HitmanPro Fund(?) Hosts file is compromised: bat.bing.com ...
Hallo, ich weiß nicht, ob das von HitmanPro Gefundene ein Virus ist, ich hoffe ihr könnt mir weiterhelfen. :)
Da das Log nix anzeigt, schreib ich mal was mir angezeigt wird:
hosts
C:\\WINDOWS\system32\drivers\etc
Und wenn ich da draufklicke:
hosts
Hosts file is compromised: bat.bing.com is directed to an hardcoded IP 0.0.0.0.
Hitman Log: Code:
HitmanPro 3.7.20.286
www.hitmanpro.com
Computer name . . . . : ERIK-PC4
Windows . . . . . . . : 10.0.0.15063.X64/4
User name . . . . . . : Erik-PC4\Erik
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2017-06-05 14:39:35
Scan mode . . . . . . : Normal
Scan duration . . . . : 2m 0s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 1
Objects scanned . . . : 2.424.016
Files scanned . . . . : 77.155
Remnants scanned . . : 624.217 files / 1.722.644 keys
Repairs _____________________________________________________________________
hosts
C:\WINDOWS\system32\drivers\etc\
FRST: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2017
durchgeführt von Erik (Administrator) auf ERIK-PC4 (05-06-2017 14:43:54)
Gestartet von C:\Anti Virus Paket
Geladene Profile: Erik & (Verfügbare Profile: Erik)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Zhorn Software) C:\Program Files (x86)\Stickies\stickies.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18288640 2017-04-22] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17494136 2017-04-06] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2000-01-01] (Intel Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-3512748164-3792598832-2139799283-1000\...\Run: [Spotify] => C:\Users\Erik\AppData\Roaming\Spotify\Spotify.exe [7009904 2017-05-27] (Spotify Ltd)
HKU\S-1-5-21-3512748164-3792598832-2139799283-1000\...\Run: [Spotify Web Helper] => C:\Users\Erik\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-05-27] (Spotify Ltd)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [4848440 2017-04-14] (Microsoft Corporation) <==== ACHTUNG
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL -> Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL -> Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL -> Keine Datei
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2017-05-19]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
Startup: C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk [2015-08-10]
ShortcutTarget: Stickies.lnk -> C:\Program Files (x86)\Stickies\stickies.exe (Zhorn Software)
GroupPolicy: Beschränkung <======= ACHTUNG
GroupPolicyScripts: Beschränkung <======= ACHTUNG
GroupPolicyScripts\User: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9e6bb78c-9c80-4f7a-bd7d-c20c2489bf2a}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3512748164-3792598832-2139799283-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-05-28] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-28] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-05-27] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-28] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-28] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-27] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-27] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-27] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-27] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-27] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-27] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-27] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-05-27] (Microsoft Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3512748164-3792598832-2139799283-1000 -> hxxps://www.google.de/
Edge Extension: (BetterTTV) -> BetterTTV_7EF05ABCCFAD4A1783DD3D9E677B4430 => D: []
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.1.6.0_neutral__c1wakc4j0nefm [2017-05-26]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-28] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-27] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Keine Datei]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [Keine Datei]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-05-27] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-04-06] (Logitech Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
S3 Origin Client Service; D:\Programme\Origin\OriginClientService.exe [2154864 2017-05-26] (Electronic Arts)
S2 Origin Web Helper Service; D:\Programme\Origin\OriginWebHelperService.exe [3124088 2017-05-26] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 iaStorF; C:\WINDOWS\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [54552 2016-12-20] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-12-20] (Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R1 MpKsl763255f5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1ECA66C7-C73B-4174-90D2-D552A373DD00}\MpKsl763255f5.sys [44928 2017-06-05] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-05-03] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [954368 2017-04-22] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2000-01-01] (Synaptics Incorporated)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46440 2017-04-06] (SteelSeries ApS)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-09-04] (Wellbia.com Co., Ltd.)
U4 aspnet_state; kein ImagePath
S3 cpuz140; \??\C:\Users\Erik\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ACHTUNG
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-06-05 14:43 - 2017-06-05 14:43 - 00000000 ____D C:\FRST
2017-06-05 14:28 - 2017-06-05 14:42 - 00000000 ____D C:\ProgramData\HitmanPro
2017-06-05 14:21 - 2017-06-05 14:21 - 00000000 ____D C:\WINDOWS\Panther
2017-06-03 15:55 - 2017-06-03 15:55 - 00000000 ____D C:\Users\Erik\AppData\Local\ElevatedDiagnostics
2017-06-01 12:22 - 2017-06-01 12:22 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-06-01 12:22 - 2017-05-01 22:14 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-06-01 12:22 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-06-01 12:22 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-06-01 12:22 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-06-01 12:22 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-06-01 10:37 - 2017-06-01 10:37 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-01 10:37 - 2017-06-01 10:37 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-01 10:37 - 2017-06-01 10:37 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-01 10:37 - 2017-06-01 10:37 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-01 10:37 - 2017-06-01 10:37 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-01 10:37 - 2017-06-01 10:37 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-01 10:37 - 2017-06-01 10:37 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-01 10:37 - 2017-06-01 10:37 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-06-01 10:37 - 2017-05-03 22:21 - 01893496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-06-01 10:37 - 2017-05-03 22:21 - 01477240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-06-01 10:37 - 2017-05-03 22:21 - 00175736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-06-01 10:37 - 2017-05-03 22:21 - 00143480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-06-01 10:37 - 2017-05-03 22:21 - 00057976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-06-01 10:37 - 2017-05-03 22:21 - 00048248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-05-28 20:34 - 2017-05-28 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2017-05-28 20:33 - 2017-05-28 20:34 - 00000000 ____D C:\Program Files\Tracker Software
2017-05-28 20:20 - 2017-05-28 20:20 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2017-05-28 20:20 - 2017-05-28 20:20 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-05-28 20:20 - 2017-05-28 20:19 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-05-28 16:02 - 2017-05-28 16:14 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-28 16:02 - 2017-05-28 16:02 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-28 16:02 - 2017-05-28 16:02 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-05-28 16:02 - 2017-05-28 16:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-28 11:25 - 2017-05-28 11:25 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2017-05-28 00:43 - 2017-05-28 00:43 - 00000000 ___HD C:\$SysReset
2017-05-27 09:39 - 2017-05-27 09:39 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-05-26 16:39 - 2017-05-26 16:39 - 00000000 ____D C:\Users\Erik\ansel
2017-05-23 01:08 - 2017-05-23 01:08 - 00000000 _____ C:\Users\Erik\Desktop\Udemy.txt
2017-05-23 01:08 - 2017-05-23 01:08 - 00000000 _____ C:\Users\Erik\Desktop\Bourne .txt
2017-05-22 21:54 - 2017-05-22 21:54 - 00000000 ____D C:\Users\Public\Documents\Warcraft III
2017-05-22 21:53 - 2017-05-22 21:54 - 00000000 ____D C:\Users\Erik\Documents\Warcraft III
2017-05-19 21:00 - 2017-06-03 14:45 - 00000000 ____D C:\Users\Erik\AppData\Roaming\steelseries-engine-3-client
2017-05-19 21:00 - 2017-05-19 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2017-05-19 20:59 - 2017-05-19 20:59 - 00000000 ____D C:\ProgramData\SteelSeries
2017-05-19 20:59 - 2017-05-19 20:59 - 00000000 ____D C:\Program Files\SteelSeries
2017-05-19 18:05 - 2017-05-19 18:05 - 35397528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-19 18:04 - 2017-05-19 18:04 - 28632152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-19 18:04 - 2017-05-19 18:04 - 00969624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-19 18:04 - 2017-05-19 18:04 - 00920664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-19 18:04 - 2017-05-19 18:04 - 00618584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-19 18:04 - 2017-05-19 18:04 - 00507984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-19 18:03 - 2017-05-19 18:03 - 01996696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-19 18:03 - 2017-05-19 18:03 - 01609232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-05-19 18:03 - 2017-05-19 18:03 - 01598360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-19 18:03 - 2017-05-19 18:03 - 01062808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-19 18:03 - 2017-05-19 18:03 - 00999832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-19 18:03 - 2017-05-19 18:03 - 00829848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-05-19 18:03 - 2017-05-19 18:03 - 00659864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-05-19 18:03 - 2017-05-19 18:03 - 00226712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-05-19 18:03 - 2017-05-19 18:03 - 00054680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-05-19 18:02 - 2017-05-19 18:02 - 40210512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-19 18:02 - 2017-05-19 18:02 - 35290192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-19 18:02 - 2017-05-19 18:02 - 03800984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-19 18:02 - 2017-05-19 18:02 - 03256408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 11161992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 10648512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 09102480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 08891160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 00791792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 00703880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 00626384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 00591672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-19 17:47 - 2017-05-19 17:47 - 11129704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-19 17:47 - 2017-05-19 17:47 - 09335520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-19 17:47 - 2017-05-19 17:47 - 04136736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-19 17:47 - 2017-05-19 17:47 - 03647864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-19 17:47 - 2017-05-19 17:47 - 01298696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-19 17:47 - 2017-05-19 17:47 - 01013344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-19 14:22 - 2017-05-19 14:22 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-18 10:13 - 2017-05-18 10:13 - 00003336 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2017-05-18 10:13 - 2017-05-18 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-05-18 10:13 - 2017-05-18 10:13 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-05-12 20:48 - 2017-05-12 20:48 - 01804672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2017-05-09 20:30 - 2017-04-29 03:05 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-05-09 20:30 - 2017-04-29 03:05 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-09 20:30 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-09 20:30 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-09 20:30 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-09 20:30 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-09 20:30 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-09 20:30 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-09 20:30 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-09 20:30 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-09 20:30 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-09 20:30 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-09 20:30 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-09 20:30 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-09 20:30 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-09 20:30 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-09 20:30 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-09 20:30 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-09 20:30 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-09 20:30 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-09 20:30 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-09 20:30 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-09 20:30 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-09 20:30 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-09 20:30 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-09 20:30 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-09 20:30 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-09 20:30 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-09 20:30 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-09 20:30 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-09 20:30 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-09 20:30 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-09 20:30 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-09 20:30 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-09 20:30 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-09 20:30 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-09 20:30 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-09 20:30 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-09 20:30 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-09 20:30 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-09 20:30 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-09 20:30 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-09 20:30 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-09 20:30 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-09 20:30 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-09 20:30 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-09 20:30 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-09 20:30 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-09 20:30 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-09 20:30 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-09 20:30 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-09 20:30 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-09 20:30 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-09 20:30 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-09 20:30 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-09 20:30 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-09 20:30 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-09 20:30 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-09 20:30 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-09 20:30 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-09 20:30 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-09 20:30 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-09 20:30 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-09 20:30 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-09 20:30 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-09 20:30 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-09 20:30 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-09 20:30 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-09 20:30 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-09 20:30 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-09 20:30 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-09 20:30 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-09 20:30 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-09 20:30 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-09 20:30 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-09 20:30 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-09 20:30 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-09 20:30 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-09 20:30 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-09 20:30 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-09 20:30 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-09 20:30 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-09 20:30 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-09 20:30 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-09 20:30 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-09 20:30 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-09 20:30 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-09 20:30 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-09 20:30 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-09 20:30 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-09 20:30 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-09 20:30 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-09 20:30 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-09 20:30 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-09 20:30 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-09 20:30 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-09 20:30 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-09 20:30 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-09 20:30 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-09 20:30 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-09 20:30 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-09 20:30 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-09 20:30 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-09 20:30 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-09 20:30 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-09 20:30 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-09 20:30 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-09 20:30 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-09 20:30 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-09 20:30 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-09 20:30 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-09 20:30 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-09 20:30 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-09 20:30 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-09 15:49 - 2017-05-09 15:49 - 00000666 __RSH C:\ProgramData\ntuser.pol
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-06-05 14:43 - 2014-12-15 21:34 - 00000000 ____D C:\Anti Virus Paket
2017-06-05 14:28 - 2017-04-22 11:17 - 02695138 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-05 14:28 - 2017-03-20 06:41 - 01242174 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-05 14:28 - 2017-03-20 06:41 - 00299980 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-05 14:26 - 2015-12-19 03:18 - 00000000 ____D C:\Users\Erik\AppData\Local\CrashDumps
2017-06-05 14:23 - 2017-04-22 11:06 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-05 14:22 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-05 14:21 - 2017-04-22 11:12 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-05 14:21 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-06-05 13:25 - 2015-08-10 15:40 - 00000000 ____D C:\Users\Erik\AppData\Roaming\stickies
2017-06-04 23:57 - 2017-04-22 11:06 - 00000000 ____D C:\Users\Erik
2017-06-04 23:57 - 2017-04-22 11:05 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-04 23:18 - 2014-08-11 12:53 - 00000000 ____D C:\Users\Erik\AppData\Local\Battle.net
2017-06-04 22:32 - 2014-08-12 14:43 - 00000000 ____D C:\Users\Erik\AppData\Local\Spotify
2017-06-04 22:16 - 2014-08-12 14:39 - 00000000 ____D C:\Users\Erik\AppData\Roaming\Spotify
2017-06-04 20:30 - 2014-11-27 16:25 - 00001315 _____ C:\Users\Erik\Desktop\Blizzard App.lnk
2017-06-04 20:30 - 2014-08-11 12:53 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-06-04 14:21 - 2014-08-11 19:06 - 00000000 ____D C:\Users\Erik\AppData\Roaming\TS3Client
2017-06-01 12:23 - 2016-09-09 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-06-01 12:22 - 2017-04-22 11:06 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-01 12:22 - 2017-04-22 11:06 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-01 12:22 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-01 10:37 - 2017-04-22 11:06 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-01 10:37 - 2016-10-22 13:39 - 00001521 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-06-01 10:24 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-01 10:24 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-31 12:25 - 2010-11-21 05:27 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-30 21:35 - 2017-03-23 16:06 - 00000000 ____D C:\ProgramData\Origin
2017-05-30 19:30 - 2017-03-23 16:08 - 00000000 ____D C:\Users\Erik\AppData\Roaming\Origin
2017-05-30 13:11 - 2014-08-13 19:21 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-29 19:34 - 2014-10-27 13:39 - 00000000 ____D C:\Program Files\Java
2017-05-28 20:32 - 2015-06-02 16:20 - 00000000 ____D C:\ProgramData\Oracle
2017-05-28 20:20 - 2015-06-02 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-28 20:20 - 2015-06-02 16:20 - 00000000 ____D C:\Program Files (x86)\Java
2017-05-28 15:10 - 2017-01-27 20:26 - 00000000 ____D C:\Program Files\Common Files\AV
2017-05-28 15:10 - 2016-10-27 14:46 - 00000000 ____D C:\ProgramData\AVAST Software
2017-05-27 09:41 - 2017-02-18 18:55 - 00000000 ____D C:\Users\Erik\Documents\Overwatch
2017-05-27 09:39 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-27 09:39 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-27 09:38 - 2016-05-21 16:42 - 00000000 ____D C:\Program Files\Microsoft Office
2017-05-26 14:59 - 2016-02-18 18:29 - 00000000 ____D C:\Users\Erik\AppData\Roaming\vlc
2017-05-25 21:33 - 2015-08-08 10:10 - 00000000 ____D C:\Users\Erik\AppData\Local\Packages
2017-05-25 19:12 - 2017-02-18 18:30 - 00000000 ____D C:\Program Files\Overwatch
2017-05-25 17:53 - 2017-02-17 00:07 - 00000525 _____ C:\Users\Erik\Desktop\Lebensfokus.txt
2017-05-23 10:24 - 2014-08-11 09:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 10:23 - 2014-08-11 09:06 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-22 21:53 - 2014-08-11 16:12 - 00000000 ____D C:\Users\Erik\AppData\Local\Blizzard
2017-05-21 22:21 - 2017-03-23 16:42 - 00001031 _____ C:\Users\Public\Desktop\Mass Effect Andromeda.lnk
2017-05-21 21:42 - 2017-04-22 11:05 - 00393240 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-18 10:13 - 2014-08-11 12:21 - 00000000 ____D C:\ProgramData\Samsung
2017-05-17 23:04 - 2016-08-08 13:38 - 00000139 _____ C:\Users\Erik\Desktop\coole filme Serien.txt
2017-05-16 15:08 - 2017-02-09 12:44 - 00017865 _____ C:\Users\Erik\Desktop\Berechnung.xlsx
2017-05-13 22:08 - 2016-03-18 00:05 - 00005336 _____ C:\Users\Erik\Desktop\Wichtig.txt
2017-05-13 14:59 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-10 10:23 - 2015-08-08 10:10 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-09 21:36 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-09 21:36 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-09 21:36 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-09 21:36 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-09 18:17 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-09 17:55 - 2017-04-22 11:06 - 00000000 ____D C:\Users\DefaultAppPool
2017-05-09 12:43 - 2016-07-06 12:04 - 00000000 ____D C:\Users\Erik\AppData\Roaming\HearthstoneDeckTracker
2017-05-06 19:17 - 2014-08-11 16:25 - 00000000 ____D C:\Users\Erik\Documents\My Games
2017-05-06 19:14 - 2014-08-21 20:24 - 00000000 ____D C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-03-02 18:25 - 2015-03-02 18:36 - 0000070 _____ () C:\Users\Erik\AppData\Local\HKS4_Main.clrs
2017-03-19 22:01 - 2017-03-19 22:01 - 0001237 _____ () C:\Users\Erik\AppData\Local\recently-used.xbel
2015-04-18 23:55 - 2015-09-15 21:32 - 0007651 _____ () C:\Users\Erik\AppData\Local\Resmon.ResmonCfg
2017-04-22 11:06 - 2017-04-22 11:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-01-12 21:41 - 2017-01-13 23:43 - 0006776 _____ () C:\ProgramData\NvTelemetryContainer.log
2017-01-12 11:31 - 2017-01-12 12:32 - 0004188 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-31 15:23
==================== Ende von FRST.txt ============================
Addition: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-06-2017
durchgeführt von Erik (05-06-2017 14:44:19)
Gestartet von C:\Anti Virus Paket
Windows 10 Pro Version 1703 (X64) (2017-04-22 09:15:47)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3512748164-3792598832-2139799283-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3512748164-3792598832-2139799283-503 - Limited - Disabled)
Erik (S-1-5-21-3512748164-3792598832-2139799283-1000 - Administrator - Enabled) => C:\Users\Erik
Gast (S-1-5-21-3512748164-3792598832-2139799283-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3512748164-3792598832-2139799283-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG5600 series Benutzerregistrierung (HKLM-x32\...\Canon MG5600 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.01 - Canon Inc.)
Canon MG5600 series On-screen Manual (HKLM-x32\...\Canon MG5600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
Cobalt (HKLM-x32\...\Steam App 357340) (Version: - Oxeye Game Studio)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3512748164-3792598832-2139799283-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Driver Easy 5.5.0 (HKLM\...\DriverEasy_is1) (Version: 5.5.0 - Easeware)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Logitech Gaming Software 8.92 (HKLM\...\Logitech Gaming Software) (Version: 8.92.67 - Logitech Inc.)
Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.7 - Electronic Arts)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.10.52731 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Path of Exile (HKLM\...\Steam App 238960) (Version: - Grinding Gear Games)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.321.0 - Tracker Software Products Ltd)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.12.1007.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8098 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-3512748164-3792598832-2139799283-1000\...\Spotify) (Version: 1.0.55.487.g256699aa - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SteelSeries Engine 3.10.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.10.2 - SteelSeries ApS)
Stellaris (HKLM\...\Steam App 281990) (Version: - Paradox Development Studio)
Stickies 8.0c (HKLM-x32\...\ZhornStickies) (Version: - Zhorn Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKU\S-1-5-21-3512748164-3792598832-2139799283-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version: - Bethesda Game Studios)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 7.5 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
Warcraft III: All Products (HKU\S-1-5-21-3512748164-3792598832-2139799283-1000\...\Warcraft III) (Version: - )
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3512748164-3792598832-2139799283-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Erik\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3512748164-3792598832-2139799283-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Erik\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3512748164-3792598832-2139799283-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Erik\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0C18A0F9-97EF-4399-818F-036768F8C67E} - System32\Tasks\{ABBC2A0B-98EF-4A5E-9880-842391E3B367} => pcalua.exe -a C:\Users\Erik\Downloads\MicrosoftInstaller.exe -d C:\Users\Erik\Downloads
Task: {1F4449E2-E5F7-4DEB-9E18-864EBD41A541} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {22879C86-6414-4609-B30F-8B5556328713} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {27DCB733-18CF-4DBA-9743-977166B49CF8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {3C5FC5A2-3F47-4C59-8D92-C31F03D571A8} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {4251F40F-FFC3-4DD8-B4F3-1419E6C01C1E} - System32\Tasks\{DE82BFD5-A3EE-4478-BD1D-44A9422E439D} => pcalua.exe -a "C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\Office Setup Controller\SETUP.EXE" -d "C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\Office Setup Controller"
Task: {45864D01-49D8-4CD1-8F24-6FE7821E9ACB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-27] ()
Task: {501D9F62-FCED-4F0F-9EF0-98670E6D7396} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-27] ()
Task: {67699B78-F36D-4466-82B6-F71E32D88E4B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-27] (Microsoft Corporation)
Task: {68A4901A-2F7D-4724-A90D-D18918235038} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {6F09C673-6E46-4BE6-B98A-554BFEBD429E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-23] (Microsoft Corporation)
Task: {784CCC6E-73A9-4C9E-8D6E-12EAA4805EB4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {7D3E4340-F131-4CCC-9F2A-FC36855AE5FF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {8A4572ED-BD8F-459D-B7F1-5EDAE74055CE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {9FD15149-EA17-40E2-B377-10B7ACE84E7D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {A0F253CC-61DF-4EB5-84C7-F37B11F75B51} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {A7B069D0-570C-4D41-9507-AAC3BE6CA62F} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-23] (Samsung Electronics Co. Ltd.)
Task: {A813FE8D-96DF-4F33-8180-506C39A796A2} - System32\Tasks\S-1-5-21-3512748164-3792598832-2139799283-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation)
Task: {AF5FAD57-B060-4E2D-AC5F-C152B0CFE7A2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {B174F590-2613-489D-AEFA-2D2D3CC379F2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {BA70D5B9-2885-4B65-8712-D70C97005FC4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {BB3B4129-1E1B-4998-9180-22EDA32809F8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {BD2FD251-AB1F-4CC9-B6AC-EC631CB540F1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {C43D6C50-7AC4-4A83-A8C8-C46FAF4CDD27} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {C8D103A5-2447-473F-A1A5-9E1110F124B9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {CFF16E18-8913-4E1F-A2C6-548932A92562} - System32\Tasks\{C7C1B387-556E-4943-B73E-D16E8F829D2C} => Firefox.exe hxxp://ui.skype.com/ui/0/6.20.0.104/de/abandoninstall?page=tsProgressBar
Task: {E864F622-F033-4EC4-94EA-5B46146DA076} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {EE41BB3A-BF80-4ADC-A68A-DFDF49CEB8AB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {F0461F16-D5D8-44E3-B686-69407FEBE88A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F0A8FE33-7508-445B-A4BE-F36A7218A321} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-09-09 10:34 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-04-06 01:05 - 2017-04-06 01:05 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-04-06 01:05 - 2017-04-06 01:05 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-05-08 10:29 - 2017-05-08 10:29 - 00765440 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll
2017-05-08 10:29 - 2017-05-08 10:29 - 10601984 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-05-08 10:29 - 2017-05-08 10:29 - 02640384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-01-31 23:00 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-05-05 07:37 - 00519981 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 atlas.aamedia.ro
0.0.0.0 abcstats.com
0.0.0.0 ad4.abradio.cz
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com
0.0.0.0 content.ad20.net
0.0.0.0 core.ad20.net
Da befinden sich 12419 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3512748164-3792598832-2139799283-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Erik\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: AdobeARMservice => 2
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-3512748164-3792598832-2139799283-1000\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-3512748164-3792598832-2139799283-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3512748164-3792598832-2139799283-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3512748164-3792598832-2139799283-1000\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-3512748164-3792598832-2139799283-1000\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-3512748164-3792598832-2139799283-1000\...\StartupApproved\Run: => "Discord"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{DFA4081A-4396-4E8B-8B24-48426C119BB0}D:\programme\heroes of the storm\versions\base52647\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base52647\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{862984DF-79A2-4443-94CF-E30BCBCF801A}D:\programme\heroes of the storm\versions\base52647\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base52647\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0CC024EF-6D2B-429A-AF64-F08F8E17D95B}D:\programme\diablo iii\x64\diablo iii64.exe] => (Allow) D:\programme\diablo iii\x64\diablo iii64.exe
FirewallRules: [TCP Query User{E56B6CF3-5D6D-4277-B321-5DB65FF64773}D:\programme\diablo iii\x64\diablo iii64.exe] => (Allow) D:\programme\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{4F82D02F-4BE1-4325-8254-0BA0AC9E3EDA}C:\program files (x86)\battle.net\battle.net.8657\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8657\battle.net.exe
FirewallRules: [TCP Query User{72239D93-CB2F-48C3-B1DA-AA0BA1121026}C:\program files (x86)\battle.net\battle.net.8657\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8657\battle.net.exe
FirewallRules: [UDP Query User{66B64988-018B-4967-B564-B03D5EF15B02}C:\program files (x86)\battle.net\battle.net.8600\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8600\battle.net.exe
FirewallRules: [TCP Query User{DFCD438A-7818-4160-93FB-7FA086A75D0E}C:\program files (x86)\battle.net\battle.net.8600\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8600\battle.net.exe
FirewallRules: [UDP Query User{E5540F20-F2A6-4586-A74F-909AB5E99E46}D:\programme\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{27F683F8-1CF4-4C33-A926-4AF336A53DD8}D:\programme\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base52351\heroesofthestorm_x64.exe
FirewallRules: [{6EBBF15F-6E44-4D62-B790-5DE6FC5FEDD8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CA553530-0D5B-4712-9F09-9025D670A5BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9F7E1557-E3CD-4A1C-976D-C5613080508D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{52AF9706-4D40-4C0A-8ABF-86BA890CCCB8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{15A330F8-E47D-4B1B-9F0E-9858993C0276}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{75ED62E5-6FB4-466D-B70B-3DC68DC13643}] => (Allow) C:\Program Files\Steam\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [{B3492BF7-4540-4792-9FD6-D2D9626D4F1D}] => (Allow) C:\Program Files\Steam\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [UDP Query User{6DA40857-704C-4324-ABEF-4C03913A4007}D:\programme\heroes of the storm\versions\base52124\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base52124\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{1BE5A1E8-9F02-47D9-980F-A0EE0CB12D4A}D:\programme\heroes of the storm\versions\base52124\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base52124\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{87DBDE41-1DCC-4E78-B660-928FC4F65C0A}D:\programme\heroes of the storm\versions\base52008\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base52008\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{DF6CD76D-B42E-489C-BA45-DAA619AEA8A0}D:\programme\heroes of the storm\versions\base52008\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base52008\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{DADC7AAC-12AD-4447-B528-FE58E92BD6F1}D:\programme\heroes of the storm\versions\base51923\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base51923\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{761C11A8-709A-4DDB-92F5-AE7E4BBCC696}D:\programme\heroes of the storm\versions\base51923\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base51923\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{DBAA81B9-7547-4B95-BCE0-AEF824822FF5}C:\program files (x86)\battle.net\battle.net.8554\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8554\battle.net.exe
FirewallRules: [TCP Query User{54CB0FF4-F295-449E-AE8D-1520E6D651A1}C:\program files (x86)\battle.net\battle.net.8554\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8554\battle.net.exe
FirewallRules: [UDP Query User{D3E62492-096A-4DC9-BB32-1F179F05FBC7}D:\programme\heroes of the storm\versions\base51779\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base51779\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B3769BD7-F9A3-4D93-A4DB-3AB478077F46}D:\programme\heroes of the storm\versions\base51779\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base51779\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D716D6FB-AAF0-40AC-BE2D-399F187C5262}C:\program files (x86)\battle.net\battle.net.8532\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8532\battle.net.exe
FirewallRules: [TCP Query User{DF20AEAD-5BE5-4546-9FAA-7DA035E6A4D6}C:\program files (x86)\battle.net\battle.net.8532\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8532\battle.net.exe
FirewallRules: [{ED8CAC28-9413-449A-AEDC-DD274F027504}] => (Allow) D:\Programme\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{0342D76C-3942-4039-BED2-8100725C6E69}] => (Allow) D:\Programme\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [UDP Query User{F9A1FE11-BAAE-41C7-8BBA-1AEA6201A573}C:\program files (x86)\battle.net\battle.net.8518\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8518\battle.net.exe
FirewallRules: [TCP Query User{C76314F4-AEA8-4635-82E8-A7461E5A4852}C:\program files (x86)\battle.net\battle.net.8518\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8518\battle.net.exe
FirewallRules: [UDP Query User{46F27239-F8A9-4CA4-8ADB-44B55F1CA204}D:\programme\hearthstone\hearthstone.exe] => (Block) D:\programme\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{C1394703-8F33-4E05-994D-C3E1B4CFA04A}D:\programme\hearthstone\hearthstone.exe] => (Block) D:\programme\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{32665D7D-CAC4-4A98-AFF6-6FECB57E19E5}D:\programme\heroes of the storm\versions\base51375\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base51375\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{6E024DE3-772E-4726-BBC8-C3E42E27F4E5}D:\programme\heroes of the storm\versions\base51375\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base51375\heroesofthestorm_x64.exe
FirewallRules: [{3FB61ACC-7EA1-4903-83F5-70C70365381E}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{90E77C50-F81F-4DE8-9C55-216D14B31913}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C52A559E-F8D5-40C5-8CC2-63D30B23A3B9}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{3982B5F6-2234-4D56-97C6-6B9BEBB36F25}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [UDP Query User{D5C00608-E70F-40FC-898F-FDF45AB0974B}C:\users\erik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\erik\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{FB41F17E-A1C2-4C92-9B75-C8FB5F0AD4A4}C:\users\erik\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\erik\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B7666BEC-FB26-452B-B8E4-97341065D488}D:\programme\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{522A8345-535C-4BAA-8016-ED617240E396}D:\programme\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base50950\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{79A35747-B25A-4F85-803C-A0555A616ADF}C:\program files (x86)\battle.net\battle.net.8423\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8423\battle.net.exe
FirewallRules: [TCP Query User{AC724783-3217-4B73-ABFE-34BB56EBD4BA}C:\program files (x86)\battle.net\battle.net.8423\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8423\battle.net.exe
FirewallRules: [UDP Query User{87CC3A89-6784-440C-9EE0-76CB7BDF340F}C:\program files\overwatch\overwatch.exe] => (Allow) C:\program files\overwatch\overwatch.exe
FirewallRules: [TCP Query User{BB4C10E8-0B4F-4BEC-AF51-FBB0F23579DA}C:\program files\overwatch\overwatch.exe] => (Allow) C:\program files\overwatch\overwatch.exe
FirewallRules: [{DD23A47B-CB8D-4758-9C10-DB055CE3BFC0}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
FirewallRules: [TCP Query User{140B836F-2B3A-45BF-AC33-201F76E0F5EA}D:\programme\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{AE1504B3-BA9B-4CE0-A5E7-ADB63403042A}D:\programme\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{582D72E6-55AE-4EFE-A519-E1EE9C09E9C9}D:\programme\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{80A1989E-0AA0-4530-AC45-7A7AA522CE8E}D:\programme\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base52986\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{4876AF98-FF55-41D7-BA4E-71FDD08AC912}C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe
FirewallRules: [UDP Query User{F0B63C11-45F4-4707-9B14-E0F83318D448}C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8733\battle.net.exe
FirewallRules: [TCP Query User{00180BC3-22AA-48D9-8F81-55F5331BED4B}D:\programme\heroes of the storm public test\versions\base53270\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm public test\versions\base53270\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{ABBFC9DA-C312-4FFB-A314-B79EED96CEA4}D:\programme\heroes of the storm public test\versions\base53270\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm public test\versions\base53270\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{66FE8120-E8EE-461F-9E40-D49A6F6270C3}D:\programme\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{17C70248-EEC1-4566-906A-1C47768316D5}D:\programme\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base53275\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{65A12723-D209-4F1D-B5C0-DC9CE4BD3D65}D:\programme\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1AE8999C-5D07-4514-AABA-88D1F4049563}D:\programme\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base53548\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B2441036-2331-4A68-ABC7-ABBAE484E331}C:\program files (x86)\battle.net\battle.net.8793\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8793\battle.net.exe
FirewallRules: [UDP Query User{B62C6D7E-7491-4CAE-B2E5-74531CFDAEEC}C:\program files (x86)\battle.net\battle.net.8793\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8793\battle.net.exe
FirewallRules: [TCP Query User{34588E12-CF27-4EE9-A26B-CAC21A1C3A35}C:\program files (x86)\battle.net\battle.net.8800\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8800\battle.net.exe
FirewallRules: [UDP Query User{48C2C92F-1091-4432-B14C-6C238C251263}C:\program files (x86)\battle.net\battle.net.8800\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8800\battle.net.exe
FirewallRules: [{D2171156-1FA9-468E-93F0-754A14B46CB5}] => (Allow) E:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{CF01542F-7845-48F2-8C07-9462EE73A4BF}] => (Allow) E:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{7D257E48-996F-4AC7-AAC2-11F603F6BFE9}] => (Allow) D:\Programme\Steam\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [{73BCAE5C-0FED-4894-9DBD-C4134220F4EA}] => (Allow) D:\Programme\Steam\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [{B802B953-CDA6-4647-BA29-5B37E72901D9}] => (Allow) D:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{C19998DF-00B3-442B-8DAD-EB97C8C5DAF9}] => (Allow) D:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromedaTrial.exe
FirewallRules: [{61DEEC7A-B1E2-4399-A2EC-B2FB3FDB1EE1}] => (Allow) D:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [{AF330CE4-3E70-4B37-9D9C-AD962C7D27C6}] => (Allow) D:\Program Files (x86)\Origin Games\Mass Effect Andromeda\MassEffectAndromeda.exe
FirewallRules: [{DD35632D-5952-4CA4-B3C4-29CF49BDAC9A}] => (Allow) E:\Steam\steamapps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{FC095677-0A32-4CA6-B031-97A950C67BFA}] => (Allow) E:\Steam\steamapps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{94D133C9-2B90-45A0-A7CC-009A5466A50C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{93DBF9FA-F4F6-43E9-BE37-CA6B74646136}C:\program files (x86)\battle.net\battle.net.8839\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8839\battle.net.exe
FirewallRules: [UDP Query User{7BBE1C2C-75BA-44D2-9640-01759040D8AF}C:\program files (x86)\battle.net\battle.net.8839\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8839\battle.net.exe
FirewallRules: [TCP Query User{FDBAAFDA-4BF3-4E2C-B994-5930FF180ABB}D:\programme\heroes of the storm\versions\base53965\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base53965\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{94DAE4B5-876D-454F-B34A-038740705C3E}D:\programme\heroes of the storm\versions\base53965\heroesofthestorm_x64.exe] => (Allow) D:\programme\heroes of the storm\versions\base53965\heroesofthestorm_x64.exe
==================== Wiederherstellungspunkte =========================
01-06-2017 12:21:13 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/05/2017 02:26:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Microsoft.Photos.exe, Version: 1.0.1704.25001, Zeitstempel: 0x58ff9585
Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 10.0.15063.0, Zeitstempel: 0x2f0c1b3c
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000000955c6
ID des fehlerhaften Prozesses: 0x1970
Startzeit der fehlerhaften Anwendung: 0x01d2ddf6ef366a8e
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\twinapi.appcore.dll
Berichtskennung: 9fed9410-4e4d-481c-9ab2-480d27a0e790
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (06/05/2017 02:18:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Anti Virus Paket\esetsmartinstaller_enu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Error: (06/05/2017 02:16:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Erik-PC4)
Description: Das Paket „Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe+ContentProcess#{00011401-0003-0000-c9ce-491200000000}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (06/05/2017 02:16:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Erik-PC4)
Description: Das Paket „Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (06/05/2017 10:51:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\logitech gaming software\drivers\installers\CallScanReg.exe".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/04/2017 11:24:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Microsoft.Photos.exe, Version: 1.0.1704.25001, Zeitstempel: 0x58ff9585
Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 10.0.15063.0, Zeitstempel: 0x2f0c1b3c
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000000955c6
ID des fehlerhaften Prozesses: 0x2f18
Startzeit der fehlerhaften Anwendung: 0x01d2dd7903ec77ae
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\twinapi.appcore.dll
Berichtskennung: 878619b7-8125-405b-8092-1df6be4099a3
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (06/04/2017 10:09:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Erik-PC4)
Description: Das Paket „Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe+ContentProcess#{00011401-0003-0000-ff73-730e00000000}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (06/04/2017 10:09:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Erik-PC4)
Description: Das Paket „Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe+ContentProcess#{00031401-0001-0000-ff73-730e00000000}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (06/04/2017 10:09:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Erik-PC4)
Description: Das Paket „Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe+ContentProcess#{00091401-0002-0000-ff73-730e00000000}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (06/04/2017 07:36:52 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "G:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).
Systemfehler:
=============
Error: (06/05/2017 02:29:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (06/05/2017 02:29:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (06/05/2017 02:21:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "HomeGroupProvider" ist vom Dienst "FDResPub" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (06/05/2017 02:21:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (06/05/2017 02:20:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Telemetry Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/05/2017 02:20:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/05/2017 02:20:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Logitech Gaming Registry Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/05/2017 02:20:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/05/2017 02:20:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Machine Debug Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/05/2017 02:20:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-06-05 14:26:54.503
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-06-05 14:26:51.341
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-06-05 14:26:50.166
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-06-05 14:26:50.040
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-06-05 13:27:43.102
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-06-05 13:27:05.756
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-06-05 13:27:05.666
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-06-05 10:48:08.291
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-06-05 10:48:07.001
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-06-05 10:48:06.894
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 8135.35 MB
Verfügbarer physikalischer RAM: 4918.13 MB
Summe virtueller Speicher: 8335.35 MB
Verfügbarer virtueller Speicher: 4987.43 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:208.88 GB) (Free:140.57 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Spiele2) (Fixed) (Total:232.88 GB) (Free:63.32 GB) NTFS
Drive e: (Spiele) (Fixed) (Total:232.88 GB) (Free:161.81 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 9871B4BC)
Partition 1: (Active) - (Size=208.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=823 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 1B4E1B4D)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 232.9 GB) (Disk ID: A9A1A9A1)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
Lesestoff: