Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2016
durchgeführt von Dominik (Administrator) auf DORO89 (17-10-2016 03:17:03)
Gestartet von C:\Users\Dominik\Downloads
Geladene Profile: Dominik (Verfügbare Profile: Dominik)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
() C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Swisscom (Schweiz) AG) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Swisscom (Schweiz) AG) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Users\Dominik\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1860120 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2893104 2013-08-23] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7822136 2014-06-26] (Motorola Solutions, Inc.)
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [403848 2013-05-14] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [399776 2013-05-14] (MSI)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2013-11-13] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163520 2015-04-09] (IvoSoft)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110344 2014-09-17] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492808 2014-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [PowerDVD12Agent] => "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [My Swisscom Assistant] => C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe [14371936 2015-11-26] (Swisscom (Schweiz) AG)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-06-02] (Samsung Electronics Co., Ltd.)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\Run: [Steam] => "C:\Program Files (x86)\Steam\steam.exe" -silent
HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\RunOnce: [Uninstall C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\MountPoints2: {54d98558-6a17-11e5-82a0-4851b74f8d45} - "H:\Autorun.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175368 2016-02-09] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [153208 2016-02-09] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-11-04]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{2D7BDE37-83EC-438A-9E1F-A610594DD358}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1C08ED33-68E9-4E8C-8436-D17B67660B48}: [DhcpNameServer] 192.168.1.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3230179278-116593613-159145252-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3230179278-116593613-159145252-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-08-16] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-04-09] (IvoSoft)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-01-15] (pdfforge GmbH)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-17] (Oracle Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-06-22] (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-17] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-04-09] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CH/Core/Player/2020PlayerAX_IKEA_Win32.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 72pja60x.default
FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\72pja60x.default [2016-10-17]
FF Extension: (20-20 3D Viewer - IKEA) - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\72pja60x.default\Extensions\2020Player_IKEA@2020Technologies.com [2016-02-27]
FF Extension: (Buxenger) - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\72pja60x.default\Extensions\jid1-oEGoDwecBAXObg@jetpack.xpi [2016-01-16]
FF Extension: (My Swisscom Assistant) - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\72pja60x.default\Extensions\{6A6114A5-EEF5-45F4-BCD1-B00A7B33E04B} [2015-05-31] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-02-18] [ist nicht signiert]
FF HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.17
FF Extension: (Free Download Manager extension) - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.17 [2015-11-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-09] (NVIDIA Corporation)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-01-15] (pdfforge GmbH)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\1782655977.js [2016-09-01] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\1782655977.cfg [2016-09-01] <==== ACHTUNG
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3192560 2016-07-26] (Microsoft Corporation)
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [307464 2014-09-17] (CyberLink)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-08-23] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [122984 2014-09-15] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-10-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
S3 m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E; C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe [8331360 2015-11-26] (Swisscom (Schweiz) AG)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-05-14] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-08-18] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2142728 2016-10-09] (Electronic Arts)
S2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [2209296 2016-10-09] (Electronic Arts)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2016-01-15] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (© pdfforge GmbH.)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [387584 2014-09-19] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3817168 2014-08-18] (Intel® Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AX88179; C:\Windows\system32\DRIVERS\ax88179_178a.sys [70104 2013-07-08] (ASIX Electronics Corp.)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [97968 2014-09-11] (Qualcomm Atheros, Inc.)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-03] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [222664 2014-09-15] (Intel Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3479528 2014-08-21] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [307768 2016-02-09] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [19616 2014-09-05] (Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [2968280 2014-01-15] (Realtek Semiconductor Corporation )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [506584 2014-07-11] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 VBoxUSBMon; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2014-11-17] (VMware, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R1 XQHDrv; C:\Windows\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
U0 aswVmm; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-10-17 03:16 - 2016-10-17 03:16 - 00000000 ____D C:\Users\Dominik\Downloads\FRST-OlderVersion
2016-10-15 02:19 - 2016-10-15 02:19 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\ProductData
2016-10-15 02:04 - 2016-10-15 03:26 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\FLV and Media Player
2016-10-15 01:50 - 2016-10-15 01:50 - 00000879 _____ C:\Users\Dominik\Desktop\JRT.txt
2016-10-15 01:48 - 2016-10-15 01:48 - 01631928 _____ (Malwarebytes) C:\Users\Dominik\Desktop\JRT.exe
2016-10-15 01:41 - 2016-10-15 01:41 - 03874368 _____ C:\Users\Dominik\Desktop\AdwCleaner_6.021.exe
2016-10-13 02:16 - 2016-10-13 02:45 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-10-13 02:14 - 2016-10-13 02:45 - 00000000 ____D C:\Users\Dominik\Desktop\mbar
2016-10-13 02:13 - 2016-10-13 02:14 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Dominik\Desktop\mbar-1.09.3.1001.exe
2016-10-12 19:43 - 2016-10-14 03:13 - 00000000 ____D C:\Users\Dominik\Downloads\-MissMia
2016-10-12 11:39 - 2016-10-01 02:22 - 07444312 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-12 11:39 - 2016-09-30 09:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-12 11:39 - 2016-09-30 08:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-12 11:39 - 2016-09-30 08:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-12 11:39 - 2016-09-30 08:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-12 11:39 - 2016-09-30 08:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-12 11:39 - 2016-09-30 07:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-12 11:39 - 2016-09-30 07:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-12 11:39 - 2016-09-30 07:41 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-12 11:39 - 2016-09-30 07:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-12 11:39 - 2016-09-30 07:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-12 11:39 - 2016-09-30 07:33 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-12 11:39 - 2016-09-30 07:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-12 11:39 - 2016-09-30 07:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-12 11:39 - 2016-09-30 07:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-12 11:39 - 2016-09-30 07:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-12 11:39 - 2016-09-30 07:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-12 11:39 - 2016-09-30 07:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-12 11:39 - 2016-09-30 07:11 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-12 11:39 - 2016-09-30 07:06 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-12 11:39 - 2016-09-30 07:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-12 11:39 - 2016-09-30 07:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-12 11:39 - 2016-09-30 07:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-12 11:39 - 2016-09-30 07:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-12 11:39 - 2016-09-30 06:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-12 11:39 - 2016-09-30 06:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-12 11:39 - 2016-09-30 06:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-12 11:39 - 2016-09-30 06:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-12 11:39 - 2016-09-17 20:16 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-12 11:39 - 2016-09-17 19:53 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-12 11:39 - 2016-09-17 19:21 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-12 11:39 - 2016-09-17 19:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-12 11:39 - 2016-09-17 19:02 - 01446400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-12 11:39 - 2016-09-14 03:53 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-12 11:39 - 2016-09-14 03:53 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-10-12 11:39 - 2016-09-14 03:53 - 01490112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-12 11:39 - 2016-09-14 03:53 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-10-12 11:39 - 2016-09-13 01:48 - 00085680 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-12 11:39 - 2016-09-13 00:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2016-10-12 11:39 - 2016-09-12 23:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2016-10-12 11:39 - 2016-09-09 16:17 - 04170752 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-12 11:39 - 2016-09-09 15:38 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-12 11:39 - 2016-09-09 15:38 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-12 11:39 - 2016-09-09 15:38 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-12 11:39 - 2016-09-09 15:38 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-12 11:39 - 2016-09-09 15:38 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-12 11:39 - 2016-09-09 15:38 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-12 11:39 - 2016-09-09 15:38 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-12 11:39 - 2016-09-09 15:38 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-12 11:39 - 2016-09-08 22:41 - 00121176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2016-10-12 11:39 - 2016-09-08 16:00 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-12 11:39 - 2016-09-08 16:00 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-12 11:39 - 2016-09-08 00:07 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-12 11:39 - 2016-09-07 23:59 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-10-12 11:39 - 2016-09-07 23:59 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-12 11:39 - 2016-09-07 23:57 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-12 11:39 - 2016-09-07 23:56 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-10-12 11:39 - 2016-08-31 19:22 - 03754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-12 11:39 - 2016-08-31 18:33 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-12 11:39 - 2016-08-27 21:44 - 22360288 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-12 11:39 - 2016-08-27 21:44 - 02755504 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-12 11:39 - 2016-08-27 21:44 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2016-10-12 11:39 - 2016-08-27 20:26 - 19789232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-12 11:39 - 2016-08-27 20:26 - 02411048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-12 11:39 - 2016-08-27 20:26 - 00113656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2016-10-12 11:39 - 2016-08-27 18:33 - 02881536 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-10-12 11:39 - 2016-08-27 18:11 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-10-12 11:39 - 2016-08-27 18:09 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-10-12 11:39 - 2016-08-27 17:55 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-10-12 11:39 - 2016-08-25 22:50 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-10-12 11:39 - 2016-08-25 21:40 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-10-12 11:39 - 2016-08-21 00:24 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-12 11:39 - 2016-08-21 00:12 - 02463744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-12 11:39 - 2016-08-13 02:05 - 09323008 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-12 11:39 - 2016-08-13 02:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys
2016-10-12 11:39 - 2016-08-13 02:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2016-10-12 11:39 - 2016-08-13 02:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2016-10-12 11:39 - 2016-08-13 00:35 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2016-10-12 11:39 - 2016-08-13 00:19 - 09323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-12 11:39 - 2016-08-12 23:47 - 15431168 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-12 11:39 - 2016-08-12 23:17 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2016-10-12 11:39 - 2016-08-12 22:52 - 13317120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-12 11:39 - 2016-08-12 03:58 - 02315496 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-10-12 11:39 - 2016-08-12 03:58 - 01946176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-10-12 11:39 - 2016-08-11 20:33 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys
2016-10-12 11:39 - 2016-08-11 20:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2016-10-12 11:39 - 2016-08-11 20:33 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys
2016-10-12 11:39 - 2016-08-11 19:17 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-10-12 11:39 - 2016-08-11 15:39 - 00445765 _____ C:\Windows\system32\ApnDatabase.xml
2016-10-12 11:39 - 2016-08-11 07:46 - 00420184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-10-12 11:39 - 2016-08-03 17:42 - 01317888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2016-10-12 11:39 - 2016-08-03 17:36 - 01102848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2016-10-12 11:39 - 2016-08-03 17:36 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2016-10-12 11:39 - 2016-08-03 17:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2016-10-12 11:39 - 2016-07-30 19:12 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-10-12 11:39 - 2016-07-30 18:36 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-10-12 11:39 - 2016-07-26 15:40 - 00162850 _____ C:\Windows\SysWOW64\C_932.NLS
2016-10-12 11:39 - 2016-07-26 15:40 - 00162850 _____ C:\Windows\system32\C_932.NLS
2016-10-12 11:39 - 2016-07-23 20:18 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-10-12 11:39 - 2016-07-23 20:12 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-10-12 03:21 - 2016-10-15 02:23 - 00000000 ____D C:\Users\Dominik\Desktop\aishe pervers
2016-10-12 03:00 - 2016-10-17 03:17 - 00024303 _____ C:\Users\Dominik\Downloads\FRST.txt
2016-10-12 03:00 - 2016-10-12 03:01 - 00050100 _____ C:\Users\Dominik\Downloads\Addition.txt
2016-10-12 02:59 - 2016-10-17 03:17 - 00000000 ____D C:\FRST
2016-10-12 02:58 - 2016-10-17 03:16 - 02406912 _____ (Farbar) C:\Users\Dominik\Downloads\FRST64.exe
2016-10-01 03:08 - 2016-10-01 03:13 - 00000000 ____D C:\Users\Dominik\Documents\FIFA 17
2016-10-01 02:54 - 2016-10-01 03:01 - 00000682 _____ C:\Users\Public\Desktop\FIFA 17.lnk
2016-10-01 02:54 - 2016-10-01 02:54 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2016-10-01 02:54 - 2016-10-01 02:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 17
2016-10-01 01:52 - 2016-10-01 01:52 - 01024032 _____ C:\Users\Dominik\Downloads\Luxury.exe
2016-09-30 02:41 - 2016-10-03 00:56 - 00000000 ____D C:\Users\Dominik\Desktop\katrina jade
2016-09-30 01:46 - 2016-10-02 16:56 - 00000000 ____D C:\Users\Dominik\Desktop\skyler mckay
2016-09-30 01:45 - 2016-10-02 16:56 - 00000000 ____D C:\Users\Dominik\Desktop\mea melone
2016-09-30 01:44 - 2016-10-02 16:56 - 00000000 ____D C:\Users\Dominik\Desktop\samantha bentley
2016-09-25 02:48 - 2016-09-25 02:48 - 00000000 ____D C:\Users\Dominik\.QtWebEngineProcess
2016-09-25 02:48 - 2016-09-25 02:48 - 00000000 ____D C:\Users\Dominik\.Origin
2016-09-24 03:25 - 2016-10-13 02:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-22 03:12 - 2016-09-22 03:12 - 00001785 _____ C:\ProgramData\Microsoft\Windows\Start Menu\GoWild Casino.lnk
2016-09-22 03:12 - 2016-09-22 03:12 - 00001779 _____ C:\Users\Public\Desktop\GoWild Casino.lnk
2016-09-22 03:12 - 2016-09-22 03:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoWild Casino
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-10-17 03:16 - 2015-05-29 13:54 - 00000000 ____D C:\Users\Dominik\AppData\Local\ClassicShell
2016-10-17 03:15 - 2015-11-30 19:08 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-16 23:00 - 2016-02-26 03:45 - 00000000 ____D C:\Users\Dominik\AppData\Local\CrashDumps
2016-10-15 21:51 - 2015-05-29 12:54 - 00000000 ___RD C:\Users\Dominik\OneDrive
2016-10-15 21:51 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-10-15 03:27 - 2015-11-03 04:50 - 00000000 ____D C:\Users\Dominik\AppData\Local\JDownloader 2.0
2016-10-15 02:26 - 2014-04-28 13:38 - 00769304 _____ C:\Windows\system32\perfh007.dat
2016-10-15 02:26 - 2014-04-28 13:38 - 00161112 _____ C:\Windows\system32\perfc007.dat
2016-10-15 02:26 - 2014-04-28 11:22 - 00805116 _____ C:\Windows\system32\perfh00C.dat
2016-10-15 02:26 - 2014-04-28 11:22 - 00160592 _____ C:\Windows\system32\perfc00C.dat
2016-10-15 02:26 - 2014-03-18 17:26 - 02754516 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-15 02:26 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-10-15 02:19 - 2016-04-08 17:44 - 00000000 ____D C:\ProgramData\VMware
2016-10-15 02:18 - 2014-11-04 12:34 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-15 02:18 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-15 02:18 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-10-15 01:58 - 2015-05-29 12:55 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3230179278-116593613-159145252-1001
2016-10-15 01:45 - 2015-06-11 01:34 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-15 01:45 - 2015-06-11 01:34 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-15 01:45 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-10-15 01:45 - 2013-08-22 16:44 - 00504152 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-15 01:44 - 2016-09-07 19:09 - 00000000 ____D C:\AdwCleaner
2016-10-15 01:44 - 2015-05-29 13:56 - 00001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-10-15 01:44 - 2015-05-29 13:56 - 00001065 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-10-15 01:44 - 2015-05-29 12:50 - 00001015 _____ C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-10-15 01:44 - 2015-05-29 12:50 - 00000925 _____ C:\Users\Dominik\Desktop\LIFESTORE.lnk
2016-10-13 19:01 - 2016-07-30 02:15 - 00000000 ____D C:\Users\Dominik\AppData\Local\Nox
2016-10-13 19:00 - 2016-08-02 02:13 - 00000000 ____D C:\Users\Dominik\.BigNox
2016-10-13 19:00 - 2016-07-30 02:18 - 00000000 ____D C:\Users\Dominik\.android
2016-10-13 19:00 - 2016-07-30 02:17 - 00000000 ____D C:\Users\Dominik\vmlogs
2016-10-13 03:34 - 2015-06-14 02:56 - 00474112 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-13 03:34 - 2015-06-12 14:49 - 00000000 ____D C:\Windows\system32\MRT
2016-10-13 03:34 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-10-13 03:32 - 2014-04-24 18:12 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-13 02:16 - 2015-10-02 03:45 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-13 02:15 - 2015-10-02 03:45 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-10-13 02:12 - 2015-07-05 03:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-13 02:12 - 2015-05-30 21:56 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-13 02:08 - 2015-09-29 02:36 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Origin
2016-10-12 10:50 - 2014-11-04 11:46 - 00003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-10-12 07:27 - 2015-11-30 19:08 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-12 07:27 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-12 07:27 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-11 14:25 - 2014-11-04 11:46 - 00003476 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2016-10-10 18:48 - 2015-05-29 17:49 - 00000000 ____D C:\Users\Dominik\Desktop\bewerbungen
2016-10-09 03:25 - 2015-09-29 02:35 - 00000000 ____D C:\ProgramData\Origin
2016-10-09 03:23 - 2015-09-29 02:36 - 00000000 ____D C:\Users\Dominik\AppData\Local\Origin
2016-10-02 16:56 - 2015-05-29 18:21 - 04314624 ___SH C:\Users\Dominik\Desktop\Thumbs.db
2016-10-01 02:15 - 2013-08-22 17:38 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-01 02:15 - 2013-08-22 17:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-29 03:49 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-09-26 02:45 - 2015-05-29 18:09 - 00000000 ____D C:\Users\Dominik\Desktop\schatz
2016-09-25 02:48 - 2015-05-29 12:49 - 00000000 ____D C:\Users\Dominik
2016-09-23 18:15 - 2016-09-15 02:29 - 00000000 ____D C:\Users\Dominik\Desktop\roger
2016-09-21 01:57 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-21 01:56 - 2015-05-29 18:26 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-09-17 02:28 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\setup
2016-09-17 02:28 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\setup
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-04 12:48 - 2014-11-04 12:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Dominik\AppData\Local\Temp\f515-05bc-e893-b0f8.exe
C:\Users\Dominik\AppData\Local\Temp\i4jdel0.exe
C:\Users\Dominik\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Dominik\AppData\Local\Temp\libeay32.dll
C:\Users\Dominik\AppData\Local\Temp\msvcr120.dll
C:\Users\Dominik\AppData\Local\Temp\proxy_vole3370327256794100580.dll
C:\Users\Dominik\AppData\Local\Temp\proxy_vole5812147132392320546.dll
C:\Users\Dominik\AppData\Local\Temp\proxy_vole640667511126350306.dll
C:\Users\Dominik\AppData\Local\Temp\safezone_installer_20161013929386.dll
C:\Users\Dominik\AppData\Local\Temp\setup.exe
C:\Users\Dominik\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-10-11 03:58
==================== Ende von FRST.txt ============================
addition Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-10-2016
durchgeführt von Dominik (17-10-2016 03:17:30)
Gestartet von C:\Users\Dominik\Downloads
Windows 8.1 (Update) (X64) (2015-05-29 10:50:23)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3230179278-116593613-159145252-500 - Administrator - Disabled)
Dominik (S-1-5-21-3230179278-116593613-159145252-1001 - Administrator - Enabled) => C:\Users\Dominik
Gast (S-1-5-21-3230179278-116593613-159145252-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3230179278-116593613-159145252-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.05 beta x64 (HKLM\...\7-Zip) (Version: - )
888poker (HKLM-x32\...\888poker) (Version: - )
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
Casino Classic (HKLM-x32\...\casinoclassic) (Version: 16.10.3.2234 - )
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.3019 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.3019 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Deluxe Ski Jump 4 (HKLM-x32\...\Deluxe Ski Jump 4_is1) (Version: 1.6.1 - Mediamond Tmi)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
ETDWare PS/2-X64 11.13.4.4_WHQL (HKLM\...\Elantech) (Version: 11.13.4.4 - ELAN Microelectronic Corp.)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.42.13482.16 - Electronic Arts)
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.45.33307 - Electronic Arts)
Football Manager 2016 (HKLM-x32\...\Steam App 378120) (Version: - SEGA)
Football Manager 2016 Editor (HKLM-x32\...\Steam App 378200) (Version: - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Download Manager 3.9.6 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GKFX MetaTrader 4 (HKLM-x32\...\GKFX MetaTrader 4) (Version: 6.00 - MetaQuotes Software Corp.)
GoWild Casino (HKLM-x32\...\gowild) (Version: 16.11.1.4250 - )
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3977 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{6F280399-F8BD-4F2E-BCA4-207BEBCDE33A}) (Version: 16.6.0.0128 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1434.2) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7991b5ae-96d7-4df2-97fb-a605b7cb638b}) (Version: 17.12.0 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
K-Lite Mega Codec Pack 11.3.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.3.0 - )
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.2.0.0 - GIANTS Software)
LuxuryCasino (HKLM-x32\...\luxuryvipermit) (Version: 16.10.3.2234 - )
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Manager (x32 Version: 4.0.1.25166 - 2015 pdfforge GmbH. All rights reserved) Hidden
MansionPoker (HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\MansionPoker) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4859.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\OneDriveSetup.exe) (Version: 17.3.6517.0809 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
My Swisscom Assistant (HKLM-x32\...\My Swisscom Assistant) (Version: 2.15.3.2514 - Swisscom (Schweiz) AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.7.1.0 - Duodian Technology Co. Ltd.)
NVIDIA 3D Vision Treiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.91 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.91 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.1.1.35466 - Electronic Arts, Inc.)
PCM Fast Editor (HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\b4e96ac10814a05a) (Version: 2.1.0.0 - PCM Fast Editor)
PCM.daily Expansion Pack 0.8 0.8 (HKLM-x32\...\PCM.daily Expansion Pack 0.8 0.8) (Version: 0.8 - PCM.daily)
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH)
PDF Architect 4 Create Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge)
Players Palace (HKLM-x32\...\thecasino) (Version: 16.10.3.2234 - )
Pro Cycling Manager 2014 (HKLM-x32\...\Steam App 255260) (Version: - Cyanide Studio)
Pro Cycling Manager 2016 (HKLM\...\Steam App 408760) (Version: - Cyanide Studio)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.47.1374 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.47.1374 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Performance Suite (HKLM-x32\...\{D675B346-8CDB-4C8E-804E-17FC9F62CEA5}) (Version: 1.1.47.1374 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.47.1374 - Qualcomm Atheros) Hidden
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21258 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7095 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16061.19 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.4.16061.19 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SCM (HKLM\...\{EDF24C5B-2E36-4089-B96A-329B15A74649}) (Version: 11.013.05146 - )
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16084.4 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16084.4 - Samsung Electronics Co., Ltd.) Hidden
SolothurnTax 2014 14.3.26 (HKLM-x32\...\NP_SO_2014) (Version: 14.3.26 - Ringler Informatik AG)
SolothurnTax 2015 15.3.24 (HKLM-x32\...\NP_SO_2015) (Version: 15.3.24 - Ringler Informatik AG)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tour de France 2015 - Der offizielle Radsport-Manager Version 1 (HKLM-x32\...\Pro Cycling Manager 2015_is1) (Version: 1.2.0.0 - Cyanide)
Villento Casino (HKLM-x32\...\Villento) (Version: 16.10.3.2234 - )
VMware Player (HKLM-x32\...\VMware_Player) (Version: 7.0.0 - VMware, Inc)
VMware Player (Version: 7.0.0 - VMware, Inc.) Hidden
Windows Driver Package - BigNox Corporation (VBoxUSB) USB (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version: - DOSBox Team)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3230179278-116593613-159145252-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-3230179278-116593613-159145252-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3230179278-116593613-159145252-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1674C342-3F12-4867-BE6D-E45CF4EFB5EC} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3230179278-116593613-159145252-1001 => C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-08-23] (Microsoft Corporation)
Task: {2379336B-B8F9-4AB4-9474-9816226DF4B6} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-23] (Microsoft Corporation)
Task: {4C3F3720-1565-4281-AAB9-7E0381767D5C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-07-26] (Microsoft Corporation)
Task: {57038B8A-3AF3-45C4-90ED-1E5784DF85EA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-10-13] (Microsoft Corporation)
Task: {72025A00-5DEB-4756-A948-09B9C0F872DF} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {7D5D522C-188C-48C6-B8F3-B4C11DB40578} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software)
Task: {875F0D1B-57E6-42CC-8587-CC2AD1165852} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2014-09-17] (CyberLink Corp.)
Task: {A2A34B47-940E-467A-9ADA-E4D85E0E0D62} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-26] (Microsoft Corporation)
Task: {C8B9B427-2145-4536-9D47-3FB8A3E36738} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-12] (Adobe Systems Incorporated)
Task: {D3B1CD2C-2AED-4054-8124-CAF4E16F5326} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {E4546429-DD6B-4CD0-991B-B93955CB06BD} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2013-09-09] (Dolby Laboratories Inc.)
Task: {FCA0A20D-001D-4862-BC3A-4D1F462D2B3A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-26] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-05-29 18:26 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-02-17 18:37 - 2016-01-12 06:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2014-11-04 12:34 - 2016-02-09 07:41 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-04 10:54 - 2014-10-16 17:14 - 00456808 _____ () C:\Windows\system32\igfxTray.exe
2013-09-09 15:13 - 2013-09-09 15:13 - 00050904 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2014-09-19 17:48 - 2014-09-19 17:48 - 00330240 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2016-09-08 23:36 - 2016-06-14 16:35 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-11-20 18:44 - 2014-11-20 18:44 - 01299136 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-09-03 13:03 - 2014-09-03 13:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-10-03 03:26 - 2016-01-12 06:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-21 01:55 - 2016-09-21 01:55 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-11-05 17:49 - 2014-07-04 06:35 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2014-07-04 14:35 - 2014-07-04 14:35 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-07-05 03:25 - 2014-03-31 21:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3230179278-116593613-159145252-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\OEM\wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6129196D-1EF3-4C3A-A6F5-990358F7408F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5E2E9CC6-4069-4829-8BEB-C9F07010D114}] => (Allow) LPort=2869
FirewallRules: [{F64ED3B4-9E6B-4C6B-A84F-C64FB79F82C8}] => (Allow) LPort=1900
FirewallRules: [{76AC518B-9934-4E01-83C0-2D0549EB9B6B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1A6D3200-FF27-4344-964D-DB7C1B9926E8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0F415CA8-1C63-4A12-BD28-A752C5F00BDC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{579E3D2A-963F-441C-A1B0-51C4E6494DF1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2A5D085-394B-4065-A892-97B12B5F08D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F7CAAA20-1C0F-4BD8-AE2C-F6421E16ED27}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EF8A1DD1-9043-4386-B8D3-7D2E77D7AC71}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EA6EEC17-B000-42F4-BFF2-2522E58CC5BE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{818B572E-3A3F-48C2-9C44-816CBF16D2FA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{05C3FF83-0080-4F93-A8DC-666C2AB17657}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{7263FA7E-4CB8-4899-B5BC-9DB9BFEDDF5F}] => (Allow) C:\Users\Dominik\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{15A3EA79-26F2-498A-8E14-4AC77AA19020}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2014\PCM.exe
FirewallRules: [{DA032AA0-D460-412C-AFF4-688DA34B3C87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2014\PCM.exe
FirewallRules: [{A6AF126D-4B60-4451-95C3-A0A501F7C9F7}] => (Allow) C:\Program Files (x86)\Cyanide\Tour de France 2015 - Der offizielle Radsport-Manager\PCM.exe
FirewallRules: [{0D45DD02-0E1F-4368-AA7C-A39A26836501}] => (Allow) C:\Program Files (x86)\Cyanide\Tour de France 2015 - Der offizielle Radsport-Manager\PCM.exe
FirewallRules: [{6825E4DD-FCE7-4B01-A05B-DA19B2D6B3DC}] => (Allow) C:\Program Files (x86)\Cyanide\Tour de France 2015 - Der offizielle Radsport-Manager\Autorun\Exe\Autorun.exe
FirewallRules: [{8AE32BE0-8112-4283-877E-9A67524DBFD9}] => (Allow) C:\Program Files (x86)\Cyanide\Tour de France 2015 - Der offizielle Radsport-Manager\Autorun\Exe\Autorun.exe
FirewallRules: [{7F530585-E96A-43D8-BBC6-C4511B25A3B3}] => (Allow) D:\Tour de France 2015 - Der offizielle Radsport-Manager\PCM.exe
FirewallRules: [{3C2BD917-E4B1-4CC9-AB5E-CF7D20274F9E}] => (Allow) D:\Tour de France 2015 - Der offizielle Radsport-Manager\PCM.exe
FirewallRules: [{0F1203FD-FC89-444D-8BE8-B55D4D445128}] => (Allow) D:\Tour de France 2015 - Der offizielle Radsport-Manager\Autorun\Exe\Autorun.exe
FirewallRules: [{8C770172-E366-468B-A0F0-FC9D7EE662B2}] => (Allow) D:\Tour de France 2015 - Der offizielle Radsport-Manager\Autorun\Exe\Autorun.exe
FirewallRules: [{6898D078-77AA-4B67-AE69-5DEFC874A6BE}] => (Allow) D:\steam games\steamapps\common\Football Manager 2015\fm.exe
FirewallRules: [{CECF5191-BD22-4537-A1B7-7C1DE9F88D82}] => (Allow) D:\steam games\steamapps\common\Football Manager 2015\fm.exe
FirewallRules: [{073ADE52-439E-49BB-9FE7-8C8D25158A2D}] => (Allow) D:\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{8ABAF206-4C56-4C35-BB3A-AA74374EC4BF}] => (Allow) D:\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{B07FE49E-263D-4888-BB5C-26B86D237CD2}] => (Allow) D:\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{DBD20CCD-676F-47AA-BB0D-746E27ED7E72}] => (Allow) D:\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{2F9AD1D4-D41F-46FD-B554-C7C0AF756D4F}] => (Allow) D:\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{0047BF04-290C-42C2-8512-0FB3136FBE19}] => (Allow) D:\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{BE6D88A0-3D97-4A0F-B6A1-E67257B134C9}] => (Allow) D:\steam\steamapps\common\Football Manager 2015 Editor\editor.exe
FirewallRules: [{9690496D-6071-46E9-B833-EB4F24DFA801}] => (Allow) D:\steam\steamapps\common\Football Manager 2015 Editor\editor.exe
FirewallRules: [{54D95A7F-B7E3-471C-9F80-5E40F7BA141E}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{1A7C7D43-CC05-47BB-AFA4-6BC6511FFBFE}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [TCP Query User{CF5F338C-8C4D-473F-9954-1BBDEF332612}D:\origin games\fifa 16\fifa16.exe] => (Allow) D:\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{ABA45532-202F-429A-81DC-A4BBE4375DC8}D:\origin games\fifa 16\fifa16.exe] => (Allow) D:\origin games\fifa 16\fifa16.exe
FirewallRules: [{9028C0C0-C67B-4C20-88ED-304D9D51511C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7A7176F5-251A-4993-989D-03F323CBFE16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{25BE1763-CB17-49C1-AC60-1E75A8297C73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1AA7E327-1D23-421D-9461-BBBD63875290}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9869F343-B7F7-4A59-A6F5-0B6101A6027E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4EE68AA9-7137-4F56-B237-DEF86862DD6E}] => (Allow) D:\anno1404\Anno4.exe
FirewallRules: [{C22DDE76-6C58-42D1-8F61-582A1939B788}] => (Allow) D:\anno1404\Anno4.exe
FirewallRules: [{6212B5AD-5096-4018-A543-04F2E5D6A6ED}] => (Allow) D:\anno1404\Addon.exe
FirewallRules: [{DA64D3D0-7942-49D5-BCF0-FCB0004DF3E4}] => (Allow) D:\anno1404\Addon.exe
FirewallRules: [{91B6E497-A819-40C5-B6E8-9FE89F7CE03A}] => (Allow) D:\anno1404\tools\Anno4Web.exe
FirewallRules: [{BBF9541C-4B5B-4355-A801-92D70E17E742}] => (Allow) D:\anno1404\tools\Anno4Web.exe
FirewallRules: [{68DE69EC-2604-482F-B1DC-6070E64F2B13}] => (Allow) D:\anno1404\tools\AddonWeb.exe
FirewallRules: [{661113D1-4FF4-48B3-A86B-C20EDBA8C840}] => (Allow) D:\anno1404\tools\AddonWeb.exe
FirewallRules: [{6C81DC2F-5960-4BC7-A6EB-FF59795AAF1E}] => (Allow) D:\anno1404\tools\Benchmark.exe
FirewallRules: [{D2B32FFD-EFF2-4B60-B118-2BB6E17D27BF}] => (Allow) D:\anno1404\tools\Benchmark.exe
FirewallRules: [{1819EEF3-2066-4FAF-8A89-FBEC8B111F13}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{7039D05E-2081-44EC-8729-8EA7DFBB9CCA}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{B565136D-2A11-4752-950D-CA50A0326645}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{915AFB8E-09AE-478E-A516-917B01979845}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{0099DE38-7611-4566-9117-2BE308CF9176}D:\anno1404\tools\addonweb.exe] => (Block) D:\anno1404\tools\addonweb.exe
FirewallRules: [UDP Query User{8806DA4C-C293-45E5-B31B-4A59CB7232FD}D:\anno1404\tools\addonweb.exe] => (Block) D:\anno1404\tools\addonweb.exe
FirewallRules: [{90ECFD23-7843-488D-8914-B5F5F6FE02A3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{69722674-5599-4CBF-BBA3-882008F7C57D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0925AB1F-616A-490A-A058-93070E7E1010}] => (Allow) D:\origin games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{E0A46343-6B9C-40F7-94F1-AB4EF7E5258F}] => (Allow) D:\origin games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{AECEA4A1-BA96-4D4E-B517-0CD8B8F3EE7B}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{FBD320A7-AE22-442E-8BE6-D5974F6E7C3F}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{953974A0-4887-488D-9E76-3DFDFB3D687A}] => (Allow) D:\Steam\steamapps\common\Football Manager 2016\fm.exe
FirewallRules: [{7BBE9FEA-5F25-40E1-AF3F-1053BE244B21}] => (Allow) D:\Steam\steamapps\common\Football Manager 2016\fm.exe
FirewallRules: [{2C46F44F-7153-4C64-9B55-EB968CE08ED0}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
FirewallRules: [{05ADC04F-B288-45A9-8DEE-3C264E77EAC0}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
FirewallRules: [{C4A5EE32-4AC7-43B6-8C4D-6140475F9F1D}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
FirewallRules: [{1D4FC3D4-DB1A-4B3E-89F1-3F59EAF1C110}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
FirewallRules: [{9D58B02D-8C3E-4A9F-938E-B61ABBAFAF0A}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant.exe
FirewallRules: [{DD1261E4-ED66-43D2-B387-B01BA2ADF990}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant.exe
FirewallRules: [{B61B5797-886E-4F09-9328-5EDB332855E8}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\Update\M2Updater.exe
FirewallRules: [{A56F368E-55CC-4AB9-8CF4-8D093C181053}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\Update\M2Updater.exe
FirewallRules: [{2F16BA81-BEA4-432F-8E41-A119106E75EC}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\PDF_Viewer\m2PDFViewer.exe
FirewallRules: [{E141C7C8-0ADE-49E7-9444-A5B8C0036704}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\PDF_Viewer\m2PDFViewer.exe
FirewallRules: [{A47E37C8-5CA7-4E1E-A4EF-31C615D83584}] => (Allow) D:\Steam\steamapps\common\Football Manager 2016 Editor\editor.exe
FirewallRules: [{C40FB467-6698-48C5-8B82-54509184090F}] => (Allow) D:\Steam\steamapps\common\Football Manager 2016 Editor\editor.exe
FirewallRules: [TCP Query User{49C32632-AFFF-4981-9D0A-FA1254B8335C}C:\program files (x86)\pacificpoker\bin\poker.exe] => (Block) C:\program files (x86)\pacificpoker\bin\poker.exe
FirewallRules: [UDP Query User{86ACC110-F6F7-4774-8E5E-A563BCEC4611}C:\program files (x86)\pacificpoker\bin\poker.exe] => (Block) C:\program files (x86)\pacificpoker\bin\poker.exe
FirewallRules: [{324357FF-87B5-4EFD-B8F5-CA2CCEA0A9A2}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{42EB4848-813B-43EB-AB6D-E00283CABEE6}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [TCP Query User{6B8FE1F2-A56F-439C-919C-46015F2C0644}D:\origin games\fifa 16\fifa16.exe] => (Allow) D:\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{56D12715-FB5B-4CB6-A210-C145EFAEED82}D:\origin games\fifa 16\fifa16.exe] => (Allow) D:\origin games\fifa 16\fifa16.exe
FirewallRules: [{55F95DFD-0E2A-48DF-A6C2-08F6C4E2F4E4}] => (Allow) D:\origin games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{36875F8A-87E5-4779-9600-F6998F395587}] => (Allow) D:\origin games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{5E62D630-C0C2-4058-A606-DA8733A70848}] => (Allow) D:\Steam\steamapps\common\Pro Cycling Manager 2016\PCM.exe
FirewallRules: [{C8D430C8-B689-464E-B44B-65BEC777281A}] => (Allow) D:\Steam\steamapps\common\Pro Cycling Manager 2016\PCM.exe
FirewallRules: [{7F21408A-388E-4F39-B90D-C60C0F5DEE05}] => (Allow) C:\Users\Dominik\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{860B25F5-1584-432B-A72A-EF2E6670733F}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{BF6BF7F0-D032-4C73-96C9-3459231459C9}] => (Allow) C:\Program Files (x86)\FileFinder\FileFinder.exe
FirewallRules: [{46C6A5E5-9449-463D-AFE9-889A4AB212A4}] => (Allow) C:\Program Files (x86)\FileFinder\FileFinder.exe
FirewallRules: [{E02916B5-4F1E-4276-9554-B8AEDFFA8A5E}] => (Allow) D:\origin games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{4431FB9A-905D-48E9-A652-920F04BF79BD}] => (Allow) D:\origin games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [TCP Query User{5ABFCFDF-258E-45E4-B8E6-907983E093C5}D:\origin games\fifa 17\fifa17.exe] => (Allow) D:\origin games\fifa 17\fifa17.exe
FirewallRules: [UDP Query User{6528EAA1-73E3-422F-B10B-91C4136EACD0}D:\origin games\fifa 17\fifa17.exe] => (Allow) D:\origin games\fifa 17\fifa17.exe
==================== Wiederherstellungspunkte =========================
13-10-2016 03:31:49 Windows Update
15-10-2016 01:49:33 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/16/2016 11:30:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvvsvc.exe, Version: 8.17.13.6191, Zeitstempel: 0x56b979b0
Name des fehlerhaften Moduls: NVSVC64.DLL, Version: 8.17.13.6191, Zeitstempel: 0x56b97580
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000009f440
ID des fehlerhaften Prozesses: 0x23a0
Startzeit der fehlerhaften Anwendung: 0x01d2274664d3a7dc
Pfad der fehlerhaften Anwendung: C:\Windows\system32\nvvsvc.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\NVSVC64.DLL
Berichtskennung: c50c3c63-93e7-11e6-82de-4851b74f8d45
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (10/16/2016 11:00:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: casinogame.exe, Version: 25.0.0.12127, Zeitstempel: 0x509b9a1d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4e1d
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e6054
ID des fehlerhaften Prozesses: 0x3a0c
Startzeit der fehlerhaften Anwendung: 0x01d227f01c3214b1
Pfad der fehlerhaften Anwendung: C:\Microgaming\Casino\oldchicagoMIT\casinogame.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: 7ffa5988-93e3-11e6-82de-4851b74f8d45
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (10/16/2016 10:55:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: casinogame.exe, Version: 25.0.0.12127, Zeitstempel: 0x509b9a1d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4e1d
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e6054
ID des fehlerhaften Prozesses: 0x3768
Startzeit der fehlerhaften Anwendung: 0x01d227ef65b9a8ca
Pfad der fehlerhaften Anwendung: C:\Microgaming\Casino\oldchicagoMIT\casinogame.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: e8aa75db-93e2-11e6-82de-4851b74f8d45
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (10/16/2016 10:36:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: casinogame.exe, Version: 25.0.0.12127, Zeitstempel: 0x509b9a1d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4e1d
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e6054
ID des fehlerhaften Prozesses: 0x3818
Startzeit der fehlerhaften Anwendung: 0x01d227ecd08d2922
Pfad der fehlerhaften Anwendung: C:\Microgaming\Casino\oldchicagoMIT\casinogame.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: 27bd607e-93e0-11e6-82de-4851b74f8d45
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (10/16/2016 10:27:16 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (10/16/2016 10:19:16 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/16/2016 10:19:15 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (10/16/2016 10:18:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: casinogame.exe, Version: 25.0.0.12127, Zeitstempel: 0x509b9a1d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4e1d
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e6054
ID des fehlerhaften Prozesses: 0x2aa4
Startzeit der fehlerhaften Anwendung: 0x01d227ea25d28082
Pfad der fehlerhaften Anwendung: C:\Microgaming\Casino\oldchicagoMIT\casinogame.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: a7fa9bb3-93dd-11e6-82de-4851b74f8d45
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (10/15/2016 11:53:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvvsvc.exe, Version: 8.17.13.6191, Zeitstempel: 0x56b979b0
Name des fehlerhaften Moduls: NVSVC64.DLL, Version: 8.17.13.6191, Zeitstempel: 0x56b97580
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000009f440
ID des fehlerhaften Prozesses: 0x1c14
Startzeit der fehlerhaften Anwendung: 0x01d22683a1e8248f
Pfad der fehlerhaften Anwendung: C:\Windows\system32\nvvsvc.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\NVSVC64.DLL
Berichtskennung: c8ad5610-9321-11e6-82de-4851b74f8d45
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (10/15/2016 11:18:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: casinogame.exe, Version: 25.0.0.12127, Zeitstempel: 0x509b9a1d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4e1d
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e6054
ID des fehlerhaften Prozesses: 0x241c
Startzeit der fehlerhaften Anwendung: 0x01d227293fbc8bfb
Pfad der fehlerhaften Anwendung: C:\Microgaming\Casino\oldchicagoMIT\casinogame.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: e4226e91-931c-11e6-82de-4851b74f8d45
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (10/15/2016 02:19:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (10/15/2016 02:19:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (10/15/2016 02:18:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (10/15/2016 01:49:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/15/2016 01:46:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (10/15/2016 01:46:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (10/15/2016 01:45:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (10/15/2016 01:45:24 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (10/15/2016 01:45:24 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (10/15/2016 01:44:29 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
CodeIntegrity:
===================================
Date: 2016-10-15 02:12:02.401
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-13 19:00:42.557
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-13 02:15:00.349
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-12 21:11:46.437
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-09 03:25:26.094
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-07 04:15:35.793
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-03 02:55:52.567
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-29 17:41:37.158
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-25 02:48:17.803
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-22 03:24:44.561
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4710MQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 9%
Installierter physikalischer RAM: 32682.88 MB
Verfügbarer physikalischer RAM: 29693.45 MB
Summe virtueller Speicher: 37546.88 MB
Verfügbarer virtueller Speicher: 34748.23 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:236.76 GB) (Free:53.03 GB) NTFS
Drive d: (Data) (Fixed) (Total:871 GB) (Free:628.84 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60.51 GB) (Free:44.18 GB) NTFS
Drive f: (FIFA 17 Disc 5) (CDROM) (Total:6.32 GB) (Free:0 GB) CDFS
Drive h: (Anno 1404 GE) (CDROM) (Total:3.39 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FEFAD821)
Partition 1: (Not Active) - (Size=871 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=60.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Lesestoff:
AdwCleaner auf deinen Desktop.
