.exe -a C:\Users\AmonSul\Downloads\Gwyddion-2.21.exe -d C:\Users\AmonSul\Downloads
Task: {539C83E4-7152-4582-88A7-22C1009DD375} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {5885EA78-0F9E-4754-8381-0AC256AF841A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5D567709-E40B-4EF6-8F7A-02A7499E353C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {5D72A9C5-D44E-4043-9FE2-7724290F4895} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {5EA26DEE-6DD1-4BEA-AF63-A52BF340854F} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {70220171-5D72-4034-9780-42722BC13824} - System32\Tasks\{8AF80078-7C5D-4A04-BF6B-FBCEF52257DF} => pcalua.exe -a "C:\Program Files (x86)\gs\uninstgs.exe" -d "C:\Program Files (x86)\gs"
Task: {7410F950-99ED-4645-8BE8-EC192DAC9C7C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {7B3FCB48-74C4-4499-B9E9-D70EA036F5D1} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {7C4C6458-B3D5-4552-9852-8A73A88EE8AB} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {7F0DE0C0-EA9C-4DE0-8DBA-B873B89AB12D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {83E83303-4C10-4628-BEA4-30D0E05500D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {841E8240-564E-4527-8F64-C4CBC345FC45} - System32\Tasks\{8A442661-937D-497C-BCB4-D6A67AE07E6E} => pcalua.exe -a C:\Users\AmonSul\Downloads\HiJackThis.exe -d C:\Users\AmonSul\Downloads
Task: {87615692-2FCA-46B8-B9A7-A9066C57261A} - System32\Tasks\{D9DE0FA9-DAD7-41B6-BB52-D326C16097D2} => C:\Users\AmonSul\Downloads\WebCam\WebCam\Setup.exe
Task: {8E089290-17F9-4A21-83F6-D56E8B5CA3F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {8FD9A9B6-EBBD-4368-9B57-F0B8CC8FBD00} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {935F9E5C-F82C-4496-B320-DFB6BA24574A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-13] (Microsoft Corporation)
Task: {984D8A8C-5401-4DB7-A708-0BB28A00C828} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== ACHTUNG
Task: {A2112753-1252-4201-9309-424ECBF9CBA8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {A36E7BF9-8152-461C-AE5B-9A539E482E9F} - System32\Tasks\{EADC11EC-DC8D-4300-8193-0F13E3841811} => pcalua.exe -a C:\Windows\SysWOW64\DivXControlPanelApplet.cpl -c DivX Control Panel
Task: {A6C057E7-E932-4E49-B125-CA405AEC023D} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B46B7A85-73AD-41B5-BC45-2042A2665D9E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B5DD6CB1-AB70-4378-935B-61C13A2CF8C0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {B8A0D74F-7056-41C1-A299-7DF80E798E52} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C01565F9-07D8-4543-A11B-BDE7180ED812} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {CEE2A51B-CE2F-42D3-A490-27EE8C02636B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {D1C42257-0E76-41C7-BBB7-E2F483E707D9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {D8CF64B1-D41A-4CE8-8E77-8499AB82FFF5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001Core => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {DAC2BAFF-DDDD-4F7D-AA39-ED14E69F72EA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {DCF204F7-58B8-4D6C-B040-EEAE94ABCF7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {E4D59790-9555-42B8-9056-E651BDC20360} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {F3F6446F-4DA1-4C97-B490-EFD47DB0E264} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {FB2924C5-AE9B-4506-80D0-BD6EACEEA67E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001UA => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {FE0D1C3E-5AD2-42AF-8C85-AE227D58E96F} - System32\Tasks\{DE62D6C2-DD73-40D0-AE7E-248D1DD57C6B} => C:\Users\AmonSul\Downloads\WebCam\WebCam\Setup.exe
Task: {FEEF5B74-6BA1-498B-AF81-599BB44C782F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001Core.job => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001UA.job => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-30 15:55 - 2015-07-30 15:55 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 18:27 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-01 21:34 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2010-06-16 14:21 - 2010-03-15 10:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2015-10-01 21:34 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 21:34 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 21:34 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 21:34 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 21:34 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 21:34 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\AmonSul\Cookies:gs5sys
AlternateDataStreams: C:\Users\AmonSul\Desktop\20150802_194842.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\AmonSul\Desktop\20150802_195005.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\AmonSul\Downloads\Jahresinhalt2014.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\AmonSul\Downloads\Mondkalender_2015.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\AmonSul\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\AmonSul\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\AmonSul\Documents\Runes of Magic:com.dropbox.attributes

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\aeriagames.com -> hxxp://aeriagames.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\AmonSul\Downloads\underworld_awakening_2012-wallpaper-1920x1080.jpg
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\AmonSul\Downloads\underworld_awakening_2012-wallpaper-1920x1080.jpg
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\AmonSul\Downloads\underworld_awakening_2012-wallpaper-1920x1080.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IswSvc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SBSDWSCService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: DivX Download Manager => "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
HKLM\...\StartupApproved\Run32: => "Aeria Ignite"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Akamai NetSession Interface"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{60538A48-A9A6-4BA3-B68A-0405094300A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{4578A1EB-5D78-4DFA-A875-AD85E3B7B2E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{1EB5650A-5852-4142-A507-E35408339310}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{8539C43D-790D-4378-A521-0E2FE21A471B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{52F1B24A-8773-4246-92E4-CCAD4799F9F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{C0F5776E-F503-43A7-9B54-B014627158F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{C90D159C-D2B6-4434-BD84-2DFB51E49B4A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{30C8D414-946D-4987-BE4F-7CE0C4D241FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D206394A-7CFE-4D34-8804-5E973FB315F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [{9B23E208-409F-48F2-BBF2-7ABF1C09BEA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [{4159A064-0785-4F04-A379-F5BDBFC2900E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{44A0EF97-BA1A-4C32-BAF2-88B6F29998A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{87F676A8-CC14-489A-8BA9-C367BC915E4A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A5EDDEE3-6840-4448-8508-9C46EB341484}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1B9F5426-1463-4E91-9BCA-FDFFAC5685C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{6EB1D6C5-59FD-49A4-9E17-175FC1E1C715}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{B11820E2-74E4-4475-955E-5AA35CD89E30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5F45CA99-0C87-4772-97E8-38F3E1FD2F51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DA3B01A3-3B9D-4FFD-BDE6-6B75D2584C22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A5FCE1DD-0C0E-4B69-8E3A-633AF7C2D3DC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9A5219E9-B44E-4094-9CC1-098E86341D43}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AE5F66FF-7F49-4981-B85F-FECBC86C506A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{883D1ECC-75D3-4436-A0CD-0D4BE78895B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4EE91ED7-D03E-4BFF-94F6-519B895CB4AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C2C65CDF-7F0A-4BA1-B1FC-D245815BCF0D}] => (Allow) C:\Users\AmonSul\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{C0395405-32E1-4814-AFE8-10447085BB86}] => (Allow) C:\Users\AmonSul\AppData\Roaming\ICQM\icq.exe
FirewallRules: [UDP Query User{454DC57F-0932-42DE-B855-BF2FEB09577D}C:\program files (x86)\ea games\battlefield 2 server\bf2_w32ded.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2 server\bf2_w32ded.exe
FirewallRules: [TCP Query User{631C5AB2-43A9-4A30-8FBC-C4FBD68A2C6B}C:\program files (x86)\ea games\battlefield 2 server\bf2_w32ded.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2 server\bf2_w32ded.exe
FirewallRules: [{51E3615D-ABBE-43B2-B3E5-DADE73CBBB45}] => (Allow) C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{885400D7-E8B7-4F25-8B24-AB43168B8231}] => (Allow) C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{839F0807-38D8-4913-AFE6-6D5605A2FD92}] => (Block) C:\users\amonsul\appdata\local\playata client\playataclient.exe
FirewallRules: [{5F16A607-CF0A-4E84-91C5-0C8A5799C5C0}] => (Block) C:\users\amonsul\appdata\local\playata client\playataclient.exe
FirewallRules: [UDP Query User{B5846FE4-1EAB-4CEE-8CA5-D8A5B8A27803}C:\users\amonsul\appdata\local\playata client\playataclient.exe] => (Allow) C:\users\amonsul\appdata\local\playata client\playataclient.exe
FirewallRules: [TCP Query User{4CA10757-995D-4F5E-BBD4-05DBBD9B9ACF}C:\users\amonsul\appdata\local\playata client\playataclient.exe] => (Allow) C:\users\amonsul\appdata\local\playata client\playataclient.exe
FirewallRules: [{0887AFAA-7402-44DD-903B-1A1335E37F9A}] => (Allow) C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5B5E888F-7BC9-4DEA-96E8-2FE268867259}] => (Allow) C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{53AF6B0A-8C79-48F1-8408-3D84EAB9A2BC}] => (Allow) C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{108C09C4-D0BB-4DEC-98FF-F5A575206A03}] => (Allow) C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8019F585-B76D-4C1B-B93A-E5FB66B8DB8A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{9A010229-B28B-43AF-A696-AD55598900A5}] => (Allow) C:\Program Files (x86)\BlastShark\hellgate\BlastShark.exe
FirewallRules: [{E1B287A4-6CF0-4BFD-81B7-80BB97DEEF02}] => (Allow) C:\Program Files (x86)\BlastShark\hellgate\BlastShark.exe
FirewallRules: [{0FADE70B-6F44-4379-AC1A-A7AEB78D20A4}] => (Allow) C:\Program Files (x86)\BlastShark\hellgate\BlastShark.exe
FirewallRules: [{BC573E65-C796-4D8E-AE08-E1BEA2720D56}] => (Allow) C:\Program Files (x86)\BlastShark\hellgate\BlastShark.exe
FirewallRules: [{B9502817-D671-4889-B69E-8DE5633BEEFD}] => (Allow) C:\Teamspeak Server\ts3server_win64.exe
FirewallRules: [{2C61B131-8096-47F0-A3A8-92A10B3D2D32}] => (Allow) C:\Teamspeak Server\ts3server_win64.exe
FirewallRules: [{9F83DD8B-FA2A-4098-8092-F98EA217A006}] => (Allow) C:\Teamspeak Server\ts3server_win64.exe
FirewallRules: [{517DF004-D087-4AED-BE4E-EE5FD049A736}] => (Allow) C:\Teamspeak Server\ts3server_win64.exe
FirewallRules: [{8BB1BC54-CA7B-425B-AE6A-44ED8B7EB564}] => (Block) C:\program files (x86)\runes of magic\client.exe
FirewallRules: [{D8853763-38AD-4FD1-BE15-2DEF36715BAA}] => (Block) C:\program files (x86)\runes of magic\client.exe
FirewallRules: [UDP Query User{F38EEB39-C2EE-4CB0-8787-E68FAC3A4B09}C:\program files (x86)\runes of magic\client.exe] => (Allow) C:\program files (x86)\runes of magic\client.exe
FirewallRules: [TCP Query User{EC7572CB-77DC-42F7-BA78-B898672F094B}C:\program files (x86)\runes of magic\client.exe] => (Allow) C:\program files (x86)\runes of magic\client.exe
FirewallRules: [{8DA5DDD4-AC06-4C51-8CD1-0AFE90E79DC6}] => (Allow) LPort=1900
FirewallRules: [{61EF1D80-5D92-42AC-A505-DE0182480E39}] => (Allow) LPort=2869
FirewallRules: [{8D8E963B-EC85-466B-A551-24B9EB9F3126}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CD328824-DE02-4640-BE44-DC2E2802F12A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6251FF63-D469-4A33-AAD8-B9555C98EA07}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A845DD47-BC10-4BAC-A875-23D9D1852616}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3F8B7C4F-EC73-41B6-9B09-058419D72810}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{97CB0B94-64F9-427D-A4FD-2E43F23AF017}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D7AE0386-4B3F-4F5B-BA62-343D3F36BA90}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{93EB0F01-8E10-477F-AF02-33D1E67DDB9D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{497199C2-3AC4-4A18-B3E0-1F1502C142D7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E5AC1F31-73EF-47C0-826B-523DEC2DFBBA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A4E1A836-1807-462C-88B8-8895109A7AA4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{072813FA-D04C-419E-8E2F-32E97F89D02E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1FD9E5C6-1EF9-4924-9DDD-292A77FFC7E2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9987B18D-F01C-4E2E-B638-E5FC14F5AF27}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0B08155D-4763-46B9-A851-B9C6FE86ABAD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A95A4A6D-F6F3-44B2-A816-DB9DCEF32AD6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{79C6AF41-72A3-4476-BC4A-FBC4CE0B929B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{88FBD98E-6EDA-4BCA-803C-EE90E5EE0F4D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{063557F0-128B-4D24-AFF9-4AF46C49B40D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{87D6F983-BA19-4D93-8391-A8F439C6F903}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FEE0DEA6-5595-43F7-87AE-30EA50D11A03}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B4FD663D-C7C8-44A5-91F0-412A299202D2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AEE91424-8E2F-4A0E-A907-B9387EC50494}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4E815FC2-5D72-4BFD-AD53-6D824D1DDFF8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{63C10D86-6399-4C4D-8642-71A466EC8E70}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{340F1D1D-E2FB-4A62-913A-10411131EB3C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DC3447D9-49B9-4969-A548-7B7AB5034C8F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{894B8571-791A-428E-96C9-3854B5C58A48}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B26C7C27-21D6-4D0B-81FF-76A7BB5A9C01}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BD27B118-645F-488D-8251-5CA6720B722D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F42B1ACB-9243-4ADE-AE24-B92294838736}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AD219701-ED99-411C-8849-941F9ECF77D4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9480E79B-BE9C-4782-9946-224186515B33}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C8FD14E6-1D6E-4052-8B97-8550CD7C9F20}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C42293CB-CC91-4100-A66D-15524ABD6BD2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C0247BED-BB3A-43AF-B379-C9E81599FEF8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{196ACC13-1347-4720-ADB4-E37690755B2E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{53FF0122-7EC4-43DE-91B2-36D38DB0CF40}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{16CB6D84-70AF-47B8-99CE-952AF0230A0B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{77F32B6F-EF86-4A73-954F-9BA36E6F2EC7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{92102507-425F-47D4-8E23-DC86544A3183}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{57D216F1-EB5C-4B16-8C15-E79BF9C3CC4D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F2B476F3-E848-4DF8-B918-88784544E147}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F66C611F-E611-499B-A642-775F6058FE1A}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{BCF01C43-5DA0-4C03-9264-1106713D6B4B}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{D59C8D5F-F707-4FD7-B8BE-A3A4D68F08D1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B6AD337E-784A-4CD1-A326-4B2CB241C2C8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E4D2C294-50A6-4360-B72E-BFFA838B598F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FEE33F62-929E-43DE-B61D-BFD7BA42B348}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B1C57FF2-C9CD-4C16-A88C-CA79EFE53824}] => (Allow) C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
FirewallRules: [{B764CF85-D11B-4F6B-8810-ACDE71B571FA}] => (Allow) C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
FirewallRules: [{98314C8E-85FB-4C9B-AC45-68EBDD5EC6E0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3F9DCEF3-601F-47E6-8D05-DC2ABF533B34}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1240056F-66A0-4212-9E9A-8603BF6F28BA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{17E96B47-1F6D-437E-8E57-E5021CC941F1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D3D71F68-209E-4AA1-9564-7E367182BE80}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DF094B62-013F-483F-8E40-EA63C7731852}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{786B3AAB-4F4B-4024-9317-23464791E63C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{51620AD7-C97E-45EA-B130-2D041D3FBD17}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9585F106-55E8-4C2F-B97E-6B477E7DED7B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{33C8646C-BEB9-457F-AB49-CBEB7253A2BF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3C00D7C0-3807-4339-9A04-B04867BDAC37}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7F6082AF-1528-42B0-8D39-C9D121D94B94}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C5CACB2E-BBF9-4EF7-9A72-9F62A170CF41}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F67E6124-9C88-4A89-897E-89C9AF7F3939}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F41ACE5D-0F64-4F7A-BD13-F903DB2294A9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EAFF97BE-9BAA-4AF8-9863-5EBFC3CEEFF9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{81620847-0403-4F87-B916-BFF2E1B889BF}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Battlefront\GameData\battlefront.exe
FirewallRules: [{44BE8824-91DD-4090-897D-0410D4BD14C2}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Battlefront\GameData\battlefront.exe
FirewallRules: [{E0548FC4-09BB-4EF5-857E-3E15D5304D54}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F03DA2F7-FADD-4F14-A1F5-F734518ED11F}] => (Allow) C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe
FirewallRules: [{C5CDE098-A5C0-4863-9FFE-585707907986}] => (Allow) C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe
FirewallRules: [{CF71A4B9-01C1-47C5-9335-26B911219CCA}] => (Allow) C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe
FirewallRules: [{FDA209CF-08AA-438A-BB44-6F5C58321BE4}] => (Allow) C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe
FirewallRules: [{AD225CCA-0F0C-48A0-985F-DAFCAC9E1C27}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
FirewallRules: [{32075600-1198-417F-B2A6-1F867984D6CF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{47DDFE1D-6155-4DB7-AB90-110044BD5C25}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A5F89B9-5A14-4E00-AC18-5A24911D8C66}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{FFCFA980-A16F-4C51-90F3-0BAD22B7F599}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [UDP Query User{0DDCD0A5-EA78-44BE-B198-4D264EE4CC27}C:\program files (x86)\xfire\xfire.exe] => (Allow) C:\program files (x86)\xfire\xfire.exe
FirewallRules: [TCP Query User{389FBF55-F258-4B1C-B7F8-042DA1FF1F1D}C:\program files (x86)\xfire\xfire.exe] => (Allow) C:\program files (x86)\xfire\xfire.exe
FirewallRules: [TCP Query User{8ED92A61-5911-4A43-BB5F-0C8713840099}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [UDP Query User{ED89E760-6478-42E5-BFAA-30AA97280B27}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [TCP Query User{92AF7762-3F8F-4922-9675-E4530060C918}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{C9BFF00B-4EA5-49ED-9C78-96EA94B68AD4}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{86B50C29-36A2-4EB2-8A15-3B22E29ECBD3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2941334D-BF2A-48C7-92E3-30E220EFD4DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DB0746F6-E40C-4BDA-913B-5FD7889FD91D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{04F4A1C5-DD7D-4304-823D-D2468D556114}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{27D5DBA8-3883-40B8-BDEE-3C0F7365852A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{724EC400-5FDC-4C0F-9020-F7FF5B31A2D1}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe] => (Allow) C:\program files (x86)\gameforge\nclauncher\nclauncher.exe
FirewallRules: [UDP Query User{8A35B6E5-9F86-4C30-A5B3-90E58109E081}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe] => (Allow) C:\program files (x86)\gameforge\nclauncher\nclauncher.exe
FirewallRules: [TCP Query User{E6D90CD5-A7FC-410F-A2B2-A743A9D17BA1}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [UDP Query User{5F05D39A-72C4-4DD8-B6B3-68BE9C65F8C0}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [TCP Query User{25D1E8CC-58FA-4F2B-9F01-32E6DC9961D2}C:\users\amonsul\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\amonsul\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{E7F0CACB-C18F-4C67-97DE-ABD2FEC2C4EE}C:\users\amonsul\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\amonsul\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{E2E0C355-B6A6-4C41-A095-4EAFE83C4C31}C:\program files (x86)\spellforce\spellforce 2 - shadow wars\spellforce2.exe] => (Allow) C:\program files (x86)\spellforce\spellforce 2 - shadow wars\spellforce2.exe
FirewallRules: [UDP Query User{D85701B6-BA7A-4ED9-80E5-A6AB0D883384}C:\program files (x86)\spellforce\spellforce 2 - shadow wars\spellforce2.exe] => (Allow) C:\program files (x86)\spellforce\spellforce 2 - shadow wars\spellforce2.exe
FirewallRules: [TCP Query User{2C287175-5E7C-4788-B8B6-DA4EBE9B99B4}C:\program files (x86)\jowood\spellforce\spellforce.exe] => (Allow) C:\program files (x86)\jowood\spellforce\spellforce.exe
FirewallRules: [UDP Query User{50FC5FF3-A5A3-40D8-9AA4-D666B7120073}C:\program files (x86)\jowood\spellforce\spellforce.exe] => (Allow) C:\program files (x86)\jowood\spellforce\spellforce.exe
FirewallRules: [TCP Query User{A68942F2-381C-4E50-88B4-1C7F0C66BF6B}C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe
FirewallRules: [UDP Query User{3011B8FC-1AD7-4F8A-8563-D67207BBEF6E}C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe
FirewallRules: [TCP Query User{EF4FBC29-C046-4542-84E9-DB12B4D4892A}C:\users\amonsul\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\amonsul\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{C229706B-FE71-469D-B1AE-D3DF7D9AABA8}C:\users\amonsul\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\amonsul\appdata\local\akamai\netsession_win.exe
FirewallRules: [{F0F96920-0027-4976-A734-CC81BB5576C4}] => (Allow) LPort=56523
FirewallRules: [{77724B4C-A6CB-45F5-BF52-BC1CB5508101}] => (Allow) LPort=5000
FirewallRules: [TCP Query User{BB107E87-D464-4892-B6A2-CF7D1E9E19E6}C:\program files (x86)\ubisoft\anno 1701\anno1701.exe] => (Allow) C:\program files (x86)\ubisoft\anno 1701\anno1701.exe
FirewallRules: [UDP Query User{F3B3E2F0-95D6-47DB-9BCD-F20976BC9EB4}C:\program files (x86)\ubisoft\anno 1701\anno1701.exe] => (Allow) C:\program files (x86)\ubisoft\anno 1701\anno1701.exe
FirewallRules: [{17456301-C88B-46F2-98AB-D5ED3CDF3CEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Anno4.exe
FirewallRules: [{7B3DFA96-9786-4A96-9BE1-5F68E65A9D0B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Anno4.exe
FirewallRules: [{1B6B1D8C-AAC1-4334-A035-9F332D4A1922}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Addon.exe
FirewallRules: [{2FA2C3A4-B62E-4060-AEC9-84047D7BC4E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Addon.exe
FirewallRules: [TCP Query User{638010AE-C9C3-40C7-A86B-912A27C7094C}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [UDP Query User{AB0A571B-AD23-426F-B4FB-09A46183D754}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [{E2E38F85-766A-4BF6-B0BB-EACAD178D31E}] => (Allow) C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe
FirewallRules: [{389B38D3-74A5-4F44-A958-9A62111AC97D}] => (Allow) C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/02/2015 07:32:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/02/2015 01:56:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AmonSul-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/01/2015 06:50:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AmonSul-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/01/2015 01:13:09 AM) (Source: MsiInstaller) (EventID: 1024) (User: AmonSul-PC)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F094E6D00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/31/2015 10:22:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (10/31/2015 02:27:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AmonSul-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/31/2015 02:27:52 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AmonSul-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/31/2015 02:27:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.10240.16515, Zeitstempel: 0x55fa599a
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.10240.16548, Zeitstempel: 0x56133a14
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000004aee7f
ID des fehlerhaften Prozesses: 0x608
Startzeit der fehlerhaften Anwendung: 0xShellExperienceHost.exe0
Pfad der fehlerhaften Anwendung: ShellExperienceHost.exe1
Pfad des fehlerhaften Moduls: ShellExperienceHost.exe2
Berichtskennung: ShellExperienceHost.exe3
Vollständiger Name des fehlerhaften Pakets: ShellExperienceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ShellExperienceHost.exe5

Error: (10/30/2015 02:22:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (10/30/2015 02:19:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (11/02/2015 07:33:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Disc Soft Lite Bus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 07:33:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 07:33:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VIA Karaoke digital mixer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 07:33:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 07:33:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Message Queuing" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/02/2015 07:33:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA GeForce Experience Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 07:33:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 07:33:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/02/2015 01:56:57 AM) (Source: DCOM) (EventID: 10010) (User: AmonSul-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (11/02/2015 01:56:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2015-08-11 11:37:31.206
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:29.174
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:29.109
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:25.068
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.982
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.847
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.697
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.597
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.530
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.444
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 12286.05 MB
Verfügbarer physikalischer RAM: 10249.02 MB
Summe virtueller Speicher: 21488.05 MB
Verfügbarer virtueller Speicher: 19312.66 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:383.24 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4D478EF6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================

schrauber 03.11.2015 20:52

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Vigilantus 04.11.2015 00:35
Keine weiteren Vorkommnisse oder Probleme, allerdings hatte ich den PC außer für einen kleinen Checkup und die Scans jetzt nicht weiter in Betrieb, sondern alternativ am Laptop gearbeitet, also kommt es eventuell erst später wieder?

Da sich da ja anscheinend etwas im Browser eingenistet hatte, soweit ich das verstehe, heißt das vermutlich Erneuerung aller Passwörter?
Desweiteren nutze ich Dropbox zum Synchronieren vereinzelter Dateien und Ordner zwischen meinem PC und verschiedenen Laptops/Mobilgeräten. Auch wenn die meinerseits vermutete Quelle (heruntergeladene Datei) nicht dazugehörte und entsprechend auch nicht ausgeführt wurde auf den Rechnern, sollte ich trotzdem FRST dort mal durchlaufen lassen und hier posten?

ESET:
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=dc773e549e93144daca1a285300ee359
# end=init
# utc_time=2015-11-03 08:23:13
# local_time=2015-11-03 09:23:13 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 26549
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=dc773e549e93144daca1a285300ee359
# end=updated
# utc_time=2015-11-03 08:25:36
# local_time=2015-11-03 09:25:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=dc773e549e93144daca1a285300ee359
# engine=26549
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-03 11:19:56
# local_time=2015-11-04 12:19:56 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2180639 10066808 0 0
# scanned=420861
# found=0
# cleaned=0
# scan_time=10459
Security Check:
Code:
Results of screen317's Security Check version 1.009 
  x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Avira Antivirus   
Windows Defender 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player        19.0.0.226 
 Mozilla Firefox (42.0)
````````Process Check: objlist.exe by Laurent```````` 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
FRST:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
durchgeführt von AmonSul (Administrator) auf AMONSUL-PC (04-11-2015 00:25:14)
Gestartet von C:\Users\AmonSul\Desktop
Geladene Profile: AmonSul & DefaultAppPool &  (Verfügbare Profile: AmonSul & DefaultAppPool)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 2012-10-25] (VIA)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-10-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [{d6a7cfcc-1f1c-4638-8f9e-0f184696fcdb}] => C:\ProgramData\Package Cache\{d6a7cfcc-1f1c-4638-8f9e-0f184696fcdb}\Avira.OE.Setup.Bundle.exe [916744 2015-11-03] (Avira Operations GmbH & Co. KG) <===== ACHTUNG
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\Run: [Dropbox Update] => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\Run: [Akamai NetSession Interface] => C:\Users\AmonSul\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\RunOnce: [Uninstall C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\RunOnce: [Uninstall C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Akamai NetSession Interface] => C:\Users\AmonSul\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Dropbox Update] => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Akamai NetSession Interface] => C:\Users\AmonSul\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [Uninstall C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [Uninstall C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AmonSul\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 83.169.185.161 83.169.185.225
Tcpip\..\Interfaces\{e5dd4f1d-1660-4262-8ee9-ac91ca13da88}: [DhcpNameServer] 83.169.185.161 83.169.185.225

Internet Explorer:
==================
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001 -> DefaultScope {2E07025E-6A6D-4158-B2E9-2AB82A3EA40D} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001 -> {2E07025E-6A6D-4158-B2E9-2AB82A3EA40D} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {2E07025E-6A6D-4158-B2E9-2AB82A3EA40D} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {2E07025E-6A6D-4158-B2E9-2AB82A3EA40D} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {2E07025E-6A6D-4158-B2E9-2AB82A3EA40D} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {2E07025E-6A6D-4158-B2E9-2AB82A3EA40D} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

FireFox:
========
FF ProfilePath: C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\abs@avira.com [2015-10-23] [ist nicht signiert]
FF Extension: ChatZilla [de] - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5de} [2015-07-04]
FF Extension: Lightbeam - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-05-27]
FF Extension: NASA Night Launch - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\nasanightlaunch@example.com.xpi [2015-06-29]
FF Extension: NoScript - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-10-27]
FF Extension: Adblock Plus - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF Extension: BetterPrivacy - C:\Users\AmonSul\AppData\Roaming\Mozilla\Firefox\Profiles\ff705772.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-05-30]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2010-09-04] () [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-10-07] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240360 2015-09-21] (Avira Operations GmbH & Co. KG)
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 getPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll [68000 2010-03-29] (NOS Microsystems Ltd.)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-07-31] (VIA Technologies, Inc.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-30] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148632 2015-07-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-10-07] (Avira Operations GmbH & Co. KG)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-12] (Disc Soft Ltd)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-30] (Microsoft Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-03-07] (Duplex Secure Ltd.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [35880 2015-10-26] (Wellbia.com Co., Ltd.)
S3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-04 00:25 - 2015-11-04 00:25 - 00020345 _____ C:\Users\AmonSul\Desktop\FRST.txt
2015-11-04 00:24 - 2015-11-04 00:24 - 00000682 _____ C:\Users\AmonSul\Desktop\checkup.txt
2015-11-04 00:23 - 2015-11-04 00:23 - 00852720 _____ C:\Users\AmonSul\Desktop\SecurityCheck.exe
2015-11-04 00:22 - 2015-11-04 00:22 - 00000020 ___SH C:\Users\TEMP\ntuser.ini
2015-11-04 00:22 - 2015-11-04 00:22 - 00000000 _SHDL C:\Users\TEMP\Vorlagen
2015-11-04 00:22 - 2015-11-04 00:22 - 00000000 _SHDL C:\Users\TEMP\Startmenü
2015-11-04 00:22 - 2015-11-04 00:22 - 00000000 _SHDL C:\Users\TEMP\Netzwerkumgebung
2015-11-04 00:22 - 2015-11-04 00:22 - 00000000 _SHDL C:\Users\TEMP\Lokale Einstellungen
2015-11-04 00:22 - 2015-11-04 00:22 - 00000000 _SHDL C:\Users\TEMP\Eigene Dateien
2015-11-04 00:22 - 2015-11-04 00:22 - 00000000 _SHDL C:\Users\TEMP\Druckumgebung
2015-11-04 00:22 - 2015-11-04 00:22 - 00000000 _SHDL C:\Users\TEMP\Documents\Eigene Musik
2015-11-04 00:22 - 2015-11-04 00:22 - 00000000 _SHDL C:\Users\TEMP\Documents\Eigene Bilder
2015-11-04 00:22 - 2015-11-04 00:22 - 00000000 _SHDL C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-04 00:22 - 2015-11-04 00:22 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Verlauf
2015-11-04 00:22 - 2015-11-04 00:22 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Anwendungsdaten
2015-11-04 00:22 - 2015-11-04 00:22 - 00000000 _SHDL C:\Users\TEMP\Anwendungsdaten
2015-11-04 00:22 - 2015-11-04 00:22 - 00000000 ____D C:\Users\TEMP
2015-11-04 00:22 - 2015-08-15 18:44 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-04 00:22 - 2015-07-30 15:23 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Macromedia
2015-11-04 00:22 - 2015-07-10 12:04 - 00000000 __RSD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-11-04 00:22 - 2015-07-10 12:04 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-11-04 00:22 - 2015-07-10 12:04 - 00000000 ___RD C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-11-04 00:22 - 2015-07-10 12:04 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-11-04 00:20 - 2015-11-04 00:20 - 00016148 _____ C:\WINDOWS\system32\AMONSUL-PC_AmonSul_HistoryPrediction.bin
2015-11-03 21:23 - 2015-11-03 21:23 - 00000000 ____D C:\Program Files (x86)\ESET
2015-11-03 21:22 - 2015-11-03 21:22 - 02870984 _____ (ESET) C:\Users\AmonSul\Desktop\esetsmartinstaller_deu.exe
2015-11-02 19:34 - 2015-11-02 19:34 - 00001249 _____ C:\Users\AmonSul\Desktop\JRT.txt
2015-11-02 19:30 - 2015-11-02 19:30 - 00002910 _____ C:\Users\AmonSul\Desktop\AdwCleaner[S1].txt
2015-11-02 19:27 - 2015-11-02 19:27 - 00000000 ____D C:\AdwCleaner
2015-11-02 19:23 - 2015-11-02 19:23 - 00001834 _____ C:\Users\AmonSul\Desktop\mbam.txt
2015-11-02 19:00 - 2015-11-02 19:02 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-02 19:00 - 2015-11-02 19:00 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-02 19:00 - 2015-11-02 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-02 18:59 - 2015-11-02 19:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-02 18:59 - 2015-11-02 18:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-02 18:59 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-02 18:59 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-02 18:59 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-02 18:56 - 2015-11-02 19:31 - 01798976 _____ (Malwarebytes) C:\Users\AmonSul\Desktop\JRT.exe
2015-11-02 18:56 - 2015-11-02 19:26 - 01708032 _____ C:\Users\AmonSul\Desktop\AdwCleaner_5.016.exe
2015-11-02 18:56 - 2015-11-02 18:58 - 22908888 _____ (Malwarebytes ) C:\Users\AmonSul\Desktop\mbam-setup-2.2.0.1024.exe
2015-11-02 17:34 - 2015-11-02 17:34 - 00000508 _____ C:\Users\AmonSul\Desktop\defogger_disable.log
2015-11-02 17:34 - 2015-11-02 17:34 - 00000020 _____ C:\Users\AmonSul\defogger_reenable
2015-11-02 17:33 - 2015-11-02 17:33 - 00380416 _____ C:\Users\AmonSul\Desktop\240vk9bs.exe
2015-11-02 17:32 - 2015-11-02 17:34 - 00050477 _____ C:\Users\AmonSul\Desktop\Defogger.exe
2015-11-02 17:17 - 2015-11-04 00:25 - 00000000 ____D C:\FRST
2015-11-02 17:16 - 2015-11-02 17:16 - 02198016 _____ (Farbar) C:\Users\AmonSul\Desktop\FRST64.exe
2015-11-01 23:09 - 2015-11-01 23:09 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Point of Existence 2
2015-10-31 13:09 - 2015-10-31 13:09 - 00000000 ____D C:\Users\AmonSul\Documents\ANNO 1404 Venedig
2015-10-31 13:07 - 2015-10-31 13:11 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Ubisoft
2015-10-30 19:24 - 2015-10-30 19:25 - 00368110 _____ C:\Users\AmonSul\Downloads\WhatsApp Chat mit Tanja Kreller.txt
2015-10-30 13:37 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 13:37 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 13:37 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 13:37 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 13:37 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 13:37 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 13:37 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 13:37 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 13:37 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 13:37 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 13:37 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 13:37 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 13:37 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 13:37 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 13:37 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 13:37 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 13:37 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 13:37 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 13:37 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 13:37 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 13:37 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 13:37 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 13:37 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 13:37 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 13:37 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 13:37 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 13:37 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 13:37 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 13:37 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 13:37 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 13:37 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 13:37 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 13:37 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 13:37 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-25 13:44 - 2015-10-25 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sir Henry
2015-10-25 13:44 - 2015-10-25 13:44 - 00000000 ____D C:\Program Files (x86)\Anno
2015-10-23 15:44 - 2015-10-23 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-10-23 15:41 - 2015-10-23 15:41 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-10-21 13:34 - 2015-10-21 12:58 - 00001218 _____ C:\Users\AmonSul\Desktop\Runes of Magic.lnk
2015-10-21 13:24 - 2015-10-21 13:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runes of Magic
2015-10-21 12:58 - 2015-11-02 15:52 - 00000000 ____D C:\Program Files (x86)\Runes of Magic
2015-10-21 12:37 - 2015-10-21 12:49 - 00000000 ____D C:\Users\AmonSul\Downloads\RoM
2015-10-21 12:36 - 2015-11-01 23:21 - 00000000 ____D C:\Users\AmonSul\Downloads\BF2
2015-10-20 15:53 - 2015-10-20 15:53 - 00001723 _____ C:\Users\AmonSul\Desktop\Spellforce.lnk
2015-10-20 13:21 - 2015-10-20 13:21 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-17 22:37 - 2015-10-17 22:37 - 03996360 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-10-16 14:34 - 2015-10-16 14:34 - 00077236 _____ C:\Users\AmonSul\Downloads\Versuchsplan Hydrodynamik.xlsx
2015-10-13 19:02 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-13 19:02 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-13 19:02 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-13 19:02 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-13 19:02 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-13 19:02 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-13 19:02 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-13 19:02 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-13 19:02 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-13 19:02 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-13 19:02 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-13 19:02 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-13 19:02 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-13 19:02 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-13 19:02 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-13 19:02 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-13 19:02 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-13 19:02 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-13 19:02 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-13 19:02 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-13 19:02 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-13 19:02 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-13 19:02 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-13 19:02 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-13 19:02 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-13 19:02 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-13 19:02 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-13 19:02 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-13 19:02 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-13 19:02 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-13 19:02 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-13 19:02 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-13 19:02 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-13 19:02 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-13 19:02 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-13 19:02 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-13 19:02 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-13 19:02 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-13 19:02 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-13 19:02 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-13 19:02 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-13 19:02 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-13 19:02 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-13 19:02 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-13 19:02 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-13 19:02 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-13 19:02 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-13 19:02 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-13 19:02 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-13 19:02 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-13 19:02 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-13 19:02 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-13 19:02 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-12 23:24 - 2015-10-12 23:27 - 00000000 ____D C:\Program Files (x86)\WinISO Computing
2015-10-12 23:24 - 2015-10-12 23:24 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\WinISO Computing
2015-10-12 23:24 - 2015-10-12 23:24 - 00000000 ____D C:\Users\AmonSul\AppData\Local\WinISO Computing
2015-10-12 21:20 - 2015-10-12 21:20 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2015-10-12 20:45 - 2015-10-12 20:45 - 00000000 ____D C:\Users\AmonSul\AppData\Local\Disc_Soft_Ltd
2015-10-12 20:40 - 2015-10-12 23:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI
2015-10-12 20:30 - 2015-10-12 20:30 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2015-10-12 20:30 - 2015-10-12 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-10-12 20:30 - 2015-10-12 20:30 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2015-10-09 18:49 - 2015-10-09 18:49 - 00001474 _____ C:\Users\AmonSul\Desktop\RoM.lnk
2015-10-09 12:30 - 2015-11-01 02:13 - 00000000 ____D C:\Users\AmonSul\Documents\Battlefield 2
2015-10-09 12:26 - 2015-11-01 01:36 - 00000000 ____D C:\Program Files (x86)\EA GAMES
2015-10-09 12:26 - 2015-11-01 01:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2015-10-07 14:27 - 2015-10-03 05:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00376112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00339064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-07 14:27 - 2015-10-03 05:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-04 00:21 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-03 23:57 - 2012-12-31 21:46 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-03 23:45 - 2015-06-18 12:34 - 00001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001UA.job
2015-11-03 23:37 - 2013-05-20 22:49 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-03 23:24 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-03 22:53 - 2011-01-22 14:40 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{47C78EDB-43F3-4774-A6E4-9BC251E4A51A}
2015-11-03 21:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-03 21:22 - 2011-08-29 16:13 - 00000000 ___RD C:\Users\AmonSul\Dropbox
2015-11-03 21:21 - 2012-02-02 02:05 - 00000000 ____D C:\Users\AmonSul\Documents\Runes of Magic
2015-11-03 21:20 - 2012-10-13 00:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-03 21:20 - 2011-08-29 16:09 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Dropbox
2015-11-03 21:18 - 2014-08-07 09:56 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-03 21:18 - 2013-07-29 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-03 21:15 - 2012-12-31 21:46 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-02 17:34 - 2015-07-30 15:15 - 00000000 ____D C:\Users\AmonSul
2015-11-02 17:33 - 2010-12-02 23:24 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-02 17:19 - 2010-06-16 12:24 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Skype
2015-11-02 16:27 - 2014-07-23 10:35 - 00000000 ____D C:\Users\AmonSul\AppData\Local\Battle.net
2015-11-02 16:04 - 2014-07-23 10:35 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-01 22:58 - 2011-02-15 20:10 - 00000000 ____D C:\ProgramData\ts3overlay
2015-11-01 19:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-01 14:12 - 2012-04-17 15:32 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\vlc
2015-11-01 14:07 - 2012-05-28 17:37 - 00000000 ____D C:\Users\AmonSul\dwhelper
2015-11-01 01:53 - 2015-07-30 15:12 - 02104920 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-01 01:53 - 2015-07-10 17:34 - 00893894 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-01 01:53 - 2015-07-10 17:34 - 00200430 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-01 01:46 - 2015-07-30 15:02 - 00154184 _____ C:\WINDOWS\PFRO.log
2015-11-01 01:46 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-01 01:45 - 2015-07-10 10:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-11-01 01:43 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-01 01:40 - 2010-06-16 21:06 - 00218536 _____ C:\WINDOWS\DirectX.log
2015-11-01 01:36 - 2010-06-16 22:35 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-01 01:13 - 2015-07-01 10:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-01 01:13 - 2014-12-26 20:05 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-31 10:47 - 2010-08-25 10:18 - 00000000 ____D C:\Users\AmonSul\Documents\SpellForce
2015-10-31 10:45 - 2015-06-18 12:33 - 00001180 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001Core.job
2015-10-30 14:23 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-28 21:37 - 2014-06-04 21:23 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-10-26 10:57 - 2015-08-24 16:17 - 00035880 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2015-10-26 10:47 - 2015-08-21 11:59 - 00000000 ____D C:\Users\AmonSul\AppData\Local\Akamai
2015-10-22 19:21 - 2010-06-16 12:09 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-22 03:40 - 2010-08-25 09:57 - 00002156 _____ C:\Users\AmonSul\Desktop\SpellForce - Platinum Edition.lnk
2015-10-22 01:47 - 2013-11-13 00:44 - 00000000 ____D C:\Users\AmonSul\AppData\Local\NVIDIA Corporation
2015-10-22 01:44 - 2015-07-10 13:20 - 00018724 _____ C:\WINDOWS\setupact.log
2015-10-21 23:53 - 2011-08-21 12:39 - 00000000 ____D C:\Program Files (x86)\ArtMoney
2015-10-21 12:43 - 2010-09-22 21:14 - 00007673 _____ C:\Users\AmonSul\AppData\Local\Resmon.ResmonCfg
2015-10-21 10:54 - 2014-07-23 10:51 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-10-17 21:56 - 2010-06-16 12:23 - 00000000 ____D C:\ProgramData\Skype
2015-10-16 19:12 - 2013-01-22 20:53 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\dvdcss
2015-10-16 04:10 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-13 20:37 - 2011-01-12 15:10 - 00000000 ____D C:\Data
2015-10-13 19:15 - 2013-09-08 20:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-13 19:10 - 2010-06-16 11:06 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-12 23:35 - 2013-05-08 13:02 - 00000000 ____D C:\Program Files (x86)\KONAMI
2015-10-12 20:33 - 2010-06-16 19:23 - 00000000 ____D C:\Users\AmonSul\AppData\Roaming\DAEMON Tools Lite
2015-10-12 13:17 - 2013-07-01 21:32 - 00000000 ____D C:\Users\AmonSul\Downloads\Urbana
2015-10-07 20:48 - 2013-07-29 11:31 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-10-07 20:48 - 2013-07-29 11:31 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-10-07 14:29 - 2010-06-16 11:48 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-07 11:53 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-07 11:53 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-07 11:53 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-07 11:53 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-07 11:53 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-07 11:52 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-07 11:52 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-07 11:52 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-06 19:45 - 2015-07-31 20:08 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-10-30 12:26 - 2010-10-30 12:38 - 0000345 _____ () C:\Users\AmonSul\AppData\Roaming\glade-3.conf
2010-09-03 13:46 - 2015-08-26 13:16 - 0033792 _____ () C:\Users\AmonSul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-05 01:45 - 2014-01-05 01:45 - 0000095 _____ () C:\Users\AmonSul\AppData\Local\fusioncache.dat
2015-07-01 10:56 - 2015-07-01 10:56 - 0000337 _____ () C:\Users\AmonSul\AppData\Local\Perfmon.PerfmonCfg
2010-09-22 21:14 - 2015-10-21 12:43 - 0007673 _____ () C:\Users\AmonSul\AppData\Local\Resmon.ResmonCfg

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\Package Cache\{d6a7cfcc-1f1c-4638-8f9e-0f184696fcdb}\Avira.OE.Setup.Bundle.exe


Einige Dateien in TEMP:
====================
C:\Users\AmonSul\AppData\Local\Temp\997b4640dbd090156ecabec0aaa0df90.dll
C:\Users\AmonSul\AppData\Local\Temp\avgnt.exe
C:\Users\AmonSul\AppData\Local\Temp\d4f5d244a0909d75573750c06e9db24d.dll
C:\Users\AmonSul\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphuvtp7.dll
C:\Users\AmonSul\AppData\Local\Temp\DTLite1010-0074.exe
C:\Users\AmonSul\AppData\Local\Temp\npp.6.8.1.Installer.exe
C:\Users\AmonSul\AppData\Local\Temp\npp.6.8.3.Installer.exe
C:\Users\AmonSul\AppData\Local\Temp\SkypeSetup.exe
C:\Users\AmonSul\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-31 12:12

==================== Ende von FRST.txt ============================

Vigilantus 04.11.2015 00:36
Addition:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-10-2015
durchgeführt von AmonSul (2015-11-04 00:25:49)
Gestartet von C:\Users\AmonSul\Desktop
Windows 10 Pro (X64) (2015-07-30 14:54:01)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1149312127-3900390906-2569845260-500 - Administrator - Disabled)
AmonSul (S-1-5-21-1149312127-3900390906-2569845260-1001 - Administrator - Enabled) => C:\Users\AmonSul
ASPNET (S-1-5-21-1149312127-3900390906-2569845260-1017 - Limited - Enabled)
DefaultAccount (S-1-5-21-1149312127-3900390906-2569845260-503 - Limited - Disabled)
Gast (S-1-5-21-1149312127-3900390906-2569845260-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1149312127-3900390906-2569845260-1007 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Active@ ISO Burner (HKLM-x32\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated)
Adobe Download Manager (HKLM-x32\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.63 - NOS Microsystems Ltd.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AION Free-To-Play (HKLM-x32\...\InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}) (Version: 2.70.0000 - Gameforge)
AION Free-To-Play (x32 Version: 2.70.0000 - Gameforge) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Akamai) (Version:  - Akamai Technologies, Inc)
Anno 1404 (HKLM-x32\...\Steam App 33250) (Version:  - Blue Byte)
Anno 1404: Venice (HKLM-x32\...\Steam App 33350) (Version:  - Blue Byte)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04.1 - Ubisoft)
Anno 1701 Version 1.04.1 (HKLM-x32\...\{67DBBEAD-91A0-40C8-B34C-BE1026CABBE2}_is1) (Version: 1.04.1 - Ubisoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArtMoney SE v7.37 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.37 - System SoftLab)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{5dfbeba9-9f22-463d-8c95-c861911810a2}) (Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d6a7cfcc-1f1c-4638-8f9e-0f184696fcdb}) (Version: 1.1.48.9049 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.48.9049 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 2 Server (HKLM-x32\...\{F3CA370F-0B4B-4239-BF5A-2CC751EB5D3C}) (Version: 1.00.001 - EA Games)
Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4809) (Version:  - Canon Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dawn of War - Dark Crusade (HKLM-x32\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ)
Dawn Of War - Winter Assault (HKLM-x32\...\{DD8408E9-9421-484F-979D-DB6361E3E828}) (Version: 1.4 - THQ)
Dawn Of War (HKLM-x32\...\{83F12F73-D52E-40C0-93B1-463C311C4E17}) (Version: 1.40 - THQ)
Dropbox (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Echo of Soul (HKLM-x32\...\Echo of Soul) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hellgate: London (HKLM\...\{A2B4455D-1046-4732-BFBC-0821BEFC07BC}) (Version: 1.10.180.3416 - Flagship Studios)
HexEdit (HKLM-x32\...\{083EF76E-0760-4D7A-9508-0B88A3AF1889}) (Version: 4.0.0 - Expert Commercial Software Pty Ltd)
Inquisition Daemonhunt (HKLM-x32\...\Inquisition Daemonhunt) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version:  - Valve)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - Tomorrow Corporation)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM-x32\...\NCLauncher_GameForge) (Version:  - NCsoft)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
PlanetSide 2 (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PoE:2 v2.5.0.0 (HKLM-x32\...\PoE:2) (Version: 2.5.0.0 - Point of Existence)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PuTTY version 0.60 (HKLM-x32\...\PuTTY_is1) (Version: 0.60 - Simon Tatham)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
RAD Video Tools (HKLM-x32\...\RADVideo) (Version:  - )
Runes of Magic (HKLM-x32\...\{F57FBE91-C48B-4A86-91C8-A9C3D744E459}_is1) (Version: 6.2.2.2736 - Gameforge Productions GmbH)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Sir Henry's 1701 RDA Packer V1.0 (HKLM-x32\...\Sir Henry's 1701 RDA Packer_is1) (Version:  - Sir Henry)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SpellForce (HKLM-x32\...\SpellForce) (Version: SpellForce v1.52 - JoWooD Productions Software AG)
SpellForce 2 - Shadow Wars (HKLM-x32\...\{1A4E47DC-6701-4A85-AA16-C1F99A44598C}) (Version: 1.00.0000 - Ihr Firmenname)
SpellForce 2 Update v1.02 (HKLM-x32\...\SpellForce 2 Update v1.02) (Version:  - )
Star Wars Battlefront (HKLM-x32\...\{C79CB9C7-10A4-4814-8402-F574672C2192}) (Version: 1.0 - LucasArts)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2S166A0-F031-4E27-A057-C69733219434}_is1) (Version: 18.10.03 - Gameforge Productions GmbH)
TeXnicCenter Version 2.0 Beta 1 (HKLM\...\TeXnicCenter_is1) (Version: 2.0 Beta 1 - The TeXnicCenter Team)
Unreal Anthology (HKLM-x32\...\{14AA72DA-DB40-4A34-93A6-401A81D7AF9E}) (Version: 1.00.0000 - Epic Games, Inc.)
VC 9.0 Runtime (x32 Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
Yu-Gi-Oh! Power of Chaos JOEY THE PASSION (HKLM-x32\...\{336DD6B4-B100-4048-B2B7-FBA7059FD959}) (Version: 1.00.0000 - KONAMI)
Yu-Gi-Oh! Power of Chaos KAIBA THE REVENGE (HKLM-x32\...\{485C9280-B899-4D46-86F3-B3E459636EE5}) (Version: 1.00.0000 - KONAMI)
Yu-Gi-Oh! Power of Chaos YUGI THE DESTINY (HKLM-x32\...\{3571656A-575D-4CED-809D-5547587121FF}) (Version: 1.00.0000 - KONAMI)
ZoneAlarm LTD Toolbar (HKLM\...\ZoneAlarm LTD Toolbar) (Version:  - Check Point Software Technologies)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

02-11-2015 19:32:12 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0466EC7F-51B9-4FDB-96A0-E1A570A6738B} - System32\Tasks\{AFAE6330-A6D6-4CA9-86AF-615EFE153674} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-09-28] (Skype Technologies S.A.)
Task: {07A540FE-C9C0-42BF-B040-2C730B8405F8} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {0C49E4EE-BB19-4956-B4C9-374410527808} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {16CE7D34-D7B6-42BB-8189-1A680A3260C2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1781FAED-367C-44A1-91FE-46958BAC6554} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {1DEBB65C-F478-4F57-A76E-A899D6B3579B} - System32\Tasks\{FF18F393-02A1-43EE-98F2-65C727D864F6} => pcalua.exe -a C:\Users\AmonSul\Downloads\HiJackThis204.exe -d C:\Users\AmonSul\Downloads
Task: {23CEE39C-E73C-44B5-9A81-38EA353862A7} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {23E34896-6CBA-47BC-99F6-BC62EA354063} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {2D86DF62-52A1-4BF3-8318-0160A986D85B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {2EF61AC2-3318-4042-A826-1B035EC72DC6} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {4A23E7F5-6153-4CF4-AB3C-FC5432EDF8DB} - System32\Tasks\{C63DDF16-D3C8-41C5-960E-773B9CA2A162} => pcalua.exe -a C:\Users\AmonSul\Downloads\Gwyddion-2.21.exe -d C:\Users\AmonSul\Downloads
Task: {539C83E4-7152-4582-88A7-22C1009DD375} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {5885EA78-0F9E-4754-8381-0AC256AF841A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5D567709-E40B-4EF6-8F7A-02A7499E353C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {5D72A9C5-D44E-4043-9FE2-7724290F4895} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {5EA26DEE-6DD1-4BEA-AF63-A52BF340854F} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {70220171-5D72-4034-9780-42722BC13824} - System32\Tasks\{8AF80078-7C5D-4A04-BF6B-FBCEF52257DF} => pcalua.exe -a "C:\Program Files (x86)\gs\uninstgs.exe" -d "C:\Program Files (x86)\gs"
Task: {7410F950-99ED-4645-8BE8-EC192DAC9C7C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {7B3FCB48-74C4-4499-B9E9-D70EA036F5D1} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {7C4C6458-B3D5-4552-9852-8A73A88EE8AB} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {7F0DE0C0-EA9C-4DE0-8DBA-B873B89AB12D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {83E83303-4C10-4628-BEA4-30D0E05500D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {841E8240-564E-4527-8F64-C4CBC345FC45} - System32\Tasks\{8A442661-937D-497C-BCB4-D6A67AE07E6E} => pcalua.exe -a C:\Users\AmonSul\Downloads\HiJackThis.exe -d C:\Users\AmonSul\Downloads
Task: {87615692-2FCA-46B8-B9A7-A9066C57261A} - System32\Tasks\{D9DE0FA9-DAD7-41B6-BB52-D326C16097D2} => C:\Users\AmonSul\Downloads\WebCam\WebCam\Setup.exe
Task: {8A1425C4-DE28-462B-8504-EA49D46F213A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-13] (Microsoft Corporation)
Task: {8E089290-17F9-4A21-83F6-D56E8B5CA3F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {8FD9A9B6-EBBD-4368-9B57-F0B8CC8FBD00} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {984D8A8C-5401-4DB7-A708-0BB28A00C828} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== ACHTUNG
Task: {A2112753-1252-4201-9309-424ECBF9CBA8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {A36E7BF9-8152-461C-AE5B-9A539E482E9F} - System32\Tasks\{EADC11EC-DC8D-4300-8193-0F13E3841811} => pcalua.exe -a C:\Windows\SysWOW64\DivXControlPanelApplet.cpl -c DivX Control Panel
Task: {A6C057E7-E932-4E49-B125-CA405AEC023D} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B46B7A85-73AD-41B5-BC45-2042A2665D9E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B5DD6CB1-AB70-4378-935B-61C13A2CF8C0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {B8A0D74F-7056-41C1-A299-7DF80E798E52} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C01565F9-07D8-4543-A11B-BDE7180ED812} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {CEE2A51B-CE2F-42D3-A490-27EE8C02636B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {D1C42257-0E76-41C7-BBB7-E2F483E707D9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {D8CF64B1-D41A-4CE8-8E77-8499AB82FFF5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001Core => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {DAC2BAFF-DDDD-4F7D-AA39-ED14E69F72EA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {DCF204F7-58B8-4D6C-B040-EEAE94ABCF7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {E4D59790-9555-42B8-9056-E651BDC20360} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {F3F6446F-4DA1-4C97-B490-EFD47DB0E264} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {FB2924C5-AE9B-4506-80D0-BD6EACEEA67E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001UA => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {FE0D1C3E-5AD2-42AF-8C85-AE227D58E96F} - System32\Tasks\{DE62D6C2-DD73-40D0-AE7E-248D1DD57C6B} => C:\Users\AmonSul\Downloads\WebCam\WebCam\Setup.exe
Task: {FEEF5B74-6BA1-498B-AF81-599BB44C782F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001Core.job => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1149312127-3900390906-2569845260-1001UA.job => C:\Users\AmonSul\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-30 15:55 - 2015-07-30 15:55 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 18:27 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-01 21:34 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 21:34 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 21:34 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-01 21:34 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 21:34 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 21:34 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 21:34 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:43 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-07-31 20:15 - 2015-10-03 03:38 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-23 08:09 - 2015-10-23 08:09 - 03498496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-07-31 20:16 - 2015-10-04 09:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\AmonSul\Cookies:gs5sys
AlternateDataStreams: C:\Users\AmonSul\Desktop\20150802_194842.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\AmonSul\Desktop\20150802_195005.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\AmonSul\Downloads\Jahresinhalt2014.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\AmonSul\Downloads\Mondkalender_2015.pdf:com.dropbox.attributes
AlternateDataStreams: C:\Users\AmonSul\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\AmonSul\Documents\ANNO 1404 Venedig:com.dropbox.attributes
AlternateDataStreams: C:\Users\AmonSul\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\AmonSul\Documents\Runes of Magic:com.dropbox.attributes

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\aeriagames.com -> hxxp://aeriagames.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\AmonSul\Downloads\underworld_awakening_2012-wallpaper-1920x1080.jpg
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\AmonSul\Downloads\underworld_awakening_2012-wallpaper-1920x1080.jpg
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\AmonSul\Downloads\underworld_awakening_2012-wallpaper-1920x1080.jpg
DNS Servers: 83.169.185.161 - 83.169.185.225
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IswSvc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SBSDWSCService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: DivX Download Manager => "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
HKLM\...\StartupApproved\Run32: => "Aeria Ignite"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1149312127-3900390906-2569845260-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Akamai NetSession Interface"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{60538A48-A9A6-4BA3-B68A-0405094300A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{4578A1EB-5D78-4DFA-A875-AD85E3B7B2E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{1EB5650A-5852-4142-A507-E35408339310}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{8539C43D-790D-4378-A521-0E2FE21A471B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{52F1B24A-8773-4246-92E4-CCAD4799F9F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{C0F5776E-F503-43A7-9B54-B014627158F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{C90D159C-D2B6-4434-BD84-2DFB51E49B4A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{30C8D414-946D-4987-BE4F-7CE0C4D241FF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D206394A-7CFE-4D34-8804-5E973FB315F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [{9B23E208-409F-48F2-BBF2-7ABF1C09BEA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [{4159A064-0785-4F04-A379-F5BDBFC2900E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{44A0EF97-BA1A-4C32-BAF2-88B6F29998A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{87F676A8-CC14-489A-8BA9-C367BC915E4A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A5EDDEE3-6840-4448-8508-9C46EB341484}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1B9F5426-1463-4E91-9BCA-FDFFAC5685C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{6EB1D6C5-59FD-49A4-9E17-175FC1E1C715}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{B11820E2-74E4-4475-955E-5AA35CD89E30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5F45CA99-0C87-4772-97E8-38F3E1FD2F51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DA3B01A3-3B9D-4FFD-BDE6-6B75D2584C22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A5FCE1DD-0C0E-4B69-8E3A-633AF7C2D3DC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9A5219E9-B44E-4094-9CC1-098E86341D43}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AE5F66FF-7F49-4981-B85F-FECBC86C506A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{883D1ECC-75D3-4436-A0CD-0D4BE78895B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4EE91ED7-D03E-4BFF-94F6-519B895CB4AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C2C65CDF-7F0A-4BA1-B1FC-D245815BCF0D}] => (Allow) C:\Users\AmonSul\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{C0395405-32E1-4814-AFE8-10447085BB86}] => (Allow) C:\Users\AmonSul\AppData\Roaming\ICQM\icq.exe
FirewallRules: [UDP Query User{454DC57F-0932-42DE-B855-BF2FEB09577D}C:\program files (x86)\ea games\battlefield 2 server\bf2_w32ded.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2 server\bf2_w32ded.exe
FirewallRules: [TCP Query User{631C5AB2-43A9-4A30-8FBC-C4FBD68A2C6B}C:\program files (x86)\ea games\battlefield 2 server\bf2_w32ded.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2 server\bf2_w32ded.exe
FirewallRules: [{51E3615D-ABBE-43B2-B3E5-DADE73CBBB45}] => (Allow) C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{885400D7-E8B7-4F25-8B24-AB43168B8231}] => (Allow) C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{839F0807-38D8-4913-AFE6-6D5605A2FD92}] => (Block) C:\users\amonsul\appdata\local\playata client\playataclient.exe
FirewallRules: [{5F16A607-CF0A-4E84-91C5-0C8A5799C5C0}] => (Block) C:\users\amonsul\appdata\local\playata client\playataclient.exe
FirewallRules: [UDP Query User{B5846FE4-1EAB-4CEE-8CA5-D8A5B8A27803}C:\users\amonsul\appdata\local\playata client\playataclient.exe] => (Allow) C:\users\amonsul\appdata\local\playata client\playataclient.exe
FirewallRules: [TCP Query User{4CA10757-995D-4F5E-BBD4-05DBBD9B9ACF}C:\users\amonsul\appdata\local\playata client\playataclient.exe] => (Allow) C:\users\amonsul\appdata\local\playata client\playataclient.exe
FirewallRules: [{0887AFAA-7402-44DD-903B-1A1335E37F9A}] => (Allow) C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5B5E888F-7BC9-4DEA-96E8-2FE268867259}] => (Allow) C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{53AF6B0A-8C79-48F1-8408-3D84EAB9A2BC}] => (Allow) C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{108C09C4-D0BB-4DEC-98FF-F5A575206A03}] => (Allow) C:\Users\AmonSul\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8019F585-B76D-4C1B-B93A-E5FB66B8DB8A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{9A010229-B28B-43AF-A696-AD55598900A5}] => (Allow) C:\Program Files (x86)\BlastShark\hellgate\BlastShark.exe
FirewallRules: [{E1B287A4-6CF0-4BFD-81B7-80BB97DEEF02}] => (Allow) C:\Program Files (x86)\BlastShark\hellgate\BlastShark.exe
FirewallRules: [{0FADE70B-6F44-4379-AC1A-A7AEB78D20A4}] => (Allow) C:\Program Files (x86)\BlastShark\hellgate\BlastShark.exe
FirewallRules: [{BC573E65-C796-4D8E-AE08-E1BEA2720D56}] => (Allow) C:\Program Files (x86)\BlastShark\hellgate\BlastShark.exe
FirewallRules: [{B9502817-D671-4889-B69E-8DE5633BEEFD}] => (Allow) C:\Teamspeak Server\ts3server_win64.exe
FirewallRules: [{2C61B131-8096-47F0-A3A8-92A10B3D2D32}] => (Allow) C:\Teamspeak Server\ts3server_win64.exe
FirewallRules: [{9F83DD8B-FA2A-4098-8092-F98EA217A006}] => (Allow) C:\Teamspeak Server\ts3server_win64.exe
FirewallRules: [{517DF004-D087-4AED-BE4E-EE5FD049A736}] => (Allow) C:\Teamspeak Server\ts3server_win64.exe
FirewallRules: [{8BB1BC54-CA7B-425B-AE6A-44ED8B7EB564}] => (Block) C:\program files (x86)\runes of magic\client.exe
FirewallRules: [{D8853763-38AD-4FD1-BE15-2DEF36715BAA}] => (Block) C:\program files (x86)\runes of magic\client.exe
FirewallRules: [UDP Query User{F38EEB39-C2EE-4CB0-8787-E68FAC3A4B09}C:\program files (x86)\runes of magic\client.exe] => (Allow) C:\program files (x86)\runes of magic\client.exe
FirewallRules: [TCP Query User{EC7572CB-77DC-42F7-BA78-B898672F094B}C:\program files (x86)\runes of magic\client.exe] => (Allow) C:\program files (x86)\runes of magic\client.exe
FirewallRules: [{8DA5DDD4-AC06-4C51-8CD1-0AFE90E79DC6}] => (Allow) LPort=1900
FirewallRules: [{61EF1D80-5D92-42AC-A505-DE0182480E39}] => (Allow) LPort=2869
FirewallRules: [{8D8E963B-EC85-466B-A551-24B9EB9F3126}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CD328824-DE02-4640-BE44-DC2E2802F12A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6251FF63-D469-4A33-AAD8-B9555C98EA07}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A845DD47-BC10-4BAC-A875-23D9D1852616}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3F8B7C4F-EC73-41B6-9B09-058419D72810}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{97CB0B94-64F9-427D-A4FD-2E43F23AF017}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D7AE0386-4B3F-4F5B-BA62-343D3F36BA90}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{93EB0F01-8E10-477F-AF02-33D1E67DDB9D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{497199C2-3AC4-4A18-B3E0-1F1502C142D7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E5AC1F31-73EF-47C0-826B-523DEC2DFBBA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A4E1A836-1807-462C-88B8-8895109A7AA4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{072813FA-D04C-419E-8E2F-32E97F89D02E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1FD9E5C6-1EF9-4924-9DDD-292A77FFC7E2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9987B18D-F01C-4E2E-B638-E5FC14F5AF27}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0B08155D-4763-46B9-A851-B9C6FE86ABAD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A95A4A6D-F6F3-44B2-A816-DB9DCEF32AD6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{79C6AF41-72A3-4476-BC4A-FBC4CE0B929B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{88FBD98E-6EDA-4BCA-803C-EE90E5EE0F4D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{063557F0-128B-4D24-AFF9-4AF46C49B40D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{87D6F983-BA19-4D93-8391-A8F439C6F903}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FEE0DEA6-5595-43F7-87AE-30EA50D11A03}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B4FD663D-C7C8-44A5-91F0-412A299202D2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AEE91424-8E2F-4A0E-A907-B9387EC50494}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4E815FC2-5D72-4BFD-AD53-6D824D1DDFF8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{63C10D86-6399-4C4D-8642-71A466EC8E70}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{340F1D1D-E2FB-4A62-913A-10411131EB3C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DC3447D9-49B9-4969-A548-7B7AB5034C8F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{894B8571-791A-428E-96C9-3854B5C58A48}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B26C7C27-21D6-4D0B-81FF-76A7BB5A9C01}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BD27B118-645F-488D-8251-5CA6720B722D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F42B1ACB-9243-4ADE-AE24-B92294838736}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AD219701-ED99-411C-8849-941F9ECF77D4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9480E79B-BE9C-4782-9946-224186515B33}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C8FD14E6-1D6E-4052-8B97-8550CD7C9F20}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C42293CB-CC91-4100-A66D-15524ABD6BD2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C0247BED-BB3A-43AF-B379-C9E81599FEF8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{196ACC13-1347-4720-ADB4-E37690755B2E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{53FF0122-7EC4-43DE-91B2-36D38DB0CF40}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{16CB6D84-70AF-47B8-99CE-952AF0230A0B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{77F32B6F-EF86-4A73-954F-9BA36E6F2EC7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{92102507-425F-47D4-8E23-DC86544A3183}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{57D216F1-EB5C-4B16-8C15-E79BF9C3CC4D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F2B476F3-E848-4DF8-B918-88784544E147}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F66C611F-E611-499B-A642-775F6058FE1A}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{BCF01C43-5DA0-4C03-9264-1106713D6B4B}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{D59C8D5F-F707-4FD7-B8BE-A3A4D68F08D1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B6AD337E-784A-4CD1-A326-4B2CB241C2C8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E4D2C294-50A6-4360-B72E-BFFA838B598F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FEE33F62-929E-43DE-B61D-BFD7BA42B348}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B1C57FF2-C9CD-4C16-A88C-CA79EFE53824}] => (Allow) C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
FirewallRules: [{B764CF85-D11B-4F6B-8810-ACDE71B571FA}] => (Allow) C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
FirewallRules: [{98314C8E-85FB-4C9B-AC45-68EBDD5EC6E0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3F9DCEF3-601F-47E6-8D05-DC2ABF533B34}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1240056F-66A0-4212-9E9A-8603BF6F28BA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{17E96B47-1F6D-437E-8E57-E5021CC941F1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D3D71F68-209E-4AA1-9564-7E367182BE80}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DF094B62-013F-483F-8E40-EA63C7731852}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{786B3AAB-4F4B-4024-9317-23464791E63C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{51620AD7-C97E-45EA-B130-2D041D3FBD17}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9585F106-55E8-4C2F-B97E-6B477E7DED7B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{33C8646C-BEB9-457F-AB49-CBEB7253A2BF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3C00D7C0-3807-4339-9A04-B04867BDAC37}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7F6082AF-1528-42B0-8D39-C9D121D94B94}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C5CACB2E-BBF9-4EF7-9A72-9F62A170CF41}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F67E6124-9C88-4A89-897E-89C9AF7F3939}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F41ACE5D-0F64-4F7A-BD13-F903DB2294A9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EAFF97BE-9BAA-4AF8-9863-5EBFC3CEEFF9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{81620847-0403-4F87-B916-BFF2E1B889BF}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Battlefront\GameData\battlefront.exe
FirewallRules: [{44BE8824-91DD-4090-897D-0410D4BD14C2}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Battlefront\GameData\battlefront.exe
FirewallRules: [{E0548FC4-09BB-4EF5-857E-3E15D5304D54}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F03DA2F7-FADD-4F14-A1F5-F734518ED11F}] => (Allow) C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe
FirewallRules: [{C5CDE098-A5C0-4863-9FFE-585707907986}] => (Allow) C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe
FirewallRules: [{CF71A4B9-01C1-47C5-9335-26B911219CCA}] => (Allow) C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe
FirewallRules: [{FDA209CF-08AA-438A-BB44-6F5C58321BE4}] => (Allow) C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe
FirewallRules: [{AD225CCA-0F0C-48A0-985F-DAFCAC9E1C27}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
FirewallRules: [{32075600-1198-417F-B2A6-1F867984D6CF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{47DDFE1D-6155-4DB7-AB90-110044BD5C25}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A5F89B9-5A14-4E00-AC18-5A24911D8C66}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{FFCFA980-A16F-4C51-90F3-0BAD22B7F599}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [UDP Query User{0DDCD0A5-EA78-44BE-B198-4D264EE4CC27}C:\program files (x86)\xfire\xfire.exe] => (Allow) C:\program files (x86)\xfire\xfire.exe
FirewallRules: [TCP Query User{389FBF55-F258-4B1C-B7F8-042DA1FF1F1D}C:\program files (x86)\xfire\xfire.exe] => (Allow) C:\program files (x86)\xfire\xfire.exe
FirewallRules: [TCP Query User{8ED92A61-5911-4A43-BB5F-0C8713840099}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [UDP Query User{ED89E760-6478-42E5-BFAA-30AA97280B27}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [TCP Query User{92AF7762-3F8F-4922-9675-E4530060C918}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{C9BFF00B-4EA5-49ED-9C78-96EA94B68AD4}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{86B50C29-36A2-4EB2-8A15-3B22E29ECBD3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2941334D-BF2A-48C7-92E3-30E220EFD4DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DB0746F6-E40C-4BDA-913B-5FD7889FD91D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{04F4A1C5-DD7D-4304-823D-D2468D556114}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{27D5DBA8-3883-40B8-BDEE-3C0F7365852A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{724EC400-5FDC-4C0F-9020-F7FF5B31A2D1}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe] => (Allow) C:\program files (x86)\gameforge\nclauncher\nclauncher.exe
FirewallRules: [UDP Query User{8A35B6E5-9F86-4C30-A5B3-90E58109E081}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe] => (Allow) C:\program files (x86)\gameforge\nclauncher\nclauncher.exe
FirewallRules: [TCP Query User{E6D90CD5-A7FC-410F-A2B2-A743A9D17BA1}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [UDP Query User{5F05D39A-72C4-4DD8-B6B3-68BE9C65F8C0}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [TCP Query User{25D1E8CC-58FA-4F2B-9F01-32E6DC9961D2}C:\users\amonsul\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\amonsul\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{E7F0CACB-C18F-4C67-97DE-ABD2FEC2C4EE}C:\users\amonsul\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\amonsul\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{E2E0C355-B6A6-4C41-A095-4EAFE83C4C31}C:\program files (x86)\spellforce\spellforce 2 - shadow wars\spellforce2.exe] => (Allow) C:\program files (x86)\spellforce\spellforce 2 - shadow wars\spellforce2.exe
FirewallRules: [UDP Query User{D85701B6-BA7A-4ED9-80E5-A6AB0D883384}C:\program files (x86)\spellforce\spellforce 2 - shadow wars\spellforce2.exe] => (Allow) C:\program files (x86)\spellforce\spellforce 2 - shadow wars\spellforce2.exe
FirewallRules: [TCP Query User{2C287175-5E7C-4788-B8B6-DA4EBE9B99B4}C:\program files (x86)\jowood\spellforce\spellforce.exe] => (Allow) C:\program files (x86)\jowood\spellforce\spellforce.exe
FirewallRules: [UDP Query User{50FC5FF3-A5A3-40D8-9AA4-D666B7120073}C:\program files (x86)\jowood\spellforce\spellforce.exe] => (Allow) C:\program files (x86)\jowood\spellforce\spellforce.exe
FirewallRules: [TCP Query User{A68942F2-381C-4E50-88B4-1C7F0C66BF6B}C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe
FirewallRules: [UDP Query User{3011B8FC-1AD7-4F8A-8563-D67207BBEF6E}C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2_w32ded.exe
FirewallRules: [TCP Query User{EF4FBC29-C046-4542-84E9-DB12B4D4892A}C:\users\amonsul\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\amonsul\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{C229706B-FE71-469D-B1AE-D3DF7D9AABA8}C:\users\amonsul\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\amonsul\appdata\local\akamai\netsession_win.exe
FirewallRules: [{F0F96920-0027-4976-A734-CC81BB5576C4}] => (Allow) LPort=56523
FirewallRules: [{77724B4C-A6CB-45F5-BF52-BC1CB5508101}] => (Allow) LPort=5000
FirewallRules: [TCP Query User{BB107E87-D464-4892-B6A2-CF7D1E9E19E6}C:\program files (x86)\ubisoft\anno 1701\anno1701.exe] => (Allow) C:\program files (x86)\ubisoft\anno 1701\anno1701.exe
FirewallRules: [UDP Query User{F3B3E2F0-95D6-47DB-9BCD-F20976BC9EB4}C:\program files (x86)\ubisoft\anno 1701\anno1701.exe] => (Allow) C:\program files (x86)\ubisoft\anno 1701\anno1701.exe
FirewallRules: [{17456301-C88B-46F2-98AB-D5ED3CDF3CEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Anno4.exe
FirewallRules: [{7B3DFA96-9786-4A96-9BE1-5F68E65A9D0B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Anno4.exe
FirewallRules: [{1B6B1D8C-AAC1-4334-A035-9F332D4A1922}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Addon.exe
FirewallRules: [{2FA2C3A4-B62E-4060-AEC9-84047D7BC4E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Anno 1404\Addon.exe
FirewallRules: [TCP Query User{638010AE-C9C3-40C7-A86B-912A27C7094C}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [UDP Query User{AB0A571B-AD23-426F-B4FB-09A46183D754}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [{E2E38F85-766A-4BF6-B0BB-EACAD178D31E}] => (Allow) C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe
FirewallRules: [{389B38D3-74A5-4F44-A958-9A62111AC97D}] => (Allow) C:\Program Files (x86)\EA GAMES\Battlefield 2\BF2.exe
FirewallRules: [{FDE4F2BB-A77C-43A4-AED0-F80D29FADD29}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B7FFD2F9-A430-45A0-9341-95D18569B0DB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/04/2015 12:22:30 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: IIS APPPOOL)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.

Error: (11/04/2015 12:22:30 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: IIS APPPOOL)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.

Error: (11/04/2015 12:22:30 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: IIS APPPOOL)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil.

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (11/04/2015 12:22:30 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht.

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
 for C:\Users\DefaultAppPool\ntuser.dat

Error: (11/04/2015 12:21:42 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/03/2015 09:22:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/03/2015 09:22:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/03/2015 09:22:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/03/2015 09:22:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/03/2015 09:22:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.


Systemfehler:
=============
Error: (11/03/2015 09:25:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (11/03/2015 09:25:33 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\AmonSul\AppData\Local\Temp\ehdrv.sys

Error: (11/03/2015 09:25:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (11/03/2015 09:25:32 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\AmonSul\AppData\Local\Temp\ehdrv.sys

Error: (11/03/2015 09:25:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (11/03/2015 09:25:32 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\AmonSul\AppData\Local\Temp\ehdrv.sys

Error: (11/03/2015 09:24:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (11/03/2015 09:24:17 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\AmonSul\AppData\Local\Temp\ehdrv.sys

Error: (11/03/2015 09:24:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (11/03/2015 09:24:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\AmonSul\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2015-08-11 11:37:31.206
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:29.174
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:29.109
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:25.068
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.982
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.847
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.697
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.597
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.530
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-11 11:37:24.444
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 12286.05 MB
Verfügbarer physikalischer RAM: 10050.51 MB
Summe virtueller Speicher: 21488.05 MB
Verfügbarer virtueller Speicher: 19165 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:387.59 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4D478EF6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================
Vielen Dank schon mal für die freundliche und umfassende Hilfe!

schrauber 04.11.2015 20:30
Sieht gut aus. Bei den andern Rechnern sollte nix passiert sein, kannst aber gerne Logs posten, ich schau mal.

Für hier:

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren .
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.pngAbsicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:
http://filepony.de/icon/emsisoft_anti_malware.png
Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Vigilantus 04.11.2015 21:06
So, dann sage ich hier schon mal herzlichen Dank für freundliche, umfassende und zügige Hilfe! :)

Und dann noch die FRST-Logs...

Zunächst mein alter Laptop:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:04-11-2015
durchgeführt von Osgiliath (Administrator) auf MINASTIRITH (04-11-2015 20:54:05)
Gestartet von C:\Users\Osgiliath\Desktop
Geladene Profile: Osgiliath (Verfügbare Profile: Osgiliath)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-26] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-21] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3318320622-2150733777-4173436211-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3318320622-2150733777-4173436211-1000\...\Run: [Dropbox Update] => C:\Users\Osgiliath\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Osgiliath\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Osgiliath\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Osgiliath\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{46D69491-7B20-47C6-BDEF-E2D66EDF85F0}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A7BC3A95-5FB3-4AEB-826D-0A619D9EFAD9}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
BHO: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Osgiliath\AppData\Roaming\Mozilla\Firefox\Profiles\sle51xfx.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-16] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Osgiliath\AppData\Roaming\Mozilla\Firefox\Profiles\sle51xfx.default\Extensions\abs@avira.com [2015-10-27] [ist nicht signiert]
FF Extension: NASA Night Launch - C:\Users\Osgiliath\AppData\Roaming\Mozilla\Firefox\Profiles\sle51xfx.default\Extensions\nasanightlaunch@example.com.xpi [2015-06-30]
FF Extension: NoScript - C:\Users\Osgiliath\AppData\Roaming\Mozilla\Firefox\Profiles\sle51xfx.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-10-27]
FF Extension: Adblock Plus - C:\Users\Osgiliath\AppData\Roaming\Mozilla\Firefox\Profiles\sle51xfx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
FF Extension: BetterPrivacy - C:\Users\Osgiliath\AppData\Roaming\Mozilla\Firefox\Profiles\sle51xfx.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-05-30]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [461672 2015-09-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-16] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [240360 2015-09-21] (Avira Operations GmbH & Co. KG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108448 2015-09-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136728 2015-09-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-19] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [55912 2015-09-26] (Avira Operations GmbH & Co. KG)
S3 cdrmkaun; C:\Users\Osgiliath\AppData\Local\Temp\cdrmkaun.sys [31744 2015-01-10] () [Datei ist nicht signiert]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-11-03] (Disc Soft Ltd)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-16] (Avira Operations GmbH & Co. KG)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-04 20:47 - 2015-11-04 20:54 - 00008137 _____ C:\Users\Osgiliath\Desktop\FRST.txt
2015-11-04 20:47 - 2015-11-04 20:54 - 00000000 ____D C:\FRST
2015-11-04 20:45 - 2015-11-04 20:45 - 01701888 _____ (Farbar) C:\Users\Osgiliath\Desktop\FRST.exe
2015-10-27 22:27 - 2015-09-14 20:53 - 02385920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-22 23:04 - 2015-10-22 23:48 - 00002068 _____ C:\Users\Osgiliath\Desktop\SpellForce - Shadow of the Phoenix.lnk
2015-10-22 23:04 - 2015-10-22 23:04 - 00000000 ____D C:\Users\Osgiliath\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2015-10-22 22:09 - 2015-10-31 10:49 - 00043520 _____ C:\Windows\system32\CmdLineExt03.dll
2015-10-22 22:09 - 2015-10-31 10:49 - 00000000 ____D C:\Users\Osgiliath\Documents\SpellForce
2015-10-22 22:07 - 2015-10-22 22:07 - 00001129 _____ C:\Windows\DirectX.log
2015-10-22 22:06 - 2015-10-22 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD
2015-10-22 21:53 - 2015-10-22 21:53 - 00000000 ____D C:\Program Files\JoWooD
2015-10-22 19:17 - 2015-10-22 19:17 - 00000000 ____D C:\Users\Osgiliath\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-20 15:46 - 2015-10-20 15:46 - 00001466 _____ C:\Users\Osgiliath\Desktop\Spellforce.lnk
2015-10-16 19:36 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-16 19:36 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-16 19:36 - 2015-09-29 04:02 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-16 19:36 - 2015-09-29 03:59 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-16 19:36 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-16 19:36 - 2015-09-29 03:59 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-16 19:36 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-16 19:36 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-16 19:36 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-16 19:36 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-16 19:36 - 2015-09-29 03:58 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-16 19:36 - 2015-09-29 03:58 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-16 19:36 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-16 19:36 - 2015-09-29 03:58 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-16 19:36 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-16 19:36 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-16 19:36 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-16 19:36 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-16 19:36 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-16 19:36 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-16 19:36 - 2015-09-29 02:43 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-16 19:36 - 2015-09-29 02:43 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-16 19:36 - 2015-09-29 02:43 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-16 19:36 - 2015-09-15 18:42 - 00139096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-16 19:36 - 2015-09-15 18:42 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-16 19:36 - 2015-09-15 18:36 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-16 19:36 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-16 19:36 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-16 19:36 - 2015-09-15 18:36 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-16 19:36 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-16 19:36 - 2015-09-15 18:36 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-16 19:36 - 2015-09-15 18:35 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-16 19:35 - 2015-10-01 18:50 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-16 19:35 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-16 19:35 - 2015-10-01 18:50 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-16 19:35 - 2015-10-01 18:50 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-16 19:35 - 2015-10-01 18:50 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-16 19:35 - 2015-10-01 17:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-16 19:35 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-16 19:35 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-16 19:34 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-16 19:34 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-16 19:34 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-16 19:34 - 2015-09-16 04:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-16 19:34 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-16 19:34 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-16 19:34 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-16 19:34 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-16 19:34 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-16 19:34 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-16 19:34 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-16 19:34 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-16 19:34 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-16 19:34 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-16 19:34 - 2015-09-16 04:23 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-16 19:34 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-16 19:34 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-16 19:34 - 2015-09-16 04:18 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-16 19:34 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-16 19:34 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-16 19:34 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-16 19:34 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-16 19:34 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-16 19:34 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-16 19:34 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-16 19:34 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-16 19:34 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-16 19:34 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-16 19:34 - 2015-09-16 03:56 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-16 19:34 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-16 19:34 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-16 19:34 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-16 19:34 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-16 19:34 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-10 20:29 - 2015-10-10 22:41 - 00000000 ____D C:\Users\Osgiliath\AppData\Roaming\dvdcss
2015-10-08 21:57 - 2015-10-08 21:59 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-08 21:55 - 2015-09-25 18:59 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-08 21:55 - 2015-09-25 18:59 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-08 21:55 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-08 21:55 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-08 21:55 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-08 21:55 - 2015-09-25 18:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-08 21:55 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-08 21:55 - 2015-09-25 18:58 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-08 21:55 - 2015-09-25 18:58 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-08 21:55 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-08 21:55 - 2015-09-25 18:58 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-08 21:55 - 2015-09-18 18:47 - 00023384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-08 21:55 - 2015-09-18 18:44 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-08 21:55 - 2015-09-18 18:44 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-08 21:55 - 2015-09-18 18:44 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-08 21:55 - 2015-09-18 18:44 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-08 21:55 - 2015-09-18 18:44 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-08 21:55 - 2015-09-18 18:35 - 00999936 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-04 20:50 - 2015-06-21 12:39 - 00001240 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3318320622-2150733777-4173436211-1000UA.job
2015-11-04 20:48 - 2009-07-14 05:34 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-04 20:48 - 2009-07-14 05:34 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-04 20:46 - 2015-08-15 21:17 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-11-04 20:46 - 2014-03-17 19:37 - 01599576 _____ C:\Windows\WindowsUpdate.log
2015-11-04 20:41 - 2014-08-22 19:09 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-04 20:39 - 2014-11-03 10:03 - 00012331 _____ C:\Windows\setupact.log
2015-11-04 20:39 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-02 22:20 - 2014-03-17 20:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-02 19:20 - 2015-08-12 19:45 - 00000000 ____D C:\Program Files\Steam
2015-11-02 19:20 - 2014-03-18 03:45 - 00000000 ___RD C:\Users\Osgiliath\Dropbox
2015-11-02 17:51 - 2014-03-17 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-02 17:41 - 2014-05-11 15:11 - 00000000 ____D C:\Users\Osgiliath\Documents\Runes of Magic
2015-11-02 17:40 - 2014-03-18 03:38 - 00000000 ____D C:\Users\Osgiliath\AppData\Roaming\Dropbox
2015-10-31 10:50 - 2015-06-21 12:39 - 00001188 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3318320622-2150733777-4173436211-1000Core.job
2015-10-30 23:47 - 2015-04-27 18:01 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-30 23:38 - 2010-11-20 22:01 - 01619112 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-29 21:01 - 2015-08-01 13:46 - 00000000 ____D C:\Users\Osgiliath\AppData\Roaming\Skype
2015-10-29 18:13 - 2015-05-12 15:11 - 00000000 ____D C:\Users\Osgiliath\AppData\Roaming\TS3Client
2015-10-27 22:40 - 2009-07-14 05:33 - 00327920 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-27 22:16 - 2015-05-12 15:10 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-22 22:08 - 2014-10-13 19:48 - 00000000 ____D C:\Users\Osgiliath\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-10-20 13:49 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2015-10-20 13:23 - 2014-09-12 19:17 - 00000000 ____D C:\Users\Osgiliath\AppData\Local\Adobe
2015-10-18 21:31 - 2010-11-20 22:48 - 00365908 _____ C:\Windows\PFRO.log
2015-10-18 21:31 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-10-16 21:39 - 2014-03-17 22:38 - 00000000 ____D C:\Windows\system32\MRT
2015-10-16 21:34 - 2014-03-17 22:38 - 141105520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-16 19:20 - 2014-03-17 20:52 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-10-16 19:20 - 2014-03-17 20:52 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-10-11 00:18 - 2014-03-18 03:49 - 00000000 ____D C:\Users\Osgiliath\AppData\Roaming\vlc
2015-10-08 21:56 - 2015-04-09 11:15 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-08 21:56 - 2014-04-27 11:24 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-08 21:39 - 2014-03-17 20:06 - 00000000 ____D C:\Program Files\Avira

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-16 10:24 - 2015-04-16 10:24 - 0003584 _____ () C:\Users\Osgiliath\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-18 15:39 - 2015-09-11 14:21 - 0007640 _____ () C:\Users\Osgiliath\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\Osgiliath\AppData\Local\Temp\avgnt.exe
C:\Users\Osgiliath\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8z6zoj.dll
C:\Users\Osgiliath\AppData\Local\Temp\npp.6.7.7.Installer.exe
C:\Users\Osgiliath\AppData\Local\Temp\npp.6.7.8.2.Installer.exe
C:\Users\Osgiliath\AppData\Local\Temp\npp.6.7.9.2.Installer.exe
C:\Users\Osgiliath\AppData\Local\Temp\npp.6.8.1.Installer.exe
C:\Users\Osgiliath\AppData\Local\Temp\npp.6.8.3.Installer.exe
C:\Users\Osgiliath\AppData\Local\Temp\pid16.dll
C:\Users\Osgiliath\AppData\Local\Temp\pid32.dll
C:\Users\Osgiliath\AppData\Local\Temp\SIntf16.dll
C:\Users\Osgiliath\AppData\Local\Temp\SIntf32.dll
C:\Users\Osgiliath\AppData\Local\Temp\SIntfNT.dll
C:\Users\Osgiliath\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Osgiliath\AppData\Local\Temp\vlc-2.2.1-win32.exe
C:\Users\Osgiliath\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-31 14:04

==================== Ende vom FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:04-11-2015
durchgeführt von Osgiliath (2015-11-04 20:55:06)
Gestartet von C:\Users\Osgiliath\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) (2014-03-17 18:47:16)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3318320622-2150733777-4173436211-500 - Administrator - Disabled)
Gast (S-1-5-21-3318320622-2150733777-4173436211-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3318320622-2150733777-4173436211-1002 - Limited - Enabled)
Osgiliath (S-1-5-21-3318320622-2150733777-4173436211-1000 - Administrator - Enabled) => C:\Users\Osgiliath

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM\...\{d6a7cfcc-1f1c-4638-8f9e-0f184696fcdb}) (Version: 1.1.48.9049 - Avira Operations GmbH & Co. KG)
Avira Launcher (Version: 1.1.48.9049 - Avira Operations GmbH & Co. KG) Hidden
Caesar 3 (HKLM\...\Caesar 3) (Version:  - )
CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Die Siedler III Gold Edition (HKLM\...\S3) (Version:  - )
Dropbox (HKU\S-1-5-21-3318320622-2150733777-4173436211-1000\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Gameforge Live 2.0.6 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
LibreOffice 4.4.5.2 (HKLM\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)
Little Inferno (HKLM\...\Steam App 221260) (Version:  - Tomorrow Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 42.0 (x86 de) (HKLM\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Notepad++ (HKLM\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - NVIDIA Corporation)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C89}) (Version: 4.0.6 - dotPDN LLC)
Portal (HKLM\...\Steam App 400) (Version:  - Valve)
QuickTime 7 (HKLM\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Runes of Magic (HKLM\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 6.0.6.2685 - Gameforge Productions GmbH)
Sierra-Dienstprogramme (HKLM\...\Sierra-Dienstprogramme) (Version:  - )
Skype™ 7.10 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
SpellForce (HKLM\...\SpellForce) (Version: SpellForce v1.52 - JoWooD Productions Software AG)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
TeXnicCenter Version 2.02 Stable (HKLM\...\TeXnicCenter_is1) (Version: 2.02 Stable - The TeXnicCenter Team)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Xfire (HKLM\...\Xfire) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Osgiliath\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Osgiliath\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Osgiliath\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Osgiliath\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Osgiliath\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Osgiliath\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Osgiliath\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Osgiliath\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Osgiliath\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Osgiliath\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Osgiliath\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Osgiliath\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Osgiliath\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Osgiliath\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Osgiliath\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Osgiliath\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Osgiliath\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Osgiliath\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3318320622-2150733777-4173436211-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Osgiliath\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

02-11-2015 22:16:14 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {24AA1845-8F29-442D-87BD-BD7FCF925B3C} - System32\Tasks\{4C3B39D4-DB18-432B-B5AC-675242472313} => pcalua.exe -a "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -d "C:\Program Files\DAEMON Tools Lite"
Task: {4569E228-B8CC-4FBE-8D54-DFAA6DD92792} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {63551697-513F-4A65-AB62-3CC71136FE3A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8C15DE8A-2E8E-4984-902B-A3C2BB052061} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16] (Adobe Systems Incorporated)
Task: {8F3984A6-1B64-452E-8852-14BE1987E977} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3318320622-2150733777-4173436211-1000Core => C:\Users\Osgiliath\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)
Task: {D06C0E00-D74B-4C53-8F29-79D47A667FA5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3318320622-2150733777-4173436211-1000UA => C:\Users\Osgiliath\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-21] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3318320622-2150733777-4173436211-1000Core.job => C:\Users\Osgiliath\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3318320622-2150733777-4173436211-1000UA.job => C:\Users\Osgiliath\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============


==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Osgiliath\Documents\Runes of Magic:com.dropbox.attributes

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3318320622-2150733777-4173436211-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Osgiliath\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{F9698B19-7378-4C6F-B8EC-5FF144F044EC}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{6BE2BCE0-4F96-43B7-81BD-BBE9F4E022C1}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{1A585471-48DC-4677-9C76-B4DAC9C92FD9}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [UDP Query User{0F9D38BD-6AC0-4A50-8074-DA6303FBDBE7}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [{81F4B4D6-941D-4A1F-9302-F27DFFD84B13}] => (Allow) C:\Users\Osgiliath\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C2068552-A534-4E0F-8264-B11BB18147BA}] => (Allow) C:\Users\Osgiliath\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{09C773F1-BD20-451F-8BE6-C134935F36C4}C:\program files\xfire\xfire.exe] => (Allow) C:\program files\xfire\xfire.exe
FirewallRules: [UDP Query User{9C17C7CC-1ACF-49D5-8629-93CD115F8088}C:\program files\xfire\xfire.exe] => (Allow) C:\program files\xfire\xfire.exe
FirewallRules: [TCP Query User{FB036EB2-FD20-4E43-BABE-6A5C7985980D}C:\program files\gameforgelive\games\deu_deu\runes of magic\client.exe] => (Allow) C:\program files\gameforgelive\games\deu_deu\runes of magic\client.exe
FirewallRules: [UDP Query User{B4D821F7-92B0-4299-9A66-53DC8CBA3502}C:\program files\gameforgelive\games\deu_deu\runes of magic\client.exe] => (Allow) C:\program files\gameforgelive\games\deu_deu\runes of magic\client.exe
FirewallRules: [TCP Query User{7CCD0C6D-1ED7-4A7C-A2F1-38D14E98E39E}C:\users\osgiliath\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\osgiliath\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{563266E4-80D2-4204-A4BD-23924F7C4B22}C:\users\osgiliath\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\osgiliath\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{33253FB4-9DA7-45CC-8A16-7B4CBE925530}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C01063CA-E0BA-4A5D-AE70-53963999BF21}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8470B6B9-BEDB-40F4-A410-D88B62CB8836}] => (Allow) C:\Program Files\GameforgeLive\gfl_client.exe
FirewallRules: [{66453094-C441-4910-85CD-C0DA2CD1BC63}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{9DE8B7E7-CBA0-4E64-8610-46A6492FBBE3}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{079810B2-02AB-46BC-8DE3-A22E4F417303}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{AB4CB0E3-EFD3-4603-ABD2-351B7111EF1A}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{511E8030-611D-451B-B309-9BCB81D67D72}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{10B18D86-7AE4-488C-B258-8303B0562D2E}] => (Allow) C:\Program Files\Steam\steamapps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{E1F35079-C049-413D-B66A-106969931B63}] => (Allow) C:\Program Files\Steam\steamapps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{B93CEE92-33C5-43F9-B07E-9D24F1996FB2}] => (Allow) C:\Program Files\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{4867E26F-0E10-4C48-ADB3-896BA3683AEB}] => (Allow) C:\Program Files\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [TCP Query User{63D1856A-0E0B-4E2A-8057-D4787506837A}C:\program files\jowood\spellforce\spellforce.exe] => (Allow) C:\program files\jowood\spellforce\spellforce.exe
FirewallRules: [UDP Query User{C18A9B1A-BA94-404B-B894-5895BD91DD9C}C:\program files\jowood\spellforce\spellforce.exe] => (Allow) C:\program files\jowood\spellforce\spellforce.exe
FirewallRules: [{A990594C-2844-4630-96B0-A7123BE2726E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E5D3FB60-6680-4043-AD5C-B82140662B6B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/04/2015 08:40:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/02/2015 07:56:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: fms.dll, Version: 1.1.6000.16384, Zeitstempel: 0x4ce7b81f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00003e69
ID des fehlerhaften Prozesses: 0xd24
Startzeit der fehlerhaften Anwendung: 0xwmpnetwk.exe0
Pfad der fehlerhaften Anwendung: wmpnetwk.exe1
Pfad des fehlerhaften Moduls: wmpnetwk.exe2
Berichtskennung: wmpnetwk.exe3

Error: (11/02/2015 07:50:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: fms.dll, Version: 1.1.6000.16384, Zeitstempel: 0x4ce7b81f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00003e69
ID des fehlerhaften Prozesses: 0xe58
Startzeit der fehlerhaften Anwendung: 0xwmpnetwk.exe0
Pfad der fehlerhaften Anwendung: wmpnetwk.exe1
Pfad des fehlerhaften Moduls: wmpnetwk.exe2
Berichtskennung: wmpnetwk.exe3

Error: (11/02/2015 05:38:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/31/2015 10:46:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2015 11:33:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/29/2015 06:07:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/27/2015 10:41:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/27/2015 10:12:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2015 07:44:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (11/02/2015 07:56:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/02/2015 07:51:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/31/2015 02:26:43 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (10/31/2015 12:26:48 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (10/30/2015 11:35:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "cdrmkaun" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/29/2015 06:06:31 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (10/18/2015 09:36:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.

Error: (10/08/2015 08:30:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (10/05/2015 06:02:01 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (10/02/2015 12:25:30 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


CodeIntegrity:
===================================
  Date: 2015-07-28 10:37:42.762
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 10:37:42.487
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 10:37:42.288
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 10:37:42.100
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 10:37:41.832
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 10:37:41.795
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 10:37:41.768
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 10:37:41.735
  Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.


==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual-Core Processor TK-55
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 1919.43 MB
Verfügbarer physikalischer RAM: 1155.41 MB
Summe virtueller Speicher: 3838.86 MB
Verfügbarer virtueller Speicher: 2797.56 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:101.46 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 00018F0C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== Ende vom Addition.txt ============================

Vigilantus 04.11.2015 21:13
Und das etwas neuere Modell:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-11-2015
durchgeführt von Vigilantus (Administrator) auf AMONHEN (04-11-2015 21:09:57)
Gestartet von C:\Users\Vigilantus\Desktop
Geladene Profile: Vigilantus (Verfügbare Profile: Vigilantus)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Vigilantus\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6310.42251.0_x64__8wekyb3d8bbwe\HxTsr.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3347688 2015-08-01] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [403848 2012-09-13] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [399776 2012-09-13] (MSI)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-02] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502328 2012-05-23] (MSI)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe [153424 2011-08-25] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36711472 2015-10-13] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2991528262-1410487994-480782504-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2991528262-1410487994-480782504-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Vigilantus\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2991528262-1410487994-480782504-1002\...\RunOnce: [Uninstall C:\Users\Vigilantus\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vigilantus\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-2991528262-1410487994-480782504-1002\...\RunOnce: [Uninstall C:\Users\Vigilantus\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vigilantus\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-2991528262-1410487994-480782504-1002\...\RunOnce: [Uninstall C:\Users\Vigilantus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vigilantus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-2991528262-1410487994-480782504-1002\...\RunOnce: [Uninstall C:\Users\Vigilantus\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vigilantus\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177416 2015-10-03] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177416 2015-10-03] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2013-11-26]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4E08CC97-912D-458B-8705-9A14C325532F}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{05e39268-35c5-4b77-b4c9-6fde4fb8f084}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{653c3712-94db-48d7-a87d-f25be1c2c1b3}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2991528262-1410487994-480782504-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2991528262-1410487994-480782504-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.msi.com
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Vigilantus\AppData\Roaming\Mozilla\Firefox\Profiles\c72ukbhm.default-1376824317733
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-21] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-09-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-09-25] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: ChatZilla [de] - C:\Users\Vigilantus\AppData\Roaming\Mozilla\Firefox\Profiles\c72ukbhm.default-1376824317733\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5de} [2015-07-04]
FF Extension: NASA Night Launch - C:\Users\Vigilantus\AppData\Roaming\Mozilla\Firefox\Profiles\c72ukbhm.default-1376824317733\Extensions\nasanightlaunch@example.com.xpi [2015-06-28]
FF Extension: NoScript - C:\Users\Vigilantus\AppData\Roaming\Mozilla\Firefox\Profiles\c72ukbhm.default-1376824317733\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-02]
FF Extension: Video DownloadHelper - C:\Users\Vigilantus\AppData\Roaming\Mozilla\Firefox\Profiles\c72ukbhm.default-1376824317733\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-02]
FF Extension: Adblock Plus - C:\Users\Vigilantus\AppData\Roaming\Mozilla\Firefox\Profiles\c72ukbhm.default-1376824317733\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF Extension: BetterPrivacy - C:\Users\Vigilantus\AppData\Roaming\Mozilla\Firefox\Profiles\c72ukbhm.default-1376824317733\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-05-31]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-23] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-15] (Avira Operations GmbH & Co. KG)
S3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [45240 2015-07-10] (Microsoft Corporation)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240360 2015-09-21] (Avira Operations GmbH & Co. KG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-06] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-06] (Dropbox, Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-08-01] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-21] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-09-25] (Intel Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2012-09-13] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [142904 2012-05-23] (MSI)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation)
S4 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [Datei ist nicht signiert]
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2013-11-26] () [Datei ist nicht signiert]
R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [270672 2011-08-25] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-09-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-23] (Avira Operations GmbH & Co. KG)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-11-25] (DT Soft Ltd)
S3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-11-03] (LogMeIn Inc.)
R3 Ke2200; C:\Windows\System32\drivers\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-07-10] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 XFDriver64; C:\Program Files (x86)\Xfire2\XFDriver64.sys [17160 2013-03-14] (XFire)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [35880 2015-11-04] (Wellbia.com Co., Ltd.)
S3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-04 21:09 - 2015-11-04 21:10 - 00021995 _____ C:\Users\Vigilantus\Desktop\FRST.txt
2015-11-04 21:09 - 2015-11-04 21:10 - 00000000 ____D C:\FRST
2015-11-04 21:09 - 2015-11-04 21:09 - 02198016 _____ (Farbar) C:\Users\Vigilantus\Desktop\FRST64.exe
2015-11-04 21:08 - 2015-11-04 21:08 - 00000000 ___HD C:\OneDriveTemp
2015-11-04 21:07 - 2015-11-04 21:07 - 00016148 _____ C:\WINDOWS\system32\AMONHEN_Vigilantus_HistoryPrediction.bin
2015-11-02 20:07 - 2015-11-02 20:09 - 00000000 ____D C:\Users\Vigilantus\AppData\Roaming\Ubisoft
2015-11-02 20:00 - 2015-11-02 20:07 - 00000000 ____D C:\Users\Vigilantus\Documents\ANNO 1404 Venedig
2015-10-22 00:45 - 2015-10-22 00:45 - 00043520 _____ C:\WINDOWS\SysWOW64\CmdLineExt03.dll
2015-10-22 00:18 - 2015-10-22 01:22 - 00000000 ____D C:\Users\Vigilantus\Documents\SpellForce
2015-10-22 00:14 - 2015-10-22 01:26 - 00000000 ____D C:\Users\Vigilantus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2015-10-21 22:49 - 2015-10-21 22:49 - 00618992 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-10-21 22:49 - 2015-10-21 22:49 - 00188884 _____ C:\WINDOWS\system32\resTHA.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00181524 _____ C:\WINDOWS\system32\resELL.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00177300 _____ C:\WINDOWS\system32\resRUS.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00163044 _____ C:\WINDOWS\system32\resARA.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00162500 _____ C:\WINDOWS\system32\resHEB.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00162484 _____ C:\WINDOWS\system32\resJPN.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00157860 _____ C:\WINDOWS\system32\resHUN.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00157844 _____ C:\WINDOWS\system32\resFRA.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00156100 _____ C:\WINDOWS\system32\resKOR.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00156020 _____ C:\WINDOWS\system32\resDEU.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00155988 _____ C:\WINDOWS\system32\resITA.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00155828 _____ C:\WINDOWS\system32\resROM.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00155716 _____ C:\WINDOWS\system32\resESN.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00155268 _____ C:\WINDOWS\system32\resPLK.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00155172 _____ C:\WINDOWS\system32\resSKY.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00154980 _____ C:\WINDOWS\system32\resNLD.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00154372 _____ C:\WINDOWS\system32\resPTB.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00154260 _____ C:\WINDOWS\system32\resTRK.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00154212 _____ C:\WINDOWS\system32\resCSY.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00154084 _____ C:\WINDOWS\system32\resPTG.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00153620 _____ C:\WINDOWS\system32\resFIN.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00153236 _____ C:\WINDOWS\system32\resHRV.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00152772 _____ C:\WINDOWS\system32\resSVE.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00152644 _____ C:\WINDOWS\system32\resSLV.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00151668 _____ C:\WINDOWS\system32\resNOR.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00151156 _____ C:\WINDOWS\system32\resDAN.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00149812 _____ C:\WINDOWS\system32\resENU.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00148052 _____ C:\WINDOWS\system32\resCHT.cui
2015-10-21 22:49 - 2015-10-21 22:49 - 00147188 _____ C:\WINDOWS\system32\resCHS.cui
2015-10-21 22:48 - 2015-10-21 22:48 - 22915568 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 17846272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 11053048 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 08528896 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 06513648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 04371888 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-10-21 22:48 - 2015-10-21 22:48 - 04369816 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-10-21 22:48 - 2015-10-21 22:48 - 04025864 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 02506960 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-10-21 22:48 - 2015-10-21 22:48 - 02037232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 01995760 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 01793024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 01768432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 01470472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 01156000 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00970656 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-10-21 22:48 - 2015-10-21 22:48 - 00866824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00661000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00617992 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00556960 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-10-21 22:48 - 2015-10-21 22:48 - 00554928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-10-21 22:48 - 2015-10-21 22:48 - 00469216 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00444832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-10-21 22:48 - 2015-10-21 22:48 - 00410528 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-10-21 22:48 - 2015-10-21 22:48 - 00409520 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-10-21 22:48 - 2015-10-21 22:48 - 00395168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-10-21 22:48 - 2015-10-21 22:48 - 00394224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00387056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00374272 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00357912 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00329216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00316245 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2015-10-21 22:48 - 2015-10-21 22:48 - 00296944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00291744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-10-21 22:48 - 2015-10-21 22:48 - 00265712 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-10-21 22:48 - 2015-10-21 22:48 - 00232960 _____ C:\WINDOWS\system32\igdde64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00230384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00229664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00225288 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00216552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4276.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00205728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-10-21 22:48 - 2015-10-21 22:48 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00194368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00192520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00172528 _____ C:\WINDOWS\system32\igdail64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00165808 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-10-21 22:48 - 2015-10-21 22:48 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00154096 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00143368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00109064 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00096752 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00069616 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00042232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00039424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00020976 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00015344 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-10-21 22:48 - 2015-10-21 22:48 - 00002560 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-10-21 22:48 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-21 22:48 - 2015-10-10 07:40 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-21 22:48 - 2015-10-10 07:07 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-21 22:48 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-21 22:48 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-21 22:48 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-21 22:48 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-21 22:48 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-21 22:48 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-21 22:48 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-21 22:48 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-21 22:48 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-21 22:48 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-21 22:48 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-21 22:48 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-21 22:48 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-21 22:48 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-21 22:48 - 2015-09-25 04:17 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-21 22:48 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-21 22:48 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-21 22:48 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-21 22:48 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-21 22:48 - 2015-09-25 04:04 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-21 22:48 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-21 22:48 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-21 22:48 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-21 22:48 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-21 22:48 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-21 22:48 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-21 22:48 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-21 22:48 - 2015-09-25 04:02 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-21 22:48 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-21 22:48 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-21 22:48 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-21 22:48 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-21 22:48 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-21 22:48 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-21 22:48 - 2015-09-25 03:59 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-21 22:48 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-21 22:48 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-21 22:48 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-21 22:48 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-21 22:48 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-21 22:48 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-21 22:48 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-21 22:48 - 2015-09-25 03:48 - 19325952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-21 22:48 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-21 22:48 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-21 22:48 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-21 22:48 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-21 22:48 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-21 22:48 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-21 22:48 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-21 22:48 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-21 22:48 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-21 22:48 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-21 22:48 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-21 22:48 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-21 22:48 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-21 22:48 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-21 22:48 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-21 22:48 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-21 22:48 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-21 22:48 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-21 22:48 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-21 22:44 - 2015-10-21 22:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-09 00:26 - 2015-10-06 19:46 - 00040080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-10-09 00:26 - 2015-10-03 05:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 18354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 15803800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 12868120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-10-09 00:26 - 2015-10-03 05:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-10-06 00:51 - 2015-11-04 21:07 - 00001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-10-06 00:51 - 2015-11-04 17:56 - 00001238 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-10-06 00:51 - 2015-10-21 22:44 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-06 00:51 - 2015-10-06 00:51 - 00004298 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2015-10-06 00:51 - 2015-10-06 00:51 - 00004066 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-04 21:08 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-04 21:08 - 2014-12-27 09:32 - 00000000 ___RD C:\Users\Vigilantus\OneDrive
2015-11-04 21:07 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-04 18:16 - 2015-06-21 02:43 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-04 18:00 - 2013-01-28 15:27 - 00000000 ____D C:\Users\Vigilantus\AppData\Roaming\Skype
2015-11-04 17:37 - 2013-05-17 01:07 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-04 17:32 - 2014-07-25 09:48 - 00000000 ____D C:\Users\Vigilantus\AppData\Local\Battle.net
2015-11-04 17:02 - 2014-07-25 09:47 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-04 16:00 - 2015-08-31 15:04 - 00035880 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2015-11-04 15:59 - 2015-08-29 09:43 - 00000000 ____D C:\Users\Vigilantus\AppData\Local\Akamai
2015-11-04 15:53 - 2013-08-11 13:55 - 00000000 ___RD C:\Users\Vigilantus\Dropbox
2015-11-04 15:53 - 2013-08-11 13:52 - 00000000 ____D C:\Users\Vigilantus\AppData\Roaming\Dropbox
2015-11-04 11:02 - 2013-01-28 21:43 - 00000885 _____ C:\WINDOWS\client.config.ini
2015-11-04 10:40 - 2013-01-28 20:56 - 00000000 ____D C:\Program Files (x86)\Runes of Magic
2015-11-03 21:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-03 21:12 - 2013-01-27 21:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-03 11:29 - 2015-07-31 07:13 - 00000000 ____D C:\Users\Vigilantus
2015-11-03 08:24 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-02 23:43 - 2013-01-28 15:27 - 00000000 ____D C:\ProgramData\Skype
2015-11-02 22:59 - 2013-02-19 00:50 - 00000000 ____D C:\Users\Vigilantus\Documents\Battlefield 2
2015-11-02 22:31 - 2014-03-31 11:27 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-02 22:31 - 2013-01-29 01:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-02 21:47 - 2013-01-29 12:28 - 00000000 ____D C:\Users\Vigilantus\AppData\Roaming\TS3Client
2015-11-02 19:37 - 2015-06-21 02:47 - 00000000 ____D C:\Users\Vigilantus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-11-02 19:34 - 2015-04-27 22:57 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-02 19:33 - 2015-04-27 22:58 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-02 19:27 - 2015-07-31 07:10 - 01999324 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-02 19:27 - 2015-07-10 17:34 - 00850978 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-02 19:27 - 2015-07-10 17:34 - 00187610 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-02 19:26 - 2013-01-28 21:16 - 00000000 ___HD C:\Users\Vigilantus\Documents\Runes of Magic
2015-11-02 19:25 - 2015-08-01 09:33 - 00002418 _____ C:\Users\Vigilantus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-02 19:25 - 2013-01-28 15:21 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-11-02 19:19 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-22 01:44 - 2015-07-10 13:20 - 00018276 _____ C:\WINDOWS\setupact.log
2015-10-22 01:21 - 2013-01-27 23:41 - 00000000 ____D C:\Users\Vigilantus\AppData\Roaming\vlc
2015-10-22 00:59 - 2014-06-12 10:28 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-10-22 00:57 - 2015-07-31 07:03 - 00021152 _____ C:\WINDOWS\PFRO.log
2015-10-22 00:56 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-22 00:55 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-21 23:39 - 2013-02-10 22:45 - 00011252 _____ C:\WINDOWS\DirectX.log
2015-10-21 23:10 - 2013-07-31 01:50 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-21 22:55 - 2013-01-28 14:38 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-21 22:53 - 2014-07-25 09:53 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-10-21 22:48 - 2015-07-31 07:07 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-10-21 22:48 - 2015-07-31 07:07 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-10-21 22:48 - 2015-07-30 21:46 - 12335600 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-10-21 22:48 - 2015-07-30 21:46 - 11905432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-10-21 22:48 - 2015-07-30 21:46 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-10-21 22:48 - 2015-07-30 21:46 - 04637640 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-10-21 22:48 - 2015-07-30 21:46 - 03672344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-10-21 22:48 - 2015-07-30 21:45 - 03797424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-10-21 22:48 - 2015-07-30 21:45 - 00680432 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-10-21 22:48 - 2015-07-30 21:45 - 00541600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-10-21 22:48 - 2015-07-30 21:45 - 00330136 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-10-21 22:48 - 2015-07-30 21:45 - 00285184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-10-21 22:48 - 2015-07-30 21:45 - 00262640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-10-21 22:48 - 2015-07-30 21:45 - 00258456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-10-16 04:10 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-11 16:28 - 2013-02-10 01:39 - 00000000 ____D C:\Data
2015-10-09 18:13 - 2015-07-31 07:10 - 02026882 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-10-09 17:51 - 2012-09-26 01:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-09 17:49 - 2013-02-22 02:45 - 00000000 ____D C:\Users\Vigilantus\dwhelper
2015-10-09 00:27 - 2015-07-31 07:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-09 00:18 - 2013-01-28 14:45 - 00007689 _____ C:\Users\Vigilantus\AppData\Local\Resmon.ResmonCfg
2015-10-07 01:52 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-06 22:30 - 2015-06-19 19:19 - 00000000 ____D C:\Users\Vigilantus\AppData\Local\Dropbox
2015-10-06 22:06 - 2014-12-26 00:01 - 00000000 ____D C:\Users\Vigilantus\MediathekView
2015-10-06 19:45 - 2015-07-23 03:02 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-09-07 23:58 - 2013-11-25 01:52 - 0003584 _____ () C:\Users\Vigilantus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-26 02:52 - 2013-11-26 02:57 - 0000000 _____ () C:\Users\Vigilantus\AppData\Local\Driver_LOM_8161Present.flag
2013-02-19 00:46 - 2013-02-19 00:46 - 0000098 _____ () C:\Users\Vigilantus\AppData\Local\fusioncache.dat
2013-01-28 14:45 - 2015-10-09 00:18 - 0007689 _____ () C:\Users\Vigilantus\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\Vigilantus\AppData\Local\Temp\avgnt.exe
C:\Users\Vigilantus\AppData\Local\Temp\c17a768d627728d3ebe49f303810d093.dll
C:\Users\Vigilantus\AppData\Local\Temp\d4f5d244a0909d75573750c06e9db24d.dll
C:\Users\Vigilantus\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphvi6tv.dll
C:\Users\Vigilantus\AppData\Local\Temp\npp.6.8.1.Installer.exe
C:\Users\Vigilantus\AppData\Local\Temp\npp.6.8.3.Installer.exe
C:\Users\Vigilantus\AppData\Local\Temp\pid16.dll
C:\Users\Vigilantus\AppData\Local\Temp\pid32.dll
C:\Users\Vigilantus\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Vigilantus\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-03 08:19

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-11-2015
durchgeführt von Vigilantus (2015-11-04 21:11:14)
Gestartet von C:\Users\Vigilantus\Desktop
Windows 10 Home (X64) (2015-07-31 07:08:18)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2991528262-1410487994-480782504-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2991528262-1410487994-480782504-1004 - Limited - Enabled)
DefaultAccount (S-1-5-21-2991528262-1410487994-480782504-503 - Limited - Disabled)
Gast (S-1-5-21-2991528262-1410487994-480782504-501 - Limited - Disabled)
Vigilantus (S-1-5-21-2991528262-1410487994-480782504-1002 - Administrator - Enabled) => C:\Users\Vigilantus

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AION Free-to-Play Version 1.0 (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: 1.0 - Gameforge)
Akamai NetSession Interface (HKU\S-1-5-21-2991528262-1410487994-480782504-1002\...\Akamai) (Version:  - Akamai Technologies, Inc)
Anno 1404 (HKLM-x32\...\Steam App 33250) (Version:  - Blue Byte)
Anno 1404: Venice (HKLM-x32\...\Steam App 33350) (Version:  - Blue Byte)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d6a7cfcc-1f1c-4638-8f9e-0f184696fcdb}) (Version: 1.1.48.9049 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.48.9049 - Avira Operations GmbH & Co. KG) Hidden
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1208.0301 - Micro-Star International Co., Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 4.0.1207.2301 - Micro-Star International Co., Ltd.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Die Siedler III Gold Edition (HKLM-x32\...\S3) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
Echo of Soul (HKLM-x32\...\Echo of Soul) (Version:  - )
ELAN Touchpad 15.13.1.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.13.1.1 - ELAN Microelectronic Corp.)
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version:  - Valve)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - Tomorrow Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
PlanetSide 2 (HKU\S-1-5-21-2991528262-1410487994-480782504-1002\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-2991528262-1410487994-480782504-1002\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{DD21E907-9A2A-44B8-A12E-13691E166664}) (Version: 1.0.30.1003 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.091213 - REALTEK Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.)
Runes of Magic (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 5.0.5.2592 - Gameforge Productions GmbH)
SCM (HKLM\...\{FA8AB91A-0B41-4797-9015-9B3FBC7834CC}) (Version: 10.012.09132 -  )
SDK Debuggers (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.010 - MSI)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
TERA (HKLM-x32\...\{A2S166A0-F031-4E27-A057-C69733219434}_is1) (Version: 18.10.03 - Gameforge Productions GmbH)
TeXnicCenter Version 2.0 Beta 1 (HKLM\...\TeXnicCenter_is1) (Version: 2.0 Beta 1 - The TeXnicCenter Team)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Driver Package - Intel (NETwNe64) net  (09/12/2012 15.5.4.45) (HKLM\...\A007E57753F87B14A4737DA95057F173950A6A3D) (Version: 09/12/2012 15.5.4.45 - Intel)
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{2fc72c67-2837-46c2-b20a-9acb0d3cb2b2}) (Version: 8.100.25984 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xfire 2.0 (HKLM-x32\...\{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1) (Version: 2.0 - Xfire, Inc.)
Yu-Gi-Oh! Power of Chaos JOEY THE PASSION (HKLM-x32\...\{336DD6B4-B100-4048-B2B7-FBA7059FD959}) (Version: 1.00.0000 - KONAMI)
Yu-Gi-Oh! Power of Chaos KAIBA THE REVENGE (HKLM-x32\...\{485C9280-B899-4D46-86F3-B3E459636EE5}) (Version: 1.00.0000 - KONAMI)
Yu-Gi-Oh! Power of Chaos YUGI THE DESTINY (HKLM-x32\...\{3571656A-575D-4CED-809D-5547587121FF}) (Version: 1.00.0000 - KONAMI)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2991528262-1410487994-480782504-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vigilantus\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2991528262-1410487994-480782504-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Wiederherstellungspunkte =========================

02-11-2015 22:59:23 Removed Battlefield 2 Server

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02E621BC-8D0C-4D8C-83D2-085529736D7F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {06E178D6-4713-48D0-BB3E-21D4B17BB56C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {0EAB234F-A087-43C4-A032-41B297BAF849} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-21] (Adobe Systems Incorporated)
Task: {14270A2A-849F-40B2-9673-FF3C6ECC57ED} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-06] (Dropbox, Inc.)
Task: {1B7CE9CD-EDDA-4590-99DB-3A28D7F63486} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {2EE5E356-69B2-4A4C-9BF3-11A71ECAAC5A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {2F0EEB05-84FC-4086-BAD3-E76B6553A052} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-06] (Dropbox, Inc.)
Task: {38C65811-4809-4FB1-A70D-AB706B378FDF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {44A7F520-FBD0-4913-895A-77A92D3D8E09} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {5B788EA6-D159-48EB-8F57-C91C3609343A} - System32\Tasks\{B2CFE0F0-1AF7-478A-904C-04D78D1FC7A5} => pcalua.exe -a "C:\Program Files (x86)\TERA\TERA-Launcher.exe" -d "C:\Program Files (x86)\TERA"
Task: {6524BB6C-6A81-41AC-BBE7-C0ECE41EF36A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {ADF7F4C4-C67E-4B1F-AFFD-DD25706F844E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {B1BAC0A2-E833-445D-A958-F3FBE75DA431} - System32\Tasks\{E385C596-D019-4C01-A845-6AF896C21D60} => pcalua.exe -a "C:\Program Files (x86)\Runes of Magic\Runes of Magic.exe" -d "C:\Program Files (x86)\Runes of Magic"
Task: {B254219F-5EE2-405C-A809-988B90639424} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-21] (Microsoft Corporation)
Task: {B48A193F-E632-4D2D-9599-613D9AD36910} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {CBB8335F-22CC-4558-9D86-79AFB119366E} - System32\Tasks\{66DD0ECE-8E1E-4C26-B752-A1892548DCCE} => Firefox.exe hxxp://ui.skype.com/ui/0/7.5.0.101.272/de/go/help.faq.installer?LastError=1618
Task: {D8A41005-05E1-4EF9-8462-EDD4DE066118} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {EA8202E5-3093-4721-88A3-28FAF26066A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {EFC44453-CED7-4721-9DB5-6DEE2D1B9BD5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F4DA2BF9-D375-4414-96FB-F4C33420AD64} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-31 07:58 - 2015-07-31 07:58 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-21 09:10 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2013-10-04 13:03 - 2011-08-25 09:50 - 00270672 _____ () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
2015-07-31 07:08 - 2015-10-03 03:38 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-30 21:42 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 21:42 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-09-30 21:41 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-09-30 21:42 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-09-30 21:41 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-30 21:41 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 21:42 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-10-04 13:03 - 2011-08-25 09:50 - 00153424 _____ () C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
2015-10-02 00:13 - 2015-10-02 00:13 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\6dc6fa2248187d0cc70021a0ffe3e651\PSIClient.ni.dll
2012-09-26 01:47 - 2012-09-25 12:54 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-04-01 07:35 - 2015-10-04 09:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Vigilantus\Documents\ANNO 1404 Venedig:com.dropbox.attributes
AlternateDataStreams: C:\Users\Vigilantus\Documents\Runes of Magic:com.dropbox.attributes

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2991528262-1410487994-480782504-1002\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2991528262-1410487994-480782504-1002\...\aeriagames.com -> hxxp://aeriagames.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2991528262-1410487994-480782504-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Vigilantus\Downloads\underworld_awakening_2012-wallpaper-1920x1080.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: Qualcomm Atheros Killer Service V2 => 2
HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "Aeria Ignite"
HKU\S-1-5-21-2991528262-1410487994-480782504-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2991528262-1410487994-480782504-1002\...\StartupApproved\Run: => "Akamai NetSession Interface"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{17EFFF7D-9868-4D62-9CE8-C857D6344EF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1F31B7C7-CC62-453C-A13B-F4060A86FECB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B92BFBBE-DB89-4258-9124-112AC693713C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E186DA64-5307-44C3-9742-E7762616153B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E50A2440-ED27-4403-9E2B-46F63A8BF063}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C51DA3B1-1478-4DE7-8FB5-3345ADA008CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{9D819BB0-4EE4-4B36-843B-F173031E26E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{AAF29464-0CBB-42B6-BF91-C4AF5F12DA80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{079E1934-0E15-4A09-AC52-9167932DB4EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{C16B7B35-283C-4F60-A357-DF223D10C103}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{143C9144-907D-40C8-9625-17178C24AAFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{C6722841-10AE-41EE-A0AD-2475AC5F878B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{854807FC-9A9A-4103-96B2-5E3DB7E4858F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{43FC4A00-93D0-4F6A-B0CE-738D4343DB4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{B3E782C3-ABF1-45EF-82E3-71255C271090}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{772BC660-3F21-4F0C-8DE9-8DE918F737BA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{551F658C-91C8-48F9-B7DA-B061AD966DAF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{75F4E793-BA3B-4BB5-92F6-0F86599C53FF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BC06745F-BDF1-4F2E-9791-31EC57C825FF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{760052C5-01F0-4FD4-B515-1804D5B34692}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [UDP Query User{49A1281E-6249-4E56-B76C-E4D4BDB39064}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{8969E3CF-3688-4DF7-96F7-210E677B0B20}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{F0F02BE1-7CDE-4062-8315-D0796C690159}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{029656C4-8AA2-4478-84FD-528DB1134032}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{121A63D6-60DB-4288-B89B-84B6380AD834}C:\program files (x86)\xfire2\xfire.exe] => (Allow) C:\program files (x86)\xfire2\xfire.exe
FirewallRules: [TCP Query User{0A3FC3E4-EE9B-4369-B177-FF44C7BDA0C1}C:\program files (x86)\xfire2\xfire.exe] => (Allow) C:\program files (x86)\xfire2\xfire.exe
FirewallRules: [UDP Query User{8480DA67-1366-4A51-AA3D-E347519746D4}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{3A9F2BB8-93CE-461B-8E34-C63F39921625}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{FD2587E5-1155-498C-84B0-4C8FF5CFBC78}C:\data\planetside 2\planetside2_x64.exe] => (Allow) C:\data\planetside 2\planetside2_x64.exe
FirewallRules: [TCP Query User{6940B183-0284-4547-94E1-4C102879E74E}C:\data\planetside 2\planetside2_x64.exe] => (Allow) C:\data\planetside 2\planetside2_x64.exe
FirewallRules: [{43AD730A-52B3-4F25-9B1E-A27E3839582F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{A6643CAA-3DA6-4EB9-A038-DDE9F0B612BC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{89BC4E27-FAC0-4550-AF06-6B5EDEADE7B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6AB88A1C-7B3A-4106-84F8-6CE038936EAF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3B931724-1278-4BD2-A482-F3A0DFFAC689}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{638C38C0-5C54-4472-8799-715C08A4DE09}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [UDP Query User{2EE7538D-A95F-4A62-B924-E62DAB822D84}C:\users\vigilantus\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\vigilantus\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{61EA1977-C665-4821-83BE-625B065F78CC}C:\users\vigilantus\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\vigilantus\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{1737CA00-A5D9-44A2-B2E0-FE0BC50C71F8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{95F0EEBE-C77B-46B6-A1AF-8ED2B1D7EF23}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{68834904-0E06-449D-B283-D2F916AC9512}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{78A81936-C5DB-4448-8C59-AA1A23D1A2A6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{D73544DF-9955-44E6-97A6-5EF10169DDF5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{B8A9F1C8-62AB-410C-887F-B6F4637DB44C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{DC3EE1B3-644F-4A13-90A5-F4341E81FEDD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{F40B4793-964C-47FF-8B5B-55ACC5FA8EE1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{983014A6-0566-47E2-B3A2-56F6F36D902C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{390A93B9-D74E-48AC-ACA3-F2E8D60B5B1A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{9DDF6A0C-CC92-4B48-93F6-5E99D42D7C8C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{BD435DEF-D39D-41D8-9A8A-4494B69B6D39}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{BB75C2D9-EE3E-494E-B962-63B345C06B3E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{0C601732-66C8-4F4A-A28B-ADF288B0B379}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3332\Agent.exe
FirewallRules: [{8375A045-BF86-4D84-BBE4-690CB2E35E4D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{A29FD541-79AC-4B12-9285-13D72B27099F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{EEF9FE32-366F-49BE-BC3E-3470B259ED28}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{F7E8D3E1-1B22-4970-82B0-A6CA5FE499F7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{A5EA7495-74C3-4854-A366-541BBC1F8A25}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{7FE90280-F131-43FC-9FA0-FC3D809F0DF9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{6260D4A2-C393-4557-875E-B895B8E8BD4F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{6A3A9EC5-9556-475D-AFEB-902265E1A99E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{6753912C-02CD-4EA9-92B9-6649A186C1C3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{0E184124-5C32-4CAC-9218-C529CF188D09}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{636143C2-7AEE-4F43-893E-DCF4A4785366}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{ACCFD6EB-BDF8-49C3-BE88-571D6A19502E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{BBF49FB5-110C-4097-A580-F2EF5A87038A}] => (Block) C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [{B879BD1B-DC5A-428B-BF28-F6E4063147DF}] => (Block) C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [UDP Query User{06E83771-C4E7-443F-9901-1872F4F0B8CA}C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [TCP Query User{5F7A215F-786F-466D-8F5B-B24FF39D09A3}C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [{14793902-FC72-4905-B184-241B5111B879}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{58086C85-BD50-43EC-9AC8-7BE89BF738BA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DBBEC437-AABF-4B52-8973-8A01B1B21F92}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5D63282B-130C-41BE-A034-DC497A12944A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{47C7366F-5552-4082-A5D6-35BD72BF4A50}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{ED17B4D4-EA0E-44B6-889C-1A9C810F2FA2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{021A28D6-957D-4C9B-B45D-1690AEF6C017}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{BF937AEC-A894-4E44-9D8B-302B75BE0DF3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{ECDC6E6B-997F-48AF-B4E7-CF1EA4948B27}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5BCED43C-BB2C-445A-9594-1C33D04D7781}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{1EB8038F-BE9A-463D-AF33-EA5626FC7D80}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{60BDFB07-19D9-47CE-A21F-7FD8E278AE61}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [UDP Query User{3E12D36A-7297-46FC-948B-CE609B77918D}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [TCP Query User{B66CF003-37B0-4CE5-8532-7F8F36602C84}C:\program files (x86)\xfire\xfire.exe] => (Allow) C:\program files (x86)\xfire\xfire.exe
FirewallRules: [UDP Query User{1D57C17B-49ED-41D5-8736-043B91F690AF}C:\program files (x86)\xfire\xfire.exe] => (Allow) C:\program files (x86)\xfire\xfire.exe
FirewallRules: [TCP Query User{0338FF46-D5A2-4B85-AAB2-AC118DD3ADF1}C:\program files (x86)\runes of magic\client.exe] => (Allow) C:\program files (x86)\runes of magic\client.exe
FirewallRules: [UDP Query User{745B87E5-2625-4BBB-9443-5A39F43C4B35}C:\program files (x86)\runes of magic\client.exe] => (Allow) C:\program files (x86)\runes of magic\client.exe
FirewallRules: [TCP Query User{8744F499-820C-4442-B4AE-B612737EF225}C:\program files (x86)\runes of magic\launcher.exe] => (Allow) C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [UDP Query User{A12F8775-349B-4D51-9BFA-B6568BD8D923}C:\program files (x86)\runes of magic\launcher.exe] => (Allow) C:\program files (x86)\runes of magic\launcher.exe
FirewallRules: [TCP Query User{B00200ED-FC9F-4BCE-BBD5-1F0821630010}C:\users\vigilantus\downloads\bf2cc\deamon\bf2ccd.exe] => (Allow) C:\users\vigilantus\downloads\bf2cc\deamon\bf2ccd.exe
FirewallRules: [UDP Query User{FCCDE420-95F9-4140-B5F0-3BAA1F1906EE}C:\users\vigilantus\downloads\bf2cc\deamon\bf2ccd.exe] => (Allow) C:\users\vigilantus\downloads\bf2cc\deamon\bf2ccd.exe
FirewallRules: [{5E33972E-CE11-4C64-A7E0-DDFD2B810D23}] => (Block) C:\users\vigilantus\downloads\bf2cc\deamon\bf2ccd.exe
FirewallRules: [{2710B080-2936-4632-9C50-13BA1E22E21C}] => (Block) C:\users\vigilantus\downloads\bf2cc\deamon\bf2ccd.exe
FirewallRules: [TCP Query User{AF7D5722-CCCB-4A8C-80F9-3C9F5FD1CD3E}C:\program files (x86)\electronic arts\battlefield 2 server\bf2_w32ded.exe] => (Allow) C:\program files (x86)\electronic arts\battlefield 2 server\bf2_w32ded.exe
FirewallRules: [UDP Query User{13E8D4D7-FAAC-466A-AE63-2C1EE7C16FE7}C:\program files (x86)\electronic arts\battlefield 2 server\bf2_w32ded.exe] => (Allow) C:\program files (x86)\electronic arts\battlefield 2 server\bf2_w32ded.exe
FirewallRules: [{2689EECB-8586-4844-870E-02C10E9710C4}] => (Block) C:\program files (x86)\electronic arts\battlefield 2 server\bf2_w32ded.exe
FirewallRules: [{F14B07F8-E734-404A-B04F-B2AC9394ABC5}] => (Block) C:\program files (x86)\electronic arts\battlefield 2 server\bf2_w32ded.exe
FirewallRules: [TCP Query User{BF11CE75-9A64-4FE6-B1C9-4C92668E6D41}C:\program files (x86)\runes of magic\client.exe] => (Allow) C:\program files (x86)\runes of magic\client.exe
FirewallRules: [TCP Query User{AE90BE2C-1FC5-4876-BE5E-7F5D02699761}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{224A3201-8754-4534-B60B-EE9315EAFB19}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{5A4CF1F4-4849-4757-AB7D-E563563762D2}C:\users\vigilantus\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\vigilantus\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{9EAFC7D4-36CA-476D-8C07-EA2B0688456F}C:\users\vigilantus\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\vigilantus\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{CCE8C466-D968-4638-809B-F3F8A56FB3F5}C:\users\vigilantus\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vigilantus\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{E4280B89-B0A1-4137-B5F4-C52CC52CC4EC}C:\users\vigilantus\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vigilantus\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{F7CA6BF3-1DB2-4A8C-A446-D8DEA67F695A}C:\users\vigilantus\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vigilantus\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{6E064CE0-146D-4608-9F9B-9DCA0E907DD2}C:\users\vigilantus\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vigilantus\appdata\local\akamai\netsession_win.exe
FirewallRules: [{3191196D-98CF-4709-9FF0-02B6C6F68A49}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{3AE77D1B-76A5-44AD-B1B6-C5E78C2E4FD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 1404\Anno4.exe
FirewallRules: [{F72D509F-1BCD-4E18-9EFD-BB2E807FDE6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 1404\Anno4.exe
FirewallRules: [{3BC4AE13-0FDD-4372-9D84-A54A91D04FC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 1404\Addon.exe
FirewallRules: [{24494FF7-0EB9-4E60-8482-B4AA0BD5E788}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 1404\Addon.exe
FirewallRules: [TCP Query User{9012DD9B-F941-4F6B-8F4D-2370215A0738}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [UDP Query User{7CA04E3F-6AC3-49E2-B9C7-49E66C24D749}C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [TCP Query User{9239F543-3212-4124-9CA1-1EC435AB1AD2}C:\data\planetside 2\planetside2_x64.exe] => (Allow) C:\data\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{B3DD4F06-6FF3-4CBD-95A7-9D688EAF81FB}C:\data\planetside 2\planetside2_x64.exe] => (Allow) C:\data\planetside 2\planetside2_x64.exe
FirewallRules: [{EDDE1519-ED42-48A7-AC8B-E0E0E0FC0269}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D7633C59-A298-45CC-B561-E59920DEE7B4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/04/2015 06:16:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AMONHEN)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/04/2015 03:54:21 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5356) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (11/04/2015 03:54:21 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5356) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (11/04/2015 03:54:10 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5356) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (11/04/2015 03:54:10 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5356) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (11/04/2015 03:54:00 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5356) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (11/04/2015 03:54:00 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5356) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (11/04/2015 03:53:50 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5356) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (11/04/2015 03:53:50 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5356) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (11/04/2015 03:53:39 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5356) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.


Systemfehler:
=============
Error: (11/04/2015 06:16:37 PM) (Source: DCOM) (EventID: 10010) (User: AMONHEN)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (11/04/2015 06:16:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/04/2015 06:16:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/04/2015 06:16:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/04/2015 06:16:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/04/2015 12:48:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/04/2015 12:48:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/04/2015 12:48:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/04/2015 12:48:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/04/2015 12:30:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session6" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 24%
Installierter physikalischer RAM: 8080.6 MB
Verfügbarer physikalischer RAM: 6118.93 MB
Summe virtueller Speicher: 9360.6 MB
Verfügbarer virtueller Speicher: 7192.04 MB

==================== Laufwerke ================================

Drive c: (OS_Install) (Fixed) (Total:679.77 GB) (Free:453.65 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 99F3127E)

Partition: GPT.

==================== Ende von Addition.txt ============================

schrauber 05.11.2015 21:11
sieht alles gut aus :)

Vigilantus 05.11.2015 22:33
Dann bin ich jetzt wieder beruhigt, danke :)

Das war's dann für dieses Mal auch denke ich!

schrauber 06.11.2015 19:36
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:49 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131