Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-11-2015
durchgeführt von 1973pl (2015-11-27 09:47:47)
Gestartet von C:\Users\1973pl\Downloads
Windows 10 Home (X64) (2015-09-25 13:43:52)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
1973pl (S-1-5-21-1766157453-2088857509-2423560725-1002 - Administrator - Enabled) => C:\Users\1973pl
Administrator (S-1-5-21-1766157453-2088857509-2423560725-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1766157453-2088857509-2423560725-503 - Limited - Disabled)
Gast (S-1-5-21-1766157453-2088857509-2423560725-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1766157453-2088857509-2423560725-1004 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Akamai NetSession Interface (HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\Akamai) (Version: - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-1766157453-2088857509-2423560725-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Akamai) (Version: - Akamai Technologies, Inc)
ArcSoft TV 5.0 (HKLM-x32\...\{94ED52E0-24A0-4AD8-9BFD-0560CA680A80}) (Version: 5.0.8.145 - ArcSoft)
Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{5dfbeba9-9f22-463d-8c95-c861911810a2}) (Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Braid (HKLM-x32\...\Steam App 26800) (Version: - Number None)
Child of Light (HKLM-x32\...\Steam App 256290) (Version: - Ubisoft Montréal)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
Electronic Super Joy (HKLM-x32\...\Steam App 244870) (Version: - Michael Todd Games)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.26648.11 - Electronic Arts)
Football Tactics (HKLM-x32\...\Steam App 375530) (Version: - Creoteam)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
FUSSBALL MANAGER 13 (HKLM-x32\...\{80AF0300-866F-400F-A350-D53E3C3E34E0}) (Version: 1.0.4.0 - Electronic Arts)
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
GameMaker: Studio (HKLM-x32\...\Steam App 214850) (Version: - YoYo Games Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Geometry Dash (HKLM-x32\...\Steam App 322170) (Version: - RobTop Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1593C708-5535-47A4-8C0F-F8D4BE2B4560}) (Version: 15.05.6000.1620 - Intel Corporation)
IT9130 Driver v12.2.3.1 (HKLM-x32\...\IT9130 DriverInstaller_12.2.3.1) (Version: - )
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lethal League (HKLM-x32\...\Steam App 261180) (Version: - Team Reptile)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mathelehrer Simulator 2014 Version 1.0 (HKLM-x32\...\{3B026C70-8654-4388-AB62-6C7F127370EC}_is1) (Version: 1.0 - PeDePe)
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4771.1004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.00 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.00 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version: - Moon Studios GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.5.11.2855 - Electronic Arts, Inc.)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0081 - Pegatron Corporation)
PlanetSide 2 (HKU\S-1-5-21-1766157453-2088857509-2423560725-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1766157453-2088857509-2423560725-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\DGC-PlanetSide 2) (Version: 1.0.3.191 - Daybreak Game Company)
PlanetSide 2 (HKU\S-1-5-21-1766157453-2088857509-2423560725-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Pro Gamer Manager (HKLM-x32\...\Steam App 408740) (Version: - Millenway Studios)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Race: The WTCC Game (HKLM-x32\...\Steam App 4230) (Version: - SimBin)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6722 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Trine (HKLM-x32\...\Steam App 35700) (Version: - Frozenbyte)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1766157453-2088857509-2423560725-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\1973pl\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1766157453-2088857509-2423560725-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Wiederherstellungspunkte =========================
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {07E5C26D-DF26-4356-968C-F34A11360935} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {0B9AE9AC-A72B-4122-B9EC-F4536A7D1D88} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-05] (Dropbox, Inc.)
Task: {0E22486E-BD76-4AB8-82D9-FF0499C69DC1} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
Task: {15D6CCFC-7522-4EAB-8AB7-401B6F70ADEA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {19BA6E03-67A1-4F26-B568-5F1D17A5468E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {1E65201B-BF3D-4711-AD82-3944DF23C7DF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {292462B6-BB95-4DA3-9BC2-CD4B78915C11} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {2E11EEEF-37AE-4F8E-8B5C-F65545D826C9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {4D03786C-0957-4FCF-BDD9-308C110B17F1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {4E1B7ED5-46F7-4803-A596-2E58F2AB5C63} - System32\Tasks\{BE1D4D35-CB5F-4C9D-8888-F480237D0089} => pcalua.exe -a "C:\Users\Public\Daybreak Game Company\Installed Games\PlanetSide 2\Uninstaller.exe"
Task: {4FEA7563-E5D8-4B9B-AFCF-6C74140EC74A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-07] (Google Inc.)
Task: {59ED902A-BFE4-44DE-A625-6B6514DB63B2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {5E4D3901-C47F-495E-8771-679433B59FF6} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {64AC1DD1-FAEE-479F-92D4-8B809E72175A} - System32\Tasks\{61770146-6546-4381-B7B7-40E10071C7C8} => pcalua.exe -a C:\Games\World_of_Warships\unins000.exe
Task: {73830468-969A-4311-8B56-419C127A0E61} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-16] (Microsoft Corporation)
Task: {7C84DCAC-9F1D-4837-B092-E20BA9A68E5F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {98B1FBC3-3227-46B3-9600-175F65C88D11} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {B5BBC2A3-78F4-4C07-879B-16AC830E2265} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-05] (Dropbox, Inc.)
Task: {C994425A-3F26-410D-9E55-C42506FC47F9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {CE6CB0C2-889B-42BE-9161-F68A7D3E0EC9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {D3F22577-37A8-42EA-9BFA-5D26D1D0CDCD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {DB80CAF6-DEDE-448F-B7FA-2B2538DB2354} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-07] (Google Inc.)
Task: {EA9EA841-466F-461C-B01D-85D68B9882BE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {EC5535F1-BEC0-4EEA-8F63-5B93A6F1CA9A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\1973pl\Desktop\ALDI Nord Blumen Service.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www1.aldi-blumenservice.de <==== ACHTUNG
ShortcutWithArgument: C:\Users\1973pl\Desktop\ALDI Nord Reisen.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://nord.aldi-reisen.de/html_nord <==== ACHTUNG
ShortcutWithArgument: C:\Users\1973pl\Desktop\ALDI Nord Startseite.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi-essen.de <==== ACHTUNG
ShortcutWithArgument: C:\Users\1973pl\Desktop\ALDI Talk.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medionmobile.de <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-09-10 06:12 - 2015-09-10 06:12 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-25 04:02 - 2015-11-14 07:20 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-11-29 14:32 - 2012-11-29 14:53 - 00805888 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2012-11-14 08:45 - 2012-10-19 12:27 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-10-01 15:15 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2012-11-29 14:32 - 2012-11-27 16:18 - 02215424 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2012-11-29 14:32 - 2010-01-12 18:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2012-11-29 14:32 - 2010-01-12 18:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2015-10-01 15:15 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2012-11-29 14:32 - 2012-10-23 19:07 - 03471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2012-11-29 14:32 - 2012-08-08 19:10 - 07536128 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe
2015-10-01 15:14 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 15:15 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 15:14 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 15:14 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 15:15 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 04:13 - 2015-09-10 06:12 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-02-22 17:45 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-01-21 15:54 - 2015-04-28 02:10 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2015-11-24 08:08 - 2015-11-24 08:08 - 02320376 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.4\deploy\LoLLauncher.exe
2015-11-24 08:09 - 2015-11-24 08:09 - 04474360 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.44\deploy\LoLPatcher.exe
2015-07-24 12:01 - 2015-07-24 12:01 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.172\deploy\LolClient.exe
2012-11-29 14:32 - 2009-12-18 16:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2012-11-29 14:32 - 2009-12-18 16:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2015-09-01 18:27 - 2015-11-12 19:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2012-11-21 16:23 - 2007-04-19 10:33 - 00035584 _____ () C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uPiApi.dll
2012-11-21 16:23 - 2012-06-04 16:50 - 00016384 _____ () C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uTVMUIEngine.dll
2012-11-14 08:43 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-10-12 13:35 - 2015-10-12 13:35 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\6dc6fa2248187d0cc70021a0ffe3e651\PSIClient.ni.dll
2012-11-14 09:20 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-11-20 17:18 - 2015-11-20 17:18 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6382\libcef.dll
2015-11-20 17:18 - 2015-11-20 17:18 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6382\libGLESv2.dll
2015-11-20 17:18 - 2015-11-20 17:18 - 00293040 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6382\ortp.dll
2015-11-20 17:18 - 2015-11-20 17:18 - 00909312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6382\platforms\qwindows.dll
2015-11-20 17:18 - 2015-11-20 17:18 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6382\libEGL.dll
2015-11-20 17:18 - 2015-11-20 17:18 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6382\imageformats\qgif.dll
2015-11-20 17:18 - 2015-11-20 17:18 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6382\imageformats\qico.dll
2015-11-20 17:18 - 2015-11-20 17:18 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6382\imageformats\qjpeg.dll
2015-11-20 17:18 - 2015-11-20 17:18 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6382\imageformats\qmng.dll
2015-11-20 17:18 - 2015-11-20 17:18 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6382\imageformats\qsvg.dll
2015-11-20 17:18 - 2015-11-20 17:18 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6382\imageformats\qtiff.dll
2015-11-20 17:18 - 2015-11-20 17:18 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6382\qml\QtQuick.2\qtquick2plugin.dll
2015-11-20 17:18 - 2015-11-20 17:18 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6382\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-11-20 17:18 - 2015-11-20 17:18 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6382\qml\QtQml\Models.2\modelsplugin.dll
2015-11-24 08:09 - 2015-11-24 08:09 - 01459704 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.44\deploy\RiotLauncher.dll
2015-10-02 13:27 - 2015-10-02 13:27 - 04885152 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.172\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2015-10-02 13:27 - 2015-10-02 13:27 - 17414304 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.172\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
2015-04-08 08:15 - 2015-10-05 17:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-04-08 08:15 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-04-08 08:15 - 2015-11-10 03:44 - 02541648 _____ () C:\Program Files (x86)\Steam\video.dll
2015-04-08 08:15 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-04-08 08:15 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-04-08 08:15 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-04-08 08:15 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-04-08 08:15 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-04-08 08:15 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-04-08 08:15 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-04-08 08:15 - 2015-11-10 03:44 - 00806992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 09:08 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-04-08 08:15 - 2015-10-08 23:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-04-08 08:15 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1766157453-2088857509-2423560725-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1766157453-2088857509-2423560725-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1766157453-2088857509-2423560725-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1766157453-2088857509-2423560725-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\sony.com -> sony.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\1973pl\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\1973pl\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{88A59309-0B4A-4ACF-83EF-B5F6A18C0E2A}C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe
FirewallRules: [TCP Query User{3797B292-7320-4C1A-BD45-09015D32AE46}C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe
FirewallRules: [{890E9AD1-B9F4-433A-82BB-A97D6B78B734}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{634DB0DA-FE8B-4786-85AE-AF6B4BE03623}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B4B3C55C-A72A-4BCA-8B48-2CBB7BE6E8EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D5A1BF5F-0A22-499C-B151-2EB992860F1F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0F2EFA79-7672-4ED8-9056-027F9D2BCDA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8CD4CE18-3339-4895-9950-96C9427E2F34}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6F8135FF-253E-4C33-BCB2-578D87016D38}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{886A1C1F-7A68-4CAD-9CE6-6579FA792D81}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{15937BD4-2224-4217-B40E-8A4BB5DD1193}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{62EEAC62-8576-4A7B-B204-C07177E3C6A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine\_enchanted_edition_\trine1_launcher.exe
FirewallRules: [{56747854-64A8-413E-95F6-FA50CC99E68E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine\_enchanted_edition_\trine1_launcher.exe
FirewallRules: [UDP Query User{AE0D0A94-FFCE-4221-B520-31BAB7FB6F75}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [TCP Query User{BD69929C-922D-452B-B4F6-3E6A8E688594}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [{1553EA6D-41EA-43C7-A0A7-3479C446BE9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ElectronicSuperJoy\ElectronicSuperJoy.exe
FirewallRules: [{F00D04DB-B387-4639-84AE-9A2ADD15219B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ElectronicSuperJoy\ElectronicSuperJoy.exe
FirewallRules: [{E1DF80E5-7B08-4749-B686-09BD3AAAB0DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Braid\braid.exe
FirewallRules: [{F563ED21-E02A-4B2F-B403-E7F211849341}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Braid\braid.exe
FirewallRules: [{21ABBBC8-1479-4B3B-8CF1-2D7D6C32F729}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{F57C5E2E-9C78-4B86-93C1-79A3B47BD4F2}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [UDP Query User{D94C91B8-E9BB-4597-ACE5-A0AFA3B1FCA3}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{66E05D71-2763-47E5-B051-5ACBEC39859A}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{D1FF8F04-C380-4A33-B31F-4F643EB7F58E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{1B4663DD-279B-4572-A6B0-0D64E4BB560E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{5F4CE3D6-8BC1-4DB0-95A1-19B4A8034ECC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{E56B4978-C245-446A-BA32-2CA98D91405B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe
FirewallRules: [UDP Query User{F0AE6940-D12E-4471-BBFE-578020663BB5}C:\program files (x86)\steam\steamapps\common\gamemaker_studio\runner.exe] => (Block) C:\program files (x86)\steam\steamapps\common\gamemaker_studio\runner.exe
FirewallRules: [TCP Query User{FFA73896-BE1D-44E1-9AB6-4872FB1EEDC9}C:\program files (x86)\steam\steamapps\common\gamemaker_studio\runner.exe] => (Block) C:\program files (x86)\steam\steamapps\common\gamemaker_studio\runner.exe
FirewallRules: [{62244374-050B-49F5-B836-FA3C0F6EA8B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\gamemaker_studio\GameMakerPlayer.exe
FirewallRules: [{308133CD-2E02-42A7-AAA6-46DEE44FF8D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\gamemaker_studio\GameMakerPlayer.exe
FirewallRules: [UDP Query User{B28FDFB6-C249-4B97-B449-403B3B162193}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{BFE7B03A-F5D9-416A-A907-5EC51B9E57F1}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{0A01DEEB-A87D-4029-B61D-1362806787B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Child of Light\ChildofLight.exe
FirewallRules: [{808E54F2-92A1-4593-B7D5-2333BE8EA33C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Child of Light\ChildofLight.exe
FirewallRules: [UDP Query User{17A074D7-FCAA-41E6-A03C-C63CB71AF6E1}C:\program files (x86)\origin games\fifa world\fifaworld.exe] => (Allow) C:\program files (x86)\origin games\fifa world\fifaworld.exe
FirewallRules: [TCP Query User{D4E2E831-E73B-411D-8DB4-93ABE7CDDD74}C:\program files (x86)\origin games\fifa world\fifaworld.exe] => (Allow) C:\program files (x86)\origin games\fifa world\fifaworld.exe
FirewallRules: [{57054927-C080-4898-8BA7-9D3D9AC81EBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Child of Light\ChildofLight.exe
FirewallRules: [{B2B1909C-7DDF-4F8A-AB58-DA68E80B0C4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Child of Light\ChildofLight.exe
FirewallRules: [{C2E05714-0A8E-4D2F-A928-74EDC200B19D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{11752C38-6D3C-4E6D-B0F2-D6D0CD960F9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{0F7986C9-3272-47AC-9922-76A63D48A655}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{92662F06-480A-4EDD-9225-AE696DF94E21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{AB6B6306-016F-45CA-9220-2176F8D97FE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{1E7AB1F8-F8D4-4AA2-8FF4-9BF40E8DA73A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{A323F914-0671-4347-86D1-D6AC4CC44594}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{FEBAFC8D-9FF9-4FE6-BB18-85E09768976B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [UDP Query User{6A0D02FD-E2A9-424A-8EF2-229AE3ECFF18}C:\users\1973pl\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\1973pl\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{AB10B496-EEC6-4B0B-914B-B59AFCABEB4F}C:\users\1973pl\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\1973pl\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{4AC66860-0B9D-4E4A-A800-25A57235E941}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C0626F6A-C409-4B55-8B1B-F4E9896A7367}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{88C1FCD3-A768-40B7-8A7E-EA2DDA386787}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm.exe
FirewallRules: [TCP Query User{92424320-2D15-41F6-B6E6-5EF8E5A842A3}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm.exe
FirewallRules: [{FC186C4F-13E7-48E4-ABC0-62E0552A45D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{70271904-B40C-4EFE-AB62-3A3AF5DFD76C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [UDP Query User{9DE22CA2-CD87-4BC5-A8DE-1B873C530735}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm.exe
FirewallRules: [TCP Query User{8D3B064F-3435-46E1-8A7C-03588A88A5EB}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm.exe
FirewallRules: [{7963A537-B88C-45FF-B51A-09002323822F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{50ADF052-963A-4E58-BB6B-3FDA68E10296}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [UDP Query User{4EA707DE-52F3-46FA-B7A2-87752F9289E6}C:\users\1973pl\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\1973pl\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{5AB0F920-C63F-481B-BEB1-23B70048376C}C:\users\1973pl\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\1973pl\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{C6AC77C9-8F1F-47E1-94EE-70C5BFBEA043}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{7A7E9EEB-F815-4CCE-8368-790D4039A5FD}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{C3B4B516-1912-4AC7-B7E2-D656BD82479C}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [TCP Query User{A3C59CD7-5C75-484A-85D3-02C95B89C3F8}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [{FC63B946-6CE9-4966-B4E7-E1F646998A43}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA Manager 13\Manager13.exe
FirewallRules: [{993A87DE-BFD2-4E37-952B-6E283AE2132A}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA Manager 13\Manager13.exe
FirewallRules: [{2BE48F92-6C40-4450-B627-839208C20994}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{22D15B22-D774-4493-9DC5-C18114ADA61F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{3D1F0CD5-177B-4C2C-8AFA-EDBD170E244E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori\ori.exe
FirewallRules: [{02AC72A9-7158-494F-8306-CBB388E50057}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ori\ori.exe
FirewallRules: [{D339C2D5-BE7B-4B41-8E58-118F1D6202A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{BD0A0ED1-5E86-462C-AD72-62E108C517BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{C18D1F24-3C12-467C-BC95-1FF7786E3A43}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E5927AC1-9F11-402F-8D8D-15DC242D4743}] => (Allow) LPort=2869
FirewallRules: [{DD411DF8-5638-4E1B-955B-A143E18D1E75}] => (Allow) LPort=1900
FirewallRules: [{C18A70DD-534A-4C32-95DC-96DCBAAB8361}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{10F51AF5-FA5D-4FC6-92B6-E2DA8AD9AC0A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{E7E9A7D0-1B2B-4085-86DA-F45AB299316B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{86039665-D3ED-4584-896E-E347897E04E9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
FirewallRules: [{D58EBA08-D403-45A4-9232-520EEB05E672}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
FirewallRules: [{2FCFAA31-5F2E-4EE9-97F6-10EDF33A2D2E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{51B1AE16-8E82-48D9-A12B-458A23A66B46}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{94A3041B-663C-468A-ACA3-BB68068B32D7}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{869E3A75-1936-4059-A462-EABFC6E11A18}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{1A4446BB-76FC-4370-B066-BD9E94BDFB96}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{1965A604-AA3B-4D67-8717-8C818E9181AF}] => (Allow) C:\Users\1973pl\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{62D75383-B513-4333-959B-E3410BA5EB80}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BFB1C70A-EB64-4121-A8BC-02BB421396B4}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{F152B99A-E8CE-47DD-B7ED-897BA9BFF9C2}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C1501E65-35C4-4149-A064-A33B565EBD80}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{248383FE-B90F-4894-818C-EA0810CB17FB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9B998942-E255-4706-A73F-309EBFD92E9A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{51BA7F8D-752C-4E22-9E0F-AFA9C61A1638}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{10F68AC6-FC10-461F-BB42-3F98CF6AE0F8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BD5E3AF6-C59A-4B3D-B430-50DA723987DD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BA10C849-3F69-4AB4-A27A-C1CD1E1F10FE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1F49A8E4-6413-477F-8FBC-46496374F8B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{65979DF4-9450-4F21-920A-FC0BC1E94536}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0E5A910A-486A-4CE0-9BBB-24FFF61BB8A9}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{EB255023-9A4A-4B05-85BF-6F32C01A46F1}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{D60D48B8-F8BC-4888-9375-30843456BB59}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{567D9A45-D004-43F3-A7E9-DAB3DC4CF557}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [TCP Query User{46E4CD15-A86A-4F91-BD98-5AE7A10AF886}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm.exe
FirewallRules: [UDP Query User{9E37645A-5722-4890-9407-EBBB6B9435E6}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm.exe
FirewallRules: [TCP Query User{13384991-9AB0-4BC2-9C8F-C471F8E6C061}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{67E5165D-410E-49EE-8708-0007B7A0476A}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{2A80DCE3-D157-4A85-BF26-525D94E64439}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules: [{761AAF85-F263-4132-B859-3699EE959EF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules: [{8F99BDB3-0E45-417F-97B8-98B55883D1D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\lethalleague\LethalLeague.exe
FirewallRules: [{9CC8DB7B-0189-4B8D-8B0A-8A7BC7187503}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\lethalleague\LethalLeague.exe
FirewallRules: [{70D332E2-02F8-4AC9-A7DB-724C560649F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Gamer Manager\PGM.exe
FirewallRules: [{FFF44CDE-A83B-43D1-B98E-04E1459FF979}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Gamer Manager\PGM.exe
FirewallRules: [{71C87011-3513-438E-BAB9-7815D825336F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{EE98FB36-064C-4E32-99F3-E9FE6ADD0264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{C6E42D04-8EEB-4D06-8BD1-94D16C09FE65}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FFBB5D25-DE75-4AA5-A009-EC7713CB036C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1E9592F4-6A96-4EB0-A5EB-E6E1C21EC2ED}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{5FDEDCE6-3AAB-46B0-919C-A99912421FC5}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{91EB877D-08D0-4ED9-971A-37BAF23A3FC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{BE9942D2-E802-4B8E-A386-FFCEF9654897}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{DB9E45EA-2D3F-4F48-AB2A-15F2A4B55035}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{BB72C11F-2437-4A51-B362-E907137303A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{AE3F1F42-7A78-4696-9AF8-B8EC4991A6EE}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{BC341158-8C53-49AA-94A9-5B3F8003DCFB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{6A82830F-1262-4F07-A089-43EEA4AEABA3}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [UDP Query User{7C939C01-1605-4868-B3C9-6FA595E16B98}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{A6C2DA5D-7692-46FA-9BE8-6BCB62F78FB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Tactics\game.exe
FirewallRules: [{726E6D72-4B5A-4F26-9952-E08385A1A1C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Tactics\game.exe
FirewallRules: [{53249713-7CB3-4819-8AA0-1A4ECD50D41D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{3D986B45-1FA9-40EC-B925-ACC15B75876B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/25/2015 00:41:29 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (11/25/2015 00:21:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: petra)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/22/2015 03:31:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: setup.exe_NVIDIA Install Application, Version: 2.1002.191.1623, Zeitstempel: 0x560cd8fe
Name des fehlerhaften Moduls: NVI2.DLL, Version: 2.1002.191.1623, Zeitstempel: 0x560cda0c
Ausnahmecode: 0x40000015
Fehleroffset: 0x0026dbed
ID des fehlerhaften Prozesses: 0x157c
Startzeit der fehlerhaften Anwendung: 0xsetup.exe_NVIDIA Install Application0
Pfad der fehlerhaften Anwendung: setup.exe_NVIDIA Install Application1
Pfad des fehlerhaften Moduls: setup.exe_NVIDIA Install Application2
Berichtskennung: setup.exe_NVIDIA Install Application3
Vollständiger Name des fehlerhaften Pakets: setup.exe_NVIDIA Install Application4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: setup.exe_NVIDIA Install Application5
Error: (11/21/2015 11:40:17 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (11/21/2015 00:29:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SystemSettingsBroker.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f39c2
Name des fehlerhaften Moduls: NetworkMobileSettings.dll, Version: 10.0.10240.16515, Zeitstempel: 0x55fa5840
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000b7ac0
ID des fehlerhaften Prozesses: 0x1ad8
Startzeit der fehlerhaften Anwendung: 0xSystemSettingsBroker.exe0
Pfad der fehlerhaften Anwendung: SystemSettingsBroker.exe1
Pfad des fehlerhaften Moduls: SystemSettingsBroker.exe2
Berichtskennung: SystemSettingsBroker.exe3
Vollständiger Name des fehlerhaften Pakets: SystemSettingsBroker.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SystemSettingsBroker.exe5
Error: (11/18/2015 10:09:29 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (11/15/2015 00:36:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (11/13/2015 08:21:30 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (11/11/2015 02:24:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Manager13.exe, Version: 1.0.4.0, Zeitstempel: 0x026d3040
Name des fehlerhaften Moduls: Manager13.exe, Version: 1.0.4.0, Zeitstempel: 0x026d3040
Ausnahmecode: 0xc0000409
Fehleroffset: 0x014f5fb0
ID des fehlerhaften Prozesses: 0x11f8
Startzeit der fehlerhaften Anwendung: 0xManager13.exe0
Pfad der fehlerhaften Anwendung: Manager13.exe1
Pfad des fehlerhaften Moduls: Manager13.exe2
Berichtskennung: Manager13.exe3
Vollständiger Name des fehlerhaften Pakets: Manager13.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Manager13.exe5
Error: (11/09/2015 09:53:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Manager13.exe, Version: 1.0.4.0, Zeitstempel: 0x026d3040
Name des fehlerhaften Moduls: Manager13.exe, Version: 1.0.4.0, Zeitstempel: 0x026d3040
Ausnahmecode: 0xc0000409
Fehleroffset: 0x014f5fb0
ID des fehlerhaften Prozesses: 0x21a0
Startzeit der fehlerhaften Anwendung: 0xManager13.exe0
Pfad der fehlerhaften Anwendung: Manager13.exe1
Pfad des fehlerhaften Moduls: Manager13.exe2
Berichtskennung: Manager13.exe3
Vollständiger Name des fehlerhaften Pakets: Manager13.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Manager13.exe5
Systemfehler:
=============
Error: (11/27/2015 09:46:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/27/2015 09:46:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Defender-Dienst erreicht.
Error: (11/26/2015 06:22:49 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (11/26/2015 05:02:34 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/26/2015 05:02:32 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/26/2015 05:02:30 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/26/2015 05:02:25 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/26/2015 05:02:17 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/26/2015 05:02:12 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/26/2015 05:02:06 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 8072.9 MB
Verfügbarer physikalischer RAM: 4329.22 MB
Summe virtueller Speicher: 9352.9 MB
Verfügbarer virtueller Speicher: 4692.82 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:868.59 GB) (Free:690.53 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:40.01 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 462A80D0)
Partition: GPT.
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:26-11-2015
durchgeführt von 1973pl (Administrator) auf PETRA (27-11-2015 09:46:33)
Gestartet von C:\Users\1973pl\Downloads
Geladene Profile: 1973pl & (Verfügbare Profile: 1973pl)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Akamai Technologies, Inc.) C:\Users\1973pl\AppData\Local\Akamai\netsession_win.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe
(Akamai Technologies, Inc.) C:\Users\1973pl\AppData\Local\Akamai\netsession_win.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4584\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.6382\Battle.net.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.4\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.44\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.172\deploy\LolClient.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-17] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3952800 2015-08-21] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\RunOnce: [{59c4462d-a177-4d44-a95b-deda1be79844}] => C:\ProgramData\Package Cache\{59c4462d-a177-4d44-a95b-deda1be79844}\Avira.OE.Setup.Bundle.exe [916768 2015-11-25] (Avira Operations GmbH & Co. KG) <===== ACHTUNG
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-11-14] (Electronic Arts)
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\Run: [Akamai NetSession Interface] => C:\Users\1973pl\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-11-14] (Electronic Arts)
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Akamai NetSession Interface] => C:\Users\1973pl\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\1973pl\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-10-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\1973pl\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-10-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\1973pl\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileSyncShell64.dll [2015-10-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\1973pl\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-10-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\1973pl\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-10-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\1973pl\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll [2015-10-27] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2012-11-21]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe (ArcSoft, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9a34807a-9833-43ac-a876-5346935872c5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d93110b3-007b-4a4a-8bac-33df59d2732d}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-20] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-20] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\1973pl\AppData\Roaming\Mozilla\Firefox\Profiles\hmc0gz0g.default-1438966343523
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Extension: Adblock Plus - C:\Users\1973pl\AppData\Roaming\Mozilla\Firefox\Profiles\hmc0gz0g.default-1438966343523\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26]
Chrome:
=======
CHR Profile: C:\Users\1973pl\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\1973pl\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\1973pl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-07]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2797752 2015-10-13] (Microsoft Corporation)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-05] (Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [805888 2012-11-29] () [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-12] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [16896 2015-10-14] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-14] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2012-10-19] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [247968 2015-08-21] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-24] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2012-11-14] (ITE )
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-06-18] (Realtek )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44192 2015-08-21] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-27 09:45 - 2015-11-27 09:46 - 02348544 _____ (Farbar) C:\Users\1973pl\Downloads\FRST64.exe
2015-11-27 09:42 - 2015-11-27 09:42 - 00016148 _____ C:\WINDOWS\system32\PETRA_1973pl_HistoryPrediction.bin
2015-11-27 02:48 - 2015-11-27 02:48 - 00003310 _____ C:\WINDOWS\System32\Tasks\{BE1D4D35-CB5F-4C9D-8888-F480237D0089}
2015-11-25 16:06 - 2015-11-25 16:14 - 00000011 _____ C:\Users\1973pl\Desktop\Neues Textdokument.txt
2015-11-25 11:05 - 2015-11-25 11:06 - 00000000 ____D C:\Users\1973pl\AppData\Local\osu!
2015-11-24 02:23 - 2015-11-24 02:23 - 00000000 ____D C:\Users\1973pl\Documents\Creoteam
2015-11-24 00:16 - 2015-11-24 00:17 - 01733632 _____ C:\Users\1973pl\Desktop\AdwCleaner_5.022.exe
2015-11-22 16:57 - 2015-11-22 16:57 - 00002214 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-11-22 16:56 - 2015-11-14 07:12 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-11-22 16:55 - 2015-11-22 16:55 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-11-22 16:53 - 2015-11-17 07:27 - 00040264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-11-22 16:53 - 2015-11-16 04:54 - 42913912 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 37881976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 22345848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 18487360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 18390832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 16561320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 15933400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 14844112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 13533608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 12040952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 02876536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 02496632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 01905456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435900.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435900.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 01016544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 00877688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 00823232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 00689784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 00674096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 00501056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 00445400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 00422752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 00413816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 00369456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 00177600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-11-22 16:53 - 2015-11-16 04:54 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-11-22 16:51 - 2015-11-22 17:00 - 00000000 ____D C:\Users\1973pl\Documents\StarCraft II
2015-11-22 03:32 - 2015-11-12 19:37 - 00112712 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-11-16 08:58 - 2015-11-27 04:52 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2015-11-10 16:56 - 2015-11-10 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-08 14:36 - 2015-11-08 14:37 - 00000000 ____D C:\Users\1973pl\Documents\blobby2-win32-1.0
2015-11-08 14:36 - 2015-11-08 14:36 - 00000000 ____D C:\Users\1973pl\Desktop\blobby-1.0
2015-11-04 00:18 - 2015-11-25 00:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-27 09:47 - 2015-05-04 23:12 - 00024895 _____ C:\Users\1973pl\Downloads\FRST.txt
2015-11-27 09:46 - 2015-05-04 23:12 - 00000000 ____D C:\FRST
2015-11-27 09:46 - 2015-04-08 06:31 - 00000000 ____D C:\Users\1973pl\AppData\Local\Battle.net
2015-11-27 09:33 - 2014-06-14 22:31 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-27 09:02 - 2015-08-07 12:46 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-27 08:50 - 2015-09-05 18:45 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-27 05:36 - 2015-07-10 19:10 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C738C1A3-886C-4436-98D0-E63BBECD72AA}
2015-11-27 02:45 - 2015-04-16 06:14 - 00000000 ____D C:\Users\1973pl\AppData\Roaming\OBS
2015-11-27 02:36 - 2014-05-13 13:39 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-27 01:36 - 2015-04-08 08:13 - 00000000 ____D C:\AdwCleaner
2015-11-26 21:36 - 2015-04-08 16:30 - 00000000 ____D C:\Users\1973pl\AppData\Roaming\TS3Client
2015-11-26 19:50 - 2015-09-05 18:45 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-11-26 19:23 - 2015-04-08 07:54 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-26 14:02 - 2015-08-07 12:46 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-26 05:10 - 2015-07-30 23:42 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-26 05:10 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-26 02:36 - 2015-04-08 06:30 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-25 11:09 - 2015-04-08 23:16 - 00000000 ____D C:\ProgramData\Origin
2015-11-25 10:14 - 2015-09-05 18:53 - 00000000 ___RD C:\Users\1973pl\Dropbox
2015-11-25 09:59 - 2015-04-21 14:24 - 00000000 ____D C:\Users\1973pl\AppData\Roaming\Skype
2015-11-25 00:45 - 2015-07-30 23:42 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-25 00:44 - 2015-02-22 17:45 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-11-25 00:29 - 2015-09-25 04:28 - 01888230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-25 00:29 - 2015-09-10 06:10 - 00813448 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-25 00:29 - 2015-09-10 06:10 - 00165842 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-25 00:29 - 2015-07-30 23:40 - 00000000 ____D C:\WINDOWS\INF
2015-11-25 00:28 - 2015-09-05 18:45 - 00000000 ____D C:\Users\1973pl\AppData\Local\Dropbox
2015-11-25 00:27 - 2015-09-02 14:08 - 00001215 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-11-25 00:27 - 2013-08-18 19:52 - 00000000 ____D C:\Users\1973pl\Documents\Youcam
2015-11-25 00:26 - 2014-05-13 13:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-25 00:25 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-11-25 00:25 - 2014-05-13 13:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-25 00:24 - 2015-04-10 06:35 - 00000000 __SHD C:\Users\1973pl\IntelGraphicsProfiles
2015-11-25 00:23 - 2015-09-25 04:09 - 00000000 ____D C:\Users\1973pl
2015-11-25 00:23 - 2015-09-25 04:02 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-25 00:23 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-25 00:22 - 2015-07-10 10:47 - 00000000 ____D C:\Windows
2015-11-25 00:22 - 2014-05-13 13:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-25 00:21 - 2015-07-10 10:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-11-22 16:57 - 2015-09-25 04:01 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-22 16:56 - 2015-09-25 04:01 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-22 16:52 - 2015-04-08 06:30 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-11-22 03:32 - 2015-09-01 18:29 - 00000000 ____D C:\Users\1973pl\AppData\Local\NVIDIA Corporation
2015-11-22 03:32 - 2015-09-01 18:28 - 00001458 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-11-20 20:38 - 2015-09-10 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-20 20:38 - 2015-09-03 12:40 - 00000000 ____D C:\Users\1973pl\.oracle_jre_usage
2015-11-20 20:38 - 2015-05-24 21:55 - 00000000 ____D C:\ProgramData\Oracle
2015-11-20 20:37 - 2015-09-10 16:01 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-11-20 20:37 - 2015-09-10 16:01 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-17 07:27 - 2015-07-23 03:02 - 11228816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-11-16 04:54 - 2015-10-10 10:40 - 15839200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-11-16 04:54 - 2015-10-10 10:40 - 12870192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-11-16 04:54 - 2015-07-23 03:02 - 03540544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-11-16 04:54 - 2015-07-23 03:02 - 03126800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-11-16 04:54 - 2015-07-23 03:02 - 00034494 _____ C:\WINDOWS\system32\nvinfo.pb
2015-11-14 07:20 - 2015-09-25 04:02 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-11-14 07:20 - 2015-09-25 04:02 - 02983216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-11-14 07:20 - 2015-09-25 04:02 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-11-14 07:20 - 2015-09-25 04:02 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-11-14 07:20 - 2015-09-25 04:02 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-11-14 07:20 - 2015-09-25 04:02 - 00385144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-11-14 07:20 - 2015-09-25 04:02 - 00074872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-11-14 07:20 - 2015-09-25 04:02 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-11-14 00:08 - 2015-04-08 23:16 - 00000000 ____D C:\Program Files (x86)\Origin
2015-11-13 06:25 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-12 19:37 - 2015-09-01 18:28 - 01828160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-11-12 19:37 - 2015-09-01 18:28 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-11-12 19:37 - 2015-09-01 18:28 - 01509824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-11-12 19:37 - 2015-09-01 18:28 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-11-12 17:32 - 2015-09-28 05:51 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-11-11 22:04 - 2015-08-07 12:50 - 00002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-11 15:34 - 2014-06-14 22:31 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-10 16:56 - 2015-09-05 18:45 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-11-08 13:53 - 2015-04-21 14:24 - 00000000 ____D C:\ProgramData\Skype
2015-11-03 18:30 - 2015-07-30 21:20 - 00000000 ____D C:\Users\1973pl\AppData\Local\Game Dev Tycoon - Steam
2015-11-03 08:02 - 2015-05-06 14:15 - 00000000 ____D C:\Users\1973pl\Documents\My Games
2015-10-28 08:39 - 2015-09-25 04:02 - 06027430 _____ C:\WINDOWS\system32\nvcoproc.bin
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-07-29 17:14 - 2015-07-29 17:14 - 0002069 _____ () C:\Users\1973pl\AppData\Local\recently-used.xbel
2012-11-14 09:19 - 2012-11-14 09:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-06-30 00:58 - 2015-06-30 00:58 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\Package Cache\{59c4462d-a177-4d44-a95b-deda1be79844}\Avira.OE.Setup.Bundle.exe
Einige Dateien in TEMP:
====================
C:\Users\1973pl\AppData\Local\Temp\avgnt.exe
C:\Users\1973pl\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplduilp.dll
C:\Users\1973pl\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\1973pl\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\1973pl\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\1973pl\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\1973pl\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\1973pl\AppData\Local\Temp\nvStInst.exe
C:\Users\1973pl\AppData\Local\Temp\Uninstaller-1428.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-25 00:33
==================== Ende von FRST.txt ============================
|
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
