Trojaner-Board - Adware/Malware eingefangen. Werbung Spam, PC wird viel zu langsam

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Adware/Malware eingefangen. Werbung Spam, PC wird viel zu langsam (https://www.trojaner-board.de/183467-adware-malware-eingefangen-werbung-spam-pc-viel-langsam.html)

Adware/Malware eingefangen. Werbung Spam, PC wird viel zu langsam

Hallo,

ich hoffe hier kann man mir helfen.

Ich habe meinen PC nun langsam echt satt. Nichts passiert mehr so wie es sein sollte.

Seit gestern habe ich wieder ( ja war vor 2 Monaten schon so ) unnötige Werbung überall auf Websiten, ungewollte Suchmaschinen installiert und auch Mozilla lässt sich nicht mehr selbstständig bedienen. (Kann nicht als Standard App ausgewählt werden usw).
Ich bin mir ziemlich sicher, dass ich mir etwas eingefangen habe, habe aber keine Idee was ich tun soll.

Falls wichtig: Benutze Win 10.

Hallo und willkommen

Bitte führe alle Tools als Administrator aus (Rechtsklick, als Administrator ausführen)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Hallo,

ich hoffe das ist so richtig.

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016

durchgeführt von wake (Administrator) auf WAKE-PC (13-12-2016 09:41:20)

Gestartet von C:\Users\wake\Desktop

Geladene Profile: wake (Verfügbare Profile: wake)

Platform: Windows 10 Enterprise Version 1511 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: FF)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(Electronic Arts) D:\Origin\OriginWebHelperService.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe

(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe

(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Akamai Technologies, Inc.) C:\Users\wake\AppData\Local\Akamai\netsession_win.exe

(Akamai Technologies, Inc.) C:\Users\wake\AppData\Local\Akamai\netsession_win.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe

() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe

(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe

() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.10.13.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 

==================== Registry (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2000-01-01] (Realtek Semiconductor)

HKLM-x32\...\Run: [win_en_77] => [X]

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [NCUpdateHelper] => D:\BnS\bin\NCUpdateHelper.exe

HKLM-x32\...\Run: [AppTrailers] => C:\Users\wake\AppData\Roaming\AppTrailers\AppTrailers.exe su <===== ACHTUNG

HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60120 2016-11-25] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [917576 2016-12-06] (Avira Operations GmbH & Co. KG)

HKU\S-1-5-21-2185226811-435342151-2776914380-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)

HKU\S-1-5-21-2185226811-435342151-2776914380-1000\...\Run: [Akamai NetSession Interface] => C:\Users\wake\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)

HKU\S-1-5-21-2185226811-435342151-2776914380-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe

HKU\S-1-5-21-2185226811-435342151-2776914380-1000\...\Run: [Chromium] => c:\users\wake\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)

GroupPolicy: Beschränkung - Windows Defender <======= ACHTUNG
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{212487b4-7688-415f-a51a-ca538b50db06}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{9e818eae-668e-470e-8009-f78767805082}: [DhcpNameServer] 192.168.224.1

ManualProxies: 
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#/?show_is=1&source=art

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#/?show_is=1&source=art

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 

HKU\S-1-5-21-2185226811-435342151-2776914380-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art

HKU\S-1-5-21-2185226811-435342151-2776914380-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp

HKU\S-1-5-21-2185226811-435342151-2776914380-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art

HKU\S-1-5-21-2185226811-435342151-2776914380-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-2185226811-435342151-2776914380-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-21] (Oracle Corporation)

BHO: Youtube AdBlock -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> C:\Program Files (x86)\Youtube AdBlock\IEEF\7DyrZhjb.dll => Keine Datei

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-21] (Oracle Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-21] (Oracle Corporation)

BHO-x32: Youtube AdBlock -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> C:\Program Files (x86)\Youtube AdBlock\IEEF\6aIGcr.dll => Keine Datei

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-21] (Oracle Corporation)

StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 

Edge: 

======

Edge HomeButtonPage: HKU\S-1-5-21-2185226811-435342151-2776914380-1000 -> hxxp://www.amisites.com/?type=hp&ts=1481317178&z=fbb378ac1ffa744ce0d6481g1zab7g6c7g0m1g4m0b&from=archer1028&uid=SAMSUNGXHD103SI_S1VSJ9CS507234
 

FireFox:

========

FF ProfilePath: C:\Users\wake\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\qDlG7lTV.default\Profiles\qDlG7lTV.default [nicht gefunden]

FF ProfilePath: C:\Users\wake\AppData\Roaming\Firefox\Firefox\naweriweentcofise\Profiles\qDlG7lTV.default\Profiles\qDlG7lTV.default [nicht gefunden]

FF ProfilePath: C:\Users\wake\AppData\Roaming\Mozilla\Firefox\Profiles\qDlG7lTV.default [2016-12-13]

FF user.js: detected! => C:\Users\wake\AppData\Roaming\Mozilla\Firefox\Profiles\qDlG7lTV.default\user.js [2016-12-12]

FF NewTab: Mozilla\Firefox\Profiles\qDlG7lTV.default -> hxxp://www.luckysearch123.com?type=hp&ts=1481547885&from=2c231209&uid=samsungxhd103si_s1vsj9cs507234&z=7d4150ec7a91390643768a1g3z4b2gdw0zamabab9b

FF DefaultSearchEngine: Mozilla\Firefox\Profiles\qDlG7lTV.default -> luck

FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\qDlG7lTV.default -> luck

FF SelectedSearchEngine: Mozilla\Firefox\Profiles\qDlG7lTV.default -> luck

FF Homepage: Mozilla\Firefox\Profiles\qDlG7lTV.default -> hxxp://www.luckysearch123.com?type=hp&ts=1481547885&from=2c231209&uid=samsungxhd103si_s1vsj9cs507234&z=7d4150ec7a91390643768a1g3z4b2gdw0zamabab9b

FF Keyword.URL: Mozilla\Firefox\Profiles\qDlG7lTV.default -> user_pref("keyword.URL", true);

FF Extension: (Kein Name) - C:\Users\wake\AppData\Roaming\Mozilla\Firefox\Profiles\qDlG7lTV.default\Extensions\abs@avira.com [2016-12-12]

FF Extension: (Adblock Plus) - C:\Users\wake\AppData\Roaming\Mozilla\Firefox\Profiles\qDlG7lTV.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]

FF ProfilePath: C:\Users\wake\AppData\Roaming\Firefox\Firefox\Profiles\qDlG7lTV.default [2016-12-12]

FF NewTab: Firefox\Firefox\Profiles\qDlG7lTV.default -> about:newtab

FF DefaultSearchEngine: Firefox\Firefox\Profiles\qDlG7lTV.default -> Yahoo! Powered

FF SelectedSearchEngine: Firefox\Firefox\Profiles\qDlG7lTV.default -> Yahoo! Powered

FF Homepage: Firefox\Firefox\Profiles\qDlG7lTV.default -> www.google.de

FF Keyword.URL: Firefox\Firefox\Profiles\qDlG7lTV.default -> user_pref("keyword.URL", true);

FF Extension: (AdBlocker Ultimate) - C:\Users\wake\AppData\Roaming\Firefox\Firefox\Profiles\qDlG7lTV.default\Extensions\adblockultimate@adblockultimate.net.xpi [2016-12-12]

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()

FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)

FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-21] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-21] (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2015-12-21] (Adobe Systems, Inc.)

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)

FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)

FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)

FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-21] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-21] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-01] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-01] (NVIDIA Corporation)

FF Plugin HKU\S-1-5-21-2185226811-435342151-2776914380-1000: @my.com/Games -> C:\Users\wake\AppData\Local\MyComGames\NPMyComDetector.dll [Keine Datei]

FF Plugin HKU\S-1-5-21-2185226811-435342151-2776914380-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
 

Chrome: 

=======

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

StartMenuInternet: Google Chrome - Chrome.exe
 

==================== Dienste (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1089592 2016-12-06] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [476736 2016-12-06] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [476736 2016-12-06] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1490296 2016-12-06] (Avira Operations GmbH & Co. KG)

R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [369608 2016-11-25] (Avira Operations GmbH & Co. KG)

R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [263704 2016-11-16] (Avira Operations GmbH & Co. KG)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-07-03] ()

R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)

S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [229648 2016-09-02] (EasyAntiCheat Ltd)

S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-04-13] (Futuremark)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)

S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [Datei ist nicht signiert]

R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)

S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)

R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-01] (NVIDIA Corporation)

R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)

S3 Origin Client Service; D:\Origin\OriginClientService.exe [2119688 2016-12-06] (Electronic Arts)

R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [2180624 2016-12-06] (Electronic Arts)

R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-06-13] ()

R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-08-15] ()

R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

S2 ed2kidle; "C:\Program Files (x86)\amuleC1\ed2k.exe" -downloadwhenidle [X]
 

===================== Treiber (Nicht auf der Ausnahmeliste) ======================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-12-06] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153904 2016-12-06] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2016-12-06] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-12-06] (Avira Operations GmbH & Co. KG)

R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [28272 2016-12-06] (Avira Operations GmbH & Co. KG)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)

R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-20] (Disc Soft Ltd)

R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-20] (Disc Soft Ltd)

S3 MotioninJoyXFilter; C:\WINDOWS\System32\drivers\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]

S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2000-01-01] (Realtek                                            )

R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-07] ()

R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2000-01-01] (Synaptics Incorporated)

S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)

R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)

S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49384 2016-03-29] (Microsoft Corporation)

S3 xhunter1; C:\WINDOWS\xhunter1.sys [36904 2016-04-06] (Wellbia.com Co., Ltd.)

R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)

R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)

U3 idsvc; kein ImagePath

S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]

S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

U3 wpcsvc; kein ImagePath
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-12-13 09:41 - 2016-12-13 09:41 - 00020930 _____ C:\Users\wake\Desktop\FRST.txt

2016-12-13 09:39 - 2016-12-13 09:41 - 00000000 ____D C:\FRST

2016-12-13 09:39 - 2016-12-13 09:39 - 02420224 _____ (Farbar) C:\Users\wake\Desktop\FRST64.exe

2016-12-12 19:38 - 2016-12-12 20:06 - 00000629 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk

2016-12-12 19:38 - 2016-12-12 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller

2016-12-12 19:37 - 2016-12-12 19:38 - 07100088 _____ (VS Revo Group ) C:\Users\wake\Desktop\revosetup.exe

2016-12-12 19:27 - 2016-12-12 20:06 - 00002100 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2016-12-12 19:27 - 2016-12-12 19:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2016-12-12 19:27 - 2016-12-12 19:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2016-12-12 19:26 - 2016-12-12 19:26 - 00243696 _____ C:\Users\wake\Downloads\Firefox Setup Stub 50.0.2 (1).exe

2016-12-12 17:23 - 2015-10-15 15:13 - 00000512 _____ C:\Users\wake\Desktop\Licence File Till 2020.9.17.key

2016-12-12 16:57 - 2016-12-12 20:06 - 00001107 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk

2016-12-12 16:57 - 2016-12-12 16:57 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf

2016-12-12 16:57 - 2016-12-12 16:57 - 00000000 ____D C:\Users\wake\AppData\Roaming\Avira

2016-12-12 16:57 - 2016-12-06 16:01 - 00153904 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys

2016-12-12 16:57 - 2016-12-06 16:01 - 00151352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys

2016-12-12 16:57 - 2016-12-06 16:01 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys

2016-12-12 16:57 - 2016-12-06 16:01 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys

2016-12-12 16:57 - 2016-12-06 16:01 - 00028272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys

2016-12-12 16:56 - 2016-12-12 20:06 - 00001275 _____ C:\Users\Public\Desktop\Avira Connect.lnk

2016-12-12 16:56 - 2016-12-12 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2016-12-12 14:01 - 2016-12-12 14:01 - 00000000 ____D C:\Users\wake\AppData\Local\Firefox

2016-12-12 14:00 - 2016-12-12 20:06 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2016-12-12 14:00 - 2016-12-12 16:10 - 00000000 _____ C:\Users\Public\Documents\report.dat

2016-12-12 14:00 - 2016-12-12 14:00 - 00000000 ____D C:\WINDOWS\system32\log

2016-12-12 14:00 - 2016-12-12 14:00 - 00000000 ____D C:\Users\wake\AppData\Roaming\Firefox

2016-12-12 14:00 - 2016-12-12 14:00 - 00000000 _____ C:\Users\Public\Documents\temp.dat

2016-12-11 08:59 - 2016-12-11 08:59 - 00000000 ____D C:\Users\wake\Desktop\Sophie Schule

2016-12-09 21:59 - 2016-12-09 21:59 - 00000358 _____ C:\WINDOWS\SysWOW64\data.bin

2016-12-09 21:58 - 2016-12-12 17:00 - 00000000 ____D C:\ProgramData\WinSAPSvc

2016-12-09 21:58 - 2016-12-12 13:58 - 00000000 ____D C:\Program Files (x86)\4vxrpkfw

2016-12-08 14:07 - 2016-12-08 14:07 - 00000306 __RSH C:\Users\wake\ntuser.pol

2016-12-08 14:00 - 2016-12-08 14:00 - 00001598 __RSH C:\ProgramData\ntuser.pol

2016-12-08 13:59 - 2016-12-08 13:59 - 00000002 _____ C:\END

2016-12-08 13:58 - 2016-12-12 16:57 - 00000000 ____D C:\ProgramData\Avira

2016-12-08 13:58 - 2016-12-08 13:58 - 00003656 _____ C:\WINDOWS\System32\Tasks\1a07ed10964a3aac1d3f661cb0b4f47f

2016-12-08 13:58 - 2016-12-08 13:58 - 00000000 ____D C:\WINDOWS\system32\SSL

2016-12-08 13:58 - 2016-12-08 13:58 - 00000000 ____D C:\ProgramData\Avg

2016-12-08 13:58 - 2016-12-08 13:58 - 00000000 ____D C:\ProgramData\AVAST Software

2016-12-06 17:35 - 2016-12-01 18:04 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe

2016-12-06 17:32 - 2016-12-01 21:02 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 28202040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 17590064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 14529112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 10354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 09158432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 08762072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 02954808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437619.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437619.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00683824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00642576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00617880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00573072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00470400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00439864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00384448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00172920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00150600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00131536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll

2016-12-04 17:01 - 2016-12-04 17:01 - 00000000 ____D C:\Users\wake\Desktop\Stick

2016-12-02 00:10 - 2016-12-02 00:10 - 00000000 ____D C:\Users\wake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft

2016-12-01 17:41 - 2016-12-08 13:58 - 00000000 ____D C:\Program Files (x86)\Rockstar Games

2016-12-01 17:41 - 2016-12-01 17:41 - 00000000 ____D C:\Users\wake\Documents\Rockstar Games

2016-12-01 17:41 - 2016-12-01 17:41 - 00000000 ____D C:\Users\wake\AppData\Local\Rockstar Games

2016-12-01 17:40 - 2016-12-01 17:41 - 00000000 ____D C:\Program Files\Rockstar Games

2016-12-01 17:40 - 2016-12-01 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games

2016-12-01 15:03 - 2016-12-01 15:33 - 00000000 ____D C:\Users\wake\AppData\Local\Troubleshooter

2016-12-01 14:44 - 2016-11-23 13:19 - 00000570 _____ C:\Users\wake\AppData\Local\TroubleshooterConfig.json

2016-12-01 14:43 - 2016-12-01 16:29 - 00000000 ____D C:\Users\wake\AppData\Local\Bluestacks

2016-12-01 14:36 - 2016-12-01 14:36 - 40150801 _____ C:\Users\wake\AppData\Local\Apps\Champions v11.0.0 Mod iHackedit.com.apk

2016-11-29 08:57 - 2016-11-29 08:57 - 00000000 ____D C:\Users\Public\Documents\CrashDump

2016-11-29 08:57 - 2016-11-29 08:57 - 00000000 ____D C:\Program Files\Samsung

2016-11-29 08:57 - 2016-09-05 05:47 - 01499408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll

2016-11-29 08:57 - 2016-09-05 05:47 - 00716920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller.dll

2016-11-29 08:54 - 2016-12-08 13:58 - 00000000 ____D C:\Program Files (x86)\Samsung

2016-11-29 08:54 - 2016-11-29 08:57 - 00000000 ____D C:\ProgramData\Samsung

2016-11-29 08:54 - 2016-11-29 08:54 - 00000000 ____D C:\Users\wake\Documents\samsung

2016-11-29 08:54 - 2016-11-29 08:54 - 00000000 ____D C:\Users\wake\AppData\Roaming\Samsung

2016-11-29 08:54 - 2016-11-29 08:54 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log

2016-11-29 08:54 - 2016-11-29 08:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung

2016-11-29 08:54 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll

2016-11-29 06:50 - 2016-12-01 21:02 - 20741584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll

2016-11-29 06:50 - 2016-11-24 21:53 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437609.dll

2016-11-29 06:50 - 2016-11-24 21:53 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437609.dll

2016-11-29 06:47 - 2016-11-17 14:45 - 00101824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll

2016-11-29 06:47 - 2016-11-17 14:45 - 00091584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll

2016-11-26 13:02 - 2016-11-26 13:24 - 00000000 ____D C:\Users\wake\Desktop\Bewerbung Papa

2016-11-19 16:25 - 2016-11-17 03:06 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437595.dll

2016-11-19 16:25 - 2016-11-17 03:06 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437595.dll

2016-11-18 16:40 - 2016-12-13 09:30 - 00000000 ____D C:\Users\wake\AppData\LocalLow\Mozilla

2016-11-16 14:50 - 2016-11-16 14:50 - 00035784 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys

2016-11-15 16:21 - 2016-11-11 00:51 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437586.dll

2016-11-15 16:21 - 2016-11-11 00:51 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437586.dll
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-12-13 09:03 - 2016-03-29 12:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2016-12-13 09:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness

2016-12-13 08:56 - 2016-03-19 16:44 - 00000340 ____H C:\WINDOWS\Tasks\LCCSTETWYSSBGGED.job

2016-12-13 08:56 - 2016-03-19 16:44 - 00000328 _____ C:\WINDOWS\Tasks\PDDMW1.job

2016-12-13 08:56 - 2016-03-19 13:16 - 00000000 ____D C:\ProgramData\NVIDIA

2016-12-12 22:04 - 2016-03-20 18:29 - 00003124 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner

2016-12-12 20:11 - 2016-03-29 11:51 - 02113474 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2016-12-12 20:11 - 2016-02-13 17:59 - 00898182 _____ C:\WINDOWS\system32\perfh007.dat

2016-12-12 20:11 - 2016-02-13 17:59 - 00201668 _____ C:\WINDOWS\system32\perfc007.dat

2016-12-12 20:11 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF

2016-12-12 20:06 - 2016-10-21 16:54 - 00001479 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2016-12-12 20:06 - 2016-08-21 09:50 - 00002559 _____ C:\Users\wake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2.lnk

2016-12-12 20:06 - 2016-04-21 20:13 - 00001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk

2016-12-12 20:06 - 2016-04-16 09:34 - 00002757 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center.lnk

2016-12-12 20:06 - 2016-04-03 10:09 - 00001407 _____ C:\Users\wake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DarthMod Empire.lnk

2016-12-12 20:06 - 2016-03-30 16:13 - 00002349 _____ C:\Users\wake\Desktop\HP Deskjet 1050 J410 series.lnk

2016-12-12 20:06 - 2016-03-29 12:00 - 00002417 _____ C:\Users\wake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2016-12-12 20:06 - 2016-03-29 11:53 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2016-12-12 20:05 - 2016-02-13 18:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2016-12-12 20:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\System

2016-12-12 20:05 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

2016-12-12 19:54 - 2016-03-19 17:08 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2016-12-12 19:50 - 2016-03-19 13:54 - 00000000 ____D C:\Users\wake\AppData\Local\Steam

2016-12-12 16:57 - 2016-03-19 13:22 - 00000000 ____D C:\Program Files (x86)\Avira

2016-12-12 16:56 - 2016-03-19 10:55 - 00000000 ____D C:\ProgramData\Package Cache

2016-12-12 16:53 - 2016-03-26 16:38 - 00000000 ____D C:\Users\wake\Desktop\Temps.Tools

2016-12-12 14:36 - 2016-03-30 19:31 - 00000000 ____D C:\Users\wake\AppData\Roaming\TS3Client

2016-12-12 14:13 - 2016-03-31 19:46 - 00003232 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForwake

2016-12-12 14:13 - 2016-03-31 19:46 - 00000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForwake.job

2016-12-11 15:37 - 2016-03-29 07:29 - 00000000 ____D C:\Users\wake\AppData\Roaming\Origin

2016-12-11 14:30 - 2016-03-25 19:27 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe

2016-12-11 12:46 - 2016-03-25 19:27 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0

2016-12-11 12:42 - 2016-03-29 07:28 - 00000000 ____D C:\ProgramData\Origin

2016-12-11 08:59 - 2016-10-17 19:26 - 00000000 ____D C:\Users\wake\Desktop\Das Hörbuch zum Film (2013)

2016-12-10 18:24 - 2016-03-19 16:45 - 00000000 ____D C:\Users\wake\AppData\Local\CrashDumps

2016-12-10 15:28 - 2016-03-29 12:19 - 00000000 ____D C:\Users\wake\Documents\The Lord of the Rings Online

2016-12-08 14:07 - 2016-03-29 11:52 - 00000000 ____D C:\Users\wake

2016-12-08 14:05 - 2016-07-25 11:13 - 00000000 ____D C:\Program Files (x86)\USB Game Controller

2016-12-08 14:00 - 2009-07-14 04:20 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy

2016-12-08 13:58 - 2016-05-05 10:36 - 00000000 ____D C:\Program Files (x86)\NCWest

2016-12-08 13:58 - 2016-04-29 10:47 - 00000000 ____D C:\Program Files (x86)\Futuremark

2016-12-08 13:58 - 2016-04-21 20:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer

2016-12-08 13:58 - 2016-04-16 09:35 - 00000000 ___HD C:\Program Files (x86)\Temp

2016-12-08 13:58 - 2016-03-30 16:12 - 00000000 ____D C:\Program Files (x86)\HP

2016-12-08 13:58 - 2016-03-30 15:14 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard

2016-12-08 13:58 - 2016-03-29 12:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies

2016-12-08 13:58 - 2016-03-29 12:48 - 00000000 ____D C:\Program Files (x86)\MSBuild

2016-12-08 13:58 - 2016-03-29 12:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2016-12-08 13:58 - 2016-03-29 12:39 - 00000000 ____D C:\Program Files (x86)\Java

2016-12-08 13:58 - 2016-03-29 08:31 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins

2016-12-08 13:58 - 2016-03-28 18:25 - 00000000 ____D C:\Program Files (x86)\Kodi

2016-12-08 13:58 - 2016-03-20 18:26 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner

2016-12-08 13:58 - 2016-03-19 17:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2016-12-08 13:58 - 2016-03-19 17:03 - 00000000 ____D C:\Program Files (x86)\GPU-Z

2016-12-08 13:58 - 2016-03-19 16:44 - 00000000 ____D C:\Program Files (x86)\Windows Loader

2016-12-08 13:58 - 2016-03-19 13:16 - 00000000 ____D C:\Program Files (x86)\VulkanRT

2016-12-08 13:58 - 2016-03-19 13:12 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2016-12-08 13:58 - 2016-03-19 10:58 - 00000000 ____D C:\Program Files (x86)\Etron Technology

2016-12-08 13:58 - 2016-03-19 10:52 - 00000000 ____D C:\Program Files (x86)\Intel

2016-12-08 13:58 - 2016-03-19 10:46 - 00000000 ____D C:\Program Files (x86)\Google

2016-12-08 13:58 - 2016-03-19 10:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2016-12-08 13:58 - 2016-03-19 10:41 - 00000000 ____D C:\Program Files (x86)\Realtek

2016-12-08 13:58 - 2016-03-19 10:41 - 00000000 ____D C:\Program Files (x86)\Intel Desktop Board

2016-12-08 13:58 - 2015-10-30 08:24 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar

2016-12-08 13:58 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices

2016-12-08 13:58 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2016-12-08 13:58 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows NT

2016-12-08 13:58 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform

2016-12-08 13:58 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender

2016-12-06 17:35 - 2016-03-19 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2016-12-06 17:33 - 2016-03-19 13:12 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2016-12-03 20:30 - 2016-03-21 11:39 - 00000000 ____D C:\Users\wake\AppData\Local\Ubisoft Game Launcher

2016-12-03 11:38 - 2015-11-10 02:15 - 14181304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys

2016-12-02 07:30 - 2016-03-26 16:42 - 00000000 ____D C:\Users\wake\Desktop\Spiele

2016-12-02 00:54 - 2016-03-22 12:38 - 00000000 ____D C:\Users\wake\Documents\My Games

2016-12-01 21:02 - 2016-10-21 17:14 - 00572400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll

2016-12-01 21:02 - 2015-11-10 02:17 - 24390208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll

2016-12-01 21:02 - 2015-11-10 02:09 - 03934320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

2016-12-01 21:02 - 2015-11-10 02:09 - 03474064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2016-12-01 21:02 - 2015-11-10 00:12 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb

2016-12-01 18:33 - 2016-10-06 20:35 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat

2016-12-01 18:32 - 2016-03-19 13:16 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2016-12-01 18:32 - 2016-03-19 13:16 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2016-12-01 18:32 - 2016-03-19 13:16 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2016-12-01 18:32 - 2016-03-19 13:16 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2016-12-01 18:32 - 2016-03-19 13:16 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2016-12-01 18:32 - 2016-03-19 13:16 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2016-12-01 18:32 - 2016-03-19 13:16 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2016-12-01 16:29 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries

2016-12-01 14:44 - 2016-06-19 14:41 - 00000000 ____D C:\ProgramData\BlueStacksSetup

2016-11-30 10:34 - 2016-03-19 13:16 - 07607057 _____ C:\WINDOWS\system32\nvcoproc.bin

2016-11-29 08:41 - 2016-03-25 13:32 - 00000000 ____D C:\Users\wake\Desktop\Bilder

2016-11-29 07:44 - 2016-03-20 11:40 - 00000000 ____D C:\Users\wake\AppData\Local\ElevatedDiagnostics

2016-11-29 06:47 - 2016-10-06 20:35 - 00003984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2016-11-29 06:47 - 2016-10-06 20:35 - 00003956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2016-11-29 06:47 - 2016-10-06 20:35 - 00003920 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2016-11-29 06:47 - 2016-10-06 20:35 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2016-11-29 06:47 - 2016-10-06 20:35 - 00003732 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2016-11-29 06:47 - 2016-10-06 20:35 - 00003690 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2016-11-29 06:47 - 2016-03-19 12:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2016-11-27 15:44 - 2016-03-29 13:55 - 00000000 ____D C:\Users\wake\AppData\Local\Turbine

2016-11-25 18:59 - 2016-03-29 11:58 - 00000000 ____D C:\Users\wake\AppData\Local\Packages

2016-11-25 18:49 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps

2016-11-23 17:08 - 2016-05-15 11:03 - 00000000 ____D C:\WINDOWS\SysWOW64\directx

2016-11-18 16:44 - 2016-09-23 15:33 - 00000000 ____D C:\WINDOWS\LastGood

2016-11-18 00:09 - 2015-11-10 02:15 - 14174256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\SETB236.tmp

2016-11-17 14:45 - 2016-08-02 07:07 - 01854400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll

2016-11-17 14:45 - 2016-08-02 07:07 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll

2016-11-17 14:45 - 2016-08-02 07:07 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll

2016-11-17 14:45 - 2016-08-02 07:07 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll

2016-11-17 14:45 - 2016-08-02 07:07 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll

2016-11-17 14:45 - 2016-08-02 07:07 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys

2016-11-17 03:06 - 2016-10-21 17:14 - 00572400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SETC8D3.tmp

2016-11-17 03:06 - 2015-11-10 02:17 - 24377288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SETCAD9.tmp

2016-11-17 03:06 - 2015-11-10 02:09 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SETB9B2.tmp

2016-11-17 03:06 - 2015-11-10 02:09 - 03474064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\SETCBBC.tmp

2016-11-16 13:31 - 2016-07-30 11:11 - 00000000 ____D C:\Users\wake\Documents\EA Games

2016-11-16 13:28 - 2016-07-30 11:10 - 00000000 ____D C:\Users\wake\AppData\Local\EA Games

2016-11-13 09:02 - 2016-07-28 15:44 - 00000000 ____D C:\Users\wake\AppData\Local\BANDAI NAMCO Games
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2016-03-19 16:45 - 2016-03-19 16:45 - 6493696 _____ () C:\Users\wake\AppData\Roaming\agent.dat

2016-03-19 16:45 - 2016-03-19 16:45 - 0127488 _____ () C:\Users\wake\AppData\Roaming\Installer.dat

2016-03-26 18:33 - 2016-03-26 18:33 - 0000092 _____ () C:\Users\wake\AppData\Local\fusioncache.dat

2016-03-26 16:28 - 2016-03-29 17:21 - 0007604 _____ () C:\Users\wake\AppData\Local\Resmon.ResmonCfg

2016-12-01 14:44 - 2016-11-23 13:19 - 0000570 _____ () C:\Users\wake\AppData\Local\TroubleshooterConfig.json

2016-03-30 16:12 - 2016-03-30 16:12 - 0000057 _____ () C:\ProgramData\Ament.ini

2016-03-19 16:45 - 2016-03-19 16:45 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
 

Dateien, die verschoben oder gelöscht werden sollten:

====================

C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
 
 

Einige Dateien in TEMP:

====================

C:\Users\wake\AppData\Local\Temp\avgnt.exe

C:\Users\wake\AppData\Local\Temp\Uninstall.exe
 
 

==================== Bamital & volsnap ======================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 

LastRegBack: 2016-12-04 09:25
 

==================== Ende von FRST.txt ============================

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-12-2016

durchgeführt von wake (13-12-2016 09:41:58)

Gestartet von C:\Users\wake\Desktop

Windows 10 Enterprise Version 1511 (X64) (2016-03-29 10:58:04)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-2185226811-435342151-2776914380-500 - Administrator - Disabled)

ASPNET (S-1-5-21-2185226811-435342151-2776914380-1002 - Limited - Enabled)

DefaultAccount (S-1-5-21-2185226811-435342151-2776914380-503 - Limited - Disabled)

Gast (S-1-5-21-2185226811-435342151-2776914380-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-2185226811-435342151-2776914380-1004 - Limited - Enabled)

wake (S-1-5-21-2185226811-435342151-2776914380-1000 - Administrator - Enabled) => C:\Users\wake
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)

Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.2 (HKLM-x32\...\{5ECE64C9-F5B3-4914-B1F2-23D46548B7E3}) (Version: 12.2.3.183 - Adobe Systems, Inc)

Akamai NetSession Interface (HKU\S-1-5-21-2185226811-435342151-2776914380-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)

Anno 2070 (HKLM\...\Steam App 48240) (Version:  - Blue Byte)

Ansel (Version: 376.19 - NVIDIA Corporation) Hidden

Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)

Avira Connect (HKLM-x32\...\{853065f3-1b33-48f6-824a-446246e618b1}) (Version: 1.2.77.16824 - Avira Operations GmbH & Co. KG)

Avira Connect (x32 Version: 1.2.77.16824 - Avira Operations GmbH & Co. KG) Hidden

Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.0.2.26813 - Avira Operations GmbH & Co. KG)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)

Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)

Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.4.0.10 - Electronic Arts)

Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)

Crysis 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)

Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)

Crysis®3 Digital Deluxe Edition Content (HKLM-x32\...\{2A8C5AE3-2772-4EB1-8206-D5E53D111A61}) (Version: 1.0.0.0 - Electronic Arts)

DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd)

DarthMod Empire (HKLM-x32\...\DarthMod Empire8.0 Platinum) (Version: 8.0 Platinum - )

DarthMod Empire (HKLM-x32\...\DarthMod Empire8.0.1 Platinum) (Version: 8.0.1 Platinum - )

DayZ (HKLM\...\Steam App 221100) (Version:  - Bohemia Interactive)

Dead by Daylight (HKLM\...\Steam App 381210) (Version:  - Behaviour Digital Inc.)

Dead Space™ 2 (HKLM-x32\...\{6580792A-35FC-4600-9FAE-A981F3F92D98}) (Version: 1.0.941.0 - Electronic Arts)

Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)

Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)

DRAGON BALL XENOVERSE (HKLM\...\Steam App 323470) (Version:  - DIMPS)

DRAGON BALL XENOVERSE 2 (HKLM\...\Steam App 454650) (Version:  - QLOC)

Empire: Total War (HKLM\...\Steam App 10500) (Version:  - The Creative Assembly)

ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)

Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.119 - Etron Technology)

Etron USB3.0 Host Controller (x32 Version: 0.119 - Etron Technology) Hidden

Far Cry Primal (HKLM-x32\...\Uplay Install 2010) (Version:  - Ubisoft)

FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.44.20513.9 - Electronic Arts)

FINAL FANTASY XIV: A Realm Reborn (HKLM\...\Steam App 39210) (Version:  - SQUARE ENIX)

Futuremark SystemInfo (HKLM-x32\...\{5052D282-C9AE-48CC-A9F5-17058BEEAA50}) (Version: 4.45.590.0 - Futuremark)

Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)

HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{C3F12DD0-54B1-4B2B-A82B-FA43502BC550}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)

HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.34.7 - HP)

HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.37 - HP)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)

Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.14 - Intel(R) Corporation) Hidden

Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)

Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)

Kodi (HKU\S-1-5-21-2185226811-435342151-2776914380-1000\...\Kodi) (Version:  - XBMC-Foundation)

League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)

League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden

Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)

Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )

Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.7.133.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)

Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)

Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2 - Mozilla)

MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)

NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM\...\Steam App 234670) (Version:  - CyberConnect 2)

NARUTO SHIPPUDEN: Ultimate Ninja STORM 4 (HKLM\...\Steam App 349040) (Version:  - CyberConnect2 Co. Ltd.)

NarutoOnline 2.3.0.6074 (HKLM-x32\...\NarutoOnline) (Version: 2.3.0.6074 - Oasgames, Inc.)

NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 376.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.19 - NVIDIA Corporation)

NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)

NVIDIA Grafiktreiber 376.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.19 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)

NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden

NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden

Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)

Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)

PlanetSide 2 (HKU\S-1-5-21-2185226811-435342151-2776914380-1000\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)

PlanetSide 2 (HKU\S-1-5-21-2185226811-435342151-2776914380-1000\...\DGC-PlanetSide 2) (Version: 1.0.3.192 - Daybreak Game Company)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)

Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.8 - Rockstar Games)

Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)

Samsung Kies3 (x32 Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden

Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)

SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden

Sniper Ghost Warrior 2 (HKLM\...\Steam App 34870) (Version:  - City Interactive)

SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.05.0001 - Electronic Arts)

STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.6.35326 - Electronic Arts)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)

TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)

TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)

The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)

The Forest (HKLM\...\Steam App 242760) (Version:  - Endnight Games Ltd)

This War of Mine (HKLM-x32\...\{5BC3A1BE-6BD2-4D7F-AF69-75B284A5B9BC}) (Version: 2.2.2.0 - None)

Total War: ATTILA (HKLM\...\Steam App 325610) (Version:  - Creative Assembly)

Total War: ROME II - Emperor Edition (HKLM\...\Steam App 214950) (Version:  - Creative Assembly)

Total War: SHOGUN 2 (HKLM\...\Steam App 34330) (Version:  - The Creative Assembly)

Total War: WARHAMMER (HKLM\...\Steam App 364360) (Version:  - Creative Assembly)

Trine Enchanted Edition (HKLM-x32\...\{17AB3F22-D6AB-4231-96A0-A7E02FCC0C52}) (Version: 2.12.0.518 - Frozenbyte)

Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)

Uplay (HKLM-x32\...\Uplay) (Version: 26.0 - Ubisoft)

USB Game Controller (HKLM-x32\...\USB Game Controller) (Version:  - )

Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)

Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-2185226811-435342151-2776914380-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2185226811-435342151-2776914380-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2185226811-435342151-2776914380-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2185226811-435342151-2776914380-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2185226811-435342151-2776914380-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2185226811-435342151-2776914380-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {01A64532-DBF2-46F0-9DFA-57CB68861D82} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)

Task: {0889F579-DFF8-4D6E-973E-F56412A07336} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)

Task: {1889C0F2-4C5F-44FA-B1E9-C17BC91D426E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

Task: {1C9C15AA-A48A-41C6-9101-6982B7D3DA82} - System32\Tasks\PDDMW1 => C:\ProgramData\Poposhidu\Poposhidu.exe <==== ACHTUNG

Task: {24573F04-58BF-41F4-B5CA-CE39240ACD90} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe

Task: {26E88B94-076C-46CA-91D0-58B8578E0162} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe

Task: {2E335B8C-A8B2-49CD-9582-4A94E4131BEF} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)

Task: {2FEADC46-0664-47E3-92C0-5280A33E36DE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)

Task: {34BD7B49-3024-4DDD-98A7-19B6E9818EAB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {3A63C4CA-6A0B-4E82-9265-86856BD91DEB} - System32\Tasks\{F3F70C6F-C302-4C38-B1AB-79C89797941A} => D:\Program Files (x86)\Turbine\TurbineInvoker.exe

Task: {3C843395-8E9D-460A-8FE3-CF3D7F9949AD} - System32\Tasks\ACC => C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat <==== ACHTUNG

Task: {3DAEC834-6936-44FF-AB6A-831834181BF7} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)

Task: {3F31ECE6-C9CF-4552-800D-CB0774A1CDFE} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {4164D985-3AF3-435B-9715-76A1432F7F32} - System32\Tasks\{181D4320-4A50-4786-8938-1D3AD3B99826} => D:\Program Files (x86)\Turbine\TurbineInvoker.exe

Task: {42243C04-4F73-4C1F-92B4-02B106BBD39C} - \{0D780547-057D-047D-7911-0B080B7F110C} -> Keine Datei <==== ACHTUNG

Task: {4237838F-EC25-4866-B007-6B8E16FA78C6} - System32\Tasks\HPCeeScheduleForwake => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)

Task: {4248D2BE-754C-4D1F-8357-3A6E25FBE2AA} - System32\Tasks\{39B9A33E-AA57-4D15-967F-B5C8BF4C3E05} => D:\Program Files (x86)\Turbine\TurbineInvoker.exe

Task: {429D25AC-912F-4CFC-A5D8-FE21BD5D13E4} - System32\Tasks\{334030C3-2DBF-41AD-A8B8-110D1FF3A00A} => D:\Program Files (x86)\Turbine\TurbineInvoker.exe

Task: {43F21332-15FC-4F3C-8634-D0E78A8A70C4} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)

Task: {47D2640A-DB01-4B74-BE0C-E43FD086161B} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ACHTUNG

Task: {50E472F8-662F-41CE-A9B5-FA0A5C6F6747} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)

Task: {53AA74E3-9121-473F-BE48-69BDBB18D9B4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {548CCEA5-A97E-49BA-8978-F5CD807282C1} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {54A1D6CB-FC6F-47D7-9CBB-56FB4C609349} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-12-09] (Microsoft Corporation)

Task: {57D44967-FB76-44FB-A39B-7F891F871933} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-10-31] (HP Inc.)

Task: {581D9018-50DA-431F-A6CB-DAD8398DF844} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe

Task: {5FBE1FFA-06C2-48A3-B7A6-9D2EC2853645} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

Task: {60BE6E03-7C7B-4DC8-AF61-E9896EDE79C2} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {6301F6E0-928E-4BA7-9CFA-619C565F0943} - System32\Tasks\{A877E415-6FDB-468A-9982-98DBDE354828} => C:\Program Files (x86)\Turbine\Der Herr der Ringe Online\TurbineInvoker.exe

Task: {645DBA27-E533-4DAB-8E6D-0264924656FF} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {69BC49C7-78C6-4DFC-91FF-98BF4EB3E690} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {71D76EB5-B532-40D2-A9F7-3AB295E4B445} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)

Task: {765FE7F3-9E79-49A5-9B1B-17B31534A6CA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {7B55CBD4-C98F-4F7B-AF05-B0318D95BD84} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)

Task: {91A1B476-8177-4320-A6D0-144D0428BF11} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe

Task: {923535D6-9257-40EC-9B9F-60563EF9CF86} - System32\Tasks\{CE4E0507-3367-4E61-87AB-A2FBBA847F27} => C:\Program Files (x86)\Turbine\Der Herr der Ringe Online\TurbineInvoker.exe

Task: {931C18CE-9C63-43F8-9D65-8DB71D074BBC} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ACHTUNG

Task: {9E690A2B-9BEF-4030-8B2F-2BC5E2C3882F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {A26E84E7-F90D-4CC9-86A9-D07350DAE586} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)

Task: {A7339782-0AC4-45CC-8EA8-1D06D41EC9FB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {ABA795D6-C138-455F-81AF-6268F1DED202} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)

Task: {AE3E98E6-60AD-4484-9E88-F8C428FDC195} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {BA238890-CC00-42FE-8A36-C5D262E94830} - System32\Tasks\Muwbiri => C:\PROGRA~1\GROOVE~1\Ygubecir.bat <==== ACHTUNG

Task: {C1B5C314-DBF6-4BBB-BE01-CF1BCD6DE773} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {C4FDD67F-3FC0-4DFD-8572-181113A40497} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)

Task: {D36FAF66-AB56-4FB6-9490-709EC1B12435} - System32\Tasks\1a07ed10964a3aac1d3f661cb0b4f47f => Rundll32.exe "C:\Program Files (x86)\USB Game Controller\w7wr0x.dll",e62dc6c6547f46bda862da2d05af6862 <==== ACHTUNG

Task: {DCD1392A-73A9-4CDB-9C05-D2DF65B41EF9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe

Task: {E1E99DB2-FFD5-4C65-9613-F0E267A3D9F4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)

Task: {E39CBE9F-68B4-4480-9250-7F744C2AD3EA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

Task: {E9AC39BB-8B29-48E3-A628-71FF3317A1E7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

Task: {EA5C9811-6BFC-4BCF-B724-C2E5AE4C2C7B} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-12-07] ()

Task: {EE6C8054-BE86-4297-9530-715950A8CF5E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe

Task: {F1813600-3795-4A8B-ABF9-0404FD98FF1B} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-12-09] (Microsoft Corporation)

Task: {F4B4D24C-E9AE-4D10-A544-BC8F75EC8285} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe

Task: {FADF1992-D93C-47D9-B147-31AA32763CC4} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe

Task: {FCDE0FAB-DF4F-4ADB-8D5A-3644FB5A30EA} - System32\Tasks\LCCSTETWYSSBGGED => C:\ProgramData\Service5184\Service5184.exe <==== ACHTUNG
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\HPCeeScheduleForwake.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\WINDOWS\Tasks\LCCSTETWYSSBGGED.job => C:\ProgramData\Service5184\Service5184.exe <==== ACHTUNG

Task: C:\WINDOWS\Tasks\PDDMW1.job => C:\ProgramData\Poposhidu\Poposhidu.exe <==== ACHTUNG
 

==================== Verknüpfungen =============================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2016-10-06 20:35 - 2016-11-17 14:45 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll

2016-10-06 20:35 - 2016-11-17 14:45 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll

2016-10-06 20:35 - 2016-11-17 14:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll

2016-03-25 19:27 - 2016-08-15 13:19 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll

2016-03-19 13:16 - 2016-12-01 18:32 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2016-03-29 12:53 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2015-12-07 03:37 - 2015-12-07 03:37 - 00580296 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe

2016-03-29 12:53 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll

2016-02-13 18:02 - 2016-02-13 18:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll

2016-03-29 12:53 - 2016-02-23 09:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll

2016-02-13 18:02 - 2016-02-13 18:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2016-02-13 18:02 - 2016-02-13 18:02 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2016-02-13 18:02 - 2016-02-13 18:02 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

2016-02-13 18:02 - 2016-02-13 18:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

2016-08-19 08:27 - 2016-08-19 08:27 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe

2016-08-19 08:28 - 2016-08-19 08:28 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

2016-08-19 08:28 - 2016-08-19 08:28 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll

2016-08-19 08:28 - 2016-08-19 08:28 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll

2016-08-19 08:28 - 2016-08-19 08:28 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll

2016-02-13 18:14 - 2016-02-13 18:14 - 08395776 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.10.13.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll

2016-02-13 18:14 - 2016-02-13 18:14 - 02311680 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.10.13.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll

2016-12-06 15:57 - 2016-12-06 15:56 - 02493440 _____ () D:\Origin\libGLESv2.dll

2016-10-06 20:35 - 2016-11-17 14:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

2016-10-06 20:35 - 2016-11-17 14:45 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll

2016-10-06 20:35 - 2016-11-17 14:45 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

2015-12-06 07:55 - 2015-12-06 07:55 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll

2015-12-06 07:55 - 2015-12-06 07:55 - 00057856 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll

2015-12-06 07:55 - 2015-12-06 07:55 - 00225792 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll

2015-12-06 07:55 - 2015-12-06 07:55 - 00657408 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll

2015-12-06 07:55 - 2015-12-06 07:55 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll

2016-10-06 20:35 - 2016-11-17 11:20 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node

2016-10-06 20:35 - 2016-11-17 11:20 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node

2016-10-06 20:35 - 2016-11-17 11:20 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node

2016-10-06 20:35 - 2016-11-17 11:20 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node

2016-10-06 20:35 - 2016-11-17 11:20 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node

2016-10-06 20:35 - 2016-11-17 11:20 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node

2016-10-06 20:35 - 2016-11-17 11:20 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node

2016-08-19 08:27 - 2016-08-19 08:27 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll

2016-08-19 08:27 - 2016-08-19 08:27 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 
 

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
 

==================== Hosts Inhalt: ===============================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2009-07-14 03:34 - 2016-09-24 18:06 - 00000844 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-2185226811-435342151-2776914380-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\wake\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp

DNS Servers: 192.168.1.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [vm-monitoring-nb-session] => LPort=139

FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808

FirewallRules: [UDP Query User{E1F57B43-91D4-49A8-A039-04834A04E339}D:\program files (x86)\steamapps\common\total war attila\attila.exe] => D:\program files (x86)\steamapps\common\total war attila\attila.exe

FirewallRules: [TCP Query User{F3928826-9095-49AC-ABCB-09DB0716D706}D:\program files (x86)\steamapps\common\total war attila\attila.exe] => D:\program files (x86)\steamapps\common\total war attila\attila.exe

FirewallRules: [UDP Query User{3978CA62-CBF0-4AB4-BB69-39E5E49D043D}C:\program files (x86)\kodi\kodi.exe] => C:\program files (x86)\kodi\kodi.exe

FirewallRules: [TCP Query User{6104A0FA-B0BC-4DFF-8E80-E252B39B522F}C:\program files (x86)\kodi\kodi.exe] => C:\program files (x86)\kodi\kodi.exe

FirewallRules: [UDP Query User{F58D3740-6762-47A1-A98E-85DD35B47CFB}D:\program files (x86)\steamapps\common\total war attila\attila.exe] => D:\program files (x86)\steamapps\common\total war attila\attila.exe

FirewallRules: [TCP Query User{9932CB00-69CF-4EE9-AF09-74536323E7CA}D:\program files (x86)\steamapps\common\total war attila\attila.exe] => D:\program files (x86)\steamapps\common\total war attila\attila.exe

FirewallRules: [{355BC1DC-5F44-448C-A170-1D6A4E6C7C2A}] => D:\Program Files (x86)\steamapps\common\Total War Rome II\launcher\launcher.exe

FirewallRules: [{BB260E9F-722C-46F9-B92F-8532A4C472E8}] => D:\Program Files (x86)\steamapps\common\Total War Rome II\launcher\launcher.exe

FirewallRules: [{43BE20B7-7B9D-4AF8-B326-B3E4E7B364A2}] => D:\Program Files (x86)\steamapps\common\Total War SHOGUN 2\Shogun2.exe

FirewallRules: [{1AC9FD41-6D2B-43BB-B8C7-CBB135A10F8C}] => D:\Program Files (x86)\steamapps\common\Total War SHOGUN 2\Shogun2.exe

FirewallRules: [{2A8252A8-8106-44D8-931D-AD7F4C6AF8E8}] => D:\Might & Magic Heroes VI\Might & Magic Heroes VI.exe

FirewallRules: [{E66C1906-26C8-453C-BDD1-35123F8A0756}] => D:\Might & Magic Heroes VI\Might & Magic Heroes VI.exe

FirewallRules: [{4C4DF935-7F7E-4B57-BAEC-A1A166C8DC38}] => C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{D6EB0933-6E12-43BB-B348-FB81116E4F43}] => C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{2565767F-336C-4AD0-9C2E-DAE1E3D3E972}] => C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{80C5DA00-278B-4C33-B2EE-CAC858D7A7F9}] => C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{9F061C5E-0EA7-4144-BE29-1BBA906D638F}] => D:\Program Files (x86)\steamapps\common\Anno 2070\Anno5.exe

FirewallRules: [{CB66CB56-6C98-4150-9C5F-EA2CAE1642BD}] => D:\Program Files (x86)\steamapps\common\Anno 2070\Anno5.exe

FirewallRules: [{93AF0432-A8B2-42B7-83BE-875514299925}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

FirewallRules: [{13B347F4-B4E6-4109-8B8A-480ECE7CFBAE}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

FirewallRules: [{27D79D6B-CF82-4E6F-9149-0467050327D5}] => D:\Program Files (x86)\steamapps\common\Anno 2070\Anno5.exe

FirewallRules: [{3B04DC89-5B3A-40F1-8143-F7C528D42C17}] => D:\Program Files (x86)\steamapps\common\Anno 2070\Anno5.exe

FirewallRules: [UDP Query User{B174F10F-FBD7-4204-A6C3-4DA326277CA3}D:\program files (x86)\steamapps\common\total war rome ii\rome2.exe] => D:\program files (x86)\steamapps\common\total war rome ii\rome2.exe

FirewallRules: [TCP Query User{E5777377-DF92-49C8-832F-4AAFCCDB5C8F}D:\program files (x86)\steamapps\common\total war rome ii\rome2.exe] => D:\program files (x86)\steamapps\common\total war rome ii\rome2.exe

FirewallRules: [{F2F7F6A8-3385-4837-8722-3718E1EAF1F8}] => D:\Program Files (x86)\bin\steamwebhelper.exe

FirewallRules: [{6C726914-F1FC-4707-AB44-235752B048DB}] => D:\Program Files (x86)\bin\steamwebhelper.exe

FirewallRules: [{41C783A7-0272-4287-A8F0-A5D9A607CEE3}] => D:\Program Files (x86)\Steam.exe

FirewallRules: [{5EC3E4E1-0259-4126-AC2F-0437177EAD88}] => D:\Program Files (x86)\Steam.exe

FirewallRules: [TCP Query User{8C30F414-8A49-4B47-8A54-456A91E4881F}C:\users\wake\appdata\local\akamai\netsession_win.exe] => C:\users\wake\appdata\local\akamai\netsession_win.exe

FirewallRules: [UDP Query User{C0A95A23-A994-4950-95D5-05B16E2FF79D}C:\users\wake\appdata\local\akamai\netsession_win.exe] => C:\users\wake\appdata\local\akamai\netsession_win.exe

FirewallRules: [TCP Query User{FA8F3332-0747-49A1-9DFF-69DFA45D55CA}C:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => C:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe

FirewallRules: [UDP Query User{BD13265D-04BE-485B-AB3E-6B9A0030C6F7}C:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => C:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe

FirewallRules: [{C6B2E08E-FB82-4CF3-9CAE-448A060B63E6}] => %SystemDrive%\Downloads\KMSpico 10.2.0\KMSpico 10.2.0 + Portable\KMSpico Portable\KMSELDI.exe

FirewallRules: [{7FE70A10-1046-4B5E-9026-1C874115DD8C}] => %SystemDrive%\Downloads\KMSpico 10.2.0\KMSpico 10.2.0 + Portable\KMSpico Portable\KMSELDI.exe

FirewallRules: [{D3CCFC8A-7BA0-4480-A85D-88BAD9CCBC54}] => D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe

FirewallRules: [{92A35EE5-5B71-4815-A430-7BE011B02A9D}] => D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe

FirewallRules: [TCP Query User{3107FC28-922C-4FCB-8561-ADE4975D83AB}D:\program files (x86)\origin games\battlefield 4\bf4.exe] => D:\program files (x86)\origin games\battlefield 4\bf4.exe

FirewallRules: [UDP Query User{91FC2718-0A21-4E33-8CF8-A3EF3C817941}D:\program files (x86)\origin games\battlefield 4\bf4.exe] => D:\program files (x86)\origin games\battlefield 4\bf4.exe

FirewallRules: [{B0C9E255-0829-42E7-842A-8F1B652E21B3}] => C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe

FirewallRules: [{57D99179-A407-4626-B794-7CCED1D8612E}] => C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe

FirewallRules: [{AFEE1CFF-3EC8-4423-BB4A-75B4CCDE3376}] => C:\Users\wake\AppData\Roaming\Nox\bin\Nox.exe

FirewallRules: [{B08593F2-BCCA-4481-A74E-232F69A2EB1E}] => C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe

FirewallRules: [{5CAA38C4-36D4-486D-890C-E4B6751D0F67}] => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe

FirewallRules: [TCP Query User{50E8A022-3455-429E-9F85-AA10C5B6760F}D:\program files (x86)\steamapps\common\total war rome ii\rome2.exe] => D:\program files (x86)\steamapps\common\total war rome ii\rome2.exe

FirewallRules: [UDP Query User{A541A111-E199-4433-8E6F-F54ED1F0F744}D:\program files (x86)\steamapps\common\total war rome ii\rome2.exe] => D:\program files (x86)\steamapps\common\total war rome ii\rome2.exe

FirewallRules: [{23A9F46B-9D00-4918-A504-1E1BED57E21A}] => D:\Program Files (x86)\steamapps\common\Empire Total War\Empire.exe

FirewallRules: [{B8620303-5FEC-4FEA-BD83-301CBD63C011}] => D:\Program Files (x86)\steamapps\common\Empire Total War\Empire.exe

FirewallRules: [TCP Query User{AE366995-825D-40FF-ABF4-566068B80B97}D:\eve\sharedcache\tq\bin\exefile.exe] => D:\eve\sharedcache\tq\bin\exefile.exe

FirewallRules: [UDP Query User{9A5B7A27-13E2-4EEA-ABD8-C32F56E053F4}D:\eve\sharedcache\tq\bin\exefile.exe] => D:\eve\sharedcache\tq\bin\exefile.exe

FirewallRules: [TCP Query User{00C79502-6650-4113-881A-CC23ACBE9479}C:\users\wake\appdata\local\mycomgames\mycomgames.exe] => C:\users\wake\appdata\local\mycomgames\mycomgames.exe

FirewallRules: [UDP Query User{AEB9625B-1C81-4F49-818B-685051EDE3B3}C:\users\wake\appdata\local\mycomgames\mycomgames.exe] => C:\users\wake\appdata\local\mycomgames\mycomgames.exe

FirewallRules: [{DB3FA5CB-A696-4BA7-97D3-40E5D4C66A9C}] => C:\Program Files (x86)\NAMCO BANDAI Games\Warhammer® Mark of Chaos\Warhammer.exe

FirewallRules: [{86B583CF-1FF1-4DFA-9A0A-9CF7E1EC7AF4}] => C:\Program Files (x86)\NAMCO BANDAI Games\Warhammer® Mark of Chaos\Warhammer.exe

FirewallRules: [{C18DCC51-DF7E-47FB-8D17-69D9333E34F4}] => D:\Program Files (x86)\StarCraft II German Trilogy Edition\Versions\Base38996\SC2_x64.exe

FirewallRules: [{AE5E742D-A423-4FCA-8C60-6B7540E4710F}] => D:\Program Files (x86)\StarCraft II German Trilogy Edition\Versions\Base38996\SC2_x64.exe

FirewallRules: [TCP Query User{029A8DDC-9183-45DF-9890-6F68EE21A55F}D:\turbine\der herr der ringe online\lotroclient.exe] => D:\turbine\der herr der ringe online\lotroclient.exe

FirewallRules: [UDP Query User{79F542CA-C16A-4F9B-BFDE-DDC820FB0173}D:\turbine\der herr der ringe online\lotroclient.exe] => D:\turbine\der herr der ringe online\lotroclient.exe

FirewallRules: [{62FF1CC7-2E2C-4591-8FCB-F14E5347FD55}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{47F6D8E9-6C63-45D2-BC3A-00A79477D386}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{053A34BA-ABB8-498B-B5C9-3A71182A986C}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{A10AFB16-FD66-49AC-AA44-8FB9330808B6}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [TCP Query User{14B9932B-4922-498B-B4CB-E3465D665074}D:\far cry 3\bin\farcry3.exe] => D:\far cry 3\bin\farcry3.exe

FirewallRules: [UDP Query User{0D41AA51-C610-44B9-AC9A-C6B671C65727}D:\far cry 3\bin\farcry3.exe] => D:\far cry 3\bin\farcry3.exe

FirewallRules: [TCP Query User{772DEDD9-0A81-4CFC-BCA6-98781A31B2DC}D:\far cry 3\bin\farcry3_d3d11.exe] => D:\far cry 3\bin\farcry3_d3d11.exe

FirewallRules: [UDP Query User{6830A0D9-583A-48EE-B7FD-3E64A328F4F5}D:\far cry 3\bin\farcry3_d3d11.exe] => D:\far cry 3\bin\farcry3_d3d11.exe

FirewallRules: [TCP Query User{AD6F3E5B-85C3-4B8B-B698-95CB18FA36EC}D:\dying light\dyinglightgame.exe] => D:\dying light\dyinglightgame.exe

FirewallRules: [UDP Query User{78369F87-C4BB-49E0-BE7F-A7B9BB574DA8}D:\dying light\dyinglightgame.exe] => D:\dying light\dyinglightgame.exe

FirewallRules: [TCP Query User{53C1355E-0D79-4991-9ED9-50881CC9CAE9}C:\program files (x86)\kodi\kodi.exe] => C:\program files (x86)\kodi\kodi.exe

FirewallRules: [UDP Query User{458EDFD5-A806-482C-A0B3-DA964C1BF331}C:\program files (x86)\kodi\kodi.exe] => C:\program files (x86)\kodi\kodi.exe

FirewallRules: [TCP Query User{6DEA1D68-B4E7-416A-896E-34653CD092D5}D:\far cry 4\bin\farcry4.exe] => D:\far cry 4\bin\farcry4.exe

FirewallRules: [UDP Query User{6D83F19D-58CE-48D6-9112-623CE99F9C1A}D:\far cry 4\bin\farcry4.exe] => D:\far cry 4\bin\farcry4.exe

FirewallRules: [{64F86025-BDD7-42EE-B0EA-6D26C679605C}] => D:\Games\Battlefleet Gothic Armada\BattleFleetGothic.exe

FirewallRules: [TCP Query User{C3DE38C4-13A9-4E64-A193-FC39C8B61C0E}D:\games\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => D:\games\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe

FirewallRules: [UDP Query User{D4575FE7-3227-4651-AD7A-4A77702C3476}D:\games\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => D:\games\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe

FirewallRules: [TCP Query User{BDE230D2-D106-4AE5-AD69-68F5C0221C3F}D:\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => D:\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe

FirewallRules: [UDP Query User{7327E0D0-8671-4B55-B092-946A4FDE6FAE}D:\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => D:\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe

FirewallRules: [TCP Query User{076F27C0-072A-481D-AAEC-2AB0B956E143}D:\program files (x86)\steamapps\common\total war warhammer\warhammer.exe] => D:\program files (x86)\steamapps\common\total war warhammer\warhammer.exe

FirewallRules: [UDP Query User{06D93313-C1F1-422B-AFE1-3A3DDFC0467F}D:\program files (x86)\steamapps\common\total war warhammer\warhammer.exe] => D:\program files (x86)\steamapps\common\total war warhammer\warhammer.exe

FirewallRules: [TCP Query User{3B21F9B4-09C6-4053-A935-EAB12FC74771}D:\dead island - game of the year edition\deadislandgame.exe] => D:\dead island - game of the year edition\deadislandgame.exe

FirewallRules: [UDP Query User{8ADCE6FC-159E-4F94-8138-F631E3EBD374}D:\dead island - game of the year edition\deadislandgame.exe] => D:\dead island - game of the year edition\deadislandgame.exe

FirewallRules: [TCP Query User{2AA3531D-3A2F-4310-B011-31D7B0CE58CA}D:\xcom 2\binaries\win64\xcom2.exe] => D:\xcom 2\binaries\win64\xcom2.exe

FirewallRules: [UDP Query User{82D60B5D-D2C1-482F-919F-A279392547F7}D:\xcom 2\binaries\win64\xcom2.exe] => D:\xcom 2\binaries\win64\xcom2.exe

FirewallRules: [{DE3A8D6B-C807-4828-8E5F-BF56707DE992}] => C:\Program Files\Andy\SetupFiles\Uninstall.exe

FirewallRules: [{5D483F3E-29FE-42CB-BC92-CA3858DC19DC}] => C:\Program Files\Andy\SetupFiles\Uninstall.exe

FirewallRules: [{C8468FEC-292F-4478-9CFC-5704C3968735}] => C:\Users\wake\AppData\Local\Temp\andy-x64\Setup.exe

FirewallRules: [{801C79C7-FA74-484E-93B7-94491D834C72}] => C:\Program Files\Andy\andy.exe

FirewallRules: [{94C7212C-1647-41B9-9633-097165FBA62E}] => C:\Program Files\Andy\andy.exe

FirewallRules: [{B50D0F9C-F08E-492C-8E31-669C620F62FC}] => C:\Program Files\Andy\AndyConsole.exe

FirewallRules: [{EA36FCB7-4CDD-43C0-B776-47EAEAEAD9D9}] => C:\Program Files\Andy\AndyConsole.exe

FirewallRules: [{D7664699-FCD8-4685-9E41-D24D223B7D18}] => C:\Program Files\Andy\HandyAndy.exe

FirewallRules: [{F1D9F00B-1E92-4470-B93C-839686EA5FA0}] => C:\Program Files\Andy\HandyAndy.exe

FirewallRules: [{4910DE0E-4CEA-4BCF-8805-E2A12D202A1F}] => C:\Program Files\Andy\SetupFiles\Uninstall.exe

FirewallRules: [{638268E2-8763-4FAE-A11B-149FA3B50903}] => C:\Program Files\Andy\SetupFiles\Uninstall.exe

FirewallRules: [{8B652555-953C-4B88-A126-17885D7C6D35}] => C:\Users\wake\AppData\Local\Temp\andy-x64\Setup.exe

FirewallRules: [TCP Query User{0AA2509F-CF4F-46C1-AE44-8292B38DBD14}D:\kingdoms of amalur reckoning\reckoning.exe] => D:\kingdoms of amalur reckoning\reckoning.exe

FirewallRules: [UDP Query User{8755146B-6A2A-49D0-9992-7846946A87FC}D:\kingdoms of amalur reckoning\reckoning.exe] => D:\kingdoms of amalur reckoning\reckoning.exe

FirewallRules: [TCP Query User{6AEC59E6-7DE8-4A23-949C-31B3ADF62FCF}D:\borderlands 2 game of the year edition\binaries\win32\borderlands2.exe] => D:\borderlands 2 game of the year edition\binaries\win32\borderlands2.exe

FirewallRules: [UDP Query User{161E8465-698A-4E47-B3DE-1700DC8E8B77}D:\borderlands 2 game of the year edition\binaries\win32\borderlands2.exe] => D:\borderlands 2 game of the year edition\binaries\win32\borderlands2.exe

FirewallRules: [{81E7A4CF-8E82-43B5-809E-C48FE07CCAE0}] => C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe

FirewallRules: [{5B52930C-1F52-492A-BED9-8D1063D1AA29}] => C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe

FirewallRules: [{D0E91C17-47F3-489D-9EE5-3A6682E594D1}] => D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe

FirewallRules: [{57A22591-8609-45E1-B680-FAD83C926282}] => D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe

FirewallRules: [{73669C2D-911A-4DB4-BA4D-7E931C54ED38}] => D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe

FirewallRules: [{FA9DF36F-4515-4C9D-B133-45CEFF6A620B}] => D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe

FirewallRules: [{F531537A-41EC-48CF-9DB1-76329390D6AA}] => D:\Program Files (x86)\steamapps\common\Total War Rome II\launcher\launcher.exe

FirewallRules: [{015FB9AF-08A9-4C91-B514-11961D1ED0F5}] => D:\Program Files (x86)\steamapps\common\Total War Rome II\launcher\launcher.exe

FirewallRules: [{9DCAB2AC-3E24-4747-A995-0E3FF0211838}] => D:\Program Files (x86)\steamapps\common\Total War Attila\launcher\launcher.exe

FirewallRules: [{9AC170BF-7333-448A-A89C-1BCA3F52A586}] => D:\Program Files (x86)\steamapps\common\Total War Attila\launcher\launcher.exe

FirewallRules: [TCP Query User{EE33C683-7BD1-4A56-8AC9-760850DFB6B6}D:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe] => D:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe

FirewallRules: [UDP Query User{E3A6FEDB-4B0F-4DB5-9163-E285BA58DAB0}D:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe] => D:\program files (x86)\origin games\star wars battlefront\starwarsbattlefronttrial.exe

FirewallRules: [TCP Query User{F8D148AB-46AD-4AE0-B275-8A2D11AEB92A}D:\call of duty black ops iii\blackops3.exe] => D:\call of duty black ops iii\blackops3.exe

FirewallRules: [UDP Query User{1020E993-8263-4547-BED0-3FBF0D317A6F}D:\call of duty black ops iii\blackops3.exe] => D:\call of duty black ops iii\blackops3.exe

FirewallRules: [TCP Query User{232F88E6-DE4B-496C-B6BA-5D1C9136B5C1}D:\program files (x86)\steamapps\common\dayz\dayz.exe] => D:\program files (x86)\steamapps\common\dayz\dayz.exe

FirewallRules: [UDP Query User{9AF3B543-FBA2-4F06-8FAA-3CE74AE74C81}D:\program files (x86)\steamapps\common\dayz\dayz.exe] => D:\program files (x86)\steamapps\common\dayz\dayz.exe

FirewallRules: [TCP Query User{2C312BC1-F829-4A42-A254-21D8D57E2C4A}D:\mass effect trilogy\mass effect 3\binaries\win32\masseffect3.exe] => D:\mass effect trilogy\mass effect 3\binaries\win32\masseffect3.exe

FirewallRules: [UDP Query User{D6207B93-5A27-4643-A343-CAC1C9C32BA9}D:\mass effect trilogy\mass effect 3\binaries\win32\masseffect3.exe] => D:\mass effect trilogy\mass effect 3\binaries\win32\masseffect3.exe

FirewallRules: [TCP Query User{149B3283-BC08-4A45-8EB7-A54AD97CD37B}D:\turbine\der herr der ringe online\lotroclient.exe] => D:\turbine\der herr der ringe online\lotroclient.exe

FirewallRules: [UDP Query User{E9A2BC5F-2AD8-448B-9520-5C0EAFE3C005}D:\turbine\der herr der ringe online\lotroclient.exe] => D:\turbine\der herr der ringe online\lotroclient.exe

FirewallRules: [TCP Query User{01F28636-7B85-451A-BDC4-5BF6CEAC4EFF}D:\icarus\appdata\bin64\launcher.exe] => D:\icarus\appdata\bin64\launcher.exe

FirewallRules: [UDP Query User{41472E68-6C63-4402-B590-7C7D7E2260CE}D:\icarus\appdata\bin64\launcher.exe] => D:\icarus\appdata\bin64\launcher.exe

FirewallRules: [{F9E88618-1D34-47C1-9EA1-467A5E8D9EE3}] => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe

FirewallRules: [{8CBEBCFE-DF3F-45A3-8ED0-4DEECAE1091F}] => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe

FirewallRules: [{35600493-9541-457E-92EC-AA8270AD7EEA}] => D:\\Downloaded\Public\Warframe.exe

FirewallRules: [{BE41EF12-45EC-4C07-8F5F-8F8FB5F484BC}] => D:\\Downloaded\Public\Warframe.x64.exe

FirewallRules: [{316E7120-FFDE-4BD4-8CC3-14EB26F30E46}] => D:\\Downloaded\Public\Warframe.exe

FirewallRules: [{C56E3102-BCC7-4A42-870D-64F25AD35B2E}] => D:\\Downloaded\Public\Warframe.x64.exe

FirewallRules: [{DF5E77D9-18D4-4745-BB59-35D98D3486C5}] => C:\Users\wake\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe

FirewallRules: [{868F1AB3-79BE-4188-A317-E87CAE9CAC7F}] => D:\\Downloaded\Public\Tools\RemoteCrashSender.exe

FirewallRules: [{16B89BA1-7261-4FD0-9525-348553738BC1}] => D:\\Downloaded\Public\Warframe.exe

FirewallRules: [{865AA584-2FE5-4F7A-A79A-337183977E7D}] => D:\\Downloaded\Public\Warframe.x64.exe

FirewallRules: [{28C8ED69-360D-464F-A054-DDCE83E4F94E}] => D:\\Downloaded\Public\Warframe.exe

FirewallRules: [{8F06E35D-E659-44C2-A89A-38B171D99E6D}] => D:\\Downloaded\Public\Warframe.x64.exe

FirewallRules: [{981686B1-CDCA-4901-ABDB-12A79384AD1A}] => C:\Users\wake\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe

FirewallRules: [{97FB097A-FA4F-48A5-9BC5-EEF767C84803}] => D:\\Downloaded\Public\Tools\RemoteCrashSender.exe

FirewallRules: [TCP Query User{88D2F12A-4123-46BA-91DE-3B8AA66B822F}D:\downloaded\public\warframe.x64.exe] => D:\downloaded\public\warframe.x64.exe

FirewallRules: [UDP Query User{F9E18D08-AF28-4521-9E55-D0B787AA2D54}D:\downloaded\public\warframe.x64.exe] => D:\downloaded\public\warframe.x64.exe

FirewallRules: [TCP Query User{07C28609-159F-4A8E-BD8F-E16B9C3A8D65}D:\hearthstone\hearthstone.exe] => D:\hearthstone\hearthstone.exe

FirewallRules: [UDP Query User{448A3BDC-0EB9-4C88-8335-0318FA8F92C4}D:\hearthstone\hearthstone.exe] => D:\hearthstone\hearthstone.exe

FirewallRules: [{854C14BC-C727-4446-BC46-C722785C632B}] => D:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe

FirewallRules: [{F32CCF26-7DAC-4BF2-B056-F802D7563AA8}] => D:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe

FirewallRules: [{572E336C-3548-4DBE-A8FF-C2B5C81606BE}] => D:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe

FirewallRules: [{09CE9D43-6274-4B15-80C2-4D49FFDC30E0}] => D:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe

FirewallRules: [TCP Query User{ADC8EA85-35ED-4B63-8F38-A82F8B71CCFD}D:\program files (x86)\origin games\fifa 16\fifa16.exe] => D:\program files (x86)\origin games\fifa 16\fifa16.exe

FirewallRules: [UDP Query User{B9C825DB-173E-4DB5-892D-73363B12EE73}D:\program files (x86)\origin games\fifa 16\fifa16.exe] => D:\program files (x86)\origin games\fifa 16\fifa16.exe

FirewallRules: [{4CE1FDCA-77DF-483F-A201-AA72EA49658A}] => D:\Program Files (x86)\steamapps\common\DayZ\DayZ_BE.exe

FirewallRules: [{E7352B88-BD67-4CAF-97FC-1FADBE16B6B6}] => D:\Program Files (x86)\steamapps\common\DayZ\DayZ_BE.exe

FirewallRules: [{C739A7F3-12BF-4250-B43C-8C452647712F}] => D:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe

FirewallRules: [{0AFF0C04-6DF7-43E9-ACD2-B0CD4CEE2CCE}] => D:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe

FirewallRules: [TCP Query User{2795EECC-51C6-4100-9347-D837C6C9B815}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => C:\program files\java\jre1.8.0_101\bin\javaw.exe

FirewallRules: [UDP Query User{BE691D30-E6A0-49A8-8064-F2F1E9F6CFAB}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => C:\program files\java\jre1.8.0_101\bin\javaw.exe

FirewallRules: [{80B36323-1EB0-45FD-A19A-FD1CC2E7FAA9}] => D:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe

FirewallRules: [{494DEBEE-16A7-47B6-B726-DB7B10BFA6E9}] => D:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe

FirewallRules: [{3AEEE3D2-A55B-4752-99EC-D248CCA792E6}] => C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{0AE1D6D0-2A24-40BF-A6D0-F7E20CC48D7B}] => C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{D1A54039-D1A4-4F60-B634-427CE9B4715D}] => C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{03E6F3E3-CEA3-4E64-8D67-7BFD47C271D4}] => C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{CC8B46DA-44FE-4D74-AFB5-42C23B8F7C85}] => D:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe

FirewallRules: [{D29992E6-8AA6-42D3-A870-C25E3F9D536E}] => D:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe

FirewallRules: [TCP Query User{DCFABC54-1623-4D19-942E-6B08C6DDEC77}D:\program files (x86)\origin games\bfh\bfh.exe] => D:\program files (x86)\origin games\bfh\bfh.exe

FirewallRules: [UDP Query User{F0AEDBB6-2459-4E84-8997-A5DB05464248}D:\program files (x86)\origin games\bfh\bfh.exe] => D:\program files (x86)\origin games\bfh\bfh.exe

FirewallRules: [TCP Query User{20BD19AE-15FE-4FD1-A5C8-D7FA0CB4AFE8}C:\users\public\daybreak game company\installed games\planetside 2\planetside2_x64.exe] => C:\users\public\daybreak game company\installed games\planetside 2\planetside2_x64.exe

FirewallRules: [UDP Query User{F93BABFD-D083-4650-AE34-451C13D82994}C:\users\public\daybreak game company\installed games\planetside 2\planetside2_x64.exe] => C:\users\public\daybreak game company\installed games\planetside 2\planetside2_x64.exe

FirewallRules: [{14AD9D98-88DA-4E18-ABD0-58124A61F17F}] => D:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe

FirewallRules: [{FD9573FD-1A58-4C4B-A437-37CB30D89DDA}] => D:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe

FirewallRules: [{1D473DB6-3087-4F9B-ADE7-F7FEC0528CF9}] => D:\Program Files (x86)\Origin Games\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe

FirewallRules: [{74D27A74-712E-4FC8-9BF4-FEBFB8B53BA0}] => D:\Program Files (x86)\Origin Games\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe

FirewallRules: [{4773BDE0-BE5E-4F0E-A147-65658B2162C1}] => D:\Program Files (x86)\steamapps\common\Dead by Daylight\DeadByDaylight.exe

FirewallRules: [{22DDC5C0-19D3-4D90-82EE-3D0840839937}] => D:\Program Files (x86)\steamapps\common\Dead by Daylight\DeadByDaylight.exe

FirewallRules: [TCP Query User{38EA37D2-A0DF-4452-A79C-BB92E02F194B}D:\program files (x86)\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => D:\program files (x86)\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe

FirewallRules: [UDP Query User{02250D9C-BBF5-410D-8942-6ABC39AB26FF}D:\program files (x86)\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => D:\program files (x86)\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe

FirewallRules: [{059CEB7D-BA71-4BBD-99DB-97BEBD83AAC2}] => D:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe

FirewallRules: [{27698E39-879E-4A02-AB48-90D39DE1D41E}] => D:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe

FirewallRules: [{1874B178-5B6F-4E10-9D6A-E333D79CC699}] => D:\The Crew (Worldwide)\TheCrew.exe

FirewallRules: [{79AB46DE-9536-4AC9-9EA6-450E45DA3F74}] => D:\The Crew (Worldwide)\TheCrew.exe

FirewallRules: [{5B98B538-0596-4C80-B458-CF34A1F134BA}] => D:\Program Files (x86)\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe

FirewallRules: [{9712E89E-1C21-44CC-A7BB-88095FDC0546}] => D:\Program Files (x86)\steamapps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe

FirewallRules: [{C06D07B4-FB49-431F-9384-41E9D90BEFAB}] => D:\Program Files (x86)\steamapps\common\DB Xenoverse\DBXV.exe

FirewallRules: [{60CABF65-BA9C-44A4-9F38-67622B8587BF}] => D:\Program Files (x86)\steamapps\common\DB Xenoverse\DBXV.exe

FirewallRules: [TCP Query User{6BCBDD3F-F5AC-49E6-AD3B-BB373A1EA536}D:\program files (x86)\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => D:\program files (x86)\steamapps\common\space\spacegame\binaries\win64\spserver.exe

FirewallRules: [UDP Query User{78E01CBC-D6BC-415C-A44B-815EDFA4C96D}D:\program files (x86)\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => D:\program files (x86)\steamapps\common\space\spacegame\binaries\win64\spserver.exe

FirewallRules: [{10F58335-A5A0-499B-BBF0-5726D710B9A0}] => C:\Users\wake\AppData\Local\Chromium\Application\chrome.exe

FirewallRules: [{99757FD8-CDCF-4D51-93B1-5444A8471592}] => D:\Program Files (x86)\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe

FirewallRules: [{7048668E-6201-4568-9209-BA9425622733}] => D:\Program Files (x86)\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe

FirewallRules: [{41D47A18-683E-4E10-B765-A201B67A3E5E}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe

FirewallRules: [{4C502015-54A3-4578-8EB6-DB6B016ECB50}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

FirewallRules: [{586AE49C-E4D4-48A3-BFC8-F18BAA844F25}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{4BF0141F-25E9-4BC5-B472-808C6A8FF622}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{A73B8D0C-E63B-469E-BB54-0B38CFEB5D2B}] => D:\Program Files (x86)\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe

FirewallRules: [{E419B792-0F16-4433-A4AC-F3C8FA042475}] => D:\Program Files (x86)\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe

FirewallRules: [{269937D7-7DBB-49AC-A626-4DAAADC54DEB}] => D:\Program Files (x86)\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe

FirewallRules: [{6F380FD0-919A-4803-9B1A-701D8BBC5825}] => D:\Program Files (x86)\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe

FirewallRules: [{81BFBBF2-D603-458E-BF30-830CD7A75E86}] => D:\Program Files (x86)\Origin Games\Crysis 2\bin32\Crysis2.exe

FirewallRules: [{CC70F2C1-4FAF-4F25-B2B1-439F3A3BF383}] => D:\Program Files (x86)\Origin Games\Crysis 2\bin32\Crysis2.exe

FirewallRules: [{CBE16847-C309-4F4F-BA8E-2629F54273E5}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe

FirewallRules: [{B7FF8E3B-46FE-4734-9F70-EDCECEF3B434}] => D:\Program Files (x86)\Origin Games\Dead Space 2 (DE)\deadspace2.exe

FirewallRules: [{534A3FCB-D1B5-4961-9BDB-291E0BCA5FD9}] => D:\Program Files (x86)\Origin Games\Dead Space 2 (DE)\deadspace2.exe

FirewallRules: [TCP Query User{A2FE3708-13A5-4015-B41C-0150C0FE4E95}D:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => D:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe

FirewallRules: [UDP Query User{1DD0209D-A604-420E-A6AB-E6A744988398}D:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => D:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe

FirewallRules: [{784A6DE5-24C4-4D10-B86A-BDE51F55A25D}] => D:\Program Files (x86)\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe

FirewallRules: [{4B9B9570-5DF7-4130-96E8-769D606A8CE3}] => D:\Program Files (x86)\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe

FirewallRules: [{224B9A7F-4F52-4106-8535-489A00ABE2DF}] => D:\GTA5.exe

FirewallRules: [{85F48EEE-6D5B-4F47-A825-053EA9163A6E}] => D:\GTA5.exe

FirewallRules: [{062BD55B-922D-4E73-AABF-1A075B61C318}] => D:\Ubisoft Game Launcher\games\Far Cry Primal\bin\FCPrimal.exe

FirewallRules: [{42177617-C432-43ED-87BB-A379D1013F7D}] => D:\Program Files (x86)\steamapps\common\Total War WARHAMMER\launcher\launcher.exe

FirewallRules: [{3F5C1673-8236-4069-B9ED-CC0B6A214ABE}] => D:\Program Files (x86)\steamapps\common\Total War WARHAMMER\launcher\launcher.exe

FirewallRules: [{1600E9FB-5669-403D-9A0D-A28D4D2566B8}] => D:\Program Files (x86)\steamapps\common\The Forest\TheForest.exe

FirewallRules: [{AAAEDD70-FDD2-4C51-9BB9-D3D31B3F2E55}] => D:\Program Files (x86)\steamapps\common\The Forest\TheForest.exe

FirewallRules: [{4C417BF6-962B-42B8-99D6-48C822105D21}] => D:\Program Files (x86)\steamapps\common\DB Xenoverse 2\bin\DBXV2.exe

FirewallRules: [{FF59CE22-36F3-4507-AE3A-F75C0F5C16E5}] => D:\Program Files (x86)\steamapps\common\DB Xenoverse 2\bin\DBXV2.exe

FirewallRules: [{806D7B65-1B22-4FB6-A2BD-61E311C059A4}] => C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe

FirewallRules: [{9F75F27F-47B8-400A-BF6F-DF5F9DC16CBD}] => C:\Program Files (x86)\Firefox\Firefox.exe

FirewallRules: [{C3509A67-DAD0-4F53-ADE8-AC336E9DC3E3}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{7FED0ACB-1C01-42C0-904C-5F02EE372031}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{27A89422-1693-4684-8E1D-03938C4499C5}] => D:\Program Files (x86)\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{C46785AA-9205-4537-9153-751F758F2D41}] => D:\Program Files (x86)\bin\cef\cef.win7\steamwebhelper.exe
 

==================== Wiederherstellungspunkte =========================
 

ACHTUNG: Systemwiederherstellung ist deaktiviert
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (12/13/2016 08:58:50 AM) (Source: MsiInstaller) (EventID: 1002) (User: WAKE-PC)

Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".
 

Error: (12/13/2016 08:56:36 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:

hr=0xC004F074

Befehlszeilenargumente:

RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=2
 

Error: (12/13/2016 08:48:48 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:

hr=0x8007139F

Befehlszeilenargumente:

RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable
 

Error: (12/12/2016 08:06:15 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:

hr=0xC004F074

Befehlszeilenargumente:

RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 

Error: (12/12/2016 08:06:03 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:

hr=0x8007139F

Befehlszeilenargumente:

RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable
 

Error: (12/12/2016 05:32:42 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: WAKE-PC)

Description: Die Anwendung oder der Dienst "ed2k idle service" konnte nicht neu gestartet werden.
 

Error: (12/12/2016 05:30:18 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:

hr=0xC004F074

Befehlszeilenargumente:

RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 

Error: (12/12/2016 05:30:02 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:

hr=0x8007139F

Befehlszeilenargumente:

RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable
 

Error: (12/12/2016 05:16:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:

hr=0xC004F074

Befehlszeilenargumente:

RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable
 

Error: (12/12/2016 05:14:47 PM) (Source: MsiInstaller) (EventID: 1002) (User: WAKE-PC)

Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".
 
 

Systemfehler:

=============

Error: (12/12/2016 10:04:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Benutzerdatenzugriff_3bef7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (12/12/2016 10:04:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Benutzerdatenspeicher _3bef7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (12/12/2016 10:04:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Kontaktdaten_3bef7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (12/12/2016 10:04:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Synchronisierungshost_3bef7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (12/12/2016 08:08:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "ed2k idle service" wurde aufgrund folgenden Fehlers nicht gestartet: 

Das System kann die angegebene Datei nicht finden.
 

Error: (12/12/2016 08:05:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
 

Error: (12/12/2016 08:05:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Benutzerdatenzugriff_3fab9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (12/12/2016 08:05:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Benutzerdatenspeicher _3fab9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (12/12/2016 08:05:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Kontaktdaten_3fab9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (12/12/2016 08:05:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Synchronisierungshost_3fab9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 
 

CodeIntegrity:

===================================

  Date: 2016-12-12 19:01:59.892

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 

  Date: 2016-12-12 17:30:15.471

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 

  Date: 2016-12-12 17:17:43.445

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 

  Date: 2016-12-12 17:04:52.673

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 

  Date: 2016-12-12 16:50:01.276

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 

  Date: 2016-12-12 16:02:36.603

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 

  Date: 2016-12-12 15:52:44.062

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 

  Date: 2016-12-12 14:52:44.117

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 

  Date: 2016-12-12 14:40:10.364

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
 

  Date: 2016-12-08 14:08:41.941

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz

Prozentuale Nutzung des RAM: 14%

Installierter physikalischer RAM: 16345.15 MB

Verfügbarer physikalischer RAM: 13898.11 MB

Summe virtueller Speicher: 18777.15 MB

Verfügbarer virtueller Speicher: 16001.6 MB
 

==================== Laufwerke ================================
 

Drive c: () (Fixed) (Total:118.58 GB) (Free:16.74 GB) NTFS

Drive d: () (Fixed) (Total:931.06 GB) (Free:130.13 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AFEDAA5B)

Partition 1: (Active) - (Size=931.1 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
 

========================================================

Disk: 1 (Size: 119.2 GB) (Disk ID: E5A38B7A)
 

Partition: GPT.
 

==================== Ende von Addition.txt ============================

Hallo

alles gut gemacht, genau so wie es sein soll..

Schritt 1:

erstmal entfernen wir die unnötige Adware vom System...

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2:

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

Task: {1C9C15AA-A48A-41C6-9101-6982B7D3DA82} - System32\Tasks\PDDMW1 => C:\ProgramData\Poposhidu\Poposhidu.exe <==== ACHTUNG
 

Task: {3C843395-8E9D-460A-8FE3-CF3D7F9949AD} - System32\Tasks\ACC => C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat <==== ACHTUNG
 

Task: {42243C04-4F73-4C1F-92B4-02B106BBD39C} - \{0D780547-057D-047D-7911-0B080B7F110C} -> Keine Datei <==== ACHTUNG
 

Task: {47D2640A-DB01-4B74-BE0C-E43FD086161B} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ACHTUNG
 

Task: {931C18CE-9C63-43F8-9D65-8DB71D074BBC} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ACHTUNG
 

Task: {BA238890-CC00-42FE-8A36-C5D262E94830} - System32\Tasks\Muwbiri => C:\PROGRA~1\GROOVE~1\Ygubecir.bat <==== ACHTUNG
 

Task: {D36FAF66-AB56-4FB6-9490-709EC1B12435} - System32\Tasks\1a07ed10964a3aac1d3f661cb0b4f47f => Rundll32.exe "C:\Program Files (x86)\USB Game Controller\w7wr0x.dll",e62dc6c6547f46bda862da2d05af6862 <==== ACHTUNG
 

Task: {FCDE0FAB-DF4F-4ADB-8D5A-3644FB5A30EA} - System32\Tasks\LCCSTETWYSSBGGED => C:\ProgramData\Service5184\Service5184.exe <==== ACHTUNG
 

Task: C:\WINDOWS\Tasks\LCCSTETWYSSBGGED.job => C:\ProgramData\Service5184\Service5184.exe <==== ACHTUNG
 

Task: C:\WINDOWS\Tasks\PDDMW1.job => C:\ProgramData\Poposhidu\Poposhidu.exe <==== ACHTUNG

GroupPolicy: Beschränkung - Windows Defender <======= ACHTUNG

emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 3:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4:

erstelle bitte ein neues FRST Logfile und poste es hier.

Schritt 5:

Das System sollte jetzt bereits deutlich schneller laufen. Du hast allgemein sehr viele Einträge in den Tasks die man generell einmal ausmisten kann.

So, danke erstmal für die sehr detailierte Hilfe.

Adwcleaner:

Code:

# AdwCleaner v6.040 - Bericht erstellt am 13/12/2016 um 11:07:53

# Aktualisiert am 02/12/2016 von Malwarebytes

# Datenbank : 2016-12-13.2 [Server]

# Betriebssystem : Windows 10 Enterprise  (X64)

# Benutzername : wake - WAKE-PC

# Gestartet von : C:\Users\wake\Desktop\AdwCleaner_6.040.exe

# Modus: Löschen

# Unterstützung : https://www.malwarebytes.com/support
 
 
 

***** [ Dienste ] *****
 

[-] Dienst gelöscht: ed2kidle
 
 

***** [ Ordner ] *****
 

[-] Ordner gelöscht: C:\Users\wake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader

[-] Ordner gelöscht: C:\Program Files\ByteFence

[-] Ordner gelöscht: C:\ProgramData\WinSAPSvc

[#] Ordner mit Neustart gelöscht: C:\ProgramData\winsapsvc

[-] Ordner gelöscht: C:\Users\Public\Documents\Downloaded Installers

[-] Ordner gelöscht: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\aMule

[-] Ordner gelöscht: C:\Users\Public\Documents\dmp

[-] Ordner gelöscht: C:\uninst

[-] Ordner gelöscht: C:\Users\wake\AppData\Roaming\Mozilla\Firefox\naweriweentcofise
 
 

***** [ Dateien ] *****
 

[-] Datei gelöscht: C:\WINDOWS\SysNative\log\iSafeKrnlCall.log

[-] Datei gelöscht: C:\END

[-] Datei gelöscht: C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

[-] Datei gelöscht: C:\Users\wake\AppData\Roaming\Mozilla\Firefox\Profiles\qDlG7lTV.default\extensions\staged\firefox@browser-security.de.json
 
 

***** [ DLL ] *****
 
 
 

***** [ WMI ] *****
 
 
 

***** [ Verknüpfungen ] *****
 
 
 

***** [ Aufgabenplanung ] *****
 

[-] Aufgabe gelöscht: LCCSTETWYSSBGGED

[-] Aufgabe gelöscht: LCCSTETWYSSBGGED

[-] Aufgabe gelöscht: YTDownloader

[-] Aufgabe gelöscht: YTDownloaderUpd

[-] Aufgabe gelöscht: ACC
 
 

***** [ Registrierungsdatenbank ] *****
 

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2

[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg

[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{176F706B-5175-479C-A3DF-32420F6FB01A}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{38BE2BE8-EB8E-41D1-9D94-3B1697094D47}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{53C267B2-B01D-410F-A4DD-A32962EE55F4}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{8804A543-42D3-4D71-9685-B0243D5526F3}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{A0F322D5-6A13-4CAB-84CF-FABB5690618E}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{AC3E336C-B524-47F0-9AA2-5F67AA056086}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{C68E9BB6-3DBD-4C4B-910B-C5D84A7EBB03}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{F577A1BA-D82D-4BB2-8430-B767285D081D}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{BF8946CD-EEBE-436B-8282-B19A021C9EFE}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{D8CB24E3-DDA3-4B7F-8BA3-871DB7D3D986}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{F6DF4318-A699-4E88-BE1D-84F4A009B08A}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{38DD0B4A-E4E0-4A57-99EE-DCCB185B4728}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{45965C76-4C88-4512-9358-368483E1C3B1}

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}

[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}

[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\jhtrsq

[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\jhtrsq

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Xtp

[-] Schlüssel gelöscht: HKLM\SOFTWARE\ScreenShot

[-] Schlüssel gelöscht: HKLM\SOFTWARE\WinArcher

[-] Schlüssel gelöscht: HKLM\SOFTWARE\amule-custom

[-] Schlüssel gelöscht: HKLM\SOFTWARE\jhtrsq

[-] Schlüssel gelöscht: HKLM\SOFTWARE\UvConv

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564

[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Xtp

[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}

[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\jhtrsq

[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}

[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [AppTrailers]

[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]

[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [ArcherGroupEx]
 
 

***** [ Browser ] *****
 

[-] Firefox Einstellungen bereinigt: "browser.newtab.url" -  "hxxp://www.luckysearch123.com?type=hp&ts=1481547885&from=2c231209&uid=samsungxhd103si_s1vsj9cs507234&z=7d4150ec7a91390643768a1g3z4b2gdw0zamabab9b"

[-] Firefox Einstellungen bereinigt: "browser.search.searchengine.iconURL" -  "hxxp://www.luckysearch123.com/favicon.ico?t=1"

[-] Firefox Einstellungen bereinigt: "browser.search.searchengine.url" -  "hxxp://www.luckysearch123.com/search.php?type=ds&ts=1481547885&from=2c231209&uid=samsungxhd103si_s1vsj9cs507234&z=7d4150ec7a91390643768a1g3z4b2gdw0zamabab9b&q={searchTerms}"

[-] Firefox Einstellungen bereinigt: "browser.startup.homepage" -  "hxxp://www.luckysearch123.com?type=hp&ts=1481547885&from=2c231209&uid=samsungxhd103si_s1vsj9cs507234&z=7d4150ec7a91390643768a1g3z4b2gdw0zamabab9b"

[-] Firefox Einstellungen bereinigt: "browser.newtab.url" -  "hxxp://www.luckysearch123.com?type=hp&ts=1481547885&from=2c231209&uid=samsungxhd103si_s1vsj9cs507234&z=7d4150ec7a91390643768a1g3z4b2gdw0zamabab9b"

[-] Firefox Einstellungen bereinigt: "browser.search.searchengine.iconURL" -  "hxxp://www.luckysearch123.com/favicon.ico?t=1"

[-] Firefox Einstellungen bereinigt: "browser.search.searchengine.url" -  "hxxp://www.luckysearch123.com/search.php?type=ds&ts=1481547885&from=2c231209&uid=samsungxhd103si_s1vsj9cs507234&z=7d4150ec7a91390643768a1g3z4b2gdw0zamabab9b&q={searchTerms}"

[-] Firefox Einstellungen bereinigt: "browser.startup.homepage" -  "hxxp://www.luckysearch123.com?type=hp&ts=1481547885&from=2c231209&uid=samsungxhd103si_s1vsj9cs507234&z=7d4150ec7a91390643768a1g3z4b2gdw0zamabab9b"
 
 

*************************
 

:: "Tracing" Schlüssel gelöscht

:: Winsock Einstellungen zurückgesetzt

:: Proxy Einstellungen zurückgesetzt

:: Internet Explorer Richtlinien gelöscht

:: Chrome Richtlinien gelöscht
 

*************************
 

C:\AdwCleaner\AdwCleaner[C0].txt - [7308 Bytes] - [13/12/2016 11:07:53]

C:\AdwCleaner\AdwCleaner[S0].txt - [7224 Bytes] - [13/12/2016 11:06:22]
 

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [7454 Bytes] ##########

FRST Fixlog

Code:

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-12-2016

durchgeführt von wake (13-12-2016 11:22:21) Run:1

Gestartet von C:\Users\wake\Desktop

Geladene Profile: wake (Verfügbare Profile: wake)

Start-Modus: Normal

==============================================
 

fixlist Inhalt:

*****************

Task: {1C9C15AA-A48A-41C6-9101-6982B7D3DA82} - System32\Tasks\PDDMW1 => C:\ProgramData\Poposhidu\Poposhidu.exe <==== ACHTUNG
 

Task: {3C843395-8E9D-460A-8FE3-CF3D7F9949AD} - System32\Tasks\ACC => C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat <==== ACHTUNG
 

Task: {42243C04-4F73-4C1F-92B4-02B106BBD39C} - \{0D780547-057D-047D-7911-0B080B7F110C} -> Keine Datei <==== ACHTUNG
 

Task: {47D2640A-DB01-4B74-BE0C-E43FD086161B} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ACHTUNG
 

Task: {931C18CE-9C63-43F8-9D65-8DB71D074BBC} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ACHTUNG
 

Task: {BA238890-CC00-42FE-8A36-C5D262E94830} - System32\Tasks\Muwbiri => C:\PROGRA~1\GROOVE~1\Ygubecir.bat <==== ACHTUNG
 

Task: {D36FAF66-AB56-4FB6-9490-709EC1B12435} - System32\Tasks\1a07ed10964a3aac1d3f661cb0b4f47f => Rundll32.exe "C:\Program Files (x86)\USB Game Controller\w7wr0x.dll",e62dc6c6547f46bda862da2d05af6862 <==== ACHTUNG
 

Task: {FCDE0FAB-DF4F-4ADB-8D5A-3644FB5A30EA} - System32\Tasks\LCCSTETWYSSBGGED => C:\ProgramData\Service5184\Service5184.exe <==== ACHTUNG
 

Task: C:\WINDOWS\Tasks\LCCSTETWYSSBGGED.job => C:\ProgramData\Service5184\Service5184.exe <==== ACHTUNG
 

Task: C:\WINDOWS\Tasks\PDDMW1.job => C:\ProgramData\Poposhidu\Poposhidu.exe <==== ACHTUNG

GroupPolicy: Beschränkung - Windows Defender <======= ACHTUNG

emptytemp:

*****************
 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1C9C15AA-A48A-41C6-9101-6982B7D3DA82}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C9C15AA-A48A-41C6-9101-6982B7D3DA82}" => Schlüssel erfolgreich entfernt

C:\WINDOWS\System32\Tasks\PDDMW1 => erfolgreich verschoben

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PDDMW1" => Schlüssel erfolgreich entfernt

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C843395-8E9D-460A-8FE3-CF3D7F9949AD} => Schlüssel nicht gefunden. 

C:\WINDOWS\System32\Tasks\ACC => nicht gefunden.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACC => Schlüssel nicht gefunden. 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42243C04-4F73-4C1F-92B4-02B106BBD39C}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42243C04-4F73-4C1F-92B4-02B106BBD39C}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0D780547-057D-047D-7911-0B080B7F110C}" => Schlüssel erfolgreich entfernt

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47D2640A-DB01-4B74-BE0C-E43FD086161B} => Schlüssel nicht gefunden. 

C:\WINDOWS\System32\Tasks\YTDownloader => nicht gefunden.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloader => Schlüssel nicht gefunden. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{931C18CE-9C63-43F8-9D65-8DB71D074BBC} => Schlüssel nicht gefunden. 

C:\WINDOWS\System32\Tasks\YTDownloaderUpd => nicht gefunden.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloaderUpd => Schlüssel nicht gefunden. 

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA238890-CC00-42FE-8A36-C5D262E94830}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA238890-CC00-42FE-8A36-C5D262E94830}" => Schlüssel erfolgreich entfernt

C:\WINDOWS\System32\Tasks\Muwbiri => erfolgreich verschoben

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Muwbiri" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D36FAF66-AB56-4FB6-9490-709EC1B12435}" => Schlüssel erfolgreich entfernt

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D36FAF66-AB56-4FB6-9490-709EC1B12435}" => Schlüssel erfolgreich entfernt

C:\WINDOWS\System32\Tasks\1a07ed10964a3aac1d3f661cb0b4f47f => erfolgreich verschoben

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1a07ed10964a3aac1d3f661cb0b4f47f" => Schlüssel erfolgreich entfernt

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCDE0FAB-DF4F-4ADB-8D5A-3644FB5A30EA} => Schlüssel nicht gefunden. 

C:\WINDOWS\System32\Tasks\LCCSTETWYSSBGGED => nicht gefunden.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LCCSTETWYSSBGGED => Schlüssel nicht gefunden. 

C:\WINDOWS\Tasks\LCCSTETWYSSBGGED.job => nicht gefunden.

C:\WINDOWS\Tasks\PDDMW1.job => erfolgreich verschoben

"C:\WINDOWS\system32\GroupPolicy\Machine" => nicht gefunden.
 

=========== EmptyTemp: ==========
 

BITS transfer queue => 0 B

DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 818474854 B

Java, Flash, Steam htmlcache => 218286336 B

Windows/system/drivers => 88069567 B

Edge => 1437085 B

Chrome => 0 B

Firefox => 398569635 B

Opera => 0 B
 

Temp, IE cache, history, cookies, recent:

Default => 16674 B

Users => 0 B

ProgramData => 0 B

Public => 0 B

systemprofile32 => 5372582 B

LocalService => 1163544 B

NetworkService => 3982 B

wake => 2221632505 B
 

RecycleBin => 0 B

EmptyTemp: => 3.5 GB temporäre Dateien entfernt.
 

================================
 
 

Das System musste neu gestartet werden.
 

==== Ende von Fixlog 11:23:02 ====

Den gewünschten FRST Log wie in Schritt 2 zum Ende ausführen?

Mbam txt

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlaufdatum: 13.12.2016

Suchlaufzeit: 11:25

Protokolldatei: mbam.txt

Administrator: Ja
 

Version: 2.2.1.1043

Malware-Datenbank: v2016.12.13.09

Rootkit-Datenbank: v2016.11.20.01

Lizenz: Kostenlose Version

Malware-Schutz: Deaktiviert

Schutz vor bösartigen Websites: Deaktiviert

Selbstschutz: Deaktiviert
 

Betriebssystem: Windows 10

CPU: x64

Dateisystem: NTFS

Benutzer: wake
 

Suchlauftyp: Bedrohungssuchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 327646

Abgelaufene Zeit: 9 Min., 2 Sek.
 

Speicher: Aktiviert

Start: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Aktiviert

Heuristik: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 0

(keine bösartigen Elemente erkannt)
 

Module: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsschlüssel: 0

(keine bösartigen Elemente erkannt)
 

Registrierungswerte: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsdaten: 0

(keine bösartigen Elemente erkannt)
 

Ordner: 0

(keine bösartigen Elemente erkannt)
 

Dateien: 3

PUP.Optional.Trotux, C:\Users\wake\AppData\Roaming\Profiles\Ghibry.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.searchengine.url", "hxxp://www.trotux.com/search/?from=isr&q={searchTerms}&type=sp&uid=SAMSUNGXHD103SI_S1VSJ9CS507234&z=81ee99e64a59432d4cbfba8g1z3bfgcocecgcb4t8c");), Ersetzt,[e4f94c9a6436b08621d3ac8d0ff1bc44]

PUP.Optional.Trotux, C:\Users\wake\AppData\Roaming\Profiles\Ghibry.default\prefs.js, Gut: (), Schlecht: (128981);

user_pref("browsert_run", false);

user_pre), Ersetzt,[2bb26581a8f2ac8a34c08cad5aa6639d]

PUP.Optional.Trotux, C:\Users\wake\AppData\Roaming\Profiles\Ghibry.default\prefs.js, Gut: (), Schlecht: (ustomizemode.tip0.shown", true);

user_pref("browser.download.dir", "C:\\Users\\wake\\Desktop");

user_pref("browser.download.folderList", 0);

user_pref("browse), Ersetzt,[e6f7d90df4a64ee88272e158fc048f71]
 

Physische Sektoren: 0

(keine bösartigen Elemente erkannt)
 
 

(end)

Hallo,

das sieht ja schonmal gut aus...

bekomme ich die Schritte 4 und 5 noch nachgereicht?

Schritt 4 ist meine neue Grundlage zur Analyse, Schritt 5 deine Rückmeldung

Hoffe das ist der Log den du wolltest.
Der PC läuft spürbar schneller und auch die Werbung ist weg. Das einzige Problem ist jetzt nur, dass FF sich nicht als Standardbrowser einfügen lässt. Weder über die Standardprogramme, noch über den direkten Weg. Aber das ist auch nicht so tragisch, ich danke dir schonmal vielmals.

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016

durchgeführt von wake (Administrator) auf WAKE-PC (13-12-2016 18:49:54)

Gestartet von C:\Users\wake\Desktop

Geladene Profile: wake &  (Verfügbare Profile: wake)

Platform: Windows 10 Enterprise Version 1511 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: FF)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe

() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe

(Akamai Technologies, Inc.) C:\Users\wake\AppData\Local\Akamai\netsession_win.exe

(Akamai Technologies, Inc.) C:\Users\wake\AppData\Local\Akamai\netsession_win.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe

(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe

(Electronic Arts) D:\Origin\OriginWebHelperService.exe

() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.10.13.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe

(Valve Corporation) D:\Program Files (x86)\Steam.exe

(Valve Corporation) D:\Program Files (x86)\bin\cef\cef.win7\steamwebhelper.exe

(Valve Corporation) D:\Program Files (x86)\bin\cef\cef.win7\steamwebhelper.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Valve Corporation) D:\Program Files (x86)\bin\cef\cef.win7\steamwebhelper.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 

==================== Registry (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2000-01-01] (Realtek Semiconductor)

HKLM-x32\...\Run: [win_en_77] => [X]

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [NCUpdateHelper] => D:\BnS\bin\NCUpdateHelper.exe

HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60120 2016-11-25] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [917576 2016-12-06] (Avira Operations GmbH & Co. KG)

HKU\S-1-5-21-2185226811-435342151-2776914380-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)

HKU\S-1-5-21-2185226811-435342151-2776914380-1000\...\Run: [Akamai NetSession Interface] => C:\Users\wake\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)

HKU\S-1-5-21-2185226811-435342151-2776914380-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe

HKU\S-1-5-21-2185226811-435342151-2776914380-1000\...\Run: [Chromium] => c:\users\wake\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)

HKU\S-1-5-21-2185226811-435342151-2776914380-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)

HKU\S-1-5-21-2185226811-435342151-2776914380-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Akamai NetSession Interface] => C:\Users\wake\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)

HKU\S-1-5-21-2185226811-435342151-2776914380-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe

HKU\S-1-5-21-2185226811-435342151-2776914380-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Chromium] => c:\users\wake\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{212487b4-7688-415f-a51a-ca538b50db06}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{9e818eae-668e-470e-8009-f78767805082}: [DhcpNameServer] 192.168.224.1

ManualProxies: 
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#/?show_is=1&source=art

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#/?show_is=1&source=art

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 

HKU\S-1-5-21-2185226811-435342151-2776914380-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art

HKU\S-1-5-21-2185226811-435342151-2776914380-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp

HKU\S-1-5-21-2185226811-435342151-2776914380-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art

HKU\S-1-5-21-2185226811-435342151-2776914380-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art

HKU\S-1-5-21-2185226811-435342151-2776914380-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art

HKU\S-1-5-21-2185226811-435342151-2776914380-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp

HKU\S-1-5-21-2185226811-435342151-2776914380-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art

HKU\S-1-5-21-2185226811-435342151-2776914380-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-2185226811-435342151-2776914380-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

SearchScopes: HKU\S-1-5-21-2185226811-435342151-2776914380-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-21] (Oracle Corporation)

BHO: Youtube AdBlock -> {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} -> C:\Program Files (x86)\Youtube AdBlock\IEEF\7DyrZhjb.dll => Keine Datei

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-21] (Oracle Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-21] (Oracle Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-21] (Oracle Corporation)

StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 

Edge: 

======

Edge HomeButtonPage: HKU\S-1-5-21-2185226811-435342151-2776914380-1000 -> hxxp://www.amisites.com/?type=hp&ts=1481317178&z=fbb378ac1ffa744ce0d6481g1zab7g6c7g0m1g4m0b&from=archer1028&uid=SAMSUNGXHD103SI_S1VSJ9CS507234
 

FireFox:

========

FF ProfilePath: C:\Users\wake\AppData\Roaming\Firefox\Firefox\naweriweentcofise\Profiles\qDlG7lTV.default\Profiles\qDlG7lTV.default [nicht gefunden]

FF ProfilePath: C:\Users\wake\AppData\Roaming\Mozilla\Firefox\Profiles\qDlG7lTV.default [2016-12-13]

FF user.js: detected! => C:\Users\wake\AppData\Roaming\Mozilla\Firefox\Profiles\qDlG7lTV.default\user.js [2016-12-13]

FF DefaultSearchEngine: Mozilla\Firefox\Profiles\qDlG7lTV.default -> luck

FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\qDlG7lTV.default -> luck

FF SelectedSearchEngine: Mozilla\Firefox\Profiles\qDlG7lTV.default -> luck

FF Homepage: Mozilla\Firefox\Profiles\qDlG7lTV.default -> www.google.de

FF Keyword.URL: Mozilla\Firefox\Profiles\qDlG7lTV.default -> user_pref("keyword.URL", true);

FF Extension: (Kein Name) - C:\Users\wake\AppData\Roaming\Mozilla\Firefox\Profiles\qDlG7lTV.default\Extensions\abs@avira.com [2016-12-12]

FF Extension: (Adblock Plus) - C:\Users\wake\AppData\Roaming\Mozilla\Firefox\Profiles\qDlG7lTV.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]

FF ProfilePath: C:\Users\wake\AppData\Roaming\Firefox\Firefox\Profiles\qDlG7lTV.default [2016-12-12]

FF NewTab: Firefox\Firefox\Profiles\qDlG7lTV.default -> about:newtab

FF DefaultSearchEngine: Firefox\Firefox\Profiles\qDlG7lTV.default -> Yahoo! Powered

FF SelectedSearchEngine: Firefox\Firefox\Profiles\qDlG7lTV.default -> Yahoo! Powered

FF Homepage: Firefox\Firefox\Profiles\qDlG7lTV.default -> www.google.de

FF Keyword.URL: Firefox\Firefox\Profiles\qDlG7lTV.default -> user_pref("keyword.URL", true);

FF Extension: (AdBlocker Ultimate) - C:\Users\wake\AppData\Roaming\Firefox\Firefox\Profiles\qDlG7lTV.default\Extensions\adblockultimate@adblockultimate.net.xpi [2016-12-12]

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()

FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)

FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-21] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-21] (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2015-12-21] (Adobe Systems, Inc.)

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)

FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)

FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)

FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-21] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-21] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-01] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-01] (NVIDIA Corporation)

FF Plugin HKU\S-1-5-21-2185226811-435342151-2776914380-1000: @my.com/Games -> C:\Users\wake\AppData\Local\MyComGames\NPMyComDetector.dll [Keine Datei]

FF Plugin HKU\S-1-5-21-2185226811-435342151-2776914380-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]

FF Plugin HKU\S-1-5-21-2185226811-435342151-2776914380-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @my.com/Games -> C:\Users\wake\AppData\Local\MyComGames\NPMyComDetector.dll [Keine Datei]

FF Plugin HKU\S-1-5-21-2185226811-435342151-2776914380-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
 

Chrome: 

=======

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

StartMenuInternet: Google Chrome - Chrome.exe
 

==================== Dienste (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1089592 2016-12-06] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [476736 2016-12-06] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [476736 2016-12-06] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1490296 2016-12-06] (Avira Operations GmbH & Co. KG)

R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [369608 2016-11-25] (Avira Operations GmbH & Co. KG)

R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [263704 2016-11-16] (Avira Operations GmbH & Co. KG)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-07-03] ()

R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)

S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [229648 2016-09-02] (EasyAntiCheat Ltd)

S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-04-13] (Futuremark)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)

S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [Datei ist nicht signiert]

R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)

S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)

R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-01] (NVIDIA Corporation)

R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)

S3 Origin Client Service; D:\Origin\OriginClientService.exe [2119688 2016-12-06] (Electronic Arts)

R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [2180624 2016-12-06] (Electronic Arts)

R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-06-13] ()

R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-08-15] ()

R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ======================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-12-06] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153904 2016-12-06] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2016-12-06] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-12-06] (Avira Operations GmbH & Co. KG)

R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [28272 2016-12-06] (Avira Operations GmbH & Co. KG)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)

R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-20] (Disc Soft Ltd)

R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-20] (Disc Soft Ltd)

S3 MotioninJoyXFilter; C:\WINDOWS\System32\drivers\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]

S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2000-01-01] (Realtek                                            )

R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-07] ()

R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2000-01-01] (Synaptics Incorporated)

S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)

R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)

S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49384 2016-03-29] (Microsoft Corporation)

S3 xhunter1; C:\WINDOWS\xhunter1.sys [36904 2016-04-06] (Wellbia.com Co., Ltd.)

R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)

R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)

U3 idsvc; kein ImagePath

S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]

S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

U3 wpcsvc; kein ImagePath
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-12-13 11:36 - 2016-12-13 11:36 - 00002015 _____ C:\Users\wake\Desktop\mbam.txt

2016-12-13 11:22 - 2016-12-13 11:23 - 00005921 _____ C:\Users\wake\Desktop\Fixlog.txt

2016-12-13 11:20 - 2016-12-13 11:20 - 00007568 _____ C:\Users\wake\Desktop\AdwCleaner[C0].txt

2016-12-13 11:03 - 2016-12-13 11:07 - 00000000 ____D C:\AdwCleaner

2016-12-13 11:03 - 2016-12-13 11:03 - 03968464 _____ C:\Users\wake\Desktop\AdwCleaner_6.040.exe

2016-12-13 09:41 - 2016-12-13 18:50 - 00022690 _____ C:\Users\wake\Desktop\FRST.txt

2016-12-13 09:41 - 2016-12-13 09:42 - 00076845 _____ C:\Users\wake\Desktop\Addition.txt

2016-12-13 09:39 - 2016-12-13 18:49 - 00000000 ____D C:\FRST

2016-12-13 09:39 - 2016-12-13 09:39 - 02420224 _____ (Farbar) C:\Users\wake\Desktop\FRST64.exe

2016-12-12 19:38 - 2016-12-12 20:06 - 00000629 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk

2016-12-12 19:38 - 2016-12-12 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller

2016-12-12 19:37 - 2016-12-12 19:38 - 07100088 _____ (VS Revo Group ) C:\Users\wake\Desktop\revosetup.exe

2016-12-12 19:27 - 2016-12-12 20:06 - 00002100 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk

2016-12-12 19:27 - 2016-12-12 19:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2016-12-12 19:27 - 2016-12-12 19:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2016-12-12 19:26 - 2016-12-12 19:26 - 00243696 _____ C:\Users\wake\Downloads\Firefox Setup Stub 50.0.2 (1).exe

2016-12-12 17:23 - 2015-10-15 15:13 - 00000512 _____ C:\Users\wake\Desktop\Licence File Till 2020.9.17.key

2016-12-12 16:57 - 2016-12-12 20:06 - 00001107 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk

2016-12-12 16:57 - 2016-12-12 16:57 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf

2016-12-12 16:57 - 2016-12-12 16:57 - 00000000 ____D C:\Users\wake\AppData\Roaming\Avira

2016-12-12 16:57 - 2016-12-06 16:01 - 00153904 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys

2016-12-12 16:57 - 2016-12-06 16:01 - 00151352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys

2016-12-12 16:57 - 2016-12-06 16:01 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys

2016-12-12 16:57 - 2016-12-06 16:01 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys

2016-12-12 16:57 - 2016-12-06 16:01 - 00028272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys

2016-12-12 16:56 - 2016-12-12 20:06 - 00001275 _____ C:\Users\Public\Desktop\Avira Connect.lnk

2016-12-12 16:56 - 2016-12-12 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2016-12-12 14:01 - 2016-12-12 14:01 - 00000000 ____D C:\Users\wake\AppData\Local\Firefox

2016-12-12 14:00 - 2016-12-13 11:07 - 00000000 ____D C:\WINDOWS\system32\log

2016-12-12 14:00 - 2016-12-12 20:06 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2016-12-12 14:00 - 2016-12-12 16:10 - 00000000 _____ C:\Users\Public\Documents\report.dat

2016-12-12 14:00 - 2016-12-12 14:00 - 00000000 ____D C:\Users\wake\AppData\Roaming\Firefox

2016-12-12 14:00 - 2016-12-12 14:00 - 00000000 _____ C:\Users\Public\Documents\temp.dat

2016-12-11 08:59 - 2016-12-11 08:59 - 00000000 ____D C:\Users\wake\Desktop\Sophie Schule

2016-12-09 21:59 - 2016-12-09 21:59 - 00000358 _____ C:\WINDOWS\SysWOW64\data.bin

2016-12-09 21:58 - 2016-12-12 13:58 - 00000000 ____D C:\Program Files (x86)\4vxrpkfw

2016-12-08 14:07 - 2016-12-13 11:07 - 00000008 __RSH C:\Users\wake\ntuser.pol

2016-12-08 14:00 - 2016-12-13 11:07 - 00000008 __RSH C:\ProgramData\ntuser.pol

2016-12-08 13:58 - 2016-12-12 16:57 - 00000000 ____D C:\ProgramData\Avira

2016-12-08 13:58 - 2016-12-08 13:58 - 00000000 ____D C:\WINDOWS\system32\SSL

2016-12-08 13:58 - 2016-12-08 13:58 - 00000000 ____D C:\ProgramData\Avg

2016-12-08 13:58 - 2016-12-08 13:58 - 00000000 ____D C:\ProgramData\AVAST Software

2016-12-06 17:35 - 2016-12-01 18:04 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe

2016-12-06 17:32 - 2016-12-01 21:02 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 28202040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 17590064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 14529112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 10354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 09158432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 08762072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 02954808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437619.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437619.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00683824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00642576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00617880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00573072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00470400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00439864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00384448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00172920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00150600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll

2016-12-06 17:32 - 2016-12-01 21:02 - 00131536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll

2016-12-04 17:01 - 2016-12-04 17:01 - 00000000 ____D C:\Users\wake\Desktop\Stick

2016-12-02 00:10 - 2016-12-02 00:10 - 00000000 ____D C:\Users\wake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft

2016-12-01 17:41 - 2016-12-08 13:58 - 00000000 ____D C:\Program Files (x86)\Rockstar Games

2016-12-01 17:41 - 2016-12-01 17:41 - 00000000 ____D C:\Users\wake\Documents\Rockstar Games

2016-12-01 17:41 - 2016-12-01 17:41 - 00000000 ____D C:\Users\wake\AppData\Local\Rockstar Games

2016-12-01 17:40 - 2016-12-01 17:41 - 00000000 ____D C:\Program Files\Rockstar Games

2016-12-01 17:40 - 2016-12-01 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games

2016-12-01 15:03 - 2016-12-01 15:33 - 00000000 ____D C:\Users\wake\AppData\Local\Troubleshooter

2016-12-01 14:44 - 2016-11-23 13:19 - 00000570 _____ C:\Users\wake\AppData\Local\TroubleshooterConfig.json

2016-12-01 14:43 - 2016-12-01 16:29 - 00000000 ____D C:\Users\wake\AppData\Local\Bluestacks

2016-12-01 14:36 - 2016-12-01 14:36 - 40150801 _____ C:\Users\wake\AppData\Local\Apps\Champions v11.0.0 Mod iHackedit.com.apk

2016-11-29 08:57 - 2016-11-29 08:57 - 00000000 ____D C:\Users\Public\Documents\CrashDump

2016-11-29 08:57 - 2016-11-29 08:57 - 00000000 ____D C:\Program Files\Samsung

2016-11-29 08:57 - 2016-09-05 05:47 - 01499408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll

2016-11-29 08:57 - 2016-09-05 05:47 - 00716920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller.dll

2016-11-29 08:54 - 2016-12-08 13:58 - 00000000 ____D C:\Program Files (x86)\Samsung

2016-11-29 08:54 - 2016-11-29 08:57 - 00000000 ____D C:\ProgramData\Samsung

2016-11-29 08:54 - 2016-11-29 08:54 - 00000000 ____D C:\Users\wake\Documents\samsung

2016-11-29 08:54 - 2016-11-29 08:54 - 00000000 ____D C:\Users\wake\AppData\Roaming\Samsung

2016-11-29 08:54 - 2016-11-29 08:54 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log

2016-11-29 08:54 - 2016-11-29 08:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung

2016-11-29 08:54 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll

2016-11-29 06:50 - 2016-12-01 21:02 - 20741584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll

2016-11-29 06:50 - 2016-11-24 21:53 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437609.dll

2016-11-29 06:50 - 2016-11-24 21:53 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437609.dll

2016-11-29 06:47 - 2016-11-17 14:45 - 00101824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll

2016-11-29 06:47 - 2016-11-17 14:45 - 00091584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll

2016-11-26 13:02 - 2016-11-26 13:24 - 00000000 ____D C:\Users\wake\Desktop\Bewerbung Papa

2016-11-19 16:25 - 2016-11-17 03:06 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437595.dll

2016-11-19 16:25 - 2016-11-17 03:06 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437595.dll

2016-11-18 16:40 - 2016-12-13 18:47 - 00000000 ____D C:\Users\wake\AppData\LocalLow\Mozilla

2016-11-16 14:50 - 2016-11-16 14:50 - 00035784 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys

2016-11-15 16:21 - 2016-11-11 00:51 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437586.dll

2016-11-15 16:21 - 2016-11-11 00:51 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437586.dll
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-12-13 18:41 - 2016-03-29 07:28 - 00000000 ____D C:\ProgramData\Origin

2016-12-13 18:39 - 2016-03-29 07:29 - 00000000 ____D C:\Users\wake\AppData\Roaming\Origin

2016-12-13 18:03 - 2016-03-29 12:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2016-12-13 17:15 - 2016-03-25 19:27 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe

2016-12-13 14:32 - 2016-04-01 20:35 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr

2016-12-13 14:32 - 2016-03-25 19:27 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0

2016-12-13 11:30 - 2016-03-29 11:51 - 02113474 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2016-12-13 11:30 - 2016-02-13 17:59 - 00898182 _____ C:\WINDOWS\system32\perfh007.dat

2016-12-13 11:30 - 2016-02-13 17:59 - 00201668 _____ C:\WINDOWS\system32\perfc007.dat

2016-12-13 11:30 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF

2016-12-13 11:25 - 2016-03-19 17:08 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2016-12-13 11:23 - 2016-03-20 18:29 - 00003124 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner

2016-12-13 11:23 - 2016-03-19 13:16 - 00000000 ____D C:\ProgramData\NVIDIA

2016-12-13 11:23 - 2016-02-13 18:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2016-12-13 11:23 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

2016-12-13 11:22 - 2016-09-11 18:05 - 00000000 ____D C:\Users\wake\AppData\LocalLow\Temp

2016-12-13 11:07 - 2016-03-29 11:52 - 00000000 ____D C:\Users\wake

2016-12-13 10:19 - 2016-03-26 16:42 - 00000000 ____D C:\Users\wake\Desktop\Spiele

2016-12-13 09:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness

2016-12-12 20:06 - 2016-10-21 16:54 - 00001479 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2016-12-12 20:06 - 2016-08-21 09:50 - 00002559 _____ C:\Users\wake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2.lnk

2016-12-12 20:06 - 2016-04-21 20:13 - 00001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk

2016-12-12 20:06 - 2016-04-16 09:34 - 00002757 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center.lnk

2016-12-12 20:06 - 2016-04-03 10:09 - 00001407 _____ C:\Users\wake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DarthMod Empire.lnk

2016-12-12 20:06 - 2016-03-30 16:13 - 00002349 _____ C:\Users\wake\Desktop\HP Deskjet 1050 J410 series.lnk

2016-12-12 20:06 - 2016-03-29 12:00 - 00002417 _____ C:\Users\wake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2016-12-12 20:06 - 2016-03-29 11:53 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2016-12-12 20:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\System

2016-12-12 19:50 - 2016-03-19 13:54 - 00000000 ____D C:\Users\wake\AppData\Local\Steam

2016-12-12 16:57 - 2016-03-19 13:22 - 00000000 ____D C:\Program Files (x86)\Avira

2016-12-12 16:56 - 2016-03-19 10:55 - 00000000 ____D C:\ProgramData\Package Cache

2016-12-12 16:53 - 2016-03-26 16:38 - 00000000 ____D C:\Users\wake\Desktop\Temps.Tools

2016-12-12 14:36 - 2016-03-30 19:31 - 00000000 ____D C:\Users\wake\AppData\Roaming\TS3Client

2016-12-12 14:13 - 2016-03-31 19:46 - 00003232 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForwake

2016-12-12 14:13 - 2016-03-31 19:46 - 00000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForwake.job

2016-12-11 08:59 - 2016-10-17 19:26 - 00000000 ____D C:\Users\wake\Desktop\Das Hörbuch zum Film (2013)

2016-12-10 18:24 - 2016-03-19 16:45 - 00000000 ____D C:\Users\wake\AppData\Local\CrashDumps

2016-12-10 15:28 - 2016-03-29 12:19 - 00000000 ____D C:\Users\wake\Documents\The Lord of the Rings Online

2016-12-08 14:05 - 2016-07-25 11:13 - 00000000 ____D C:\Program Files (x86)\USB Game Controller

2016-12-08 13:58 - 2016-05-05 10:36 - 00000000 ____D C:\Program Files (x86)\NCWest

2016-12-08 13:58 - 2016-04-29 10:47 - 00000000 ____D C:\Program Files (x86)\Futuremark

2016-12-08 13:58 - 2016-04-21 20:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer

2016-12-08 13:58 - 2016-04-16 09:35 - 00000000 ___HD C:\Program Files (x86)\Temp

2016-12-08 13:58 - 2016-03-30 16:12 - 00000000 ____D C:\Program Files (x86)\HP

2016-12-08 13:58 - 2016-03-30 15:14 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard

2016-12-08 13:58 - 2016-03-29 12:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies

2016-12-08 13:58 - 2016-03-29 12:48 - 00000000 ____D C:\Program Files (x86)\MSBuild

2016-12-08 13:58 - 2016-03-29 12:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2016-12-08 13:58 - 2016-03-29 12:39 - 00000000 ____D C:\Program Files (x86)\Java

2016-12-08 13:58 - 2016-03-29 08:31 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins

2016-12-08 13:58 - 2016-03-28 18:25 - 00000000 ____D C:\Program Files (x86)\Kodi

2016-12-08 13:58 - 2016-03-20 18:26 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner

2016-12-08 13:58 - 2016-03-19 17:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2016-12-08 13:58 - 2016-03-19 17:03 - 00000000 ____D C:\Program Files (x86)\GPU-Z

2016-12-08 13:58 - 2016-03-19 16:44 - 00000000 ____D C:\Program Files (x86)\Windows Loader

2016-12-08 13:58 - 2016-03-19 13:16 - 00000000 ____D C:\Program Files (x86)\VulkanRT

2016-12-08 13:58 - 2016-03-19 13:12 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2016-12-08 13:58 - 2016-03-19 10:58 - 00000000 ____D C:\Program Files (x86)\Etron Technology

2016-12-08 13:58 - 2016-03-19 10:52 - 00000000 ____D C:\Program Files (x86)\Intel

2016-12-08 13:58 - 2016-03-19 10:46 - 00000000 ____D C:\Program Files (x86)\Google

2016-12-08 13:58 - 2016-03-19 10:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2016-12-08 13:58 - 2016-03-19 10:41 - 00000000 ____D C:\Program Files (x86)\Realtek

2016-12-08 13:58 - 2016-03-19 10:41 - 00000000 ____D C:\Program Files (x86)\Intel Desktop Board

2016-12-08 13:58 - 2015-10-30 08:24 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar

2016-12-08 13:58 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices

2016-12-08 13:58 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2016-12-08 13:58 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows NT

2016-12-08 13:58 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform

2016-12-08 13:58 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender

2016-12-06 17:35 - 2016-03-19 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2016-12-06 17:33 - 2016-03-19 13:12 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2016-12-03 20:30 - 2016-03-21 11:39 - 00000000 ____D C:\Users\wake\AppData\Local\Ubisoft Game Launcher

2016-12-03 11:38 - 2015-11-10 02:15 - 14181304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys

2016-12-02 00:54 - 2016-03-22 12:38 - 00000000 ____D C:\Users\wake\Documents\My Games

2016-12-01 21:02 - 2016-10-21 17:14 - 00572400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll

2016-12-01 21:02 - 2015-11-10 02:17 - 24390208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll

2016-12-01 21:02 - 2015-11-10 02:09 - 03934320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

2016-12-01 21:02 - 2015-11-10 02:09 - 03474064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2016-12-01 21:02 - 2015-11-10 00:12 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb

2016-12-01 18:33 - 2016-10-06 20:35 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat

2016-12-01 18:32 - 2016-03-19 13:16 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2016-12-01 18:32 - 2016-03-19 13:16 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2016-12-01 18:32 - 2016-03-19 13:16 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2016-12-01 18:32 - 2016-03-19 13:16 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2016-12-01 18:32 - 2016-03-19 13:16 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2016-12-01 18:32 - 2016-03-19 13:16 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2016-12-01 18:32 - 2016-03-19 13:16 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2016-12-01 16:29 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries

2016-12-01 14:44 - 2016-06-19 14:41 - 00000000 ____D C:\ProgramData\BlueStacksSetup

2016-11-30 10:34 - 2016-03-19 13:16 - 07607057 _____ C:\WINDOWS\system32\nvcoproc.bin

2016-11-29 08:41 - 2016-03-25 13:32 - 00000000 ____D C:\Users\wake\Desktop\Bilder

2016-11-29 07:44 - 2016-03-20 11:40 - 00000000 ____D C:\Users\wake\AppData\Local\ElevatedDiagnostics

2016-11-29 06:47 - 2016-10-06 20:35 - 00003984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2016-11-29 06:47 - 2016-10-06 20:35 - 00003956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2016-11-29 06:47 - 2016-10-06 20:35 - 00003920 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2016-11-29 06:47 - 2016-10-06 20:35 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2016-11-29 06:47 - 2016-10-06 20:35 - 00003732 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2016-11-29 06:47 - 2016-10-06 20:35 - 00003690 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2016-11-29 06:47 - 2016-03-19 12:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2016-11-27 15:44 - 2016-03-29 13:55 - 00000000 ____D C:\Users\wake\AppData\Local\Turbine

2016-11-25 18:59 - 2016-03-29 11:58 - 00000000 ____D C:\Users\wake\AppData\Local\Packages

2016-11-25 18:49 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps

2016-11-23 17:08 - 2016-05-15 11:03 - 00000000 ____D C:\WINDOWS\SysWOW64\directx

2016-11-18 16:44 - 2016-09-23 15:33 - 00000000 ____D C:\WINDOWS\LastGood

2016-11-18 00:09 - 2015-11-10 02:15 - 14174256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\SETB236.tmp

2016-11-17 14:45 - 2016-08-02 07:07 - 01854400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll

2016-11-17 14:45 - 2016-08-02 07:07 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll

2016-11-17 14:45 - 2016-08-02 07:07 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll

2016-11-17 14:45 - 2016-08-02 07:07 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll

2016-11-17 14:45 - 2016-08-02 07:07 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll

2016-11-17 14:45 - 2016-08-02 07:07 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys

2016-11-17 03:06 - 2016-10-21 17:14 - 00572400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SETC8D3.tmp

2016-11-17 03:06 - 2015-11-10 02:17 - 24377288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SETCAD9.tmp

2016-11-17 03:06 - 2015-11-10 02:09 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SETB9B2.tmp

2016-11-17 03:06 - 2015-11-10 02:09 - 03474064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\SETCBBC.tmp

2016-11-16 13:31 - 2016-07-30 11:11 - 00000000 ____D C:\Users\wake\Documents\EA Games

2016-11-16 13:28 - 2016-07-30 11:10 - 00000000 ____D C:\Users\wake\AppData\Local\EA Games

2016-11-13 09:02 - 2016-07-28 15:44 - 00000000 ____D C:\Users\wake\AppData\Local\BANDAI NAMCO Games
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2016-03-19 16:45 - 2016-03-19 16:45 - 6493696 _____ () C:\Users\wake\AppData\Roaming\agent.dat

2016-03-19 16:45 - 2016-03-19 16:45 - 0127488 _____ () C:\Users\wake\AppData\Roaming\Installer.dat

2016-03-26 18:33 - 2016-03-26 18:33 - 0000092 _____ () C:\Users\wake\AppData\Local\fusioncache.dat

2016-03-26 16:28 - 2016-03-29 17:21 - 0007604 _____ () C:\Users\wake\AppData\Local\Resmon.ResmonCfg

2016-12-01 14:44 - 2016-11-23 13:19 - 0000570 _____ () C:\Users\wake\AppData\Local\TroubleshooterConfig.json

2016-03-30 16:12 - 2016-03-30 16:12 - 0000057 _____ () C:\ProgramData\Ament.ini
 

==================== Bamital & volsnap ======================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 

LastRegBack: 2016-12-04 09:25
 

==================== Ende von FRST.txt ============================

Hallo

lies dir einmal den folgenden Text durch...

https://support.mozilla.org/de/kb/firefox-bereinigen

und dann bitte einmal eset laufen lassen. Dauert teilweise extram lange, das ist normal...

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!