Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-01-2017
durchgeführt von 1973pl (08-01-2017 13:33:31)
Gestartet von C:\Users\1973pl\Downloads
Windows 10 Home (X64) (2015-09-25 13:43:52)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
1973pl (S-1-5-21-1766157453-2088857509-2423560725-1002 - Administrator - Enabled) => C:\Users\1973pl
Administrator (S-1-5-21-1766157453-2088857509-2423560725-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1766157453-2088857509-2423560725-503 - Limited - Disabled)
Gast (S-1-5-21-1766157453-2088857509-2423560725-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1766157453-2088857509-2423560725-1004 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Skybox Labs)
Akamai NetSession Interface (HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\Akamai) (Version: - Akamai Technologies, Inc)
ArcSoft TV 5.0 (HKLM-x32\...\{94ED52E0-24A0-4AD8-9BFD-0560CA680A80}) (Version: 5.0.8.145 - ArcSoft)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.47.30570 - Electronic Arts)
Battlerite (HKLM\...\Steam App 504370) (Version: - Stunlock Studios)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Brawlhalla (HKLM\...\Steam App 291550) (Version: - Blue Mammoth Games)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Duck Game (HKLM\...\Steam App 312530) (Version: - Landon Podbielski)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version: - SCS Software)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
F1 2013 (HKLM\...\Steam App 223670) (Version: - Codemasters Birmingham)
Fallout Shelter (HKLM-x32\...\Fallout Shelter) (Version: - Bethesda Softworks)
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.46.21015 - Electronic Arts)
Football Manager 2017 (HKLM\...\Steam App 482730) (Version: - Sports Interactive)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Furi (HKLM\...\Steam App 423230) (Version: - The Game Bakers)
FUSSBALL MANAGER 13 (HKLM-x32\...\{80AF0300-866F-400F-A350-D53E3C3E34E0}) (Version: 1.0.4.0 - Electronic Arts)
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GameMaker: Studio (HKLM\...\Steam App 214850) (Version: - YoYo Games Ltd.)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1593C708-5535-47A4-8C0F-F8D4BE2B4560}) (Version: 15.05.6000.1620 - Intel Corporation)
IT9130 Driver v12.2.3.1 (HKLM-x32\...\IT9130 DriverInstaller_12.2.3.1) (Version: - )
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lethal League (HKLM-x32\...\Steam App 261180) (Version: - Team Reptile)
LIMBO (HKLM\...\Steam App 48000) (Version: - Playdead)
Mad Games Tycoon (HKLM-x32\...\Steam App 341000) (Version: - Eggcode)
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4885.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Motorsport Manager (HKLM\...\Steam App 415200) (Version: - Playsport Games)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation)
NVIDIA Grafiktreiber 365.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.19 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Ori and the Blind Forest: Definitive Edition (HKLM\...\Steam App 387290) (Version: - Moon Studios GmbH)
Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0081 - Pegatron Corporation)
Plague Inc: Evolved (HKLM\...\Steam App 246620) (Version: - Ndemic Creations)
Poker Night 2 (HKLM\...\Steam App 234710) (Version: - Telltale Games)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Portal 2 (HKLM\...\Steam App 620) (Version: - Valve)
Pro Gamer Manager (HKLM-x32\...\Steam App 408740) (Version: - Millenway Studios)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6722 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Reigns (HKLM\...\Steam App 474750) (Version: - Nerial)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RimWorld (HKLM\...\Steam App 294100) (Version: - Ludeon Studios)
Robot Roller-Derby Disco Dodgeball (HKLM\...\Steam App 270450) (Version: - Erik Asmussen)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version: - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Sonic & All-Stars Racing Transformed (HKLM\...\Steam App 212480) (Version: - Sumo Digital)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Stardew Valley (HKLM\...\Steam App 413150) (Version: - ConcernedApe)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
Tabletop Simulator (HKLM-x32\...\Steam App 286160) (Version: - Berserk Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
The Binding of Isaac: Rebirth (HKLM\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Howler (HKLM\...\Steam App 306040) (Version: - Antanas Marcelionis)
The Walking Dead: A New Frontier (HKLM\...\Steam App 536220) (Version: - Telltale Games)
Thumper (HKLM\...\Steam App 356400) (Version: - Drool)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1766157453-2088857509-2423560725-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {057875EA-89D3-4034-AD0B-22D8FA07F2D6} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {07E5C26D-DF26-4356-968C-F34A11360935} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {0E22486E-BD76-4AB8-82D9-FF0499C69DC1} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
Task: {19BA6E03-67A1-4F26-B568-5F1D17A5468E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {1E65201B-BF3D-4711-AD82-3944DF23C7DF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {2123FCFE-3606-41C3-A4E0-8FEFE33E1891} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {292462B6-BB95-4DA3-9BC2-CD4B78915C11} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {2B157C5F-2B75-4FBD-B8F1-F9E51E82F549} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {2CCA2453-8F9A-4F7A-91D1-B9189FDC0F3C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-12-13] (NVIDIA Corporation)
Task: {2E11EEEF-37AE-4F8E-8B5C-F65545D826C9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {4E1B7ED5-46F7-4803-A596-2E58F2AB5C63} - System32\Tasks\{BE1D4D35-CB5F-4C9D-8888-F480237D0089} => pcalua.exe -a "C:\Users\Public\Daybreak Game Company\Installed Games\PlanetSide 2\Uninstaller.exe"
Task: {4FEA7563-E5D8-4B9B-AFCF-6C74140EC74A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-07] (Google Inc.)
Task: {59ED902A-BFE4-44DE-A625-6B6514DB63B2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {5E4D3901-C47F-495E-8771-679433B59FF6} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {5F96E8B6-FAAA-4215-85A9-0D3478A527A1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {64AC1DD1-FAEE-479F-92D4-8B809E72175A} - System32\Tasks\{61770146-6546-4381-B7B7-40E10071C7C8} => pcalua.exe -a C:\Games\World_of_Warships\unins000.exe
Task: {73D81698-81C0-4AE4-805B-3D43E45C5EAE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {7C84DCAC-9F1D-4837-B092-E20BA9A68E5F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {98B1FBC3-3227-46B3-9600-175F65C88D11} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C994425A-3F26-410D-9E55-C42506FC47F9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {CE6CB0C2-889B-42BE-9161-F68A7D3E0EC9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {D3F22577-37A8-42EA-9BFA-5D26D1D0CDCD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D58A8969-1F44-472D-8D23-2B402589B846} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-13] (NVIDIA Corporation)
Task: {D996CE24-83A2-4EB8-B9AD-DDF446F8D476} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {DB80CAF6-DEDE-448F-B7FA-2B2538DB2354} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-07] (Google Inc.)
Task: {E4E46D86-879C-4208-880C-139E82E8603A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-13] (NVIDIA Corporation)
Task: {EA9EA841-466F-461C-B01D-85D68B9882BE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {EC5535F1-BEC0-4EEA-8F63-5B93A6F1CA9A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\1973pl\Desktop\ALDI Nord Blumen Service.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www1.aldi-blumenservice.de
ShortcutWithArgument: C:\Users\1973pl\Desktop\ALDI Talk.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medionmobile.de
ShortcutWithArgument: C:\Users\1973pl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4ab94cee9417cc4d\IWannaBeTheCo-op.lnk -> C:\Users\1973pl\Documents\IWBTCoop1.11-win32\I Wanna Be The Co-op\I Wanna Be The Co-op v1.11.exe (The NWJS Community) -> --user-data-dir="C:\Users\1973pl\AppData\Local\IWannaBeTheCo-op\User Data" --profile-directory=Default --app-id=ekdnaabojekebacnjgiodcpppfjopfke
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi-essen.de
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-09-10 06:12 - 2015-09-10 06:12 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2012-11-29 14:32 - 2012-11-29 14:53 - 00805888 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2016-11-29 14:43 - 2016-12-13 00:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-29 14:43 - 2016-12-13 00:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-02-22 17:45 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-11-14 08:45 - 2012-10-19 12:27 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-09-25 04:02 - 2016-05-10 00:35 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-11-29 14:32 - 2012-11-27 16:18 - 02215424 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2015-10-01 15:15 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2012-11-29 14:32 - 2010-01-12 18:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2012-11-29 14:32 - 2010-01-12 18:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2015-10-01 15:15 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-09 19:24 - 2016-12-09 19:24 - 01678560 _____ () C:\Users\1973pl\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2012-11-29 14:32 - 2012-10-23 19:07 - 03471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2012-11-29 14:32 - 2012-08-08 19:10 - 07536128 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe
2015-10-01 15:14 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 15:15 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 15:14 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 15:14 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 15:15 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-12 13:35 - 2015-10-12 13:35 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\6dc6fa2248187d0cc70021a0ffe3e651\PSIClient.ni.dll
2012-11-14 09:20 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-09-01 18:27 - 2016-12-13 00:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-11-29 14:43 - 2016-12-13 00:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-29 14:43 - 2016-12-13 00:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2012-11-29 14:32 - 2009-12-18 16:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2012-11-29 14:32 - 2009-12-18 16:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2016-12-09 19:24 - 2016-12-09 19:24 - 01244376 _____ () C:\Users\1973pl\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2012-11-21 16:23 - 2007-04-19 10:33 - 00035584 _____ () C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uPiApi.dll
2012-11-21 16:23 - 2012-06-04 16:50 - 00016384 _____ () C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uTVMUIEngine.dll
2012-11-14 08:43 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-11-29 14:43 - 2016-12-12 15:36 - 00525760 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-11-29 14:43 - 2016-12-12 15:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-11-29 14:43 - 2016-12-12 15:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-11-29 14:43 - 2016-12-12 15:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-11-29 14:43 - 2016-12-12 15:36 - 00447424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-11-29 14:43 - 2016-12-12 15:36 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-11-29 14:43 - 2016-12-12 15:36 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2017-01-02 19:22 - 2016-12-12 15:36 - 00956472 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2015-04-08 08:15 - 2016-12-08 16:13 - 00656160 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-04-08 08:15 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-04-08 08:15 - 2016-12-20 03:25 - 02322720 _____ () C:\Program Files (x86)\Steam\video.dll
2015-04-08 08:15 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-04-08 08:15 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-04-08 08:15 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-04-08 08:15 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-04-08 08:15 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-04-08 08:15 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-04-08 08:15 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-04-08 08:15 - 2016-12-20 03:25 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 00:06 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-12-13 09:35 - 2016-12-05 17:21 - 67304736 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-04-08 08:15 - 2016-12-20 03:25 - 00388384 _____ () C:\Program Files (x86)\Steam\steam.dll
2015-04-08 08:15 - 2015-09-25 00:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\amazon.de -> hxxps://amazon.de
IE trusted site: HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\sony.com -> sony.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [UDP Query User{88A59309-0B4A-4ACF-83EF-B5F6A18C0E2A}C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe] => C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe
FirewallRules: [TCP Query User{3797B292-7320-4C1A-BD45-09015D32AE46}C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe] => C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe
FirewallRules: [{890E9AD1-B9F4-433A-82BB-A97D6B78B734}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{634DB0DA-FE8B-4786-85AE-AF6B4BE03623}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B4B3C55C-A72A-4BCA-8B48-2CBB7BE6E8EF}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{0F2EFA79-7672-4ED8-9056-027F9D2BCDA0}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{886A1C1F-7A68-4CAD-9CE6-6579FA792D81}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{15937BD4-2224-4217-B40E-8A4BB5DD1193}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{AE0D0A94-FFCE-4221-B520-31BAB7FB6F75}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [TCP Query User{BD69929C-922D-452B-B4F6-3E6A8E688594}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [{21ABBBC8-1479-4B3B-8CF1-2D7D6C32F729}] => C:\WarThunder\bpreport.exe
FirewallRules: [{F57C5E2E-9C78-4B86-93C1-79A3B47BD4F2}] => C:\WarThunder\bpreport.exe
FirewallRules: [UDP Query User{D94C91B8-E9BB-4597-ACE5-A0AFA3B1FCA3}C:\games\world_of_tanks\wotlauncher.exe] => C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{66E05D71-2763-47E5-B051-5ACBEC39859A}C:\games\world_of_tanks\wotlauncher.exe] => C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{D1FF8F04-C380-4A33-B31F-4F643EB7F58E}] => C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{1B4663DD-279B-4572-A6B0-0D64E4BB560E}] => C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [UDP Query User{F0AE6940-D12E-4471-BBFE-578020663BB5}C:\program files (x86)\steam\steamapps\common\gamemaker_studio\runner.exe] => C:\program files (x86)\steam\steamapps\common\gamemaker_studio\runner.exe
FirewallRules: [TCP Query User{FFA73896-BE1D-44E1-9AB6-4872FB1EEDC9}C:\program files (x86)\steam\steamapps\common\gamemaker_studio\runner.exe] => C:\program files (x86)\steam\steamapps\common\gamemaker_studio\runner.exe
FirewallRules: [UDP Query User{B28FDFB6-C249-4B97-B449-403B3B162193}C:\games\world_of_warships\wowslauncher.exe] => C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{BFE7B03A-F5D9-416A-A907-5EC51B9E57F1}C:\games\world_of_warships\wowslauncher.exe] => C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{17A074D7-FCAA-41E6-A03C-C63CB71AF6E1}C:\program files (x86)\origin games\fifa world\fifaworld.exe] => C:\program files (x86)\origin games\fifa world\fifaworld.exe
FirewallRules: [TCP Query User{D4E2E831-E73B-411D-8DB4-93ABE7CDDD74}C:\program files (x86)\origin games\fifa world\fifaworld.exe] => C:\program files (x86)\origin games\fifa world\fifaworld.exe
FirewallRules: [{C2E05714-0A8E-4D2F-A928-74EDC200B19D}] => C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{11752C38-6D3C-4E6D-B0F2-D6D0CD960F9E}] => C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{0F7986C9-3272-47AC-9922-76A63D48A655}] => C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{92662F06-480A-4EDD-9225-AE696DF94E21}] => C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{AB6B6306-016F-45CA-9220-2176F8D97FE2}] => C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{1E7AB1F8-F8D4-4AA2-8FF4-9BF40E8DA73A}] => C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{A323F914-0671-4347-86D1-D6AC4CC44594}] => C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{FEBAFC8D-9FF9-4FE6-BB18-85E09768976B}] => C:\Program Files (x86)\Steam\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [UDP Query User{6A0D02FD-E2A9-424A-8EF2-229AE3ECFF18}C:\users\1973pl\appdata\local\akamai\netsession_win.exe] => C:\users\1973pl\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{AB10B496-EEC6-4B0B-914B-B59AFCABEB4F}C:\users\1973pl\appdata\local\akamai\netsession_win.exe] => C:\users\1973pl\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{4AC66860-0B9D-4E4A-A800-25A57235E941}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C0626F6A-C409-4B55-8B1B-F4E9896A7367}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{88C1FCD3-A768-40B7-8A7E-EA2DDA386787}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm.exe] => C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm.exe
FirewallRules: [TCP Query User{92424320-2D15-41F6-B6E6-5EF8E5A842A3}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm.exe] => C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm.exe
FirewallRules: [UDP Query User{9DE22CA2-CD87-4BC5-A8DE-1B873C530735}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm.exe] => C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm.exe
FirewallRules: [TCP Query User{8D3B064F-3435-46E1-8A7C-03588A88A5EB}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm.exe] => C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm.exe
FirewallRules: [{7963A537-B88C-45FF-B51A-09002323822F}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{50ADF052-963A-4E58-BB6B-3FDA68E10296}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [UDP Query User{4EA707DE-52F3-46FA-B7A2-87752F9289E6}C:\users\1973pl\appdata\local\akamai\netsession_win.exe] => C:\users\1973pl\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{5AB0F920-C63F-481B-BEB1-23B70048376C}C:\users\1973pl\appdata\local\akamai\netsession_win.exe] => C:\users\1973pl\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{C6AC77C9-8F1F-47E1-94EE-70C5BFBEA043}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{7A7E9EEB-F815-4CCE-8368-790D4039A5FD}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{C3B4B516-1912-4AC7-B7E2-D656BD82479C}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [TCP Query User{A3C59CD7-5C75-484A-85D3-02C95B89C3F8}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [{D339C2D5-BE7B-4B41-8E58-118F1D6202A3}] => C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{BD0A0ED1-5E86-462C-AD72-62E108C517BE}] => C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{C18D1F24-3C12-467C-BC95-1FF7786E3A43}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E5927AC1-9F11-402F-8D8D-15DC242D4743}] => LPort=2869
FirewallRules: [{DD411DF8-5638-4E1B-955B-A143E18D1E75}] => LPort=1900
FirewallRules: [{C18A70DD-534A-4C32-95DC-96DCBAAB8361}] => C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{10F51AF5-FA5D-4FC6-92B6-E2DA8AD9AC0A}] => C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{E7E9A7D0-1B2B-4085-86DA-F45AB299316B}] => C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{86039665-D3ED-4584-896E-E347897E04E9}] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
FirewallRules: [{D58EBA08-D403-45A4-9232-520EEB05E672}] => C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
FirewallRules: [{2FCFAA31-5F2E-4EE9-97F6-10EDF33A2D2E}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{51B1AE16-8E82-48D9-A12B-458A23A66B46}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{94A3041B-663C-468A-ACA3-BB68068B32D7}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{869E3A75-1936-4059-A462-EABFC6E11A18}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{1A4446BB-76FC-4370-B066-BD9E94BDFB96}] => C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{1965A604-AA3B-4D67-8717-8C818E9181AF}] => C:\Users\1973pl\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{62D75383-B513-4333-959B-E3410BA5EB80}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BFB1C70A-EB64-4121-A8BC-02BB421396B4}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{F152B99A-E8CE-47DD-B7ED-897BA9BFF9C2}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C1501E65-35C4-4149-A064-A33B565EBD80}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{248383FE-B90F-4894-818C-EA0810CB17FB}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9B998942-E255-4706-A73F-309EBFD92E9A}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{51BA7F8D-752C-4E22-9E0F-AFA9C61A1638}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{10F68AC6-FC10-461F-BB42-3F98CF6AE0F8}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BD5E3AF6-C59A-4B3D-B430-50DA723987DD}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BA10C849-3F69-4AB4-A27A-C1CD1E1F10FE}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1F49A8E4-6413-477F-8FBC-46496374F8B8}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{65979DF4-9450-4F21-920A-FC0BC1E94536}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0E5A910A-486A-4CE0-9BBB-24FFF61BB8A9}] => C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{EB255023-9A4A-4B05-85BF-6F32C01A46F1}] => C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{D60D48B8-F8BC-4888-9375-30843456BB59}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{567D9A45-D004-43F3-A7E9-DAB3DC4CF557}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [TCP Query User{46E4CD15-A86A-4F91-BD98-5AE7A10AF886}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm.exe] => C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm.exe
FirewallRules: [UDP Query User{9E37645A-5722-4890-9407-EBBB6B9435E6}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm.exe] => C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm.exe
FirewallRules: [TCP Query User{13384991-9AB0-4BC2-9C8F-C471F8E6C061}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{67E5165D-410E-49EE-8708-0007B7A0476A}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{8F99BDB3-0E45-417F-97B8-98B55883D1D6}] => C:\Program Files (x86)\Steam\steamapps\common\lethalleague\LethalLeague.exe
FirewallRules: [{9CC8DB7B-0189-4B8D-8B0A-8A7BC7187503}] => C:\Program Files (x86)\Steam\steamapps\common\lethalleague\LethalLeague.exe
FirewallRules: [{70D332E2-02F8-4AC9-A7DB-724C560649F9}] => C:\Program Files (x86)\Steam\steamapps\common\Pro Gamer Manager\PGM.exe
FirewallRules: [{FFF44CDE-A83B-43D1-B98E-04E1459FF979}] => C:\Program Files (x86)\Steam\steamapps\common\Pro Gamer Manager\PGM.exe
FirewallRules: [{C6E42D04-8EEB-4D06-8BD1-94D16C09FE65}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FFBB5D25-DE75-4AA5-A009-EC7713CB036C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6A82830F-1262-4F07-A089-43EEA4AEABA3}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [UDP Query User{7C939C01-1605-4868-B3C9-6FA595E16B98}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{DF4D6093-8057-41C5-8A74-742DA2321626}] => C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{E70E55BC-573D-4C4B-9033-7C68329D9C8F}] => C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{09C33669-3E25-4856-AFA5-77F5896CA613}] => C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{27513B61-7CBA-4F32-9007-D7ED17C0333D}] => C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{D97DCAB8-21E5-4EF9-8C7F-831DB79346F2}] => C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{DA5196E4-14E2-4E43-8989-00B02964C184}] => C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{9FF310CC-52C0-4D26-82CF-658D6B196F84}] => C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{1E13A291-E003-4B7E-9872-934D855848B2}] => C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{2BE583C1-B59C-49A6-AC86-7E00AFB1A3D7}] => C:\Program Files (x86)\Steam\steamapps\common\Mad Games Tycoon\MadGamesTycoon.exe
FirewallRules: [{CCC84D74-DC6A-4EA8-AA0F-72A53C036404}] => C:\Program Files (x86)\Steam\steamapps\common\Mad Games Tycoon\MadGamesTycoon.exe
FirewallRules: [{0969D5C7-9761-4D06-B3AC-5AF299CE8398}] => C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{3DC93415-E2FF-42BB-9CD9-2D4A71619B7D}] => C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{9397A1AA-4693-497D-B9ED-45E5F77C5DE4}] => C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{FAAAA482-1E48-49FC-B69A-946430F57441}] => C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{B7C3DF5D-B83A-4C55-8C3F-845CC5271D06}] => C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{D94116D3-8BEA-4435-B2EB-991DFEC5E502}] => C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{7C7CE38E-B8B7-4190-8C51-B4529287FC69}] => C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{D0E5E6C6-4837-422E-A140-482024A2D9DA}] => C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{AB078F7C-C077-4840-8A31-44A6797CF9B4}] => C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{CFF9F988-BD8A-4235-B9F8-C25A8D57F176}] => C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{52B68850-3AFA-4008-B85F-FB92939BE112}] => C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{3A0C3EFA-5617-43AB-BB8A-0C3B80628113}] => C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{341F03AC-C0E1-4046-9712-FE29981BFDFA}] => C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{34F89E8E-257F-4D76-AED8-362ADA7B5A67}] => C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{3055C2AB-6C99-4CB8-829C-A82FED93137F}] => C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{8C7BFA2B-8BFF-4D60-9553-2C5710678CB6}] => C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{41E79C66-59F1-4EAD-9093-0AB8A712AF58}] => C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{AE83ADB3-3D48-432C-BA85-E5AF608498E1}] => C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [TCP Query User{E7D533E9-1ED2-42DD-9CDC-9EB0D36CBF7C}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{80595C12-DA36-4537-AA27-3A68E8ECEF60}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{FF43322F-5BFB-4C9D-BD67-E739DD6AAA51}C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe] => C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe
FirewallRules: [UDP Query User{96D68793-960F-443F-98AD-FCD218F80D94}C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe] => C:\program files (x86)\starcraft ii\versions\base42253\sc2_x64.exe
FirewallRules: [{484314FC-DD57-40D6-92ED-3129F0DEC74D}] => C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{28A71A65-3052-4BBD-83C2-283AF88C7950}] => C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{73573CCA-FB58-42D6-8345-97E7E1C36369}] => C:\Program Files (x86)\Origin Games\FIFA Manager 13\Manager13.exe
FirewallRules: [{D97E6C67-646A-4CCE-AAC7-2D3AE5717AFE}] => C:\Program Files (x86)\Origin Games\FIFA Manager 13\Manager13.exe
FirewallRules: [{41CA982C-BBAB-4AC8-988C-41AB1E526456}] => C:\Program Files (x86)\Steam\steamapps\common\Ori DE\oriDE.exe
FirewallRules: [{CC364935-C4A5-44D7-B39B-77C747B15004}] => C:\Program Files (x86)\Steam\steamapps\common\Ori DE\oriDE.exe
FirewallRules: [{8E694646-178C-4A43-A442-54ACACEF67CA}] => C:\Program Files (x86)\Steam\steamapps\common\gamemaker_studio\GameMakerPlayer.exe
FirewallRules: [{0E16DD6D-A218-4920-BE96-B5F4620227A2}] => C:\Program Files (x86)\Steam\steamapps\common\gamemaker_studio\GameMakerPlayer.exe
FirewallRules: [{DCC803EC-5F4D-4030-B2A0-65CF92F700BA}] => C:\Program Files (x86)\Steam\steamapps\common\Limbo\limbo.exe
FirewallRules: [{91131123-1AC7-41A3-8ACB-67458D4E0815}] => C:\Program Files (x86)\Steam\steamapps\common\Limbo\limbo.exe
FirewallRules: [{E39B3C94-7B29-41FD-B269-AFC981557EAA}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5EBF6E00-8420-4C7E-B72D-A1F53D90E69F}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{537AB441-CD59-4F6F-8812-4474EBC45986}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E760B657-6824-4966-B340-4B062E67BF3F}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4C436BD4-2DAB-46E1-9F5F-98BE98B28C7E}] => C:\Program Files (x86)\Steam\steamapps\common\Duck Game\DuckGame.exe
FirewallRules: [{BA9D8B01-243D-4D9B-AD2A-55B92DD542FC}] => C:\Program Files (x86)\Steam\steamapps\common\Duck Game\DuckGame.exe
FirewallRules: [{A56F8609-E562-4B35-A7BF-45EEBB4FD0A8}] => C:\Program Files (x86)\Steam\steamapps\common\Howler\Howler.exe
FirewallRules: [{34F21903-D19E-4C3F-AB1F-120273D11A84}] => C:\Program Files (x86)\Steam\steamapps\common\Howler\Howler.exe
FirewallRules: [{74463A21-3AD5-4D66-8644-E3BB22E60BEB}] => C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5792A998-E15B-42BA-85E3-726A8051E630}] => C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{83D5C10A-9816-41DE-8F14-552E3E06033D}] => C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{73EB7C25-3F16-41E9-8C9C-B99D2EEC83E7}] => C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{E3BC5C08-BCDC-4927-A0DC-760B03432A54}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{2D06CDFC-3478-4099-A21B-4C68968E25C5}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{A2485327-1E61-48E6-957A-F4B00DA39966}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{A857398B-1E90-4CBA-8520-C7767D5BA136}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{0AC30736-7F62-4DC0-B129-A8ADA79D35C4}] => C:\Program Files (x86)\Steam\steamapps\common\Furi\Furi.exe
FirewallRules: [{B0BEBEC1-52B0-42BA-A16D-BD52FA55A0F8}] => C:\Program Files (x86)\Steam\steamapps\common\Furi\Furi.exe
FirewallRules: [{F7C44599-CEC3-4F4D-AC7C-29815824CB7A}] => C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{B5E8A607-729E-433A-AB55-C2E18B00333A}] => C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{7795F957-8601-4F5C-9157-BB1419D84F9A}] => C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin.exe
FirewallRules: [{60FC8769-B158-44FA-9F3C-4294DFDE0D39}] => C:\Program Files (x86)\Steam\steamapps\common\RimWorld\RimWorldWin.exe
FirewallRules: [{7A153F93-7575-48EB-BB2A-89CA30276B01}] => C:\Program Files (x86)\Steam\steamapps\common\Reigns\Reigns.exe
FirewallRules: [{4D8F7B11-2DCC-407B-BFCE-EEFE017A971B}] => C:\Program Files (x86)\Steam\steamapps\common\Reigns\Reigns.exe
FirewallRules: [{63E4CE20-C882-46DA-B576-C7A11038B3CA}] => C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{ECC92899-3100-455F-BE11-126F2A6261E5}] => C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{58AA2BAC-E435-41F5-8D31-2F88B008EB3C}] => C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{C82E5DFF-2D73-47F6-B8B8-169AB13D12DC}] => C:\Program Files (x86)\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [TCP Query User{818D88AA-FE97-4573-82A9-C06C4C94DFFA}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{D20858B0-16B5-4FCD-808F-DEEC2B2DA8BE}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [TCP Query User{917FEDE7-56B4-4875-980F-0E6A4277A1A7}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{7332A459-8EFE-4007-8EC8-C4AF598DAF7D}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{0E4FDD3B-B5C5-4A29-AD6E-D245FFF51217}C:\program files (x86)\hearthstone\hearthstone.exe] => C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{4EA9616B-CF59-4A7B-86CB-723CAF3D768E}C:\program files (x86)\hearthstone\hearthstone.exe] => C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{E33196CE-948C-4D30-B21A-8C33CB8B0BB2}C:\program files (x86)\origin games\fifa 17\fifa17.exe] => C:\program files (x86)\origin games\fifa 17\fifa17.exe
FirewallRules: [UDP Query User{63AB4D4B-C55F-4CA1-AB77-B3CDA2C5E4AA}C:\program files (x86)\origin games\fifa 17\fifa17.exe] => C:\program files (x86)\origin games\fifa 17\fifa17.exe
FirewallRules: [{923734F4-034C-4FA2-8824-6461238D277F}] => C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{F3B3E4B2-25C9-4B7D-8242-F9834D6A938D}] => C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{9D286608-8764-4985-B942-A2934C90683F}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4B7157B4-7D64-47CE-B2C2-4B8C4BEDEE13}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2B6058C2-6EB1-4862-AEC6-3925B3752FB7}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{58CB7068-BA14-4BAA-BAD5-983695F2FAE2}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CE5BB44D-2715-4643-A609-477C0E05FA47}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{B21F1FA5-BAB4-444F-A2B9-7BE9F3C75E88}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{A5FD4A4D-3E85-4450-8257-AAD7AF383B08}] => C:\Program Files (x86)\Steam\steamapps\common\Thumper\THUMPER.exe
FirewallRules: [{3E385507-A054-46BA-BE0F-59F175FEF807}] => C:\Program Files (x86)\Steam\steamapps\common\Thumper\THUMPER.exe
FirewallRules: [TCP Query User{D0BD926C-6A69-4DDD-BFA2-08548DB82765}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe
FirewallRules: [UDP Query User{8A125C1B-F3F9-468D-B0C8-A399E0B878F3}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe
FirewallRules: [{921D4CA0-F533-4578-833F-A0C5F2FA59C1}] => C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{41A1C9B3-66C6-4B7E-AC2F-F6D142662A8D}] => C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{71CFF58B-4E5C-47E4-9751-5D59E256D4EF}] => C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{CF05BCD0-FCE9-47F5-B757-B7CCB75F7965}] => C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{4277A25E-B61A-4A17-B0B6-118125A6A7CA}] => C:\Program Files (x86)\Steam\steamapps\common\Motorsport Manager\MM.exe
FirewallRules: [{97F3C811-B5C3-4FA9-BC56-665415B40C28}] => C:\Program Files (x86)\Steam\steamapps\common\Motorsport Manager\MM.exe
FirewallRules: [{557E1426-A156-4E02-BC6D-386F6252F501}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{178F8E8D-5A73-4EB8-B744-EE37E8E95AC7}] => C:\Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{89C173B3-A830-4172-AF64-078808F3E4E0}] => C:\Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{A51C9997-6AD8-463A-B617-4F7E69B014B9}] => C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{2F75ACA0-0142-4853-87F0-97ADAFEE904F}] => C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{EF0CA74F-9CB6-49CD-8EF7-AD1722904458}] => C:\Program Files (x86)\Steam\steamapps\common\Disco Dodgeball\Disco Dodgeball.exe
FirewallRules: [{ED9F0B5D-A4C8-4034-AEF9-D07A20FA4D53}] => C:\Program Files (x86)\Steam\steamapps\common\Disco Dodgeball\Disco Dodgeball.exe
FirewallRules: [{37F3B941-6901-478F-AB47-604EC62521E5}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8859C270-B7DE-42CD-838E-8A5EB53F5AA4}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{EBDFD371-F068-4A59-BC7A-141E3402B14F}] => C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2017\fm.exe
FirewallRules: [{EF4E2E88-4FA3-411C-BD35-1E20257754F7}] => C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2017\fm.exe
FirewallRules: [{3708A2D1-2C6F-461C-BF05-625C58B8A135}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D5B2CC51-2EA0-46CA-9BA1-8E89E5382041}] => C:\Program Files (x86)\Steam\steamapps\common\Thumper\THUMPER_dx9.exe
FirewallRules: [{3B0EC1B3-119D-4C62-A5A3-1F2262248702}] => C:\Program Files (x86)\Steam\steamapps\common\Thumper\THUMPER_dx9.exe
FirewallRules: [{9CD120C7-1EC3-4EFC-84C9-BB90957E33DA}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{EE33FA4C-7818-4C37-8C58-605DFA7ADFBF}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{EEF00F6F-6C6D-4195-9917-129FF876ABC8}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{36E7D7DA-C143-482A-A738-70F5400004FC}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{F4873D8C-6193-44F9-92F0-424C602C33FF}] => C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{C176080E-F4D5-476D-A7BE-D16A0F887999}] => C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{74B66EBC-F7C2-442C-92DC-AEF10123962E}] => C:\Program Files (x86)\Steam\steamapps\common\Poker Night 2\PokerNight2.exe
FirewallRules: [{680F99D2-1839-4B10-B410-D4FABB5E5027}] => C:\Program Files (x86)\Steam\steamapps\common\Poker Night 2\PokerNight2.exe
FirewallRules: [{A1093815-7541-4720-99EF-B568F7F66E70}] => C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{C6B267DE-C8B6-476C-B7C5-A3B92C2B37A7}] => C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{F963AF33-308D-4B62-9ABD-0D693B1D1761}] => C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{3F02AE68-6E18-4FE3-81F4-9C67405A4116}] => C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{0AE9E1AF-5663-4BAC-B81A-4B20C0F6BF8B}] => C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win8.exe
FirewallRules: [{C1937BB3-ACB1-4217-B984-EC793B8DCF8B}] => C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win8.exe
FirewallRules: [{FD8B6332-A0BF-4EEC-986D-63CC7CE4C32E}] => C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win7.exe
FirewallRules: [{7DE83824-2FF3-442C-9F39-333AA2C1A5CD}] => C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win7.exe
FirewallRules: [TCP Query User{4C2B5FAD-FDCF-4EBC-9E8A-E5C1AD62AADB}C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe
FirewallRules: [UDP Query User{084A4EB3-4DDE-4EFB-92EE-8583C1957B05}C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe
FirewallRules: [{FCE931BE-6B45-4475-9065-93C3FF90F3BA}] => C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{2C5A9ADC-621B-4544-BE24-6AEF57630EB0}] => C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{5D7F25B8-4A2A-4F45-89B5-3138E22EA8DA}] => C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{27533E95-8506-45B9-9EF0-BC40768D8B2F}] => C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
==================== Wiederherstellungspunkte =========================
31-12-2016 14:26:49 Geplanter Prüfpunkt
01-01-2017 14:30:00 DirectX wurde installiert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/08/2017 04:21:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm fm.exe, Version 17.2.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 14aac
Startzeit: 01d2695d00da9a34
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2017\fm.exe
Berichts-ID: 8fadc9b7-d551-11e6-bf02-6036dd1bb9c0
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (01/08/2017 04:12:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm fm.exe, Version 17.2.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 14c60
Startzeit: 01d26958907aa427
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2017\fm.exe
Berichts-ID: 3b9bf055-d550-11e6-bf02-6036dd1bb9c0
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (01/06/2017 10:00:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.10240.16515, Zeitstempel: 0x55fa599a
Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 10.0.10240.16515, Zeitstempel: 0x55fa545a
Ausnahmecode: 0xc000027b
Fehleroffset: 0x000000000006644f
ID des fehlerhaften Prozesses: 0x13f4c
Startzeit der fehlerhaften Anwendung: 0x01d267d236eb9aa5
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\twinapi.appcore.dll
Berichtskennung: fb330f68-67ab-44ad-8eb5-e1d58593471e
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (01/06/2017 06:43:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ASN_App_PcDx9_Final.exe, Version: 0.0.0.0, Zeitstempel: 0x52d66954
Name des fehlerhaften Moduls: ASN_App_PcDx9_Final.exe, Version: 0.0.0.0, Zeitstempel: 0x52d66954
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0007235d
ID des fehlerhaften Prozesses: 0x14990
Startzeit der fehlerhaften Anwendung: 0x01d26832006f64ad
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
Berichtskennung: 097603a2-adb6-40ee-b89e-14265549a959
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/05/2017 02:41:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SC2_x64.exe, Version 3.9.1.48960 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1790
Startzeit: 01d266ec450dc435
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\StarCraft II\Versions\Base48645\SC2_x64.exe
Berichts-ID: 20162de2-d2e8-11e6-bf02-6036dd1bb9c0
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (01/05/2017 01:00:26 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Battle.net Launcher.exe, Version 1.12.3.2609 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 15214
Startzeit: 01d266e66ecc428d
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
Berichts-ID: f4e58995-d2d9-11e6-bf02-6036dd1bb9c0
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (01/04/2017 06:35:30 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SearchUI.exe, Version 10.0.10240.16515 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: d0
Startzeit: 01d2664b9ae06497
Beendigungszeit: 4294967295
Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Berichts-ID: 91029417-d23f-11e6-bf02-6036dd1bb9c0
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy
Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI
Error: (01/04/2017 06:35:14 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: petra)
Description: Das Paket „Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (01/04/2017 03:16:51 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: petra)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/03/2017 01:45:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SearchUI.exe, Version 10.0.10240.16515 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: e6c
Startzeit: 01d265be877ac977
Beendigungszeit: 4294967295
Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Berichts-ID: 779a4a50-d1b2-11e6-bf02-6036dd1bb9c0
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy
Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI
Systemfehler:
=============
Error: (01/08/2017 04:22:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_Session5 erreicht.
Error: (01/08/2017 04:21:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session5" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/06/2017 02:42:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_Session4 erreicht.
Error: (01/06/2017 02:42:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session4" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/05/2017 02:46:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_Session3 erreicht.
Error: (01/05/2017 02:46:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/04/2017 03:16:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_Session2 erreicht.
Error: (01/04/2017 03:16:51 AM) (Source: DCOM) (EventID: 10010) (User: petra)
Description: Der Server "CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/04/2017 03:16:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/03/2017 04:07:43 AM) (Source: DCOM) (EventID: 10010) (User: petra)
Description: Der Server "CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2017-01-04 03:16:54.020
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-28 12:21:09.707
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-22 10:45:30.459
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-18 12:48:55.186
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-15 11:19:37.183
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-15 11:19:37.160
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-15 11:19:37.131
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-15 11:19:26.534
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-15 11:19:23.595
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-14 23:25:53.338
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 8072.9 MB
Verfügbarer physikalischer RAM: 4716.07 MB
Summe virtueller Speicher: 9823.23 MB
Verfügbarer virtueller Speicher: 6685.45 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:868.59 GB) (Free:482.16 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:40.01 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 462A80D0)
Partition: GPT.
==================== Ende von Addition.txt ============================
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-01-2017
durchgeführt von 1973pl (Administrator) auf PETRA (08-01-2017 13:29:58)
Gestartet von C:\Users\1973pl\Downloads
Geladene Profile: 1973pl (Verfügbare Profile: 1973pl)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Akamai Technologies, Inc.) C:\Users\1973pl\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\1973pl\AppData\Local\Akamai\netsession_win.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3952800 2015-08-21] (Synaptics Incorporated)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3044848 2016-12-06] (Electronic Arts)
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\Run: [Akamai NetSession Interface] => C:\Users\1973pl\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27017856 2016-10-17] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\1973pl\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll [2016-12-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\1973pl\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll [2016-12-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\1973pl\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll [2016-12-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\1973pl\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncShell.dll [2016-12-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\1973pl\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncShell.dll [2016-12-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\1973pl\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncShell.dll [2016-12-09] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2012-11-21]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe (ArcSoft, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9a34807a-9833-43ac-a876-5346935872c5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d93110b3-007b-4a4a-8bac-33df59d2732d}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-1766157453-2088857509-2423560725-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1766157453-2088857509-2423560725-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-10-11] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-23] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-23] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: hmc0gz0g.default-1438966343523
FF ProfilePath: C:\Users\1973pl\AppData\Roaming\Mozilla\Firefox\Profiles\hmc0gz0g.default-1438966343523 [2017-01-08]
FF Extension: (Adblock Plus) - C:\Users\1973pl\AppData\Roaming\Mozilla\Firefox\Profiles\hmc0gz0g.default-1438966343523\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF ProfilePath: C:\Users\1973pl\AppData\Roaming\Mozilla\Firefox\Profiles\gewfrniu.default-1441125199988 [2015-09-01]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\1973pl\AppData\Local\Google\Chrome\User Data\Default [2016-12-31]
CHR Extension: (Adblock Plus) - C:\Users\1973pl\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\1973pl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-30]
CHR Extension: (Chrome Media Router) - C:\Users\1973pl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-31]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-11-01] (Microsoft Corporation)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-12-05] (Dropbox, Inc.)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [805888 2012-11-29] () [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-10-12] (Intel Corporation)
R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [16896 2015-10-14] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [Datei ist nicht signiert]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-13] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-12-06] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-12-06] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2012-10-19] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [247968 2015-08-21] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [165504 2012-11-14] (ITE )
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3354384 2015-06-18] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-13] (NVIDIA Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
U5 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [84792 2016-02-20] (Sysinternals - www.sysinternals.com)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [587264 2015-06-18] (Realtek )
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [3772632 2015-06-18] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [44192 2015-08-21] (Synaptics Incorporated)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 XHCIPort; C:\WINDOWS\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-08 13:29 - 2017-01-08 13:29 - 00000000 ____D C:\Users\1973pl\Downloads\FRST-OlderVersion
2017-01-08 13:23 - 2017-01-08 13:23 - 00016148 _____ C:\WINDOWS\system32\PETRA_1973pl_HistoryPrediction.bin
2017-01-02 19:23 - 2017-01-02 19:33 - 00005110 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2017-01-02 19:21 - 2017-01-02 19:21 - 00004398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-02 19:21 - 2016-12-12 15:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-01-02 19:20 - 2016-12-13 00:36 - 00156096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-01-02 19:20 - 2016-12-13 00:36 - 00123840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-01-01 14:31 - 2017-01-01 14:31 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2017-01-01 14:00 - 2017-01-01 14:00 - 00000000 ____D C:\Users\1973pl\AppData\Local\Colossal Order
2016-12-22 02:03 - 2017-01-06 02:42 - 00216704 ____H C:\Users\1973pl\AppData\Local\IconCache.db
2016-12-21 11:44 - 2016-12-21 11:45 - 03977168 _____ C:\Users\1973pl\Downloads\AdwCleaner_6.041.exe
2016-12-21 11:44 - 2016-12-21 11:45 - 01663040 _____ (Malwarebytes) C:\Users\1973pl\Downloads\JRT(1).exe
2016-12-16 11:28 - 2016-12-16 11:32 - 00262462 _____ C:\TDSSKiller.3.1.0.12_16.12.2016_11.28.42_log.txt
2016-12-15 11:26 - 2016-12-15 11:29 - 00515948 _____ C:\TDSSKiller.3.1.0.12_15.12.2016_11.26.57_log.txt
2016-12-15 11:26 - 2016-12-15 11:26 - 04747704 _____ (AO Kaspersky Lab) C:\Users\1973pl\Downloads\tdsskiller.exe
2016-12-15 10:25 - 2016-12-15 11:26 - 00000000 ____D C:\Users\1973pl\Desktop\mbar
2016-12-15 10:25 - 2016-12-15 10:25 - 16563352 _____ (Malwarebytes Corp.) C:\Users\1973pl\Downloads\mbar-1.09.3.1001.exe
2016-12-13 11:44 - 2016-12-13 11:47 - 00088189 _____ C:\Users\1973pl\Downloads\Addition.txt
2016-12-13 11:40 - 2017-01-08 13:29 - 02418688 _____ (Farbar) C:\Users\1973pl\Downloads\FRST64.exe
2016-12-13 10:08 - 2016-12-13 10:09 - 02309992 _____ C:\Users\1973pl\Downloads\winrar-x64-540d(1).exe
2016-12-13 09:45 - 2016-12-13 09:45 - 00000000 ____D C:\Users\Public\Documents\Sports Interactive
2016-12-13 09:45 - 2016-12-13 09:45 - 00000000 ____D C:\Users\1973pl\Documents\Sports Interactive
2016-12-13 09:45 - 2016-12-13 09:45 - 00000000 ____D C:\Users\1973pl\AppData\Local\Sports Interactive
2016-12-13 09:36 - 2016-12-13 09:36 - 00000000 ____D C:\Users\1973pl\AppData\Local\Chromium
2016-12-12 23:23 - 2016-12-12 23:23 - 00000000 ____D C:\Users\1973pl\AppData\Roaming\WinRAR
2016-12-12 23:21 - 2016-12-13 12:47 - 00000000 ____D C:\Program Files\WinRAR
2016-12-12 23:21 - 2016-12-12 23:21 - 02309992 _____ C:\Users\1973pl\Downloads\winrar-x64-540d.exe
2016-12-12 19:38 - 2016-12-12 19:38 - 00000116 _____ C:\Users\1973pl\Desktop\Herr Peters.txt
2016-12-10 12:41 - 2016-12-10 12:41 - 00000000 ____D C:\Users\1973pl\AppData\LocalLow\82 Apps
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-08 13:33 - 2014-06-14 22:31 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-08 13:32 - 2015-05-04 23:12 - 00018479 _____ C:\Users\1973pl\Downloads\FRST.txt
2017-01-08 13:30 - 2015-04-08 07:54 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-08 13:29 - 2015-05-04 23:12 - 00000000 ____D C:\FRST
2017-01-08 13:25 - 2016-11-18 19:13 - 00000000 ____D C:\Users\1973pl\AppData\LocalLow\Mozilla
2017-01-08 13:25 - 2015-04-08 16:30 - 00000000 ____D C:\Users\1973pl\AppData\Roaming\TS3Client
2017-01-08 13:15 - 2015-09-25 04:28 - 01888230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-08 13:15 - 2015-09-10 06:10 - 00813448 _____ C:\WINDOWS\system32\perfh007.dat
2017-01-08 13:15 - 2015-09-10 06:10 - 00165842 _____ C:\WINDOWS\system32\perfc007.dat
2017-01-08 13:15 - 2015-07-30 23:40 - 00000000 ____D C:\WINDOWS\INF
2017-01-08 13:14 - 2015-09-25 04:02 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-08 13:14 - 2015-07-10 19:10 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C738C1A3-886C-4436-98D0-E63BBECD72AA}
2017-01-08 13:13 - 2013-08-18 19:52 - 00000000 ____D C:\Users\1973pl\Documents\Youcam
2017-01-08 13:11 - 2015-04-10 06:35 - 00000000 __SHD C:\Users\1973pl\IntelGraphicsProfiles
2017-01-08 03:15 - 2016-12-02 13:41 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2017-01-06 22:00 - 2016-01-28 19:15 - 00000000 ____D C:\Users\1973pl\AppData\Local\CrashDumps
2017-01-05 20:54 - 2015-04-16 06:14 - 00000000 ____D C:\Users\1973pl\AppData\Roaming\OBS
2017-01-05 02:42 - 2015-04-08 06:31 - 00000000 ____D C:\Users\1973pl\AppData\Local\Battle.net
2017-01-05 01:42 - 2015-11-16 08:58 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2017-01-05 01:28 - 2015-09-28 05:51 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2017-01-05 01:16 - 2016-05-05 03:17 - 00000000 ____D C:\Program Files (x86)\Overwatch
2017-01-05 01:01 - 2015-04-08 06:30 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-01-02 19:38 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-01-02 19:35 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-02 19:34 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-01-02 19:23 - 2016-11-29 14:44 - 00001493 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-01-02 19:23 - 2015-09-25 04:01 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-01-02 19:22 - 2016-11-29 14:44 - 00003974 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-02 19:21 - 2016-11-29 14:43 - 00003984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-02 19:21 - 2016-11-29 14:43 - 00003956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-02 19:21 - 2016-11-29 14:43 - 00003948 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-02 19:21 - 2016-11-29 14:43 - 00003786 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-02 19:21 - 2016-11-29 14:43 - 00003744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-02 19:21 - 2015-09-25 04:01 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-01-02 19:21 - 2015-09-25 04:01 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-01-02 19:21 - 2015-09-01 18:29 - 00000000 ____D C:\Users\1973pl\AppData\Local\NVIDIA Corporation
2017-01-01 17:28 - 2015-08-26 18:44 - 00000000 ____D C:\Users\1973pl\AppData\Local\PokerStars.EU
2017-01-01 14:31 - 2015-08-06 06:09 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-12-31 15:44 - 2015-06-15 19:31 - 00000000 ____D C:\Users\1973pl\Documents\Telltale Games
2016-12-31 13:58 - 2015-04-15 19:33 - 00000000 ____D C:\Users\1973pl\AppData\Local\Diagnostics
2016-12-26 02:31 - 2015-09-25 04:09 - 00000000 ____D C:\Users\1973pl\AppData\Roaming
2016-12-26 02:30 - 2015-04-08 08:13 - 00000000 ____D C:\AdwCleaner
2016-12-23 02:23 - 2015-04-08 23:59 - 00000000 ____D C:\Users\1973pl\AppData\Roaming\Origin
2016-12-23 02:23 - 2015-04-08 23:16 - 00000000 ____D C:\ProgramData\Origin
2016-12-21 14:34 - 2015-07-30 23:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs
2016-12-21 14:34 - 2015-07-10 10:47 - 00000000 ___RD C:\Program Files (x86)
2016-12-21 14:34 - 2015-04-10 05:50 - 00000000 ____D C:\Users\1973pl\Desktop
2016-12-21 14:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-21 14:33 - 2015-09-05 18:53 - 00000000 ___RD C:\Users\1973pl\Dropbox
2016-12-21 11:54 - 2015-09-09 21:31 - 00070724 _____ C:\WINDOWS\PFRO.log
2016-12-21 11:53 - 2015-10-04 20:15 - 00209676 ____H C:\Users\1973pl\AppData\Local\IconCache.db.backup
2016-12-21 11:49 - 2015-12-04 00:33 - 00000686 _____ C:\Users\1973pl\Desktop\JRT.txt
2016-12-20 10:34 - 2015-07-30 23:42 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-20 10:33 - 2015-02-22 17:45 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-12-18 00:30 - 2016-11-18 09:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-18 00:30 - 2014-05-13 13:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-17 21:12 - 2015-08-26 18:42 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2016-12-17 13:26 - 2015-08-07 12:46 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 13:26 - 2015-08-07 12:46 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 11:26 - 2014-05-13 13:39 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-12-15 10:27 - 2015-08-07 12:50 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-15 10:27 - 2015-08-07 12:50 - 00002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-15 10:26 - 2014-05-13 13:39 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-15 10:25 - 2014-05-13 13:37 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-12-14 23:29 - 2015-09-25 04:09 - 00000000 ____D C:\Users\1973pl
2016-12-13 13:33 - 2016-11-08 20:33 - 20364888 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-12-13 13:33 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-13 13:33 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-13 12:55 - 2014-05-13 13:31 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-13 12:55 - 2014-05-13 13:31 - 00000000 ____D C:\ProgramData\Avira
2016-12-13 12:55 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Desktop
2016-12-13 12:45 - 2014-05-13 13:49 - 00000000 ____D C:\Users\1973pl\AppData\Roaming\Avira
2016-12-13 10:29 - 2015-09-25 04:09 - 00000000 ___RD C:\Users\1973pl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-13 09:45 - 2015-04-10 05:50 - 00000000 ___RD C:\Users\1973pl\Documents
2016-12-13 09:45 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Public\Documents
2016-12-13 00:37 - 2016-11-29 14:44 - 01853376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-12-13 00:37 - 2016-11-29 14:44 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-12-13 00:37 - 2016-11-29 14:44 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-12-13 00:37 - 2016-11-29 14:44 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-12-13 00:37 - 2016-11-29 14:44 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-12-13 00:36 - 2015-09-01 18:22 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-12-12 23:21 - 2015-07-10 10:47 - 00000000 ___RD C:\Program Files
2016-12-12 15:37 - 2016-11-29 14:43 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-12-10 12:41 - 2013-08-18 19:48 - 00000000 ____D C:\Users\1973pl\AppData\LocalLow
2016-12-09 19:26 - 2016-12-06 19:24 - 00003272 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-09 19:26 - 2015-09-25 16:17 - 00002429 _____ C:\Users\1973pl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-09 19:26 - 2015-02-24 09:41 - 00000000 ___RD C:\Users\1973pl\OneDrive
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-07-29 17:14 - 2015-07-29 17:14 - 0002069 _____ () C:\Users\1973pl\AppData\Local\recently-used.xbel
2016-02-20 19:10 - 2016-10-29 10:20 - 0007605 _____ () C:\Users\1973pl\AppData\Local\Resmon.ResmonCfg
2012-11-14 09:19 - 2012-11-14 09:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-06-30 00:58 - 2015-06-30 00:58 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2017-01-02 19:23 - 2017-01-08 13:10 - 0007497 _____ () C:\ProgramData\NvTelemetryContainer.log
2017-01-02 19:23 - 2017-01-02 19:33 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
Einige Dateien in TEMP:
====================
C:\Users\1973pl\AppData\Local\Temp\avgnt.exe
C:\Users\1973pl\AppData\Local\Temp\libeay32.dll
C:\Users\1973pl\AppData\Local\Temp\msvcr120.dll
C:\Users\1973pl\AppData\Local\Temp\NvTelemetry.dll
C:\Users\1973pl\AppData\Local\Temp\NvTelemetryAPI32.dll
C:\Users\1973pl\AppData\Local\Temp\NvTelemetryAPI64.dll
C:\Users\1973pl\AppData\Local\Temp\sfamcc00001.dll
C:\Users\1973pl\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-07 11:00
==================== Ende von FRST.txt ============================
|
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Malware 
SecurityCheck und:
