Trojaner-Board - Malware S-1--5-21 "Windows Sound Mixer"

TEIL 1

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-10-2017 01

durchgeführt von No TRound (Administrator) auf NOTROUND-PC (19-10-2017 17:41:57)

Gestartet von C:\Users\No TRound\Downloads

Geladene Profile: No TRound (Verfügbare Profile: No TRound & DefaultAppPool)

Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: FF)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(Microsoft Corporation) C:\Windows\System32\alg.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe

() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE

(Microsoft Corporation) C:\Windows\System32\snmptrap.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

(REALiX) C:\Program Files\HWiNFO64\HWiNFO64.EXE

() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe

() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)

HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer: [NoInternetOpenWith] 0

HKU\S-1-5-21-3595831389-1431158722-2028087346-1000\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC)

HKU\S-1-5-21-3595831389-1431158722-2028087346-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)

HKU\S-1-5-21-3595831389-1431158722-2028087346-1000\...\Policies\system: [DisableLockWorkstation] 0

HKU\S-1-5-21-3595831389-1431158722-2028087346-1000\...\MountPoints2: {02a4892a-a7e7-11e6-8089-50e549529c23} - E:\HiSuiteDownLoader.exe

HKU\S-1-5-21-3595831389-1431158722-2028087346-1000\...\MountPoints2: {02a48930-a7e7-11e6-8089-50e549529c23} - E:\HiSuiteDownLoader.exe

HKU\S-1-5-21-3595831389-1431158722-2028087346-1000\...\MountPoints2: {02a48935-a7e7-11e6-8089-50e549529c23} - E:\HiSuiteDownLoader.exe

HKU\S-1-5-21-3595831389-1431158722-2028087346-1000\...\MountPoints2: {06138610-af2d-11e5-b761-bc5ff47442cb} - I:\setup.exe

HKU\S-1-5-21-3595831389-1431158722-2028087346-1000\...\MountPoints2: {3bfa19f9-d020-11e6-8833-50e549529c23} - I:\autorun.exe

HKU\S-1-5-21-3595831389-1431158722-2028087346-1000\...\MountPoints2: {3bfa1a04-d020-11e6-8833-50e549529c23} - L:\autorun.exe

HKU\S-1-5-21-3595831389-1431158722-2028087346-1000\...\MountPoints2: {74a07712-50fd-11e6-95fe-50e549529c23} - K:\stp-fm2017.exe

HKU\S-1-5-21-3595831389-1431158722-2028087346-1000\...\Winlogon: [Shell] C:\Windows\System32\cmd.exe [345088 2010-11-21] (Microsoft Corporation) <==== ACHTUNG

Startup: C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FrostWire On Startup.lnk [2017-10-19]

ShortcutTarget: FrostWire On Startup.lnk -> C:\Program Files (x86)\FrostWire 6\FrostWire.exe (FrostWire)

BootExecute: autocheck autochk * aswBoot.exe /M:54c0eb593 /wow /dir:"C:\Program Files\AVAST Software\Avast"

GroupPolicy: Beschränkung <==== ACHTUNG
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{188A2D52-B000-42B0-984D-7BBE2008F653}: [NameServer] 4.2.2.2,4.2.2.3

Tcpip\..\Interfaces\{188A2D52-B000-42B0-984D-7BBE2008F653}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{6A8FE975-98C4-413A-A235-4BB212666282}: [DhcpNameServer] 192.168.42.129

Tcpip\..\Interfaces\{6BFA6E80-BE29-49F3-A27D-40DE6B4B5EE4}: [DhcpNameServer] 192.168.42.129

Tcpip\..\Interfaces\{77501582-66CB-4BD2-A0E4-837D72475444}: [NameServer] 208.67.222.222,208.67.220.220

Tcpip\..\Interfaces\{77501582-66CB-4BD2-A0E4-837D72475444}: [DhcpNameServer] 192.168.178.1
 

Internet Explorer:

==================

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-3595831389-1431158722-2028087346-1000 -> {76DEFAE6-09B2-40B2-8F8A-5A6A5D5CE4EB} URL = hxxps://search.yahoo.com/search/?toggle=1&cop=mss&ei=UTF-8&fr=vmn&type=auslog_yaapp1_ch&p={searchTerms}

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-08-17] (Microsoft Corporation)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-21] (Oracle Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-17] (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-21] (Oracle Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-28] (Oracle Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)

BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-17] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-28] (Oracle Corporation)

Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)

Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-07-12] (Microsoft Corporation)
 

FireFox:

========

FF DefaultProfile: ylu5auma.default-1506119005799

FF ProfilePath: C:\Users\No TRound\AppData\Roaming\Mozilla\Firefox\Profiles\ylu5auma.default-1506119005799 [2017-10-19]

FF Extension: (AdBlocker Ultimate) - C:\Users\No TRound\AppData\Roaming\Mozilla\Firefox\Profiles\ylu5auma.default-1506119005799\Extensions\adblockultimate@adblockultimate.net.xpi [2017-09-23]

FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\No TRound\AppData\Roaming\Mozilla\Firefox\Profiles\ylu5auma.default-1506119005799\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-12]

FF Extension: (noscriptlite) - C:\Users\No TRound\AppData\Roaming\Mozilla\Firefox\Profiles\ylu5auma.default-1506119005799\Extensions\{86d73a1c-2ec5-4b7a-b249-60cec805dc99}.xpi [2017-10-18]

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-13] ()

FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-21] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-21] (Oracle Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)

FF Plugin: adobe.com/AdobeExManDetect -> I:\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [Keine Datei]

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-13] ()

FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-28] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-28] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-16] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-22] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-22] (NVIDIA Corporation)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)

FF Plugin-x32: adobe.com/AdobeExManDetect -> I:\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [Keine Datei]

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-08-16] (Microsoft Corporation)
 

Chrome: 

=======

CHR Profile: C:\Users\No TRound\AppData\Local\Google\Chrome\User Data\Default [2017-10-19]

CHR Extension: (Google Präsentationen) - C:\Users\No TRound\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-19]

CHR Extension: (Google Docs) - C:\Users\No TRound\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]

CHR Extension: (Google Drive) - C:\Users\No TRound\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-20]

CHR Extension: (YouTube) - C:\Users\No TRound\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-20]

CHR Extension: (Google Tabellen) - C:\Users\No TRound\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-19]

CHR Extension: (Google Docs Offline) - C:\Users\No TRound\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-19]

CHR Extension: (GreatDealz) - C:\Users\No TRound\AppData\Local\Google\Chrome\User Data\Default\Extensions\lobonlhedgiilkfmbbbfhkaoefacipgj [2017-10-19]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\No TRound\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-19]

CHR Extension: (Google Mail) - C:\Users\No TRound\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-20]

CHR Extension: (Chrome Media Router) - C:\Users\No TRound\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-19]

CHR HKLM-x32\...\Chrome\Extension: [lobonlhedgiilkfmbbbfhkaoefacipgj] - hxxps://clients2.google.com/service/update2/crx
 

==================== Dienste (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S3 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-09-12] (Digital Wave Ltd.)

S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1368408 2015-11-30] (Disc Soft Ltd)

S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [395024 2016-12-27] (EasyAntiCheat Ltd)

S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-05-19] (Futuremark)

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)

S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Datei ist nicht signiert]

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]

R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)

R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-22] (NVIDIA Corporation)

S4 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-08-22] (NVIDIA Corporation)

S2 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [38926 2010-12-02] () [Datei ist nicht signiert]

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

S4 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]

S2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [X]
 

===================== Treiber (Nicht auf der Ausnahmeliste) ======================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S3 asvpndrv; C:\Windows\System32\DRIVERS\asvpndrv.sys [31744 2014-05-17] (Astrill)

S3 cpuz137; C:\Program Files (x86)\CPUID\PC Wizard 2015\pcwiz_x64.sys [26856 2014-02-17] (CPUID)

S3 cpuz143; C:\Windows\temp\cpuz143\cpuz143_x64.sys [48960 2017-10-10] (CPUID)

R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-12-30] (Disc Soft Ltd)

S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [46392 2015-12-30] (Disc Soft Ltd)

S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2017-07-17] ()

R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2017-02-15] (REALiX(tm))

U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.)

R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)

S3 ICTDrv; C:\Windows\System32\DRIVERS\ICTDrv.sys [21504 2010-09-15] (Intel Corporation)

R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253856 2017-10-19] (Malwarebytes)

R0 MxEFUF; C:\Windows\System32\DRIVERS\MxEFUF64.sys [157696 2011-10-20] (Matrox Graphics Inc.)

S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2255224 2016-08-21] (MediaTek Inc.)

S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48248 2017-08-22] (NVIDIA Corporation)

S3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57976 2017-08-22] (NVIDIA Corporation)

S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [531456 2008-03-01] (PixArt Imaging Inc.)

S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()

S3 PGRUSB; C:\Windows\System32\DRIVERS\PGRXHCI.sys [128008 2016-07-03] (Point Grey Research)

R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()

S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()

R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)

R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-09] ()

S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2017-01-02] (Macrovision Europe Ltd) [Datei ist nicht signiert]

S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()

R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [63576 2016-12-07] (Synaptics Incorporated)

S3 smbusp; C:\Windows\System32\DRIVERS\intelsmb.sys [28544 2010-06-09] (Intel Corporation) [Datei ist nicht signiert]

R3 tapibvpn; C:\Windows\System32\DRIVERS\tapibvpn.sys [35200 2017-09-20] (The OpenVPN Project)

S3 tapnordvpn; C:\Windows\System32\DRIVERS\tapnordvpn.sys [75088 2017-03-29] (The OpenVPN Project)

S3 torguardtap0901; C:\Windows\System32\DRIVERS\torguardtap0901.sys [39840 2015-11-11] (The OpenVPN Project)

S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]

S3 EtronHub3; System32\Drivers\EtronHub3.sys [X]

S3 EtronXHCI; System32\Drivers\EtronXHCI.sys [X]

S3 iusb3hub; system32\DRIVERS\iusb3hub.sys [X]

S3 iusb3xhc; system32\DRIVERS\iusb3xhc.sys [X]

S3 Mv_Process; \??\c:\windows\syswow64\mv_process.sys [X]
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-10-19 16:57 - 2017-10-19 17:42 - 000020415 _____ C:\Users\No TRound\Downloads\FRST.txt

2017-10-19 16:57 - 2017-10-19 17:41 - 000000000 ____D C:\FRST

2017-10-19 16:57 - 2017-10-19 17:33 - 000054382 _____ C:\Users\No TRound\Downloads\Addition.txt

2017-10-19 16:56 - 2017-10-19 16:56 - 002402816 _____ (Farbar) C:\Users\No TRound\Downloads\FRST64.exe

2017-10-19 14:37 - 2017-10-19 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Middle-earth Shadow of War Gold Edition

2017-10-19 14:34 - 2017-10-19 14:38 - 000000525 _____ C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Middle-earth Shadow of War Gold Edition.lnk

2017-10-19 08:48 - 2017-10-19 08:48 - 000000000 ____D C:\Users\Public\Documents\Steam

2017-10-19 07:00 - 2017-10-19 07:00 - 000000140 _____ C:\Users\No TRound\Desktop\Neue Internetverknüpfung.url

2017-10-19 00:21 - 2017-10-19 04:49 - 000000000 ____D C:\Program Files (x86)\ibVPN_2.x

2017-10-19 00:21 - 2017-10-19 00:21 - 008275744 _____ (AmplusNet SRL) C:\Users\No TRound\Downloads\ibVPN-AIO-Setup.exe

2017-10-19 00:21 - 2017-10-19 00:21 - 000003076 _____ C:\Windows\System32\Tasks\ibVPN-NewService

2017-10-19 00:21 - 2017-10-19 00:21 - 000001944 _____ C:\Users\Public\Desktop\ibVPN All-In-One.lnk

2017-10-19 00:21 - 2017-10-19 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ibVPN All-In-One

2017-10-18 03:16 - 2017-10-18 03:16 - 008250832 _____ (Malwarebytes) C:\Users\No TRound\Downloads\adwcleaner_7.0.3.1.exe

2017-10-16 18:58 - 2017-10-16 18:58 - 000001575 _____ C:\Users\No TRound\Desktop\CINEBENCH.lnk

2017-10-16 09:10 - 2017-10-16 09:10 - 000001294 _____ C:\Users\No TRound\Desktop\Öffentliche Videos - Verknüpfung.lnk

2017-10-16 05:52 - 2017-10-19 16:25 - 000000000 ____D C:\Users\No TRound\AppData\Local\FlvtoYoutubeDownloader

2017-10-16 05:52 - 2017-10-18 03:21 - 000002072 _____ C:\Users\No TRound\AppData\Roaming\downloads.json

2017-10-16 05:52 - 2017-10-16 05:52 - 000002260 _____ C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto YouTube Downloader.lnk

2017-10-16 05:52 - 2017-10-16 05:52 - 000002252 _____ C:\Users\No TRound\Desktop\Flvto YouTube Downloader.lnk

2017-10-16 05:52 - 2017-10-16 05:52 - 000001389 _____ C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall Flvto YouTube Downloader.lnk

2017-10-16 05:52 - 2017-10-16 05:52 - 000000000 ____D C:\Users\No TRound\Documents\YouTubeDownloads

2017-10-16 05:52 - 2017-10-16 05:52 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\FlvtoConverter

2017-10-16 05:51 - 2017-10-19 16:25 - 000000000 ____D C:\Users\No TRound\AppData\Local\Flvto YouTube Downloader

2017-10-16 05:51 - 2017-10-16 05:51 - 000275856 _____ (Hotger) C:\Users\No TRound\Downloads\FYDLoad_inconv2_1.exe

2017-10-13 05:23 - 2017-10-19 14:42 - 000000000 ____D C:\Program Files\PeerBlock

2017-10-13 05:23 - 2017-10-13 05:28 - 000001989 _____ C:\Users\No TRound\Desktop\PeerBlock.lnk

2017-10-12 04:51 - 2017-10-12 04:51 - 000002124 _____ C:\Users\Public\Desktop\Valley Benchmark 1.0.lnk

2017-10-12 04:51 - 2017-10-12 04:51 - 000000000 ____D C:\Program Files (x86)\Unigine

2017-10-10 12:06 - 2017-10-10 12:06 - 580237162 _____ C:\Windows\MEMORY.DMP

2017-10-10 12:06 - 2017-10-10 12:06 - 000319216 _____ C:\Windows\Minidump\101017-10873-01.dmp

2017-10-10 03:05 - 2017-10-10 03:05 - 000001090 _____ C:\Users\No TRound\Desktop\Geekbench 4.lnk

2017-10-09 19:03 - 2017-10-19 16:25 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Geekbench 4

2017-10-09 19:03 - 2017-10-09 19:03 - 000000000 ____D C:\Program Files (x86)\Geekbench 4

2017-10-08 04:08 - 2017-10-08 04:08 - 000000127 _____ C:\Users\No TRound\Desktop\EVE KARTE.url

2017-10-05 08:02 - 2017-10-05 08:03 - 000000170 _____ C:\Users\No TRound\Desktop\EVE MARKET.url

2017-10-05 00:36 - 2017-10-10 13:12 - 000000000 ____D C:\Users\No TRound\.pyfa

2017-10-05 00:36 - 2017-10-10 13:06 - 000000000 ____D C:\Users\No TRound\.matplotlib

2017-10-05 00:35 - 2017-10-05 00:35 - 000000962 _____ C:\Users\Public\Desktop\pyfa.lnk

2017-10-05 00:35 - 2017-10-05 00:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pyfa

2017-10-05 00:35 - 2017-10-05 00:35 - 000000000 ____D C:\Program Files (x86)\pyfa

2017-10-02 04:00 - 2017-10-02 04:00 - 000000000 ____D C:\Users\No TRound\Superposition

2017-10-02 03:57 - 2017-10-02 03:57 - 000002066 _____ C:\Users\Public\Desktop\Superposition Benchmark.lnk

2017-10-02 03:55 - 2017-10-02 03:55 - 000000000 ____D C:\Program Files\Unigine

2017-10-01 06:46 - 2017-03-28 19:31 - 020357840 _____ (Firaxis Games) C:\Users\No TRound\Desktop\CivilizationVI.exe

2017-10-01 06:44 - 2017-06-16 20:16 - 003926664 _____ (The Creative Assembly Ltd) C:\Users\No TRound\Desktop\launcher.exe

2017-10-01 06:44 - 2017-06-16 20:00 - 116480000 _____ (The Creative Assembly Ltd) C:\Users\No TRound\Desktop\Warhammer.exe

2017-10-01 06:44 - 2016-11-30 05:14 - 021477888 _____ C:\Users\No TRound\Desktop\Cities.exe

2017-10-01 06:43 - 2017-06-02 00:16 - 000276992 _____ C:\Users\No TRound\Desktop\TEKKEN 7.exe

2017-10-01 06:43 - 2015-12-07 19:14 - 016348672 _____ (Codemasters Software Company Limited) C:\Users\No TRound\Desktop\drt.exe

2017-10-01 06:43 - 2015-10-03 15:18 - 070256080 _____ (Electronic Arts) C:\Users\No TRound\Desktop\DragonAgeInquisition.exe

2017-10-01 06:43 - 2015-07-28 17:13 - 018923880 _____ (Croteam) C:\Users\No TRound\Desktop\Talos.exe

2017-10-01 06:42 - 2017-06-10 02:15 - 022279680 _____ (Codemasters Software Company Limited) C:\Users\No TRound\Desktop\dirt4.exe

2017-10-01 06:42 - 2016-12-27 13:35 - 122244776 _____ (Ubisoft Entertainment) C:\Users\No TRound\Desktop\FCPrimal.exe

2017-10-01 06:42 - 2016-08-27 11:06 - 046531664 _____ (CD Projekt Red) C:\Users\No TRound\Desktop\witcher3.exe

2017-09-28 02:03 - 2017-09-28 02:03 - 000001177 _____ C:\Users\No TRound\Desktop\MWO.lnk

2017-09-27 04:14 - 2017-09-27 04:14 - 000000732 _____ C:\Users\No TRound\Desktop\stp-fm2017.lnk

2017-09-27 02:43 - 2017-09-27 02:43 - 000000527 _____ C:\Users\Public\Desktop\Steam.lnk

2017-09-27 02:43 - 2017-09-27 02:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2017-09-27 02:42 - 2017-09-27 02:43 - 001446792 _____ C:\Users\No TRound\Downloads\SteamSetup(2).exe

2017-09-27 02:38 - 2017-10-19 16:25 - 000000000 ____D C:\Users\No TRound\AppData\Local\Steam

2017-09-27 02:36 - 2017-09-27 02:36 - 001446792 _____ C:\Users\No TRound\Downloads\SteamSetup(1).exe

2017-09-27 02:33 - 2017-09-27 02:33 - 001446792 _____ C:\Users\No TRound\Downloads\SteamSetup.exe

2017-09-27 02:32 - 2017-09-27 02:32 - 001532424 _____ (CHIP Digital GmbH) C:\Users\No TRound\Downloads\Steam - CHIP-Installer.exe

2017-09-26 23:58 - 2017-09-26 23:58 - 000000000 ____D C:\Users\No TRound\Documents\EVE

2017-09-26 23:35 - 2017-10-19 01:26 - 000002453 _____ C:\Users\Public\Desktop\MWO Portal.lnk

2017-09-26 23:23 - 2017-10-19 16:25 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVE Launcher

2017-09-26 23:23 - 2017-10-19 16:25 - 000000000 ____D C:\Users\No TRound\AppData\Local\CCP

2017-09-26 23:23 - 2017-09-26 23:23 - 000000644 _____ C:\Users\No TRound\Desktop\EVE Launcher.lnk

2017-09-26 23:23 - 2017-09-26 23:23 - 000000000 ____D C:\Users\No TRound\.EVE

2017-09-26 22:12 - 2017-09-26 22:12 - 000000852 _____ C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk

2017-09-26 22:12 - 2017-09-26 22:12 - 000000804 _____ C:\Users\No TRound\Desktop\Start Tor Browser.lnk

2017-09-26 22:12 - 2017-09-26 22:12 - 000000000 ____D C:\Users\No TRound\Desktop\Tor Browser

2017-09-26 22:06 - 2017-09-26 22:06 - 000001498 _____ C:\Users\No TRound\Desktop\CivilizationVI.lnk

2017-09-26 22:04 - 2017-09-26 22:04 - 000001154 _____ C:\Users\No TRound\Desktop\pCARS2.lnk

2017-09-26 22:04 - 2017-09-26 22:04 - 000000521 _____ C:\Users\No TRound\Desktop\Obduction.lnk

2017-09-26 22:02 - 2017-09-26 22:02 - 000001657 _____ C:\Users\No TRound\Desktop\aida64.lnk

2017-09-26 22:02 - 2017-09-26 22:02 - 000001523 _____ C:\Users\No TRound\Desktop\cpuz.lnk

2017-09-26 21:59 - 2017-09-26 21:59 - 000001365 _____ C:\Users\No TRound\Desktop\GPU-Z.lnk

2017-09-26 00:55 - 2017-09-26 00:55 - 000000000 ____D C:\Users\No TRound\Documents\Larian Studios

2017-09-25 23:42 - 2017-09-25 23:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Divinity Original Sin 2

2017-09-25 22:51 - 2017-09-25 22:58 - 000000000 ____D C:\Users\No TRound\Documents\Project CARS 2

2017-09-25 22:51 - 2017-09-25 22:51 - 000000000 ____D C:\ProgramData\Slightly Mad Studios

2017-09-25 22:51 - 2017-09-25 22:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project CARS 2

2017-09-23 19:34 - 2017-10-19 16:25 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 6

2017-09-23 00:21 - 2017-10-09 18:43 - 000000000 ____D C:\Program Files\Mozilla Firefox

2017-09-23 00:21 - 2017-10-09 18:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2017-09-23 00:21 - 2017-09-23 00:21 - 000000943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2017-09-20 08:27 - 2017-09-20 08:27 - 000035200 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tapibvpn.sys

2017-09-19 01:31 - 2017-09-21 23:17 - 000000000 ____D C:\Users\No TRound\Documents\Project CARS
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-10-19 16:45 - 2016-11-15 16:12 - 000000000 ____D C:\Users\No TRound\AppData\LocalLow\Mozilla

2017-10-19 16:33 - 2009-07-14 06:45 - 000031280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2017-10-19 16:33 - 2009-07-14 06:45 - 000031280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2017-10-19 16:32 - 2010-11-21 08:50 - 000781708 _____ C:\Windows\system32\perfh007.dat

2017-10-19 16:32 - 2010-11-21 08:50 - 000178798 _____ C:\Windows\system32\perfc007.dat

2017-10-19 16:32 - 2009-07-14 07:13 - 001827734 _____ C:\Windows\system32\PerfStringBackup.INI

2017-10-19 16:32 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf

2017-10-19 16:26 - 2016-09-23 14:27 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader

2017-10-19 16:26 - 2016-01-26 04:01 - 000000000 ____D C:\Users\No TRound\.frostwire5

2017-10-19 16:26 - 2016-01-12 05:00 - 000253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2017-10-19 16:26 - 2015-12-25 22:11 - 000000000 ____D C:\ProgramData\NVIDIA

2017-10-19 16:26 - 2015-12-25 22:02 - 000000000 ____D C:\Users\No TRound

2017-10-19 16:26 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT

2017-10-19 16:26 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration

2017-10-19 16:25 - 2017-09-17 09:08 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\GRID Autosport

2017-10-19 16:25 - 2017-09-08 23:57 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\NCSOFT

2017-10-19 16:25 - 2017-09-08 23:57 - 000000000 ____D C:\Users\No TRound\AppData\Local\NCSOFT

2017-10-19 16:25 - 2017-09-04 02:17 - 000000000 ____D C:\Users\No TRound\AppData\Local\HellbladeGame

2017-10-19 16:25 - 2017-07-29 20:28 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

2017-10-19 16:25 - 2017-07-24 16:34 - 000000000 ____D C:\Users\No TRound\AppData\Local\NordVPN

2017-10-19 16:25 - 2017-07-23 20:22 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\uTorrent

2017-10-19 16:25 - 2017-07-14 23:47 - 000000000 ____D C:\Users\No TRound\AppData\Local\Sports Interactive

2017-10-19 16:25 - 2017-07-06 05:23 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\PowerISO

2017-10-19 16:25 - 2017-06-26 12:14 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\FFSJ

2017-10-19 16:25 - 2017-06-08 19:48 - 000000000 ____D C:\Users\No TRound\AppData\Local\TekkenGame

2017-10-19 16:25 - 2017-06-05 22:07 - 000000000 ____D C:\Users\No TRound\AppData\Local\tljh

2017-10-19 16:25 - 2017-06-03 18:52 - 000000000 ____D C:\Users\No TRound\AppData\Local\Disc_Soft_Ltd

2017-10-19 16:25 - 2017-05-18 19:46 - 000000000 ____D C:\Users\No TRound\AppData\Local\FinchGame

2017-10-19 16:25 - 2017-05-17 23:21 - 000000000 ____D C:\Users\No TRound\AppData\Local\IIIQF

2017-10-19 16:25 - 2017-04-11 14:34 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\OpenOffice

2017-10-19 16:25 - 2017-04-09 22:02 - 000000000 ____D C:\Users\No TRound\AppData\Local\PokerStars.EU

2017-10-19 16:25 - 2017-02-16 23:09 - 000000000 ____D C:\Users\No TRound\7ZIP ENTPACKT

2017-10-19 16:25 - 2017-02-15 19:52 - 000000000 ____D C:\Program Files\HWiNFO64

2017-10-19 16:25 - 2017-02-11 22:18 - 000000000 ____D C:\Users\No TRound\AppData\Local\Gaijin

2017-10-19 16:25 - 2017-01-26 05:54 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\ChessBase

2017-10-19 16:25 - 2017-01-26 05:54 - 000000000 ____D C:\Users\No TRound\AppData\Local\ChessBase

2017-10-19 16:25 - 2016-12-27 22:12 - 000000000 ____D C:\Users\DefaultAppPool

2017-10-19 16:25 - 2016-12-26 00:21 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\Tunngle

2017-10-19 16:25 - 2016-12-23 01:34 - 000000000 ____D C:\Users\No TRound\AppData\Local\StreetFighterV

2017-10-19 16:25 - 2016-12-13 19:29 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\TP-LINK

2017-10-19 16:25 - 2016-11-23 00:13 - 000000000 ____D C:\Users\No TRound\AppData\Local\UnrealEngine

2017-10-19 16:25 - 2016-11-23 00:13 - 000000000 ____D C:\Users\No TRound\AppData\Local\Obduction

2017-10-19 16:25 - 2016-11-22 01:09 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2017-10-19 16:25 - 2016-11-21 18:36 - 000000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform

2017-10-19 16:25 - 2016-11-16 14:44 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\vlc

2017-10-19 16:25 - 2016-11-12 19:41 - 000000000 ____D C:\Users\No TRound\AppData\Local\Hisuite

2017-10-19 16:25 - 2016-10-03 18:03 - 000000000 ____D C:\Users\No TRound\AppData\Local\fontconfig

2017-10-19 16:25 - 2016-10-03 18:01 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory

2017-10-19 16:25 - 2016-10-03 18:01 - 000000000 ____D C:\Users\No TRound\AppData\Local\Setup6069499

2017-10-19 16:25 - 2016-09-23 14:27 - 000000000 ____D C:\Users\No TRound\AppData\Local\JDownloader v2.0

2017-10-19 16:25 - 2016-09-23 14:26 - 000000000 ____D C:\Users\No TRound\AppData\Local\Downloaded Installations

2017-10-19 16:25 - 2016-06-20 12:17 - 000000000 ____D C:\Users\No TRound\AppData\Local\Google

2017-10-19 16:25 - 2016-06-19 05:07 - 000000000 ____D C:\Users\No TRound\AppData\Local\Innovative Solutions

2017-10-19 16:25 - 2016-06-15 11:22 - 000000000 ____D C:\Users\No TRound\AppData\Local\Warframe

2017-10-19 16:25 - 2016-05-16 03:10 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner

2017-10-19 16:25 - 2016-05-12 06:17 - 000000000 ____D C:\Users\No TRound\AppData\Local\Futuremark

2017-10-19 16:25 - 2016-05-07 22:54 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\TS3Client

2017-10-19 16:25 - 2016-05-07 17:38 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2017-10-19 16:25 - 2016-05-07 17:33 - 000000000 ____D C:\Users\No TRound\AppData\Local\CEF

2017-10-19 16:25 - 2016-04-26 21:20 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server

2017-10-19 16:25 - 2016-04-24 22:05 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder

2017-10-19 16:25 - 2016-04-20 19:46 - 000000000 ____D C:\Users\No TRound\AppData\Local\Intel

2017-10-19 16:25 - 2016-04-18 20:27 - 000000000 ____D C:\Users\No TRound\AppData\Local\CrystalDiskMark5

2017-10-19 16:25 - 2016-04-09 08:12 - 000000000 ____D C:\Users\No TRound\AppData\Local\VirtualStore

2017-10-19 16:25 - 2016-04-07 23:41 - 000000000 ____D C:\Users\No TRound\AppData\Local\CrashRpt

2017-10-19 16:25 - 2016-03-29 00:57 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\NCH Software

2017-10-19 16:25 - 2016-02-26 14:01 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\DVDVideoSoft

2017-10-19 16:25 - 2016-02-05 22:31 - 000000000 ____D C:\AdwCleaner

2017-10-19 16:25 - 2016-01-17 19:36 - 000000000 ____D C:\ProgramData\Intel

2017-10-19 16:25 - 2016-01-05 03:00 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\Ubisoft

2017-10-19 16:25 - 2016-01-05 00:13 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\The Creative Assembly

2017-10-19 16:25 - 2015-12-26 17:54 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z

2017-10-19 16:25 - 2015-12-26 17:34 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Geekbench 3

2017-10-19 16:25 - 2015-12-25 22:52 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\Macromedia

2017-10-19 16:25 - 2015-12-25 22:52 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\Adobe

2017-10-19 16:25 - 2015-12-25 22:24 - 000000000 ____D C:\Users\No TRound\AppData\LocalLow\Sun

2017-10-19 16:25 - 2015-12-25 22:23 - 000000000 ____D C:\Users\No TRound\AppData\LocalLow\Oracle

2017-10-19 16:25 - 2015-12-25 22:19 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\Mozilla

2017-10-19 16:25 - 2015-12-25 22:19 - 000000000 ____D C:\Users\No TRound\AppData\Local\Mozilla

2017-10-19 16:25 - 2015-12-25 22:11 - 000000000 ____D C:\Users\No TRound\AppData\Local\NVIDIA Corporation

2017-10-19 14:43 - 2017-09-02 15:33 - 000000000 ____D C:\Users\No TRound\FrostWire

2017-10-19 14:42 - 2016-11-14 18:41 - 000003036 _____ C:\Windows\System32\Tasks\MSIAfterburner

2017-10-19 14:16 - 2016-04-07 23:37 - 000007612 _____ C:\Users\No TRound\AppData\Local\Resmon.ResmonCfg

2017-10-19 11:45 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF

2017-10-19 08:48 - 2015-12-25 23:49 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner

2017-10-19 01:26 - 2017-02-11 17:51 - 000002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MWO Portal.lnk

2017-10-19 01:25 - 2015-12-25 23:49 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server

2017-10-19 00:33 - 2016-10-23 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Catalyst

2017-10-18 03:22 - 2017-07-21 11:15 - 000000000 ____D C:\Program Files (x86)\Google

2017-10-16 05:52 - 2015-12-25 22:10 - 000000000 ____D C:\ProgramData\Package Cache

2017-10-14 21:28 - 2016-04-11 02:23 - 000000000 ____D C:\Users\No TRound\AppData\Local\CrashDumps

2017-10-13 07:07 - 2017-09-04 10:06 - 000000000 ____D C:\Users\No TRound\AppData\Local\ElevatedDiagnostics

2017-10-13 05:23 - 2017-07-09 08:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock

2017-10-12 07:17 - 2017-01-23 21:43 - 000003040 _____ C:\Windows\System32\Tasks\RTSS

2017-10-12 04:51 - 2016-04-07 23:24 - 002612224 _____ C:\Users\No TRound\AppData\Local\file__0.localstorage

2017-10-12 04:42 - 2017-09-02 15:51 - 000003336 _____ C:\Windows\System32\Tasks\ibVPN-Service

2017-10-10 12:06 - 2016-01-14 20:51 - 000000000 ____D C:\Windows\Minidump

2017-10-02 03:59 - 2016-05-07 22:54 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client

2017-10-02 03:57 - 2015-12-26 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine

2017-09-28 02:08 - 2016-01-04 23:03 - 000000000 ____D C:\Program Files\Futuremark

2017-09-26 21:33 - 2015-12-30 21:44 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\DAEMON Tools Lite

2017-09-25 14:48 - 2017-05-19 17:14 - 000000000 ____D C:\Program Files (x86)\ibVPN

2017-09-24 14:57 - 2017-06-21 18:59 - 000000000 ____D C:\Program Files (x86)\CactusVPN

2017-09-23 19:34 - 2017-01-05 21:44 - 000000000 ____D C:\Program Files (x86)\FrostWire 6

2017-09-23 04:04 - 2015-12-26 00:37 - 000000000 ____D C:\Users\No TRound\Documents\My Games

2017-09-21 18:07 - 2017-09-18 23:30 - 000000000 ____D C:\Program Files\CCleaner

2017-09-19 17:16 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache

2017-09-19 01:37 - 2017-09-11 14:05 - 000000000 ____D C:\Users\No TRound\AppData\Roaming\NVIDIA
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2017-06-22 03:18 - 2017-06-22 03:18 - 000000034 _____ () C:\Users\No TRound\AppData\Roaming\AdobeWLCMCache.dat

2017-10-16 05:52 - 2017-10-18 03:21 - 000002072 _____ () C:\Users\No TRound\AppData\Roaming\downloads.json

2016-04-07 23:24 - 2017-10-12 04:51 - 002612224 _____ () C:\Users\No TRound\AppData\Local\file__0.localstorage

2017-01-21 19:50 - 2017-01-21 19:50 - 000002007 _____ () C:\Users\No TRound\AppData\Local\recently-used.xbel

2016-04-07 23:37 - 2017-10-19 14:16 - 000007612 _____ () C:\Users\No TRound\AppData\Local\Resmon.ResmonCfg

2016-12-25 19:57 - 2016-12-26 20:58 - 000005110 _____ () C:\ProgramData\NvTelemetryContainer.log

2016-12-25 19:57 - 2016-12-26 20:56 - 000005943 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
 

==================== Bamital & volsnap ======================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\Windows\system32\winlogon.exe => Datei ist digital signiert

C:\Windows\system32\wininit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert

C:\Windows\explorer.exe => Datei ist digital signiert

C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert

C:\Windows\system32\svchost.exe => Datei ist digital signiert

C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert

C:\Windows\system32\services.exe => Datei ist digital signiert

C:\Windows\system32\User32.dll => Datei ist digital signiert

C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert

C:\Windows\system32\userinit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert

C:\Windows\system32\rpcss.dll => Datei ist digital signiert

C:\Windows\system32\dnsapi.dll => Datei ist digital signiert

C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
 

LastRegBack: 2017-10-10 09:03
 

==================== Ende von FRST.txt ============================

Addition

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-10-2017 01

durchgeführt von No TRound (19-10-2017 17:42:08)

Gestartet von C:\Users\No TRound\Downloads

Windows 7 Professional Service Pack 1 (X64) (2015-12-25 20:02:36)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-3595831389-1431158722-2028087346-500 - Administrator - Disabled)

Gast (S-1-5-21-3595831389-1431158722-2028087346-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3595831389-1431158722-2028087346-1002 - Limited - Enabled)

No TRound (S-1-5-21-3595831389-1431158722-2028087346-1000 - Administrator - Enabled) => C:\Users\No TRound
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)

3DMark (HKLM-x32\...\{39f8dcb1-5f2e-4057-980e-f463756a0465}) (Version: 2.3.3693.0 - Futuremark)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)

Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)

Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)

Adobe Master Collection CC 2017 Plus (HKLM-x32\...\{F9BE417A-9EB7-4BA8-8BFE-83F4E69355C3}) (Version: 10.0 - Adobe Systems Incorporated)

AIDA64 Extreme v5.92 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.92 - FinalWire Ltd.)

Anno 1404 - Dawn of Discovery version 1.3 (HKLM-x32\...\{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1) (Version: 1.3 - )

Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden

bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden

BRACE Webcam (HKLM-x32\...\{A59AB961-BE82-41E0-B0FB-648DFA6DDEA4}) (Version: 1.0.0.23 - Aecotech)

CactusVPN (HKLM-x32\...\CactusVPN) (Version: 5.3.1.0 - CactusVPN.com)

CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)

Cities.Skylines.Deluxe.Edition.v1.6.2+8DLC.Eng.Repack Version 1.6.2 (HKLM-x32\...\{A5B52628-C145-47CA-8564-829F431F2CF4}}_is1) (Version: 1.6.2 - Ali213.net)

Command & Conquer Generals (HKLM-x32\...\{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts) Hidden

Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)

Command and ConquerTM Generals Zero Hour (HKLM-x32\...\{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts) Hidden

Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)

CPUID CPU-Z Gigabyte 1.80 (HKLM\...\CPUID CPU-Z Gigabyte_is1) (Version: 1.80 - CPUID, Inc.)

CrystalDiskInfo 6.6.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.6.1 - Crystal Dew World)

CrystalDiskMark 5.1.0 (HKLM\...\CrystalDiskMark5_is1) (Version: 5.1.0 - Crystal Dew World)

DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)

Deep Fritz 14 (HKLM-x32\...\{9083E9A4-B76A-4577-9F4D-7B1B62C8CA2D}) (Version: 14.0.0.0 - ChessBase)

DiRT 4 (HKLM-x32\...\DiRT 4_is1) (Version:  - )

DiRT Rally version 1.0.0 (HKLM-x32\...\DiRT Rally_is1) (Version: 1.0.0 - Codemasters Software)

Dragon Age Inquisition Deluxe Edition version 1.11.0.0 (HKLM-x32\...\Dragon Age Inquisition Deluxe Edition_is1) (Version: 1.11.0.0 - Mr DJ)

DriverMax 9 (HKLM-x32\...\DMX5_is1) (Version: 9.37.0.252 - Innovative Solutions)

EVE Online (HKU\S-1-5-21-3595831389-1431158722-2028087346-1000\...\{142f4fd7-dab5-4e44-9a4b-f05950ec1b5c}) (Version: 1.0.0 - CCP)

EVGA PrecisionX 16 (HKLM-x32\...\{4C5ECFC6-AF6E-42A0-988D-0A5FCBB8F0B9}) (Version: 5.3.11 - EVGA Corporation)

Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)

Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version:  - )

Far Cry: Primal (HKLM-x32\...\Far Cry: Primal_is1) (Version:  - )

Flvto YouTube Downloader (HKLM-x32\...\Flvto YouTube Downloader) (Version: 1.0.9 - Hotger)

Football Manager + Touch 2017 (HKLM-x32\...\Football Manager + Touch 2017_is1) (Version:  - )

FormatFactory 3.9.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.9.5.0 - Free Time)

Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.5.323 - DVDVideoSoft Ltd.)

Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.58.912 - Digital Wave Ltd)

FrostWire 6.5.8 (HKLM-x32\...\FrostWire 6) (Version: 6.5.8.245 - FrostWire LLC)

Futuremark SystemInfo (HKLM-x32\...\{85F94959-7098-4B55-9F39-27D880FE5BA1}) (Version: 5.1.620.0 - Futuremark)

Geekbench 3 (HKLM-x32\...\Geekbench 3) (Version:  - Primate Labs Inc.)

Geekbench 4 (HKLM-x32\...\Geekbench 4) (Version:  - Primate Labs Inc.)

Geeks3D FurMark 1.18.2.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)

Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden

GRID Autosport (HKLM-x32\...\GRID Autosport_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, ProZorg_tm)

Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)

HWiNFO64 Version 5.54 (HKLM\...\HWiNFO64_is1) (Version: 5.54 - Martin Malík - REALiX)

ibVPN (HKLM-x32\...\ibVPN) (Version: 1.9.3.2 - ibVPN)

ibVPN All-In-One (HKLM-x32\...\ibVPN All-In-One) (Version: 2.1.2.1343 - AmplusNet SRL)

Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)

Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden

Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)

Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)

JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)

Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)

MechWarrior Online (HKLM-x32\...\{D3D1F93E-DE6E-4981-92A2-985F632DA0B1}) (Version: 2.0.0.0 - Piranha Games, Inc.)

Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)

Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)

Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24516 (HKLM-x32\...\{b8e12890-118d-4721-8e54-05d978086712}) (Version: 14.0.24516.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24516 (HKLM-x32\...\{c325004c-5538-45b3-a7ad-94473a4dcd3b}) (Version: 14.0.24516.0 - Microsoft Corporation)

Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)

MiniTool Partition Wizard Free 10 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)

Mozilla Firefox 56.0 (x64 de) (HKLM\...\Mozilla Firefox 56.0 (x64 de)) (Version: 56.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)

MP3 Splitter version 3.1 (HKLM-x32\...\MP3 Splitter_is1) (Version:  - )

MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)

MWO Portal (HKLM-x32\...\{16827DD9-FC5D-417B-ACFD-2DC51E1E49DD}) (Version: 1.0.67.0 - Piranha Games, Inc.)

NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation)

NVIDIA Grafiktreiber 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)

Obduction (HKLM-x32\...\2003665371_is1) (Version: 2.4.0.7 - GOG.com)

OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)

OpenVPN 2.3.6-I003  (HKLM\...\OpenVPN) (Version: 2.3.6-I003 - )

Outils de vérification linguistique 2016 de Microsoft Office*- Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

PC Wizard 2015.2.14 (HKLM-x32\...\PC Wizard 2015_is1) (Version:  - CPUID)

PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden

PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)

ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden

Project CARS 2 (HKLM-x32\...\Project CARS 2_is1) (Version:  - )

pyfa version 1.32.0 (YC119.9 1.3) (HKLM-x32\...\{3DA39096-C08D-49CD-90E0-1D177F32C8AA}_is1) (Version: 1.32.0 (YC119.9 1.3) - pyfa)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)

Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)

Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden

Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)

RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)

Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)

SeaTools for Windows 1.4.0.5 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.5 - Seagate Technology)

Sid Meiers Civilization VI Persia and Macedon Civilization and Scenario Pack (HKLM\...\c2lkbWVpZXJzY2l2aWxpemF0aW9udmk_is1) (Version: 1 - )

SPEEDLINK STRIKE NX Gamepad (HKLM-x32\...\SPEEDLINK STRIKE NX Gamepad) (Version:  - )

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

TAP-NordVPN 9.21.2 (HKLM\...\TAP-NordVPN) (Version: 9.21.2 - NordVPN.com)

TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)

TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)

TEKKEN 7 (HKLM-x32\...\TEKKEN 7_is1) (Version:  - )

The Long Journey Home (HKLM\...\dGhlbG9uZ2pvdXJuZXlob21l_is1) (Version: 1 - )

The Talos Principle: Road to Gehenna (HKLM-x32\...\The Talos Principle: Road to Gehenna_is1) (Version:  - )

Total War: Warhammer (HKLM-x32\...\Total War: Warhammer_is1) (Version:  - )

TP-LINK Archer T2U_T2UH Driver (HKLM-x32\...\{95EF5DBB-C2DA-48AF-93B4-533333227486}) (Version: 1.3.1 - TP-LINK)

TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)

Unigine Superposition Benchmark 1.0 (HKLM\...\Superposition_is1) (Version: 1.0 - Unigine Corp.)

Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)

Update for Skype for Business 2016 (KB3118288) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{F249155C-1A63-4FA0-8F12-8A2034495AC0}) (Version:  - Microsoft)

Update for Skype for Business 2016 (KB3118288) 64-Bit Edition (HKLM\...\{90160000-012B-0407-1000-0000000FF1CE}_Office16.PROPLUS_{F249155C-1A63-4FA0-8F12-8A2034495AC0}) (Version:  - Microsoft)

VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)

Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)

Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)

WDR RadioRecorder (HKLM-x32\...\Tobit Radio.fx Server 1) (Version:  - Tobit.Software)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)

ContextMenuHandlers1: [FormatFactoryShell] -> [CC]{A3777921-CFD3-4A6B-89BF-08E6B95716E8} =>  -> Keine Datei

ContextMenuHandlers3: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>  -> Keine Datei

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)

ContextMenuHandlers4: [FormatFactoryShell] -> [CC]{A3777921-CFD3-4A6B-89BF-08E6B95716E8} =>  -> Keine Datei

ContextMenuHandlers4: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Keine Datei

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Intel Corporation)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-08-22] (NVIDIA Corporation)

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)

ContextMenuHandlers6: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Keine Datei

ContextMenuHandlers6: [RecuvaShellExt] -> [CC]{435E5DF5-2510-463C-B223-BDA47006D002} =>  -> Keine Datei
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {05797FBA-4A23-415C-895F-820E849472D1} - System32\Tasks\{F84450D8-BF87-44EC-AFCA-69793772E732} => C:\Windows\system32\pcalua.exe -a "C:\Users\No TRound\Downloads\WinSetupFromUSB-1-6.exe" -d "C:\Users\No TRound\Downloads"

Task: {136F1153-E00C-450D-8466-56CE8B80F9C7} - System32\Tasks\{22BF8445-525B-40B6-BFAA-FCCA0FFB7557} => C:\Windows\system32\pcalua.exe -a I:\Setup.exe -d I:\

Task: {19DEA3C1-CFE1-428B-9E25-D90611FAD3AC} - System32\Tasks\{5CE013B5-2B2B-4C1B-B887-B0BAAE296ED6} => C:\Program Files (x86)\Simpli Software\HD Tach\hdtach.exe

Task: {1F37566B-69D6-450E-8262-AB11C98F95D5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)

Task: {332E7EC1-286E-40CB-BA89-885EB38AC9B4} - System32\Tasks\{AB3433AC-72DB-4D4F-8555-AB5FC5F52CAF} => C:\Windows\system32\pcalua.exe -a G:\FormatFactory\FFInst.exe -d G:\FormatFactory

Task: {3679D659-EA74-4B1D-941E-AF930109E565} - System32\Tasks\HWiNFO => C:\Program Files\HWiNFO64\HWiNFO64.EXE [2017-02-01] (REALiX)

Task: {3B72A173-9BE6-41F9-B602-B5A38BE8AD9A} - System32\Tasks\{3D3F1EA1-29C1-4BC0-83CF-FC2094DA3ADF} => C:\Program Files (x86)\ChessBase\ChessProgram14\ChessBaseAdminTool.exe [2013-11-07] (ChessBase GmbH)

Task: {3C9AF884-B7BD-4000-B594-0A77BD8CF4D6} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2017-05-19] (Samsung Electronics Co. Ltd.)

Task: {52DFB70A-E778-40AD-9ABC-FFB48B0C2FC8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)

Task: {5F7BC546-96D3-4FB1-B632-B4FEB6AB011C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)

Task: {6168BB88-A128-4B8B-B33F-94693BA34D17} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)

Task: {803A86FE-773D-4D32-8F3B-9DBCF9F56896} - System32\Tasks\ibVPN-NewService => C:\Program Files (x86)\ibVPN_2.x\ibVPN.exe [2017-10-04] ()

Task: {9144470C-2FF6-47EF-B1CA-5CCD3318E799} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe

Task: {9B8BB581-ED7C-4B48-903C-5C2958C696DE} - System32\Tasks\{863CCBC3-CCBB-4E4A-A6B8-5503EF5DD2FB} => F:\Spiele\The Talos Principle - Road to Gehenna\Bin\Talos.exe [2015-07-28] (Croteam)

Task: {9E7CD934-E1E8-4E16-80AF-8055F2AA45D7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)

Task: {B69D50F1-8039-48F7-BEA9-32566ABB231D} - System32\Tasks\DriverMaxAgent => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [2017-07-29] (Innovative Solutions)

Task: {B9525702-4B02-4754-8F7F-E82AEB7F1B13} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-12-09] ()

Task: {BD231ECE-E469-43FF-8A65-6E623753F059} - System32\Tasks\DriverMaxWelcome => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [2017-07-29] (Innovative Solutions)

Task: {BEED7DE5-FEFF-413D-A3CD-5B16F13B20D7} - System32\Tasks\{36D8A77C-8346-4B5E-BDD3-4CFB686854E2} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\

Task: {C0E380C6-956D-4667-BA4D-901D3EB163EB} - System32\Tasks\{71D8E571-7179-4E44-85EF-0F8F7C9D7DC2} => C:\Windows\system32\pcalua.exe -a "C:\Users\No TRound\Downloads\vcredist_x64(4).exe" -d "C:\Users\No TRound\Downloads"

Task: {D4E9E838-B444-4A35-8839-43F5DA1EDFF9} - System32\Tasks\{2AF85F08-27AC-4C0D-B88A-D1A17D9E15ED} => C:\Windows\system32\pcalua.exe -a "C:\Users\No TRound\Adressen\SL-650000-BK-01_Driver_V1.0\Driver\Setup.exe" -d "C:\Users\No TRound\Adressen\SL-650000-BK-01_Driver_V1.0\Driver"

Task: {D5DF71E6-B226-45E4-B43E-3D5BA997F944} - System32\Tasks\{1297A1F0-B5C3-48ED-9D14-4D3C996DF238} => Z:\Mechwarrior onlne\MechWarrior Online\Bin32\MechWarriorOnline.exe

Task: {D8FD3D48-776B-4397-BA7F-01A8212E19D0} - System32\Tasks\{9855A749-3B99-4049-8416-F960B68A57C7} => C:\Program Files (x86)\ChessBase\ChessProgram14\ChessBaseAdminTool.exe [2013-11-07] (ChessBase GmbH)

Task: {DACBDA0E-D45F-46CC-BA4A-6D24C0C2AE55} - System32\Tasks\ibVPN-Service => C:\Program Files (x86)\ibVPN\ibVPN.service.exe [2016-05-12] ()

Task: {DFD28D59-02FD-42DB-A925-8C5393CE2EC1} - System32\Tasks\RTSS => C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe [2015-12-02] ()

Task: {EBA2177B-211F-4031-B2E6-3F9E59D09B77} - System32\Tasks\{3C8C8880-4839-42DC-911D-A4760E769893} => F:\Spiele\The Talos Principle - Road to Gehenna\Bin\Talos.exe [2015-07-28] (Croteam)

Task: {FD6D6378-AE1F-4B9B-B86F-8E24197C7C7C} - System32\Tasks\DriverMax Notification => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [2017-07-29] (Innovative Solutions)
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 
 

==================== Verknüpfungen & WMI ========================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 
 

Shortcut: C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 6\FrostWire 6.5.8-SafeMode.lnk -> C:\Program Files (x86)\FrostWire 6\frostwire.bat ()
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2015-11-23 18:44 - 2015-11-23 18:44 - 000403456 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll

2015-12-09 09:59 - 2015-12-09 09:59 - 000580296 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe

2015-12-02 11:19 - 2015-12-02 11:19 - 000205000 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe

2015-11-23 18:43 - 2015-11-23 18:43 - 000026112 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe

2015-11-23 18:44 - 2015-11-23 18:44 - 000088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe

2015-12-07 18:43 - 2015-12-07 18:43 - 000071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll

2015-12-07 18:43 - 2015-12-07 18:43 - 000057856 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll

2015-12-07 18:44 - 2015-12-07 18:44 - 000225792 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll

2015-12-07 18:43 - 2015-12-07 18:43 - 000357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll

2015-12-07 18:44 - 2015-12-07 18:44 - 000657408 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll

2015-11-23 18:43 - 2015-11-23 18:43 - 000356864 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll

2015-11-23 18:43 - 2015-11-23 18:43 - 000056832 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll

2015-11-23 18:43 - 2015-11-23 18:43 - 000353792 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll

2015-11-23 18:43 - 2015-11-23 18:43 - 000071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 

AlternateDataStreams: C:\Users\No TRound:Heroes & Generals [38]

AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [954]
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 

IE trusted site: HKU\S-1-5-21-3595831389-1431158722-2028087346-1000\...\localhost -> localhost
 

==================== Hosts Inhalt: ==========================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2009-07-14 04:34 - 2016-10-03 18:31 - 000002024 _____ C:\Windows\system32\Drivers\etc\hosts
 

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly

0.0.0.0 tracking.opencandy.com.s3.amazonaws.com

0.0.0.0 media.opencandy.com

0.0.0.0 cdn.opencandy.com

0.0.0.0 tracking.opencandy.com

0.0.0.0 api.opencandy.com

0.0.0.0 api.recommendedsw.com

0.0.0.0 installer.betterinstaller.com

0.0.0.0 installer.filebulldog.com

0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net

0.0.0.0 inno.bisrv.com

0.0.0.0 nsis.bisrv.com

0.0.0.0 cdn.file2desktop.com

0.0.0.0 cdn.goateastcach.us

0.0.0.0 cdn.guttastatdk.us

0.0.0.0 cdn.inskinmedia.com

0.0.0.0 cdn.insta.oibundles2.com

0.0.0.0 cdn.insta.playbryte.com

0.0.0.0 cdn.llogetfastcach.us

0.0.0.0 cdn.montiera.com

0.0.0.0 cdn.msdwnld.com

0.0.0.0 cdn.mypcbackup.com

0.0.0.0 cdn.ppdownload.com

0.0.0.0 cdn.riceateastcach.us

0.0.0.0 cdn.shyapotato.us

0.0.0.0 cdn.solimba.com

0.0.0.0 cdn.tuto4pc.com

0.0.0.0 cdn.appround.biz

0.0.0.0 cdn.bigspeedpro.com

0.0.0.0 cdn.bispd.com
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-3595831389-1431158722-2028087346-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\No TRound\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 208.67.222.222 - 208.67.220.220

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

MSCONFIG\Services: HuaweiHiSuiteService64.exe => 2

MSCONFIG\Services: NvTelemetryContainer => 2

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^No TRound^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup

MSCONFIG\startupfolder: C:^Users^No TRound^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FrostWire On Startup.lnk => C:\Windows\pss\FrostWire On Startup.lnk.Startup

MSCONFIG\startupfolder: C:^Users^No TRound^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Purrint.lnk => C:\Windows\pss\Purrint.lnk.Startup

MSCONFIG\startupreg: Acrobat Assistant 8.0 => "I:\Adobe\Acrobat DC\Acrobat\Acrotray.exe"

MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

MSCONFIG\startupreg: AdobeBridge => 

MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

MSCONFIG\startupreg: ASRockXTU => 

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun

MSCONFIG\startupreg: DriverMax_RESTART => "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -RESTART

MSCONFIG\startupreg: EADM => "H:\Origin\Origin.exe" -AutoStart

MSCONFIG\startupreg: Flvto YouTube Downloader => "C:\Users\No TRound\AppData\Local\Flvto YouTube Downloader\FlvtoYoutubeDownloader.Redesign.exe" /minimize

MSCONFIG\startupreg: FreeAC => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun

MSCONFIG\startupreg: Gaijin.Net Agent => "C:\Users\No TRound\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"

MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe

MSCONFIG\startupreg: PAC7302_Monitor => C:\Windows\PixArt\PAC7302\Monitor.exe

MSCONFIG\startupreg: SAFE16 Browser Monitor => "C:\Program Files (x86)\Steganos Safe 16\SteganosBrowserMonitor.exe"

MSCONFIG\startupreg: SAFE16 File Redirection Starter => "C:\Program Files (x86)\Steganos Safe 16\fredirstarter.exe"

MSCONFIG\startupreg: SaferVPN => C:\Program Files (x86)\SaferVPN\SaferVPN.exe

MSCONFIG\startupreg: SamsungRapidApp => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe

MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

MSCONFIG\startupreg: Steam => "H:\steam\steam.exe" -silent

MSCONFIG\startupreg: Steganos HotKeys => "C:\Program Files (x86)\Steganos Safe 16\SteganosHotKeyService.exe"

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

MSCONFIG\startupreg: vidnotifier.exe => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe

MSCONFIG\startupreg: WarThunderLauncher => Z:\WarThunder\launcher.exe
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe

FirewallRules: [{7F02D8EB-A9F9-4F79-B065-5DA88628F786}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe

FirewallRules: [{9D02192F-86ED-489F-8C40-1F2180BEB249}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe

FirewallRules: [{77E3648C-6D98-475D-86FA-A15989EBE575}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe

FirewallRules: [{F03C92F0-CA2F-45B9-B823-F659E43D59A2}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe

FirewallRules: [{16B39953-A735-4ACF-A3EB-33EA3EF5DB69}] => (Allow) Z:\WarThunder\launcher.exe

FirewallRules: [{EA8C6A69-F1E2-47BD-9E2D-6BD8F69DC92E}] => (Allow) Z:\WarThunder\launcher.exe

FirewallRules: [{2000DCCD-FA59-4834-86CD-561E6629E2B6}] => (Allow) LPort=80

FirewallRules: [{35A72D9E-0DD0-4167-A107-C46DBF8B0A74}] => (Allow) LPort=443

FirewallRules: [{70693081-BA14-4EBA-ABB5-B86F0DA613E0}] => (Allow) LPort=20010

FirewallRules: [{02F71101-7D10-4E3C-A87A-CDE30B643939}] => (Allow) LPort=3478

FirewallRules: [{410EA590-D977-456F-B735-3945FEBB3504}] => (Allow) LPort=7850

FirewallRules: [{8F65CD7F-B278-4C01-9FC2-039316651981}] => (Allow) LPort=7852

FirewallRules: [{026DA574-EA25-4EF8-B101-2F03C9510CBB}] => (Allow) LPort=7853

FirewallRules: [{F952CC62-A4BF-4572-B0C0-F27D78855991}] => (Allow) LPort=27022

FirewallRules: [{76C0B6CD-64F2-48AD-86C9-50F5589C24A0}] => (Allow) LPort=6881

FirewallRules: [{F1895BFF-A1B1-4893-B9D3-90757D66ACA7}] => (Allow) LPort=33333

FirewallRules: [{71F68F5D-CF9C-480E-8EFA-B331240DB5B4}] => (Allow) LPort=20443

FirewallRules: [{599D9B00-AF7E-41E8-B331-DD35B7FD7B5A}] => (Allow) LPort=8090

FirewallRules: [TCP Query User{AE06796D-70FC-4B0A-BF18-E7A2EE452A6F}Z:\warthunder\win64\aces.exe] => (Allow) Z:\warthunder\win64\aces.exe

FirewallRules: [UDP Query User{50FEBEE6-C7DA-43D5-B159-CF73B0F89C27}Z:\warthunder\win64\aces.exe] => (Allow) Z:\warthunder\win64\aces.exe

FirewallRules: [TCP Query User{B5FA6F78-37AD-4BCB-AFBD-FAB0C591F973}Z:\warthunder\launcher.exe] => (Allow) Z:\warthunder\launcher.exe

FirewallRules: [UDP Query User{3CB67EA1-5FB2-4533-8A2E-7818EF8CC2B7}Z:\warthunder\launcher.exe] => (Allow) Z:\warthunder\launcher.exe

FirewallRules: [{30AF315A-73D9-4211-9673-BAEE24EAEC77}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe

FirewallRules: [{6A37ED6C-09D3-4B8F-B77A-B542F2B5B127}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe

FirewallRules: [{21C2C87C-0F40-4D24-8266-CD94B80E7F82}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe

FirewallRules: [{7CB4544B-046C-419B-9A6F-3FCB23AD0C60}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe

FirewallRules: [{3835F25F-41D6-4483-A3C8-FCD0E2285868}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe

FirewallRules: [{58AB1DBC-1B31-4187-B16E-7E9F8B1048A2}] => (Allow) F:\Spiele\Mr DJ\Dragon Age Inquisition Deluxe Edition\DragonAgeInquisition.exe

FirewallRules: [{3DFF83A1-9BAA-4D7D-A9F8-EDAFFE2C869F}] => (Allow) F:\Spiele\Mr DJ\Dragon Age Inquisition Deluxe Edition\DragonAgeInquisition.exe

FirewallRules: [TCP Query User{8486E97E-5840-4BE7-9609-D92014254893}J:\spi3lesetups\command and conquer generals + zero hour (direct play)  [blaze69]\command and conquer generals + zero hour\command and conquer generals\game.dat] => (Allow) J:\spi3lesetups\command and conquer generals + zero hour (direct play)  [blaze69]\command and conquer generals + zero hour\command and conquer generals\game.dat

FirewallRules: [UDP Query User{FBDAD6CC-4A6B-4F15-AF47-4BDA5D0E9452}J:\spi3lesetups\command and conquer generals + zero hour (direct play)  [blaze69]\command and conquer generals + zero hour\command and conquer generals\game.dat] => (Allow) J:\spi3lesetups\command and conquer generals + zero hour (direct play)  [blaze69]\command and conquer generals + zero hour\command and conquer generals\game.dat

FirewallRules: [{24C82F79-A56F-470A-BF2F-8BC11DEE6DF7}] => (Allow) J:\spi3lesetups\command and conquer generals + zero hour (direct play)  [blaze69]\command and conquer generals + zero hour\command and conquer generals\game.dat

FirewallRules: [{E5494567-52FE-4667-B70A-88D93B49C9A7}] => (Allow) J:\spi3lesetups\command and conquer generals + zero hour (direct play)  [blaze69]\command and conquer generals + zero hour\command and conquer generals\game.dat

FirewallRules: [{9845B800-4412-4F5A-BD85-5614C9892F6D}] => (Allow) J:\Spi3leSetups\Command and Conquer Generals + Zero Hour (DIRECT PLAY)  [blaze69]\Command and Conquer Generals + Zero Hour\Command and Conquer Generals\generals.exe

FirewallRules: [{F76CF216-3404-40AA-A1A8-A0E06E06C469}] => (Allow) J:\Spi3leSetups\Command and Conquer Generals + Zero Hour (DIRECT PLAY)  [blaze69]\Command and Conquer Generals + Zero Hour\Command and Conquer Generals\generals.exe

FirewallRules: [{16595EB5-2559-4DB9-8AA4-A38E8EEE216D}] => (Allow) J:\Spi3leSetups\Command and Conquer Generals + Zero Hour (DIRECT PLAY)  [blaze69]\Command and Conquer Generals + Zero Hour\Command and Conquer Generals\generals.exe

FirewallRules: [{1E27B60B-3B57-44F6-8DA8-A0602807DBB2}] => (Allow) J:\Spi3leSetups\Command and Conquer Generals + Zero Hour (DIRECT PLAY)  [blaze69]\Command and Conquer Generals + Zero Hour\Command and Conquer Generals\generals.exe

FirewallRules: [TCP Query User{819986D8-F3B5-4989-B7B9-3DB3816C8FE7}D:\far cry - primal\bin\fcprimal.exe] => (Allow) D:\far cry - primal\bin\fcprimal.exe

FirewallRules: [UDP Query User{4721A5AB-DC66-4360-A13A-2440FB07ABD2}D:\far cry - primal\bin\fcprimal.exe] => (Allow) D:\far cry - primal\bin\fcprimal.exe

FirewallRules: [TCP Query User{739EF1BE-C2D0-4B5B-8184-D12F37DAE9A0}Z:\the long journey home\tljh\binaries\win64\tljh-win64-shipping.exe] => (Allow) Z:\the long journey home\tljh\binaries\win64\tljh-win64-shipping.exe

FirewallRules: [UDP Query User{B8D317D2-B731-4D4C-80CE-1358B695B664}Z:\the long journey home\tljh\binaries\win64\tljh-win64-shipping.exe] => (Allow) Z:\the long journey home\tljh\binaries\win64\tljh-win64-shipping.exe

FirewallRules: [{E017D800-DA9D-4D64-AA35-037F04BF866D}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe

FirewallRules: [{13C123C5-EB44-4391-ADB6-F719692B77DE}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe

FirewallRules: [{B67C448F-BCD6-429D-93DD-945A89BB4751}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe

FirewallRules: [{1E4F5C37-6683-432F-9802-6AAB2473F565}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe

FirewallRules: [TCP Query User{6A4D4EEE-0A3B-4DC9-878A-7447DD814C0E}G:\total war - warhammer\warhammer.exe] => (Allow) G:\total war - warhammer\warhammer.exe

FirewallRules: [UDP Query User{EB1053F1-0782-4B17-A0AF-DCB779526C2A}G:\total war - warhammer\warhammer.exe] => (Allow) G:\total war - warhammer\warhammer.exe

FirewallRules: [TCP Query User{4855E665-47F6-4156-A612-44FA8C5CDFA4}I:\get even\binaries\win64\geteven.exe] => (Allow) I:\get even\binaries\win64\geteven.exe

FirewallRules: [UDP Query User{9F973714-15B1-4B2A-AD9E-9B415D14B7FD}I:\get even\binaries\win64\geteven.exe] => (Allow) I:\get even\binaries\win64\geteven.exe

FirewallRules: [{EAEECE61-1141-40B7-B94A-2140F46478D9}] => (Allow) G:\SteamLibrary\steamapps\common\3DMark\3DMarkLauncher.exe

FirewallRules: [{C93BA664-C338-46FF-84E7-7FC27C0B7312}] => (Allow) G:\SteamLibrary\steamapps\common\3DMark\3DMarkLauncher.exe

FirewallRules: [{F71C36A2-43DA-42A4-AA21-D9B1966D9144}] => (Allow) G:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe

FirewallRules: [{89D552E0-8358-494F-9167-EF13F795572B}] => (Allow) G:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe

FirewallRules: [{4FBA3452-94DE-4D01-A1E9-65801C095F26}] => (Allow) G:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe

FirewallRules: [{147DEE67-2F91-41C9-85F3-AD6FCCDFE48C}] => (Allow) G:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe

FirewallRules: [TCP Query User{76A025DF-C8C1-46CF-B168-2B16172CF783}I:\far cry 4\bin\farcry4.exe] => (Allow) I:\far cry 4\bin\farcry4.exe

FirewallRules: [UDP Query User{47E91649-8FE1-45B8-B4E4-EB0ABC334878}I:\far cry 4\bin\farcry4.exe] => (Allow) I:\far cry 4\bin\farcry4.exe

FirewallRules: [{656A2A19-5C7B-42D7-971E-4BA89CF78FEC}] => (Allow) C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe

FirewallRules: [{6DA13D41-E342-46D9-BB30-F6AEA428AFEF}] => (Allow) C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe

FirewallRules: [{D6CA6738-BA55-4C06-8768-FEF150765273}] => (Allow) C:\Users\No TRound\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{96D960D1-FBBA-402E-AB4E-C42CD446A57C}] => (Allow) C:\Users\No TRound\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [TCP Query User{5C7615FF-2EBB-494B-BF2E-1FC78DC23A68}I:\tom clancy's ghost recon wildlands\grw.exe] => (Allow) I:\tom clancy's ghost recon wildlands\grw.exe

FirewallRules: [UDP Query User{73AE6487-C5EA-4F06-8143-FDEB1A2F9618}I:\tom clancy's ghost recon wildlands\grw.exe] => (Allow) I:\tom clancy's ghost recon wildlands\grw.exe

FirewallRules: [{CED080E9-BAC7-4165-8A32-1E5A35F58EFD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [TCP Query User{E5411B9C-73FA-4AA2-8CFB-F217C8A47F32}E:\football manager + touch 2017\fm 2017\fm.exe] => (Block) E:\football manager + touch 2017\fm 2017\fm.exe

FirewallRules: [UDP Query User{CA672890-8B4C-4BC3-9C77-D48CFCBCDC77}E:\football manager + touch 2017\fm 2017\fm.exe] => (Block) E:\football manager + touch 2017\fm 2017\fm.exe

FirewallRules: [{DD3AB6BB-2EF9-442A-B039-C3635CD593E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{463F5D84-FBA1-467B-8F11-FB64B71BB835}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [TCP Query User{827CC92A-B34C-4091-B13D-CF2E37E15498}E:\eve\sharedcache\tq\bin\exefile.exe] => (Allow) E:\eve\sharedcache\tq\bin\exefile.exe

FirewallRules: [UDP Query User{AEB46A6E-DFD9-4E17-AACE-CC0B203D1AE0}E:\eve\sharedcache\tq\bin\exefile.exe] => (Allow) E:\eve\sharedcache\tq\bin\exefile.exe

FirewallRules: [{03BBE6CC-2619-4C11-BDE6-06580F82EA6D}] => (Allow) H:\steam\Steam.exe

FirewallRules: [{8E0C4EA4-5E6A-4A60-A9A4-2BC4C9EFEFC2}] => (Allow) H:\steam\Steam.exe

FirewallRules: [{F7D257E9-BE6A-4C3D-86E7-C444CE31C869}] => (Allow) H:\steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{A7EA3201-51E8-4F69-BBC0-CBF53D62753C}] => (Allow) H:\steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{6C6BC545-DA49-4F9F-B60D-1F36B20C7027}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\launcher.exe

FirewallRules: [{EE3A5EA7-8D70-4860-83AD-D91A948EF5AC}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\launcher.exe

FirewallRules: [{DCAF25C1-87DC-4B85-B15E-336B91411DC8}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\superposition.exe

FirewallRules: [{476ADAFB-CFF5-419D-B37C-B119AB6641F9}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\superposition.exe

FirewallRules: [{D65C2B38-52DD-4C18-8E96-8E76CA047F1F}] => (Allow) E:\MWO\MechWarrior Online\Bin64\MWOClient.exe

FirewallRules: [{F549EE17-73B0-4728-BC5B-D4BF850EA178}] => (Allow) E:\MWO\MechWarrior Online\Bin64\MWOClient.exe

FirewallRules: [{8499C275-9B16-43B1-9590-9660C457AF85}] => (Allow) E:\MWO\MechWarrior Online\Bin64\MWOClient.exe

FirewallRules: [{D0A163E3-A18F-4F8F-A381-083BB7777406}] => (Allow) E:\MWO\MechWarrior Online\Bin64\MWOClient.exe
 

==================== Wiederherstellungspunkte =========================
 

27-09-2017 21:38:37 Windows Update

28-09-2017 02:08:42 3DMark 11

28-09-2017 02:08:56 3DMark

04-10-2017 18:36:19 Windows Update

09-10-2017 19:04:35 Windows Update

16-10-2017 05:51:59 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501

16-10-2017 05:52:05 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005

17-10-2017 14:11:05 Windows Update

19-10-2017 00:21:51 Gerätetreiber-Paketinstallation: ibVPN Tap Adapter Netzwerkadapter

19-10-2017 01:26:52 Installed MWO Portal

19-10-2017 14:46:48 IIF_MSI

19-10-2017 16:24:16 Wiederherstellungsvorgang
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 

Name: TAP-NordVPN Windows Adapter V9

Description: TAP-NordVPN Windows Adapter V9

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: TAP-NordVPN Windows Provider V9

Service: tapnordvpn

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (10/19/2017 04:27:56 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (10/19/2017 04:26:07 PM) (Source: OpenVPNService) (EventID: 0) (User: )

Description: Event-ID 0
 

Error: (10/19/2017 04:23:19 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (10/19/2017 04:21:30 PM) (Source: OpenVPNService) (EventID: 0) (User: )

Description: Event-ID 0
 

Error: (10/19/2017 02:51:26 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (10/19/2017 02:49:43 PM) (Source: OpenVPNService) (EventID: 0) (User: )

Description: Event-ID 0
 

Error: (10/19/2017 02:48:14 PM) (Source: OpenVPNService) (EventID: 0) (User: )

Description: Event-ID 0
 

Error: (10/19/2017 02:45:22 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
 

Error: (10/19/2017 02:43:39 PM) (Source: OpenVPNService) (EventID: 0) (User: )

Description: Event-ID 0
 

Error: (10/19/2017 07:41:22 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Event-ID 0
 
 

Systemfehler:

=============

Error: (10/19/2017 04:27:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 

%%-2140993535
 

Error: (10/19/2017 04:27:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%-2140993535
 

Error: (10/19/2017 04:27:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%-2140993535
 

Error: (10/19/2017 04:27:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 

%%-2140993535
 

Error: (10/19/2017 04:27:56 PM) (Source: PNRPSvc) (EventID: 102) (User: )

Description: Die Peer Name Resolution-Protokoll-Cloud wurde nicht gestartet. Fehler bei Standardidentität. Fehlercode: 0x80630801.
 

Error: (10/19/2017 04:27:56 PM) (Source: PNRPSvc) (EventID: 102) (User: )

Description: Die Peer Name Resolution-Protokoll-Cloud wurde nicht gestartet. Fehler bei Standardidentität. Fehlercode: 0x80630801.
 

Error: (10/19/2017 04:27:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%-2140993535
 

Error: (10/19/2017 04:27:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 

%%-2140993535
 

Error: (10/19/2017 04:27:40 PM) (Source: PNRPSvc) (EventID: 102) (User: )

Description: Die Peer Name Resolution-Protokoll-Cloud wurde nicht gestartet. Fehler bei Standardidentität. Fehlercode: 0x80630801.
 

Error: (10/19/2017 04:26:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

cdrom
 
 

CodeIntegrity:

===================================

  Date: 2016-08-16 19:01:24.590

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-08-16 19:01:24.559

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-08-15 22:36:54.574

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-08-15 22:36:54.543

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-08-15 18:33:22.198

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-08-15 18:33:22.167

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-08-13 15:35:38.528

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-08-13 15:35:38.496

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-08-12 18:51:32.434

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2016-08-12 18:51:32.387

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM) i7-2700K CPU @ 3.50GHz

Prozentuale Nutzung des RAM: 19%

Installierter physikalischer RAM: 16367.3 MB

Verfügbarer physikalischer RAM: 13236.8 MB

Summe virtueller Speicher: 17389.48 MB

Verfügbarer virtueller Speicher: 13558.29 MB
 

==================== Laufwerke ================================
 

Drive c: (EVO 850) (Fixed) (Total:154.76 GB) (Free:41.55 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]

Drive d: (Seagate System) (Fixed) (Total:78.12 GB) (Free:22.54 GB) NTFS

Drive e: (SAMSUNG 2) (Fixed) (Total:209.6 GB) (Free:98.81 GB) NTFS

Drive f: (Volume) (Fixed) (Total:468.75 GB) (Free:330.18 GB) NTFS

Drive g: (Seagate Sekundär) (Fixed) (Total:78.12 GB) (Free:25.49 GB) NTFS

Drive h: (Seagate Tertiär) (Fixed) (Total:306.51 GB) (Free:279.03 GB) NTFS

Drive z: (Game-Cache) (Fixed) (Total:54.84 GB) (Free:9.86 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 41193005)

Partition 1: (Active) - (Size=154.8 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=54.8 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (Size: 232.9 GB) (Disk ID: 00093700)

Partition 1: (Not Active) - (Size=209.6 GB) - (Type=07 NTFS)
 

========================================================

Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 958F9EB0)

Partition 1: (Active) - (Size=78.1 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=78.1 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=306.5 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=468.8 GB) - (Type=OF Extended)
 

==================== Ende von Addition.txt ============================

schuldigung bin etwas verdaddelt...müsste alles drauf sein jetzt