Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-01-2017
durchgeführt von Aruran (04-01-2017 16:16:28)
Gestartet von C:\Users\Aruran\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-21 19:40:27)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3707763914-2828650107-2775741400-500 - Administrator - Disabled) => C:\Users\Administrator
Aruran (S-1-5-21-3707763914-2828650107-2775741400-1001 - Administrator - Enabled) => C:\Users\Aruran
DefaultAccount (S-1-5-21-3707763914-2828650107-2775741400-503 - Limited - Disabled)
Gast (S-1-5-21-3707763914-2828650107-2775741400-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Assassins Creed Unity (HKLM-x32\...\{XXXXXXXX-XXXX-XXXX-XXXX-BLACKBOX0025}) (Version: 6.0 - Black Box)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Battlefield Play4Free (HKLM-x32\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions)
BenVista PhotoZoom Pro 6.0.8 (HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\PhotoZoom Pro 6) (Version: 6.0.8 - BenVista Ltd.)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bus Simulator 16 (HKLM\...\YnVzc2ltdWxhdG9yMTY_is1) (Version: 1 - )
Bus-Simulator 2012 (HKLM-x32\...\Bus-Simulator 2012_is1) (Version: - astragon)
Camtasia Studio 8 (HKLM-x32\...\{E7AFA156-D5CB-4B8C-843D-E7CA58D36B0A}) (Version: 8.6.0.2054 - TechSmith Corporation)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
City Car Driving 1.2.2 (HKLM-x32\...\{CC457F3D-5CDE-4CE8-9685-90A4EDE81374}_is1) (Version: - Forward Development)
Construction-Simulator 2015 (HKLM-x32\...\Steam App 289950) (Version: - weltenbauer. Software Entwicklung GmbH)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive)
Dropbox (HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.18.1 - SCS Software)
Farming Simulator 15 (HKLM-x32\...\Farming Simulator 15_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.60.713 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.60.713 - DVDVideoSoft Ltd.)
Freemake Audio Converter Version 1.1.3 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.3 - Ellora Assets Corporation)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Killing Floor (HKLM\...\Steam App 1250) (Version: - Tripwire Interactive)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{9E2154A9-2953-4FAC-B943-052DD23057AF}) (Version: 7.0.1.27 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.1.27 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (HKLM\...\MX.{FB081787-6116-4FEA-83A4-D05DB9934C57}) (Version: 14.0.0.96 - MAGIX Software GmbH)
MAGIX Video Pro X7 (Version: 14.0.0.96 - MAGIX Software GmbH) Hidden
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version: - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-003A-0000-0000-0000000FF1CE}_PRJSTD_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version: - Microsoft)
Microsoft Office Project Standard 2007 (HKLM-x32\...\PRJSTD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PlanetSide 2 (2) (HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\SOE-PlanetSide 2 (2)) (Version: 1.0.3.183 - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 6.2.12.0 - Razer Inc.)
RESIDENT EVIL 5 (HKLM-x32\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.)
ROCCAT Kova[+] Mouse Driver (HKLM-x32\...\{A86DDFE3-F661-461C-9BF2-876AC2CA57DE}) (Version: 1.10 - Roccat GmbH)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.2.2.0 - Lenovo Group Limited)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
SOE Web Installer (HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\SOE Web Installer) (Version: 1.0.3.171 - Sony Online Entertainment)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
Spotify (HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.353 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.353 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.353 - TuneUp Software) Hidden
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-003A-0000-0000-0000000FF1CE}_PRJSTD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{1E16FD84-D9BE-C7F6-B731-BCBED65A09AA}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B456BE1-1419-4ECB-B378-AA54D62EF56E} - System32\Tasks\{CECE02B3-7965-B518-E4E7-2F25542EAD08} => C:\ProgramData\{05DDD3DF-B276-6474-5CC7-B86433FAE339}\0D3A5193-BA91-E638-BCD1-616F454D345A.exe <==== ACHTUNG
Task: {345BB094-D7CE-4485-B18B-BB6E6113E67F} - System32\Tasks\{689EB747-DF35-00EC-B570-6AB16B35BA53} => C:\ProgramData\{CC009523-7BAB-2288-230F-30FDE668E57E}\48BE59E1-FF15-EE4A-6008-FDDD5BEB120A.exe <==== ACHTUNG
Task: {3A81B063-6ED9-4222-A752-E278C14AB4F2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {3F4499B1-1084-4A66-AFDF-FDBAC970D4EC} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {458306B3-8909-4ABE-A082-A4D69AC20A4C} - System32\Tasks\{51AD42E9-7519-41A3-9144-2B8A2A7B0F58} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\e366fc6e\9007857a.dll" <==== ACHTUNG
Task: {488FC130-EF5C-41A8-B33E-D2AED62E21F4} - System32\Tasks\Aufgaben der Ereignisanzeige\System_Microsoft-Windows-UserPnp_20001 => desktop [Argument = drucker]
Task: {4CB771CD-5932-489A-9AC5-800E4AE28EA2} - System32\Tasks\{FA4CBE32-4DE7-0999-0AE0-D79F1C9059F7} => C:\ProgramData\{62BB382F-D510-8F84-5DC3-EBD1D57EC79D}\E94FCAC8-5EE4-7D63-6411-6C42F26F2043.exe <==== ACHTUNG
Task: {6137476C-FE46-48DD-B0FC-3B3584A2EF54} - System32\Tasks\Pheroghtlqale Collector => C:\Program Files (x86)\Delyqgach\analatain.exe [2017-01-01] (Glarysoft Ltd)
Task: {7F22EA6C-A5D6-40B1-8DF3-49C7038DFE72} - System32\Tasks\{A8B45195-1F1F-E63E-863B-391E2A604E67} => C:\ProgramData\{569357B0-E138-E01B-DF7B-33C9598DB512}\A96D7853-1EC6-CFF8-8017-39589984F9B6.exe <==== ACHTUNG
Task: {8D76A3B0-447F-4E12-867B-3727A7DD52C9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {8FFB5DAA-7BF6-4F75-A127-4903D75EC4FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {9A35D169-00F1-4A3F-9E5A-E7F1EAB861D4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {AE44564B-5525-4814-A13D-AE8C9C7A16C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B44CDA40-5508-4498-B93B-F0350CA7C81E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B5163DAF-6BBD-4D4C-9034-E7AE4963A329} - System32\Tasks\{675B675A-D0F0-D0F1-56D3-080DA1076E60} => C:\ProgramData\{88F78037-3F5C-379C-D3BE-B6783C70F4CA}\4EA4D68D-F90F-6126-5C54-2F00008CD9CA.exe <==== ACHTUNG
Task: {C12A4D22-A980-4748-939A-DC4FBAF8F887} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C8808CE4-E380-4B23-84CA-83D2C4156C73} - System32\Tasks\{F20603A7-45AD-B40C-1F74-17068C597159} => C:\ProgramData\{F5B0148B-421B-A320-68D4-1FB6A68E977A}\B56BB539-02C0-0292-19D1-AF24E7E2B68C.exe <==== ACHTUNG
Task: {D5E0102C-0023-49F8-AD80-683B1AED1D39} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-12-14] (Microsoft Corporation)
Task: {D7DD0DEA-C193-4E85-9271-0002515D2453} - System32\Tasks\{11F0C66E-A65B-71C5-D91F-1BAB456A64B0} => C:\ProgramData\{632EDB6A-D485-6CC1-A891-F262EA8DC3DE}\E6427A4F-51E9-CDE4-D717-311225045A97.exe <==== ACHTUNG
Task: {E678182B-DA87-48B4-BB32-278B433E074A} - System32\Tasks\{58CCAE19-EF67-19B2-048E-8AA9CB0C36D6} => C:\ProgramData\{0A063EFE-BDAD-8955-3A52-44CE203D919E}\58766930-EFDD-DE9B-6D55-05DEC9A921D8.exe <==== ACHTUNG
Task: {E93758AC-FE24-4D87-B491-A4967B679F3C} - System32\Tasks\{B39DCCAA-0436-7B01-115A-E0070E00E8F9} => C:\ProgramData\{3386FBFE-842D-4C55-1EAE-4CDE7EA6597E}\A77CD74F-10D7-60E4-B02B-39DD9772AE03.exe <==== ACHTUNG
Task: {F87FCD1A-8F50-497B-8966-7D8081E30493} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {FA7C4B09-BF43-4198-B586-886BF9D4C302} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {FBF7D260-87B9-4097-8947-D6BE7A2D857D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Aruran\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-09 21:12 - 2015-05-09 21:29 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-08-14 23:33 - 2015-08-14 23:33 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-06-25 06:53 - 2015-06-25 06:53 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2016-11-09 17:17 - 2016-10-25 10:42 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-09 17:17 - 2016-10-25 10:42 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-10-31 20:45 - 2016-10-31 20:45 - 00592384 _____ () C:\Users\Aruran\AppData\Local\MEGAsync\ShellExtX64.dll
2015-12-21 19:33 - 2015-12-21 19:33 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-22 15:33 - 2016-07-01 04:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-11-09 17:17 - 2016-10-25 05:49 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 17:17 - 2016-10-25 05:44 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 17:17 - 2016-10-25 05:45 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 17:17 - 2016-10-25 05:48 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-16 14:38 - 2016-09-16 14:38 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2017-01-01 20:31 - 2017-01-01 20:31 - 00177152 _____ () c:\program files (x86)\delyqgach\cktcontrols.dll
2017-01-02 15:29 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2017-01-02 15:29 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\sony.com -> sony.com
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2017-01-01 20:33 - 00004386 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
34.195.153.94 www.google-analytics.com
34.195.153.94 google-analytics.com
34.195.153.94 mc.yandex.ru
34.195.153.94 top-fwz1.mail.ru
34.195.153.94 site.yandex.net
34.195.153.94 pagead2.googlesyndication.com
34.195.153.94 ad.mail.ru
34.195.153.94 ads.adfox.ru
34.195.153.94 ads.pubmatic.com
34.195.153.94 apis.google.com
34.195.153.94 autocontext.begun.ru
34.195.153.94 b.scorecardresearch.com
34.195.153.94 c.amazon-adsystem.com
34.195.153.94 cdn.admixer.net
34.195.153.94 cdn.cxense.com
34.195.153.94 cdn.livefyre.com
34.195.153.94 cdn.onthe.io
34.195.153.94 cdn.optimizely.com
34.195.153.94 cdn.prom.st
34.195.153.94 cdn.pushwoosh.com
Da befinden sich 55 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\StartupApproved\Run: => "msnmsgr"
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{6592864C-E7EC-45E0-B757-21D45B786EBB}C:\users\aruran\appdata\roaming\spotify\spotify.exe] => C:\users\aruran\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{F5644A3C-5476-45E7-942D-9FD3B6FC27F1}C:\users\aruran\appdata\roaming\spotify\spotify.exe] => C:\users\aruran\appdata\roaming\spotify\spotify.exe
FirewallRules: [{F2DFB349-EA2A-4749-A597-CCF4C4406999}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{ACB08F27-F1B9-4B7F-8D62-FEB001F3ABC7}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A0102D9B-CFA6-465A-A51F-11127B0F2778}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C98F82BB-88CE-4964-9DC1-75C913AF09D3}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{C41F7B0E-8A41-4B85-8F51-566F3A40ED82}C:\program files\magix\video pro x7\video_pro_x.exe] => C:\program files\magix\video pro x7\video_pro_x.exe
FirewallRules: [UDP Query User{7E2F6382-13F6-47E4-AD6B-D68C0710E6FD}C:\program files\magix\video pro x7\video_pro_x.exe] => C:\program files\magix\video pro x7\video_pro_x.exe
FirewallRules: [{DCE5D83F-23A8-4C40-9B89-1100482DD27D}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{5E81C56F-E220-47ED-A69B-4AE7F4887427}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [TCP Query User{63B02E80-A4C7-450E-A1F1-62560202372B}D:\farming simulator 15\x64\farmingsimulator2015game.exe] => D:\farming simulator 15\x64\farmingsimulator2015game.exe
FirewallRules: [UDP Query User{53CA883F-7F55-4E3B-A045-967CB42C98E6}D:\farming simulator 15\x64\farmingsimulator2015game.exe] => D:\farming simulator 15\x64\farmingsimulator2015game.exe
FirewallRules: [TCP Query User{89DBE122-D5CD-43AF-B0C4-91CB973B8666}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{31AF25F1-0204-43B3-9346-A2C9DD92EC87}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{A49045E0-3EA6-4925-81D9-FF6ECB7A98B0}C:\program files (x86)\city car driving\bin\win32\starter.exe] => C:\program files (x86)\city car driving\bin\win32\starter.exe
FirewallRules: [UDP Query User{F1C17DB7-FDDF-4206-BB1B-A29AC9546477}C:\program files (x86)\city car driving\bin\win32\starter.exe] => C:\program files (x86)\city car driving\bin\win32\starter.exe
FirewallRules: [{0ADF5ACA-59E4-45EC-A77D-08779EB17C1B}] => D:\dayz\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{CDA74254-C62E-4740-BA98-2E57F6FC522A}] => D:\dayz\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{95C430E4-8152-4367-BA6A-3E65F6A7056A}D:\dayz\steamapps\common\dayz\dayz.exe] => D:\dayz\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{72C629BA-2917-4F55-AA89-9CEA04FC514F}D:\dayz\steamapps\common\dayz\dayz.exe] => D:\dayz\steamapps\common\dayz\dayz.exe
FirewallRules: [{45FD29B0-7B2E-451A-862D-3BB01F0A9905}] => C:\Program Files (x86)\Steam\steamapps\common\ConSim2015\ConSim2015.exe
FirewallRules: [{BE6659BE-A6C2-4804-A828-352A9F1304A4}] => C:\Program Files (x86)\Steam\steamapps\common\ConSim2015\ConSim2015.exe
FirewallRules: [TCP Query User{AD7CDB41-6F24-4763-9DFD-D05D5D09A278}D:\games\arma 3 apex\arma3.exe] => D:\games\arma 3 apex\arma3.exe
FirewallRules: [UDP Query User{7F6B232D-B712-4B18-8087-AFA88B6386E6}D:\games\arma 3 apex\arma3.exe] => D:\games\arma 3 apex\arma3.exe
FirewallRules: [TCP Query User{3266C74C-9F1C-4C21-A536-AB5A99962056}C:\users\aruran\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\users\aruran\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{CE72EB24-D4CD-45E8-92B0-7FD9150D1940}C:\users\aruran\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\users\aruran\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D48DCA08-33EC-40E7-A4BD-668F36B35AFC}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CB9A80F6-C5A3-4718-8E3A-57312AFA3B2C}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A731E16B-2ADA-479E-B764-84FAB07C7289}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{197D4D0B-FB9C-48D0-B350-3C3BBEE3A3C3}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B66ED58A-ECB8-44D5-85A2-EA2663CCA826}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{55C5914A-C594-48D2-8CAA-2352C36FA328}] => D:\steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{271C54E2-47B3-4879-B862-B004915BEB7C}] => D:\steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [TCP Query User{8E91E39E-5950-4F01-BE05-F935E663702E}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FCC88078-D9B1-4803-9408-9D50E2202E6D}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{8A3FFA5C-AE52-4543-A81E-C5DECAB85405}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{1874C557-2F47-40BB-8DEE-68D42BCEE279}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [TCP Query User{4F0D9C6B-CA43-414A-A297-F000F7EA1134}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{91E34703-CF5F-4F14-901C-FB38F2E9CE1C}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [TCP Query User{258660BE-CD7D-4DE8-A6E3-CDE3E552AC4E}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{09BA8A8C-E2BB-4BB6-A786-B55A56575BFC}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{7B9D07F3-176A-48F2-85FA-DCAED0848EBA}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/04/2017 04:02:43 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (01/04/2017 03:57:31 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (01/04/2017 03:57:21 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (01/04/2017 03:57:15 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (01/04/2017 03:52:39 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (01/04/2017 03:50:04 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (01/04/2017 03:49:48 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (01/04/2017 03:49:42 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (01/04/2017 03:49:14 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (01/03/2017 10:26:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.10586.20, Zeitstempel: 0x56540c35
Name des fehlerhaften Moduls: IPHLPAPI.DLL, Version: 10.0.10586.0, Zeitstempel: 0x5632d324
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000089c6
ID des fehlerhaften Prozesses: 0x734
Startzeit der fehlerhaften Anwendung: 0x01d26607fc2add65
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
Berichtskennung: 9e138a53-ffc6-4388-b7e4-91eb002d9c79
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_25.10586.672.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Systemfehler:
=============
Error: (01/04/2017 03:50:35 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/04/2017 03:49:25 PM) (Source: DCOM) (EventID: 10016) (User: Aru)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Aru\Aruran" (SID: S-1-5-21-3707763914-2828650107-2775741400-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/04/2017 03:49:25 PM) (Source: DCOM) (EventID: 10016) (User: Aru)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Aru\Aruran" (SID: S-1-5-21-3707763914-2828650107-2775741400-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/04/2017 03:49:25 PM) (Source: DCOM) (EventID: 10016) (User: Aru)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Aru\Aruran" (SID: S-1-5-21-3707763914-2828650107-2775741400-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/04/2017 03:49:25 PM) (Source: DCOM) (EventID: 10016) (User: Aru)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Aru\Aruran" (SID: S-1-5-21-3707763914-2828650107-2775741400-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/04/2017 03:49:25 PM) (Source: DCOM) (EventID: 10016) (User: Aru)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Aru\Aruran" (SID: S-1-5-21-3707763914-2828650107-2775741400-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/04/2017 03:49:25 PM) (Source: DCOM) (EventID: 10016) (User: Aru)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Aru\Aruran" (SID: S-1-5-21-3707763914-2828650107-2775741400-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/04/2017 03:49:25 PM) (Source: DCOM) (EventID: 10016) (User: Aru)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Aru\Aruran" (SID: S-1-5-21-3707763914-2828650107-2775741400-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/04/2017 03:49:25 PM) (Source: DCOM) (EventID: 10016) (User: Aru)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Aru\Aruran" (SID: S-1-5-21-3707763914-2828650107-2775741400-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/04/2017 03:49:25 PM) (Source: DCOM) (EventID: 10016) (User: Aru)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Aru\Aruran" (SID: S-1-5-21-3707763914-2828650107-2775741400-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-01-02 20:31:03.530
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-15 14:40:01.153
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-11 12:02:20.509
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-10 13:17:14.646
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-29 10:15:10.226
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-15 17:11:46.935
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-14 18:15:18.165
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-13 15:04:06.725
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-17 12:36:39.599
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-16 12:48:35.183
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 8055.7 MB
Verfügbarer physikalischer RAM: 6185.26 MB
Summe virtueller Speicher: 9335.7 MB
Verfügbarer virtueller Speicher: 7414.48 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:118.29 GB) (Free:1.35 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.39 GB) (Free:547.87 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
Themen zu Browser öffnet Tabs von alleine mit Werbung
Zum Thema Browser öffnet Tabs von alleine mit Werbung - FRST Logs :
FRST Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
durchgeführt von Aruran (Administrator) auf ARU (04-01-2017 16:16:04)
Gestartet von - Browser öffnet Tabs von alleine mit Werbung...
Hybrid-Darstellung
