| |
| |||||||
Log-Analyse und Auswertung: Bei PC-Start öffnet sich immer ein Fenster. Pc ist langsamer als zuvor.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
19.12.2015, 13:08
| #1 |
 |  Bei PC-Start öffnet sich immer ein Fenster. Pc ist langsamer als zuvor. Wenn ich meinen Pc starte erscheint kurz nach dem Hochfahren ein Fenster, welches mich auffordert ein Programm auszuwählen, mit dem ich eine Datei öffnen soll. (ich habe aber keine Ahnung was das für eine Datei ist). Zudem ist mein Pc zunehmend langsamer geworden. FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:19-12-2015
durchgeführt von Dean Bönkendorf (Administrator) auf MININT-NCPHE64 (19-12-2015 12:59:05)
Gestartet von C:\Users\Dean Bönkendorf\Desktop
Geladene Profile: Dean Bönkendorf (Verfügbare Profile: Dean Bönkendorf)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7611608 2014-07-04] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-18] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-07-23] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [454248 2013-08-02] (CANON INC.)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [9135984 2015-11-23] (Emsisoft Ltd)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)
HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\Run: [Spotify Web Helper] => C:\Users\Dean Bönkendorf\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-14] (Spotify Ltd)
HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1160536 2015-02-23] (Ruiware LLC)
HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\Run: [BingSvc] => C:\Users\Dean Bönkendorf\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-12-15]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2015-12-11]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{19138F64-D0A2-442A-BE73-96BCF77C3D04}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Internet Explorer:
==================
HKU\S-1-5-21-330146135-2436004342-2132212847-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-330146135-2436004342-2132212847-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-330146135-2436004342-2132212847-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=de-de
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
FireFox:
========
FF ProfilePath: C:\Users\Dean Bönkendorf\AppData\Roaming\Mozilla\Firefox\Profiles\wvv62h7l.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: google.de
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-330146135-2436004342-2132212847-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dean Bönkendorf\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-330146135-2436004342-2132212847-1001: electronicarts.com/GameFacePlugin -> C:\Users\Dean Bönkendorf\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2012-12-20] (Electronic Arts)
FF Extension: NoScript - C:\Users\Dean Bönkendorf\AppData\Roaming\Mozilla\Firefox\Profiles\wvv62h7l.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-23]
FF Extension: Bing Search - C:\Users\Dean Bönkendorf\AppData\Roaming\Mozilla\Firefox\Profiles\wvv62h7l.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-26]
FF Extension: YouTube Unblocker - C:\Users\Dean Bönkendorf\AppData\Roaming\Mozilla\Firefox\Profiles\wvv62h7l.default\Extensions\youtubeunblocker@unblocker.yt [2015-12-02]
FF Extension: Adblock Plus - C:\Users\Dean Bönkendorf\AppData\Roaming\Mozilla\Firefox\Profiles\wvv62h7l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
FF HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Dean Bönkendorf\AppData\Roaming\Mozilla\Firefox\Profiles\wvv62h7l.default\extensions\cliqz@cliqz.com => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\Dean Bönkendorf\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Dean Bönkendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-10]
CHR Extension: (Google Docs) - C:\Users\Dean Bönkendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-10]
CHR Extension: (Google Drive) - C:\Users\Dean Bönkendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-10]
CHR Extension: (YouTube) - C:\Users\Dean Bönkendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-10]
CHR Extension: (Google-Suche) - C:\Users\Dean Bönkendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-10]
CHR Extension: (Google Tabellen) - C:\Users\Dean Bönkendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-10]
CHR Extension: (Avira Browserschutz) - C:\Users\Dean Bönkendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-02-10]
CHR Extension: (SoundCloud Downloader Free) - C:\Users\Dean Bönkendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\libedajeiljdoodmokbppgapcfbignci [2015-02-10]
CHR Extension: (Google Wallet) - C:\Users\Dean Bönkendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-10]
CHR Extension: (Google Mail) - C:\Users\Dean Bönkendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-10]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [10768560 2015-11-23] (Emsisoft Ltd)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [441216 2015-05-10] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-13] (Dropbox, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2104840 2015-12-17] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2015-02-20] ()
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 DigitalWave.Update.Service; "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 epp; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp.sys [123992 2015-11-12] (Emsisoft Ltd)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
R3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [32792 2015-06-01] (SteelSeries ApS)
R3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [51400 2015-11-13] (SteelSeries ApS)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R3 ysusb64; C:\Windows\System32\drivers\ysusb64.sys [132160 2014-08-19] (Yamaha Corporation)
S3 AIDA64Driver; \??\C:\Users\Administrator.MININT-NCPHE64\Desktop\X13\Aida64Business\kerneld.x64 [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\Administrator.MININT-NCPHE64\Desktop\X13\OpenHardwareMonitor\OpenHardwareMonitor.sys [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-19 12:59 - 2015-12-19 12:59 - 00019672 _____ C:\Users\Dean Bönkendorf\Desktop\FRST.txt
2015-12-19 12:59 - 2015-12-19 12:59 - 00000000 ____D C:\FRST
2015-12-19 12:58 - 2015-12-19 12:58 - 02370048 _____ (Farbar) C:\Users\Dean Bönkendorf\Desktop\FRST64.exe
2015-12-17 18:09 - 2015-12-17 18:12 - 00015102 _____ C:\Users\Dean Bönkendorf\Desktop\Essensplan.odt
2015-12-13 22:39 - 2015-12-13 22:42 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-12-13 22:39 - 2015-12-13 22:39 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2015-12-13 18:12 - 2015-12-19 12:49 - 00000000 ___RD C:\Users\Dean Bönkendorf\Dropbox
2015-12-13 18:12 - 2015-12-13 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-13 18:11 - 2015-12-13 18:11 - 00000000 ____D C:\Users\Dean Bönkendorf\AppData\Roaming\Dropbox
2015-12-13 18:10 - 2015-12-19 12:49 - 00000000 ____D C:\Users\Dean Bönkendorf\AppData\Local\Dropbox
2015-12-13 18:10 - 2015-12-19 12:47 - 00001228 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-12-13 18:10 - 2015-12-19 00:15 - 00001232 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-12-13 18:10 - 2015-12-13 18:12 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-12-13 18:10 - 2015-12-13 18:10 - 00004228 _____ C:\windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-12-13 18:10 - 2015-12-13 18:10 - 00003976 _____ C:\windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-12-13 18:10 - 2015-12-13 18:10 - 00000000 ____D C:\ProgramData\Dropbox
2015-12-09 19:20 - 2015-12-09 19:20 - 09498816 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2015-12-09 18:19 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-12-09 18:19 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-12-09 18:19 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-12-09 18:19 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-12-09 18:19 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-12-09 18:19 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-12-09 18:19 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-12-09 18:19 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-12-09 18:19 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-12-09 18:19 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-12-09 18:19 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-12-09 18:19 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-12-09 18:19 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-12-09 18:19 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-12-09 18:19 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-12-09 18:19 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-12-09 18:19 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-12-09 18:19 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-12-09 18:19 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2015-12-09 18:19 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\windows\system32\catsrvut.dll
2015-12-09 18:19 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2015-12-09 18:19 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\windows\SysWOW64\catsrvut.dll
2015-12-09 18:19 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-12-09 18:19 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-12-09 18:19 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-12-09 18:19 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-12-09 18:19 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-12-09 18:19 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-12-09 18:19 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-12-09 18:19 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-12-09 18:19 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-12-09 18:19 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2015-12-09 18:19 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-12-09 18:19 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2015-12-09 18:19 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-12-09 18:19 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-12-09 18:19 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-12-09 18:19 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-12-09 18:19 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-12-09 18:19 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-12-09 18:19 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-12-09 18:19 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-12-09 18:19 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-12-09 18:19 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-12-09 18:19 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-12-09 18:19 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-12-09 18:19 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-12-09 18:19 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-12-09 18:19 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 18:19 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-12-09 18:19 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-12-09 18:19 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2015-12-09 18:19 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-12-09 18:19 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-12-09 18:19 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-12-09 18:19 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-12-09 18:19 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-12-09 18:19 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-12-09 18:19 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-12-09 18:19 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-12-09 18:19 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-12-09 18:19 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-12-09 18:19 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-12-09 18:19 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-12-09 18:19 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-12-09 18:19 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-12-09 18:19 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-12-09 18:19 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-12-09 18:19 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-12-09 18:19 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-12-09 18:19 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-12-09 18:19 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-12-09 18:19 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-12-09 18:19 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-12-09 18:19 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-12-09 18:19 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-12-09 18:19 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-12-09 18:19 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 18:19 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-12-09 18:19 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-12-09 18:19 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2015-12-09 18:19 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-12-09 18:19 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-12-09 18:19 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-12-09 18:19 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-12-09 18:19 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-12-09 18:19 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-12-09 18:19 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-12-09 18:19 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-12-09 18:19 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-12-09 18:19 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\wshrm.dll
2015-12-09 18:19 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshrm.dll
2015-12-09 18:19 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2015-12-09 18:19 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2015-12-09 18:19 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
2015-12-09 18:19 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2015-12-09 18:19 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2015-12-09 18:19 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\nlsbres.dll
2015-12-09 18:19 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZE.DLL
2015-12-09 18:19 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\kbdgeoqw.dll
2015-12-09 18:19 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZEL.DLL
2015-12-09 18:19 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZE.DLL
2015-12-09 18:19 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\kbdgeoqw.dll
2015-12-09 18:19 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZEL.DLL
2015-12-09 18:19 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlsbres.dll
2015-12-09 18:19 - 2015-10-08 20:13 - 00419928 _____ C:\windows\SysWOW64\locale.nls
2015-12-09 18:19 - 2015-10-08 19:52 - 00419928 _____ C:\windows\system32\locale.nls
2015-12-09 18:18 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\windows\system32\els.dll
2015-12-09 18:18 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\els.dll
2015-11-29 02:37 - 2015-11-29 02:37 - 00000000 ___DL C:\Users\Dean Bönkendorf\AppData\LocalLow\PlayReady
2015-11-29 02:20 - 2015-12-10 00:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-11-29 02:20 - 2015-12-10 00:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-11-29 02:20 - 2015-12-10 00:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-11-25 13:18 - 2015-11-25 13:18 - 00000000 ____D C:\Users\Public\Documents\sun
2015-11-22 22:51 - 2015-11-22 23:55 - 00000000 ____D C:\Users\Dean Bönkendorf\Documents\FIFA 16
2015-11-22 22:18 - 2015-12-11 17:15 - 00000832 _____ C:\Users\Public\Desktop\FIFA 16.lnk
2015-11-22 22:18 - 2015-11-22 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16
2015-11-19 19:24 - 2015-12-15 12:40 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-11-19 19:20 - 2015-11-19 19:20 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-19 12:59 - 2014-12-15 20:58 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2015-12-19 12:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-19 12:51 - 2014-09-10 11:55 - 00001093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-19 12:51 - 2014-09-10 11:55 - 00001081 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-19 12:51 - 2014-09-10 11:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-19 12:50 - 2015-05-09 13:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-19 12:48 - 2009-07-14 05:45 - 00032336 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-19 12:48 - 2009-07-14 05:45 - 00032336 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-19 12:47 - 2014-09-05 15:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-19 12:47 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-12-19 00:46 - 2014-06-12 08:30 - 01592628 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2015-12-19 00:46 - 2011-04-12 08:43 - 00699092 _____ C:\windows\system32\perfh007.dat
2015-12-19 00:46 - 2011-04-12 08:43 - 00149232 _____ C:\windows\system32\perfc007.dat
2015-12-19 00:46 - 2009-07-14 06:13 - 01592628 _____ C:\windows\system32\PerfStringBackup.INI
2015-12-19 00:46 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2015-12-19 00:45 - 2015-04-04 02:00 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-12-19 00:45 - 2015-04-04 02:00 - 00000000 ___SD C:\windows\system32\GWX
2015-12-19 00:44 - 2014-10-02 18:06 - 00000000 ____D C:\ProgramData\Origin
2015-12-19 00:20 - 2015-04-20 21:03 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-12-18 22:32 - 2014-09-10 12:12 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-17 21:25 - 2015-07-26 17:45 - 00000000 ____D C:\Users\Dean Bönkendorf\Desktop\neuerstuff
2015-12-17 21:25 - 2015-06-24 21:49 - 00000000 ____D C:\Users\Dean Bönkendorf\Desktop\Studium
2015-12-17 21:25 - 2015-05-07 23:41 - 00000000 ____D C:\Users\Dean Bönkendorf\Desktop\RNBshit
2015-12-17 21:25 - 2015-01-10 19:57 - 00000000 ____D C:\Users\Dean Bönkendorf\Desktop\eigene mukke
2015-12-17 21:25 - 2014-09-10 12:29 - 00000000 ____D C:\Users\Dean Bönkendorf\Desktop\PcSachen
2015-12-17 21:03 - 2014-09-10 13:40 - 00000000 ____D C:\Users\Dean Bönkendorf\AppData\Roaming\TS3Client
2015-12-17 18:12 - 2015-10-27 17:58 - 00249344 ___SH C:\Users\Dean Bönkendorf\Desktop\Thumbs.db
2015-12-13 22:42 - 2014-10-05 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-12-13 22:42 - 2014-10-05 19:02 - 00000000 ____D C:\Users\Dean Bönkendorf\AppData\Roaming\DVDVideoSoft
2015-12-13 18:12 - 2014-09-10 11:47 - 00000000 ____D C:\Users\Dean Bönkendorf
2015-12-13 17:36 - 2014-10-02 18:24 - 00000000 ____D C:\Users\Dean Bönkendorf\AppData\Local\Spotify
2015-12-13 17:33 - 2014-09-10 19:11 - 00000000 ____D C:\Users\Dean Bönkendorf\AppData\Roaming\Spotify
2015-12-12 12:43 - 2015-05-16 23:49 - 00000000 ____D C:\Users\Dean Bönkendorf\Desktop\ich
2015-12-11 22:48 - 2015-01-09 18:26 - 00000000 ____D C:\Users\Dean Bönkendorf\Documents\Cubase LE AI Elements Projects
2015-12-11 18:37 - 2015-10-05 01:26 - 00000000 ____D C:\Users\Dean Bönkendorf\AppData\Roaming\steelseries-engine-3-client
2015-12-11 18:34 - 2014-10-30 19:53 - 00000000 ____D C:\Users\Dean Bönkendorf\Desktop\anstehendes
2015-12-11 15:09 - 2009-07-14 04:20 - 00000000 ____D C:\windows\rescache
2015-12-10 15:12 - 2009-07-14 05:45 - 00368536 _____ C:\windows\system32\FNTCACHE.DAT
2015-12-10 00:53 - 2014-06-12 08:37 - 00000000 ____D C:\windows\system32\MRT
2015-12-10 00:50 - 2014-06-12 08:37 - 140158008 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-12-09 19:20 - 2015-04-20 21:03 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 19:20 - 2014-09-10 19:14 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 19:20 - 2014-09-10 19:14 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 04:39 - 2010-11-21 04:27 - 00301728 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-11-28 22:09 - 2014-09-10 13:37 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-11-26 22:48 - 2015-10-30 22:52 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-22 22:18 - 2014-06-17 11:30 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-22 22:18 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-20 18:49 - 2014-09-10 11:51 - 00104048 _____ C:\Users\Dean Bönkendorf\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-19 19:20 - 2014-10-16 18:27 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-12-12 21:40 - 2014-12-12 21:40 - 0000148 _____ () C:\Users\Dean Bönkendorf\AppData\Roaming\tmp_register.bat
2014-10-16 20:22 - 2014-10-16 20:22 - 0000874 _____ () C:\Users\Dean Bönkendorf\AppData\Local\recently-used.xbel
2014-09-05 14:58 - 2014-09-05 14:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-11 15:02
==================== Ende von FRST.txt ============================
Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:19-12-2015
durchgeführt von Dean Bönkendorf (2015-12-19 12:59:49)
Gestartet von C:\Users\Dean Bönkendorf\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-09-10 10:47:37)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-330146135-2436004342-2132212847-500 - Administrator - Disabled)
Dean Bönkendorf (S-1-5-21-330146135-2436004342-2132212847-1001 - Administrator - Enabled) => C:\Users\Dean Bönkendorf
Gast (S-1-5-21-330146135-2436004342-2132212847-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-330146135-2436004342-2132212847-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: Emsisoft Anti-Malware (Enabled - Up to date) {2F44E1F9-850B-1C7A-0E56-EB2E0A3E20C9}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {9425001D-A331-13F4-34E6-D05C71B96A74}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.1.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.4.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.5.14 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.4.0 - Canon Inc.)
Canon MX470 series Benutzerregistrierung (HKLM-x32\...\Canon MX470 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MX470 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX470_series) (Version: 1.00 - Canon Inc.)
Canon MX470 series On-screen Manual (HKLM-x32\...\Canon MX470 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.1.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.1.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.3.0 - Canon Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DRAGON BALL XENOVERSE (HKLM-x32\...\Steam App 323470) (Version: - DIMPS)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.9.1.1169 - Steinberg Media Technologies GmbH)
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.64673.4 - Electronic Arts)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.71.1211 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.46.923 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.46.923 - DVDVideoSoft Ltd.)
G-sonique Alien303 VSTi (HKLM-x32\...\G-sonique Alien303 VSTi) (Version: - )
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version: - NetherRealm Studios)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x64 de) (HKLM\...\Mozilla Firefox 42.0 (x64 de)) (Version: 42.0 - Mozilla)
Mozilla Firefox 43.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0 (x86 de)) (Version: 43.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0 - Mozilla)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\Steam App 234670) (Version: - CyberConnect 2)
NARUTO SHIPPUDEN: Ultimate Ninja STORM Revolution (HKLM-x32\...\Steam App 272510) (Version: - CyberConnect2 Co., Ltd.)
Native Instruments Battery 3 (HKLM-x32\...\Native Instruments Battery 3) (Version: - )
Native Instruments Kontakt 3 (HKLM-x32\...\Native Instruments Kontakt 3) (Version: - )
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
Pro-Sounds PS-1 (HKLM-x32\...\Pro-Sounds PS-1) (Version: 1.2 - Pro-Sounds)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7255 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\Spotify) (Version: 1.0.1.1060.gc75ebdfd - Spotify AB)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SteelSeries Engine 3.6.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.6.2 - SteelSeries ApS)
Steinberg Cubase LE AI Elements 7 64bit (HKLM\...\{67E7C608-D0EA-4273-B374-50ABE42FBE08}) (Version: 7.0.80 - Steinberg Media Technologies GmbH)
Steinberg Cubase LE AI Elements 8 64bit (HKLM\...\{C801D1E6-30E3-46BE-368D-0106B42CCE17}) (Version: 8.0.20 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.2.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.2.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Sublime Text 2.0.2 (HKLM-x32\...\Sublime Text 2_is1) (Version: - )
Syncrosofts Lizenz Kontrolle (HKLM-x32\...\Syncrosoft's License Control) (Version: - Syncrosoft Hard- Und Software GmbH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version: - CD PROJEKT RED)
Unity Web Player (HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\UnityWebPlayer) (Version: 4.5.4f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Voxengo Voxformer (HKLM\...\Voxengo Voxformer_is1) (Version: 2.9 - Voxengo)
VPNAutoconnect (HKLM-x32\...\{8E557F21-99AE-440D-8058-CD8CB3302E13}) (Version: 1.15 - globalip)
Windows Driver Package - Microsoft (xusb21) XnaComposite (08/13/2009 2.1.0.1349) (HKLM\...\0AEBEF6F936CFE16E003F7E141631FAB754D9816) (Version: 08/13/2009 2.1.0.1349 - Microsoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.1.2015.0 - WinPatrol)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Xleaner v4.28.1368 (HKLM-x32\...\{72D84E46-E633-4729-8A77-2347C8CD4096}_is1) (Version: - More Than A Cleaner.de)
Yamaha Steinberg USB Driver (HKLM-x32\...\InstallShield_{905A4D64-E752-4BC1-9D18-F7747F4C7D87}) (Version: 1.9.0 - Yamaha Corporation)
Yamaha Steinberg USB Driver (Version: 1.9.0 - Yamaha Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
11-12-2015 17:15:07 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
11-12-2015 18:35:04 DirectX wurde installiert
14-12-2015 18:32:46 Windows Update
18-12-2015 00:06:40 Windows Update
19-12-2015 00:45:04 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2014-12-13 12:49 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {187D9DC8-1A69-4008-BE52-D594B8052520} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-13] (Dropbox, Inc.)
Task: {3954EF81-194D-4CC2-B281-F0EEC8CA78C9} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {3C29ECE2-184F-47A3-9D92-656307001381} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {4E704D28-DCEF-4CD0-A777-64802F32DA65} - System32\Tasks\{B0DE84C7-555B-4C99-93F4-F2C37F6A2D68} => pcalua.exe -a "C:\Users\Administrator.MININT-M7F55PD\Desktop\DX C++ PhysX .NET\dotnetfx35\dotnetfx35.exe" -d "C:\Users\Administrator.MININT-M7F55PD\Desktop\DX C++ PhysX .NET\dotnetfx35"
Task: {567811F8-BBD7-4ACE-A757-2F1AC97C4CF3} - System32\Tasks\{24F23C0E-A6E4-4B1F-BFB9-C44C17279C8F} => pcalua.exe -a "C:\Users\Dean Bönkendorf\Desktop\Adobe\Audition 3.0\Adobe Audition 3.0\Audition 3.0 Setup.exe" -d "C:\Users\Dean Bönkendorf\Desktop\Adobe\Audition 3.0\Adobe Audition 3.0"
Task: {70E7DEEC-9730-487B-B895-B4F862A8F228} - System32\Tasks\{F3AABC01-EFDF-4727-B845-1C95B339B863} => pcalua.exe -a "C:\Users\Dean Bönkendorf\AppData\Roaming\webssearches\UninstallManager.exe" -c -ptid=cvs <==== ACHTUNG
Task: {A62B3250-CD48-4BE6-8FD9-4380A8EA346B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {BB4A8036-BB32-4E8D-A890-39BE20225735} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-13] (Dropbox, Inc.)
Task: {EF3C3B0C-C67D-4555-972E-DE0AD66718E7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {F97312F6-9754-4413-9959-196881B4C72F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {FE24FC64-C3BA-4D32-B86D-A5F622AC1892} - System32\Tasks\{F9A8AE91-7B97-4F34-A29A-7D6D7F8A0D74} => pcalua.exe -a "C:\Users\Dean Bönkendorf\Desktop\Waves Diamond Bundle 5.2\setup.exe" -d "C:\Users\Dean Bönkendorf\Desktop\Waves Diamond Bundle 5.2"
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-09-05 15:01 - 2015-08-07 05:34 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-05 14:57 - 2014-01-28 04:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2014-09-10 19:37 - 2015-02-20 19:10 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2014-09-05 14:58 - 2015-12-19 12:47 - 00027648 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2014-09-05 14:57 - 2014-01-28 04:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2015-05-19 14:26 - 2015-08-18 00:31 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-12-13 18:11 - 2015-10-31 01:59 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-13 18:11 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd
2015-12-13 18:11 - 2015-10-31 01:59 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-13 18:11 - 2015-10-31 01:59 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-13 18:11 - 2015-10-31 01:59 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-13 18:11 - 2015-10-31 02:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-13 18:11 - 2015-10-31 01:59 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-13 18:11 - 2015-12-08 22:36 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-13 18:11 - 2015-10-31 01:59 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-13 18:11 - 2015-10-31 02:00 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-13 18:11 - 2015-10-31 02:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-13 18:11 - 2015-10-31 02:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-13 18:11 - 2015-10-31 02:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-13 18:11 - 2015-10-31 02:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2015-12-13 18:11 - 2015-10-31 02:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-13 18:11 - 2015-10-31 02:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-13 18:11 - 2015-10-31 02:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-13 18:11 - 2015-10-31 02:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-13 18:11 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-13 18:11 - 2015-10-31 02:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2015-12-13 18:11 - 2015-10-31 02:00 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2015-12-13 18:11 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-13 18:11 - 2015-10-31 01:59 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2015-12-13 18:11 - 2015-10-31 01:59 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2015-12-13 18:11 - 2015-10-31 02:00 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd
2015-12-13 18:11 - 2015-10-31 02:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-13 18:11 - 2015-12-08 22:36 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-13 18:11 - 2015-10-31 02:00 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00486704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2015-12-13 18:11 - 2015-12-08 22:36 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-12-13 18:11 - 2015-10-31 02:01 - 00019920 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-12-13 18:11 - 2015-10-31 02:00 - 00786904 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-12-13 18:11 - 2015-10-31 02:00 - 00063448 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-12-13 18:11 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-330146135-2436004342-2132212847-1001\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 5317 mehr Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-330146135-2436004342-2132212847-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dean Bönkendorf\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{07C6887B-D5F0-4339-ACFD-8DBB78AED186}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BF293E57-6786-4BE0-B97C-C7159C7A691D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E524293E-BAFE-4B0F-9590-2C8C5EFC9AE2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AF6FA032-5B70-4EFD-8AB8-6F03A72072F3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D0FECF6C-1869-462A-8F76-49B2C8B31B3D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{42079083-1025-4B67-BC68-9C3F7CA0C6CC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6FE0BE82-4A3A-41B9-BB73-FF3FBDCA5742}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E7AA90E4-80A6-4086-ACF1-AE4FDCEA09EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\C9\C9MappingAccount.exe
FirewallRules: [{6406F2A4-FE15-42B5-BC76-E55C1AC13B5A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\C9\C9MappingAccount.exe
FirewallRules: [{D2A60AD1-11F2-4304-8E93-D9CE5AB65C35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1A28CE93-7294-43FE-BA9B-A09B660D68EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B652B5B2-9DF7-46F0-80A0-5BA06A82976B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{58C77B66-FBB0-4071-B9A4-6C4B8A3A0BB1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{4FD5F3CD-DF89-46AB-972F-CE8B2E11A35F}C:\users\dean bönkendorf\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dean bönkendorf\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{20F768CB-7D36-4C71-AB58-D8B533ECCA86}C:\users\dean bönkendorf\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dean bönkendorf\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4515E5B6-A4F1-47DE-B504-F20A51B44681}D:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) D:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{DFA87477-9FAA-4B64-B38E-8AFABF6F4F8D}D:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) D:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [TCP Query User{31DDCAE7-6B1D-48C1-90A5-6096865DBF34}C:\users\dean bönkendorf\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dean bönkendorf\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CAEE8DB0-B0F4-426F-9473-D921035707FA}C:\users\dean bönkendorf\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dean bönkendorf\appdata\roaming\spotify\spotify.exe
FirewallRules: [{766ADAD8-9FF8-4786-93B1-21D9723EBE9C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{C8B7DEA8-DDF0-40EB-B70B-ADACB67FA4CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{C45D9D57-EB17-4111-8C6D-BFA3B41BA703}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{4C080B56-48B3-41CC-B34F-8FAA29B96BBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{E2EF9ED1-AA67-44EF-AAEA-00F2AD60FEE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{399ED6A1-BA1F-4A5C-95B9-F0D1229D6768}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{AD0958B6-13C5-4089-902E-73D67A372BCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{D19DB2F2-C096-467E-864D-FDCF1BB15E17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{760C835D-F7E8-42F9-8DF0-8FE586F62B5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{EA261A0C-D431-4E8D-BB96-9C45B3F6C132}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{E46FF65C-6E6E-42D0-A972-AB087F4F84AD}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{0216E924-4746-4AC1-B574-C081C54D977D}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{CBD2993A-8316-4FB3-9AC3-EFB42DDBA4B9}D:\ubisoft game launcher\games\far cry 3\bin\farcry3.exe] => (Block) D:\ubisoft game launcher\games\far cry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{3AE420D1-B6CE-4475-AB18-36341BC3D55D}D:\ubisoft game launcher\games\far cry 3\bin\farcry3.exe] => (Block) D:\ubisoft game launcher\games\far cry 3\bin\farcry3.exe
FirewallRules: [TCP Query User{970474E5-E4DE-4789-8607-0E404909B742}D:\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{9F1A704E-2215-4166-A136-B7B4750921BD}D:\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Allow) D:\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{49373530-0462-4A55-AB1F-AD6A3633A9B5}D:\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Block) D:\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{84B7CE7A-2A99-40E4-9FAC-7A472337BE13}D:\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => (Block) D:\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{92086F8B-E01E-465A-8D5D-9983265A1376}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{12170B29-CB2B-408B-9353-7AAB2BAB3B5E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{E390E860-1420-4DF9-953A-0F23D629D16D}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{57241E43-09CB-4702-ACC2-9F4F170A1584}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{6B6141A3-BB1A-41BF-BCC3-9F20267008BF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{844FD5E4-CFB9-47C0-BAE4-F37563B616A3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3F03719D-0D70-49F9-BE31-9B961C594AF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe
FirewallRules: [{8C2F8CEF-97A4-4BC9-AC38-ACD7600FC450}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe
FirewallRules: [TCP Query User{60D97222-60C8-4721-A549-F2BC8CE0D9F6}C:\program files (x86)\steam\steamapps\common\naruto shippuden ultimate ninja storm 3 full burst\ns3fb.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\naruto shippuden ultimate ninja storm 3 full burst\ns3fb.exe
FirewallRules: [UDP Query User{E41C662D-A144-45A7-A79D-4F28CFDD6366}C:\program files (x86)\steam\steamapps\common\naruto shippuden ultimate ninja storm 3 full burst\ns3fb.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\naruto shippuden ultimate ninja storm 3 full burst\ns3fb.exe
FirewallRules: [TCP Query User{21397792-FFFF-484A-B053-83685DF2CE4E}C:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe
FirewallRules: [UDP Query User{DDC14A35-D927-4729-89BB-E3C04F4690B3}C:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe
FirewallRules: [TCP Query User{D9760706-6E38-477F-A5AA-765C25EFBABC}C:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{6EB0377E-BA3D-49FC-A414-A45ECA1EE984}C:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe
FirewallRules: [{8552312C-24D0-4F08-A387-B6F239E08173}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C1D56AFB-646F-4EA9-BBDE-8BA17A9F2273}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F708BCFC-F7AF-4F9B-B7FB-089DA8D1EECF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{73D6BD9A-0FCC-4F84-942D-CC3FDBAD100A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{1D118656-026F-4CE9-A27F-B2F486D5A53E}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{AA7BF51D-3402-4E56-A534-1E752155766A}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{37019DC9-570B-4CCC-B94C-50897D2DA95D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{25DF0D29-1B44-4D02-B585-FCDF0486C3F3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{75A949E1-0134-4D74-8BDC-71B8F95DFCB0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3CA40634-32B4-444A-ABB2-FE3232AB8D0D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F50FA406-D8F1-44D7-B9F3-18257AF67200}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{2E5AF936-9942-44B3-A3D3-5D20E14B249D}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{66A59B80-49CB-453B-A66C-D97104987A5F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{AFFF18AF-5D33-4F6D-A13C-E2925AC197C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{3AF5ED32-46B1-4D4E-A083-FF49BD7A14C6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F21BC914-5482-4FE0-87EA-A52196CCEAB6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0D8EC4FF-DFF3-4168-900A-3FC1F15C3C23}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EB165A94-521D-41C6-A91A-F8B2B70D637C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{40879B58-6BD6-4105-8FE4-16B9FBDCBA4F}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{F9C58152-F2D7-4BA8-832D-4838BFF3717F}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{5BFF197C-C321-43FE-9236-18AD10024E15}] => (Allow) D:\SteamLibrary\steamapps\common\DB Xenoverse\DBXV.exe
FirewallRules: [{E55D0710-5D1A-44A5-9932-7BF1FDAEB93C}] => (Allow) D:\SteamLibrary\steamapps\common\DB Xenoverse\DBXV.exe
FirewallRules: [TCP Query User{6D34A749-4F0D-480D-8F35-7183C0C11C8D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9DB582BC-ABFE-4396-93FB-439F9EA5814A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{5649FFB7-471D-445A-9341-ACC98272399F}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{17FF3C34-1AF7-4E06-BFF8-C70F86B952AF}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{1C607BE2-95CE-470D-85CD-B467C27EB5C6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{BC8E521D-4121-4916-B2F5-FA082013E20B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rise_of_Incarnates\exe\roi.exe
FirewallRules: [{0EEC40A1-5E9E-4511-B111-039452DF95E0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1CBB0977-084C-4C71-85F7-81CDB34A0ECF}] => (Allow) LPort=2869
FirewallRules: [{F2FF8E45-2A75-41BE-A836-0C09B3988C26}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{377A54A0-1BF9-40FD-8B2C-EBEDFF8FD693}D:\steamlibrary\steamapps\common\arma 3\arma3.exe] => (Allow) D:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{0AD374A8-F4DC-4527-A9A2-0766762EDD7C}D:\steamlibrary\steamapps\common\arma 3\arma3.exe] => (Allow) D:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [{0445D3B0-F1E4-4487-B99F-CB8366490FC4}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{DECE0114-7C14-4B7C-98DA-561BC74AD1C5}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{D9E2514E-2AFF-40D4-B5AF-991EC74C5985}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{92F4A586-1EA7-4704-8E1D-93413A8B42F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{B640279F-3966-4428-AC82-3E90B423AEDB}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{A99ED824-8967-42C8-9350-DBA9DB9DA797}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [TCP Query User{A74416E9-F5ED-48A7-8562-675CEA3AC4E5}D:\steamlibrary\steamapps\common\naruto shippuden ultimate ninja storm revolution\nsunsr.exe] => (Allow) D:\steamlibrary\steamapps\common\naruto shippuden ultimate ninja storm revolution\nsunsr.exe
FirewallRules: [UDP Query User{2507676A-1817-4E5F-B663-785D817B0157}D:\steamlibrary\steamapps\common\naruto shippuden ultimate ninja storm revolution\nsunsr.exe] => (Allow) D:\steamlibrary\steamapps\common\naruto shippuden ultimate ninja storm revolution\nsunsr.exe
FirewallRules: [{476361C1-A6C3-4964-A669-D8582903BDE1}] => (Allow) D:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{F8C6AE0A-B9B6-4460-B9CD-D313ECA4DC68}] => (Allow) D:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{9FB4B405-4929-4243-9377-DFF441BBB95E}] => (Allow) D:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{20A82327-B2D9-488C-9CE3-418E1C969D60}] => (Allow) D:\SteamLibrary\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [TCP Query User{263F73BD-C904-4A79-AF49-FD1EC8E5B3AA}D:\record\aufmweeknd\cubase 8\cubase le ai elements 8.exe] => (Allow) D:\record\aufmweeknd\cubase 8\cubase le ai elements 8.exe
FirewallRules: [UDP Query User{9FE91F89-4AC9-4FDE-87FD-08A57658965C}D:\record\aufmweeknd\cubase 8\cubase le ai elements 8.exe] => (Allow) D:\record\aufmweeknd\cubase 8\cubase le ai elements 8.exe
FirewallRules: [TCP Query User{8D768759-68FA-416A-914F-2B9AEA0220BE}D:\record\aufmweeknd\cubase 8\components\vstbridgeapp.exe] => (Allow) D:\record\aufmweeknd\cubase 8\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{1DB0B156-8005-4AD5-ADA7-37A471F7DF4E}D:\record\aufmweeknd\cubase 8\components\vstbridgeapp.exe] => (Allow) D:\record\aufmweeknd\cubase 8\components\vstbridgeapp.exe
FirewallRules: [TCP Query User{DB5132A5-140F-4B98-8A7C-997BDAD59FDD}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Block) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{03AC3A54-6A7D-420E-8BFC-349C04DC45E3}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Block) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{5C24AB19-79DE-4E33-9FC1-2AADB192318B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{14F164FD-7073-48D0-B075-A4847297E187}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BAC0E481-4854-46CB-A7CA-E2C2E0526A5F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F76FD1E5-9102-4364-A387-4C8D7B6799BB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{06EA2D63-06E8-417C-96EB-9FF46642AE93}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BB5651F9-00BC-4543-BD54-6F45A878D4EC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B348501C-0AB5-4C06-B398-446ED4C822D1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A6FADAC1-A831-4F7A-B8DC-8B44B5EA8178}D:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) D:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{161A845C-9CAE-4726-B6A9-CC3480575C7A}D:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) D:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{C8C713FC-3805-401A-882D-D398F6F69691}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{DFEA3B01-2974-48F0-88A2-CBC0B2F79A98}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{4AEA6D0E-5B6F-46AD-B1E8-E5F00EF233A3}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/19/2015 12:53:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x924
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3
Error: (12/19/2015 12:49:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/18/2015 06:58:11 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (12/18/2015 06:07:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x830
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3
Error: (12/18/2015 06:03:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/17/2015 06:05:08 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (12/17/2015 05:26:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x718
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3
Error: (12/17/2015 05:21:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/16/2015 10:41:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0x40000015
Fehleroffset: 0x00093534
ID des fehlerhaften Prozesses: 0x9dc
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3
Error: (12/16/2015 10:36:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (12/19/2015 12:59:53 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy6" den Befehl "chkdsk" aus.
Error: (12/19/2015 12:53:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/19/2015 12:47:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Digital Wave Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/19/2015 12:45:03 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy6" den Befehl "chkdsk" aus.
Error: (12/18/2015 07:18:54 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy6" den Befehl "chkdsk" aus.
Error: (12/18/2015 06:07:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/18/2015 06:02:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Digital Wave Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/18/2015 12:06:40 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy6" den Befehl "chkdsk" aus.
Error: (12/17/2015 05:26:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/17/2015 05:19:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Digital Wave Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
CodeIntegrity:
===================================
Date: 2015-07-28 10:54:27.570
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 10:54:27.453
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 10:54:27.300
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-07-28 10:54:27.185
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2014-12-13 12:49:25.557
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-12-13 12:49:25.526
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 16320.14 MB
Verfügbarer physikalischer RAM: 13228.61 MB
Summe virtueller Speicher: 32638.48 MB
Verfügbarer virtueller Speicher: 29459.02 MB
==================== Laufwerke ================================
Drive c: (OSDisk) (Fixed) (Total:200 GB) (Free:23.26 GB) NTFS
Drive d: () (Fixed) (Total:731.02 GB) (Free:541.09 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F1AD0888)
Partition 1: (Active) - (Size=499 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=731 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
| Themen zu Bei PC-Start öffnet sich immer ein Fenster. Pc ist langsamer als zuvor. |
| avira, bonjour, combofix, converter, cubase, defender, dnsapi.dll, downloader, firefox, flash player, gesperrt, home, homepage, installmanager.exe, mozilla, programm, prozesse, realtek, registry, scan, security, services.exe, software, svchost.exe, system, temp, udp, windows |
Baum-Darstellung