Code:
Alles auswählen Aufklappen ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-01-2017
durchgeführt von Sebastian (16-01-2017 13:45:15)
Gestartet von C:\Users\Sebastian\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-17 11:44:45)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1585825436-704687126-3158100386-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1585825436-704687126-3158100386-503 - Limited - Disabled)
Gast (S-1-5-21-1585825436-704687126-3158100386-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1585825436-704687126-3158100386-1019 - Limited - Enabled)
Sebastian (S-1-5-21-1585825436-704687126-3158100386-1001 - Administrator - Enabled) => C:\Users\Sebastian
SophosSAUMICASA0 (S-1-5-21-1585825436-704687126-3158100386-1004 - Limited - Enabled)
SophosSAUMICASA1 (S-1-5-21-1585825436-704687126-3158100386-1017 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Sophos Home (Enabled - Up to date) {FFADE7EA-DC92-4602-D6B2-626CD3450A0F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Sophos Home (Enabled - Up to date) {44CC060E-FAA8-498C-EC02-591EA8C240B2}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
"Nero SoundTrax Help (x32 Version: 4.4.32.0 - Nero AG) Hidden
µTorrent (HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20053 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
AirDroid 3.2.0.0 (HKLM-x32\...\AirDroid) (Version: 3.2.0.0 - Sand Studio)
Amazon Kindle (HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\Amazon Kindle) (Version: 1.16.0.44025 - Amazon)
AnimanicChat Version 4.2.365 (HKLM-x32\...\AnimanicChat_is1) (Version: 4.2.365 - )
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
ASRock XFast RAM v3.0.3 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
A-Tuning v2.0.271 (HKLM-x32\...\A-Tuning_is1) (Version: 2.0.271 - ASRock Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
calibre 64bit (HKLM\...\{489E20EA-CCB7-4B03-A9A9-10BA7E460A21}) (Version: 2.66.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.3.05017 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.3.05017 - Cisco Systems, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{1A882F29-BC18-4AC2-A71E-0FC30FA32568}) (Version: 1.0.0.0 - Electronic Arts)
Core Temp 1.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.1 - Alcpu)
Corel PaintShop Pro X7 (HKLM-x32\...\_{176F50D6-6857-49CE-B731-65F757EE3F0D}) (Version: 17.0.0.199 - Corel Corporation)
Corel PaintShop Pro X7 (x32 Version: 17.0.0.199 - Corel Corporation) Hidden
Curse Client (HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Deus Ex: Mankind Divided™ (HKLM\...\Steam App 337000) (Version: - Eidos Montreal)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment)
EPSON XP-402 403 405 406 Series Printer Uninstall (HKLM\...\EPSON XP-402 403 405 406 Series) (Version: - SEIKO EPSON Corporation)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Gwent (HKLM-x32\...\1971477531_is1) (Version: 2.0.0.0 - GOG.com)
Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Heroes & Generals (HKLM\...\Steam App 227940) (Version: - Reto-Moto)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.8104 - Acer Incorporated)
HP Deskjet 3520 series - Grundlegende Software für das Gerät (HKLM\...\{15B2F0E3-3FAC-4495-B0FD-398EECFA4100}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
ICA (x32 Version: 17.0.0.199 - Corel Corporation) Hidden
ICQ (Version 10.0.12027) (HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\icq.desktop) (Version: 10.0.12027 - ICQ)
Image Resizer for Windows (64 bit) (HKLM\...\{B6EFF29D-7CAB-4CE0-9FFC-3D55D27E948D}) (Version: 3.0.4442.6002 - Brice Lambson)
Image Resizer for Windows (HKLM-x32\...\{14ebe571-096e-4cdd-8ee5-a2c0cc6b9b5e}) (Version: 3.0.4442.6002 - Brice Lambson)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Infix PDF Editor Version 7.0.5.0 (HKLM-x32\...\83FFB914-6FA7-4F1F-807E-E0FFBA2E49E1_is1) (Version: 7.0.5.0 - Iceni Technology)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections 19.0.27.0 (HKLM\...\PROSetDX) (Version: 19.0.27.0 - Intel)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
IPM_PSP_COM (x32 Version: 17.0.0.199 - Corel Corporation) Hidden
IPM_PSP_COM64 (Version: 17.0.0.199 - Corel Corporation) Hidden
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Kingdom Come: Deliverance (Beta Access) (HKLM\...\Steam App 286860) (Version: - )
Kingdoms of Amalur: Reckoning (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.0.0.0 - Electronic Arts)
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version: - LastPass)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
MagentaCLOUD Software (HKLM-x32\...\{E9D2DFCA-ACCC-4D19-B0DA-9CD1DE76B2DA}) (Version: 5.2.0.0 - Deutsche Telekom AG)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Mansions of Madness (HKLM\...\Steam App 478980) (Version: - Fantasy Flight Games)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Master of Orion (HKLM-x32\...\Steam App 298050) (Version: - NGD Studios)
Menu Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden
Nero 9 (HKLM-x32\...\{aa3bd892-e1e0-4873-a8b7-7c03975a475b}) (Version: - Nero AG)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.33 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.2.2.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.2.49 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 368.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 368.81 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.2.2.49 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.2.1 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.2 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PSPPContent (x32 Version: 17.0.0.199 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 17.0.0.199 - Corel Corporation) Hidden
PSPPro64 (Version: 17.0.0.199 - Corel Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7560 - Realtek Semiconductor Corp.)
Remote Mouse version 3.002 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.002 - Remote Mouse)
Rise of the Tomb Raider (HKLM-x32\...\{45F08513-973A-4C18-93FD-8E12B1908390}_is1) (Version: - Square Enix)
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Sennheiser 3D G4ME1 (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392DDDFB6}) (Version: 1.00.0001 - )
Setup (x32 Version: 17.0.0.199 - Ihr Firmenname) Hidden
Shadowrun: Hong Kong (HKLM-x32\...\Steam App 346940) (Version: - Harebrained Schemes)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.2.49 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version: - Firaxis)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version: - Firaxis Games)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Sophos Anti-Virus (HKLM-x32\...\{3B998572-90A5-4D61-9022-00B288DD755D}) (Version: 10.7.0.301 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{AFBCA1B9-496C-4AE6-98AE-3EA1CFF65C54}) (Version: 5.5.2.1 - Sophos Limited)
Sophos Diagnostic Utility (HKLM-x32\...\{4627F5A1-E85A-4394-9DB3-875DF83AF6C2}) (Version: 1.13.0.4 - Sophos Limited)
Sophos Home (HKLM-x32\...\{63F3BF88-DE8E-4B21-BB24-F64CE500308E}) (Version: 1.1.0.78 - Sophos Limited)
Sophos Management Communications System (HKLM-x32\...\{2C14E1A2-C4EB-466E-8374-81286D723D3A}) (Version: 4.3.0.107 - Sophos Limited)
Sophos System Protection (HKLM\...\{934BEF80-B9D1-4A86-8B42-D8A6716A8D27}) (Version: 2.6.0.71 - Sophos Limited)
SoundTrax (x32 Version: 4.4.32.0 - Nero AG) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
The Secret World (HKLM-x32\...\The Secret World_is1) (Version: 1.0.0 - Funcom)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft)
Total War™: WARHAMMER® (HKLM\...\Steam App 364360) (Version: - Creative Assembly)
Tyranny (HKLM\...\Steam App 362960) (Version: - Obsidian Entertainment)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 24.0.1 - Ubisoft)
Usenet.nl (HKLM-x32\...\Usenet.nl_is1) (Version: - )
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\WhatsApp) (Version: 0.2.2245 - WhatsApp)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00F02F14-DE4B-4E6F-AA9B-1D2432DB25BC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-01-11] (Microsoft Corporation)
Task: {0808349E-5446-43AA-9B70-87F3A995977F} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2014-03-03] (Acer Incorporated)
Task: {10D838AC-36D5-48BD-8018-DEB637B03BF1} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-06] (NVIDIA Corporation)
Task: {2038DE5D-86E9-4ADA-A81E-D85B2E4B77A3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-06] (NVIDIA Corporation)
Task: {24E082F2-9ACD-4C4C-AFBE-105475BB95EF} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {2865A78C-C913-4EF3-8895-D69C60316FDC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {2B85DB4A-A78E-4262-9BD1-CF0F8BA355B8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-30] (Google Inc.)
Task: {32F981EB-6F99-4C70-ACD2-9E3408BBC372} - System32\Tasks\Update\SecUpdate => C:\Users\Sebastian\AppData\Roaming\svchost.exe <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {353D9464-75E2-4381-A08A-FB9A52667188} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {4354A565-40E2-4CE0-B0CE-FA61965DB292} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-30] (Google Inc.)
Task: {4CCA3664-5306-4441-A05B-FEE1B0944CA2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {50032F7A-5814-44FF-BC04-AD8B7E0E52D8} - System32\Tasks\{BE121B94-043A-49C6-B2BE-1333B2973479} => pcalua.exe -a "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" -c --lang=deDE --uid=prometheus --displayname="Overwatch"
Task: {5182C0B0-0B93-4019-BF7E-CDB7D5243E09} - System32\Tasks\AsrSP.exe => C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\AsrSP.exe [2014-12-02] ()
Task: {5597F99E-CAF5-4EFC-A3AE-65983DB37143} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {62967D05-79A7-4AA2-B25C-9D91D51D6393} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-06] (NVIDIA Corporation)
Task: {689D66B7-07CC-43F4-8890-1C477FA735AC} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {79252ADA-73B4-4E07-8CDC-F7291F065563} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-06] (NVIDIA Corporation)
Task: {799B1AFA-17B3-42AE-B5A9-301B858AF1D6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {7C59626F-CB46-48BD-84E8-00CBD1A7BEB9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-01-11] (Microsoft Corporation)
Task: {7D38A6E6-3915-4F47-B71E-F4FF052C2726} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {967F54D9-5DDF-4E34-B0D3-D4321D875F91} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-01-11] (Microsoft Corporation)
Task: {A2AB4BD6-6239-464C-9EE5-36560B473C5D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {BE19FBD8-397A-4634-8B4C-CCAB2B64655B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {BEDB405D-600B-4EE6-AE3B-AB774DA16DE6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C01A1739-AEC4-48E5-B0DB-28DEDFAEED6D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {C8F4BAFD-BDEF-4CDA-9E9F-6DFDAF2C7632} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {C9E11438-0AE0-4686-8885-732FA9ADA86B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-06] (NVIDIA Corporation)
Task: {D00FAF10-8977-4545-85D2-578B545DE28F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {D00FBD76-EE80-491D-B919-2819BF259886} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {D40E1AC1-72B2-45B0-A859-9DB3217D5F9B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {E7B49752-54E9-4776-BE4F-69496A93EE5A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {EFAAE108-C311-470E-97E9-85E403679CF6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {FFDDF89D-3299-44BD-BAF3-1E3CD4B792D1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-06] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Vysоr.lnk -> C:\Users\Sebastian\AppData\Roaming\Browsers\exe.emorhc.bat (Keine Datei) <===== Cyrillic
Shortcut: C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Eхplorеr.lnk -> C:\Users\Sebastian\AppData\Roaming\Browsers\exe.erolpxei.bat (Keine Datei) <===== Cyrillic
Shortcut: C:\Users\Sebastian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gоoglе Сhromе.lnk -> C:\Users\Sebastian\AppData\Roaming\Browsers\exe.emorhc.bat (Keine Datei) <===== Cyrillic
Shortcut: C:\Users\Sebastian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Internеt Ехрlоrer Вrowsеr.lnk -> C:\Users\Sebastian\AppData\Roaming\Browsers\exe.erolpxei.bat (Keine Datei) <===== Cyrillic
Shortcut: C:\Users\Sebastian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\АirDroid.lnk -> C:\Users\Sebastian\AppData\Roaming\Browsers\exe.rehcnual.bat (Keine Datei) <===== Cyrillic
Shortcut: C:\Users\Sebastian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gоogle Chromе.lnk -> C:\Users\Sebastian\AppData\Roaming\Browsers\exe.emorhc.bat (Keine Datei) <===== Cyrillic
ShortcutWithArgument: C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 18:21 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-23 11:42 - 2017-01-06 02:10 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-23 11:42 - 2017-01-06 02:10 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-07-02 06:43 - 2015-07-02 06:43 - 00076888 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2016-11-05 21:05 - 2016-06-25 08:52 - 00018432 _____ () C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
2016-07-15 18:43 - 2014-07-31 15:17 - 00463112 _____ () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2016-10-17 12:18 - 2016-12-11 19:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-14 18:21 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2017-01-02 16:54 - 2017-01-02 16:54 - 01678560 _____ () C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-10-17 13:11 - 2016-10-17 13:11 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 17:11 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 17:11 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 17:11 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 17:11 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 17:11 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 17:11 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 17:11 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-01 15:55 - 2013-05-28 17:56 - 00151552 _____ () C:\Windows\System\3DG4me.exe
2016-12-14 18:24 - 2016-12-14 18:24 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 18:24 - 2016-12-14 18:24 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-01-10 16:20 - 2017-01-10 16:20 - 13017280 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7805.42277.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll
2016-12-13 18:13 - 2016-12-13 18:13 - 03810816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1612.3341.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-12-09 17:26 - 2016-12-09 17:26 - 00073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-12-07 11:21 - 2016-12-07 11:20 - 02493440 _____ () D:\Origin\libGLESv2.dll
2016-11-05 21:05 - 2015-05-26 19:54 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2016-10-23 11:42 - 2017-01-06 02:10 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-23 11:42 - 2017-01-06 02:10 - 03776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-23 11:42 - 2017-01-06 02:10 - 00901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-01 15:55 - 2012-06-06 10:56 - 00143360 _____ () C:\Windows\System\3DG4me.dll
2016-10-23 11:42 - 2017-01-06 02:10 - 64246840 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-10-23 11:42 - 2017-01-06 01:09 - 00527416 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-23 11:42 - 2017-01-06 01:09 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-23 11:42 - 2017-01-06 01:09 - 02807232 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-23 11:42 - 2017-01-06 01:09 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-23 11:42 - 2017-01-06 01:09 - 00449080 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-23 11:42 - 2017-01-06 01:09 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-23 11:42 - 2017-01-06 01:09 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2017-01-15 10:44 - 2017-01-06 01:09 - 00954816 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2017-01-02 16:54 - 2017-01-02 16:54 - 01244376 _____ () C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2016-12-15 15:32 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 15:32 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2015-05-20 10:20 - 2013-09-16 05:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Sebastian:Heroes & Generals [38]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2016-12-07 11:26 - 00003085 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 vortex.data.microsoft.com
0.0.0.0 vortex-win.data.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0 oca.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nsatc.net
0.0.0.0 wes.df.telemetry.microsoft.com
0.0.0.0 services.wes.df.telemetry.microsoft.com
0.0.0.0 sqm.df.telemetry.microsoft.com
0.0.0.0 telemetry.microsoft.com
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 telemetry.appex.bing.net
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 telemetry.appex.bing.net:443
0.0.0.0 settings-sandbox.data.microsoft.com
0.0.0.0 survey.watson.microsoft.com
0.0.0.0 watson.live.com
0.0.0.0 watson.microsoft.com
0.0.0.0 statsfe2.ws.microsoft.com
0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com
0.0.0.0 compatexchange.cloudapp.net
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 statsfe2.update.microsoft.com.akadns.net
0.0.0.0 sls.update.microsoft.com.akadns.net
Da befinden sich 30 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1585825436-704687126-3158100386-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sebastian\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{bb17ab4f-846f-43cc-9156-6835177188f7}.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\StartupFolder: => "vpngui.exe.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Install LastPass IE RunOnce.lnk"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\StartupApproved\StartupFolder: => "MagentaCLOUD.lnk"
HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\StartupApproved\Run: => "AcerPortal"
HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26"
HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\StartupApproved\Run: => "HP Deskjet 3520 series (NET)"
HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\StartupApproved\Run: => "autoRunTest"
HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\StartupApproved\Run: => "icq.desktop"
HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\StartupApproved\Run: => "AirDroid 3"
HKU\S-1-5-21-1585825436-704687126-3158100386-1001\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{1E2FCB30-188E-4064-B3E3-CDECF4A77BC9}] => D:\Steam\steamapps\common\How to Survive 2\Exe\Detect.exe
FirewallRules: [{1D86337B-D945-4B6F-BDA5-4F02D5AFCD96}] => D:\Steam\steamapps\common\How to Survive 2\Exe\Detect.exe
FirewallRules: [{96BC4FB7-7919-4C35-944D-350BF6720031}] => D:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{DA56D1F5-C267-417F-8091-658718E0A61A}] => D:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{6FA063BF-560B-41DB-A608-2BDE32B6BC80}] => D:\Steam\steamapps\common\How to Survive 2\Exe\Detect.exe
FirewallRules: [{754C5186-84A8-4DFC-91C1-DB66C944E143}] => D:\Steam\steamapps\common\How to Survive 2\Exe\Detect.exe
FirewallRules: [{D1593052-2167-44D5-AC6A-F214EFF3759B}] => D:\Steam\steamapps\common\How to Survive 2\Exe\HowToSurvive2.exe
FirewallRules: [{DB2D85BD-0061-4E20-80DD-B7323F3C4D78}] => D:\Steam\steamapps\common\How to Survive 2\Exe\HowToSurvive2.exe
FirewallRules: [{D9974259-2F1D-425A-A66F-A30329CF38F8}] => D:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{447DE757-8F8D-4E82-8AFC-163A10B1C251}] => D:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{FA8DE2EB-12FA-43F7-9C82-6A8734A4393F}] => D:\Steam\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
FirewallRules: [{7B6C33B0-FB82-43A2-A250-8A459736D7C3}] => D:\Steam\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
FirewallRules: [UDP Query User{CB20F2D2-A04C-4EBA-82F9-252C2F856F3D}D:\steam\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => D:\steam\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [TCP Query User{53701EF3-87E6-4AA4-87E3-ABFBD4E593DF}D:\steam\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => D:\steam\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [{50286E3B-8E36-414C-9BFC-B0458C58D174}] => D:\Steam\steamapps\common\Kingdom Come Deliverance\Bin\Win64\KingdomCome.exe
FirewallRules: [{A415AEA0-AC37-4F94-9FEC-8541A03FFA7C}] => D:\Steam\steamapps\common\Kingdom Come Deliverance\Bin\Win64\KingdomCome.exe
FirewallRules: [{0D04DD23-CACC-4A6D-BDA1-7826A0D0D395}] => D:\Steam\steamapps\common\Mansions of Madness\Mansions of Madness.exe
FirewallRules: [{3E257D4E-E632-48D7-A23A-71329A7E4E7C}] => D:\Steam\steamapps\common\Mansions of Madness\Mansions of Madness.exe
FirewallRules: [{E571D2BA-8496-4F5C-888B-4AABB2378B42}] => C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{E52CD804-4FF4-4CA7-A58E-CD8D417943ED}] => C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{F8146DE8-34D8-4D8A-AAA9-82783948D8B7}] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{A9434915-3207-4FBA-A179-81C9054ECCEF}] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{40FC94B5-E6D4-4003-834D-AFE6979337DE}] => D:\Steam\Steam.exe
FirewallRules: [{64826A5F-81A8-4D33-9D4C-17EC5CE023E1}] => D:\Steam\Steam.exe
FirewallRules: [{11ED5125-63F7-40AE-B49A-1FE6E421B7C4}] => D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{83B19263-5FB4-4055-B8E4-800472E5B7F7}] => D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{8CC69F9C-0FC7-45E6-84BC-CCDFD404E5FC}] => D:\Battle.net\Battle.net.exe
FirewallRules: [{14634FAF-E8B2-427E-B3E5-31B0C31BD25A}] => D:\Battle.net\Battle.net.exe
FirewallRules: [{F08CB014-20C2-4FD6-9190-DA7988FE6237}] => D:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{4A1E334F-5EAE-47A1-804A-24C7D7076BFA}] => D:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{97CA08B6-AD2D-44A5-A058-69AC3452B214}] => D:\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{65B1B9B4-C260-4A07-A790-80C79AB4DB7B}] => D:\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{7A3C1821-C450-4D82-AA03-6694B59C6438}] => D:\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{5D7977EE-2587-4D92-8ED3-152C93D38D14}] => D:\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{E71B900E-2431-46F6-BC22-E165851B19C1}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BDC4493D-DE85-4601-9092-432844F54343}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{49536044-9D3C-4C9C-A432-F5F5E0A41FC3}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B4D87CB3-FB89-4579-8E42-8AE89A314666}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{59C6A513-8B30-41D8-A569-C049BE95B31D}] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{275E7FC1-9D7D-4701-B0EF-D6D8E83625FF}] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{A8B14BF4-FC01-47CC-AE2A-E2DFC50C8601}] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{83352639-0988-44A4-A0FA-E2D4C8807703}] => D:\The Secret World\ClientPatcher.exe
FirewallRules: [{878F7B7B-7B63-44F1-82C5-5F0B59A86D37}] => D:\The Secret World\ClientPatcher.exe
FirewallRules: [TCP Query User{F5C3513C-3A46-4A68-96DE-112FC9B7A9B3}C:\windows\syswow64\msiexec.exe] => C:\windows\syswow64\msiexec.exe
FirewallRules: [UDP Query User{4C9C6C66-9995-4255-B2E9-27A622E8BB43}C:\windows\syswow64\msiexec.exe] => C:\windows\syswow64\msiexec.exe
FirewallRules: [TCP Query User{752AA425-2EEB-4A30-AE58-ECB1093CEC9C}C:\users\sebastian\appdata\roaming\spotify\spotify.exe] => C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{27A0D4E1-856D-42B8-80B4-4702FCC7AC57}C:\users\sebastian\appdata\roaming\spotify\spotify.exe] => C:\users\sebastian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C8033AF6-FBA3-4902-9699-DB8F29C05F57}] => D:\Steam\steamapps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [{AE22A613-392C-4262-AC5E-FEB412153FF8}] => D:\Steam\steamapps\common\Shadowrun Hong Kong\SRHK.exe
FirewallRules: [TCP Query User{DD76B5B4-D07A-4B09-ABF0-CC2C1CC533E9}D:\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe] => D:\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [UDP Query User{F7F15F6F-13ED-41C4-8693-854350B77316}D:\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe] => D:\steam\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [TCP Query User{3E354004-9268-458B-9A99-1FCED9BC2616}C:\users\sebastian\documents\octgn\octgn\octgn.exe] => C:\users\sebastian\documents\octgn\octgn\octgn.exe
FirewallRules: [UDP Query User{400B5718-1B40-4855-90B4-30F9F513471C}C:\users\sebastian\documents\octgn\octgn\octgn.exe] => C:\users\sebastian\documents\octgn\octgn\octgn.exe
FirewallRules: [TCP Query User{5FA96732-ABDF-495B-ACED-C315068CE662}C:\users\sebastian\documents\octgn\octgn\octgn.online.standaloneserver.exe] => C:\users\sebastian\documents\octgn\octgn\octgn.online.standaloneserver.exe
FirewallRules: [UDP Query User{406450A6-8838-4830-80A5-6C0FC412D820}C:\users\sebastian\documents\octgn\octgn\octgn.online.standaloneserver.exe] => C:\users\sebastian\documents\octgn\octgn\octgn.online.standaloneserver.exe
FirewallRules: [{ABC943DC-EDCD-4834-BB3D-87E96B7478D3}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{419D19DC-9CEC-47EC-B24F-9785AE2550EE}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{5E898775-9F44-4C56-92B8-D1D5E3102A1E}C:\program files (x86)\airdroid\airdroid.exe] => C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [UDP Query User{83384FE7-0C39-4E68-B5A9-2265065AE523}C:\program files (x86)\airdroid\airdroid.exe] => C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{E6757B03-4881-4C24-B433-B95D46973D5B}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9BD03B36-BDE6-41F4-A2F6-A450558A9538}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{36B7A6DE-1A19-4556-8501-69D9386A7E31}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D4E2DC39-2B1F-4579-8D47-AD662567EC1B}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6ADBBA35-D962-46A8-BFB8-DB9E3E4A65FC}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8485B2A0-C9F8-4277-B724-5697659E6CCF}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{68A2A34D-BDEF-4901-B461-6909D53BF282}] => D:\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{683A8B75-1D2C-4AD3-BCF1-D95AE8F528F4}] => D:\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{5F00ADEC-8D64-4EE1-9BB8-66F0FC6AAA1C}] => D:\Steam\steamapps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{CE697F2F-E8A6-4C14-9B80-3689B69FD7F6}] => D:\Steam\steamapps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{F169CA40-D9C0-441C-8936-987B8D13E739}] => D:\Program Files (x86)\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{9C49EC69-BA8C-49D4-8FA8-CAA9AB9A947E}] => D:\Program Files (x86)\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{AB7388E9-13EA-49A5-9AF2-70D6A17DDF1F}] => D:\Program Files (x86)\Origin Games\Kingdoms of Amalur Reckoning\Reckoning.exe
FirewallRules: [{5270EEB3-B047-4917-A56F-2598C010E634}] => D:\Program Files (x86)\Origin Games\Kingdoms of Amalur Reckoning\Reckoning.exe
FirewallRules: [{24864E73-C3C3-4A9F-B444-BF5BEEA7EFF7}] => D:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe
FirewallRules: [{AEF2FE6B-B6EA-4782-8388-168F5CF9489F}] => D:\Program Files (x86)\Origin Games\Command and Conquer 3 TW and KW\CNC3Launcher.exe
FirewallRules: [{360E5EE0-373F-4B5B-90C3-C606735B20C8}] => D:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{4EC1512D-7E5A-478E-AFF2-EED706A49E28}] => D:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [TCP Query User{2C9C4554-1DB6-4774-B4E9-10A6C93E2AB7}D:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe] => D:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [UDP Query User{C5B58821-8763-4F7E-82D1-C7C8AD99A9DF}D:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe] => D:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [{ECD4C8F3-6821-492C-85FD-8F11DF298749}] => C:\Users\Sebastian\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{504ACAF4-9687-41A6-A705-1363B707C00F}] => C:\Users\Sebastian\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{150A4AEB-F4C3-4E92-B8B3-BEF67FCB2C65}] => C:\Users\Sebastian\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{652FBEF4-BF9C-4FAA-B4BB-BB75F5A7679E}] => C:\Users\Sebastian\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{85B39268-9006-4852-9253-ADC6B5FBCEB0}] => C:\Users\Sebastian\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F6CDDAA5-88A1-49AC-97CF-D4D3CC595BC7}] => C:\Users\Sebastian\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{B79D23D2-435B-4FA5-ADC7-00CF340B04E7}D:\steam\steamapps\common\dayz\dayz.exe] => D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{BD223A38-745A-49A4-9E7B-4CEDBC60FBB5}D:\steam\steamapps\common\dayz\dayz.exe] => D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{F9D09625-2A4C-432E-82F9-BC16604EB404}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{0B13E370-F5F8-4A7F-BD44-B8E02D769A86}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{FC755AC1-4BE5-4D80-88A7-B5FE4B66A88C}] => D:\Steam\steamapps\common\Master of Orion\MasterOfOrion.exe
FirewallRules: [{1D233D33-5AF8-499B-B5ED-53C7EBE86BDF}] => D:\Steam\steamapps\common\Master of Orion\MasterOfOrion.exe
FirewallRules: [{F3E51548-9C74-4540-8556-68AD6805584E}] => D:\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [{91D19457-4724-447E-8657-82F862079FA1}] => D:\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [{1F1ABCED-8FED-4251-B186-BE2BD261A08D}] => D:\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [{CB1DF477-8C62-4653-932E-C9EAEA6835DB}] => D:\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [TCP Query User{5F045DA0-746C-45FE-B3A1-64AA872233B4}D:\steam\steamapps\common\total war warhammer\warhammer.exe] => D:\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{0B9C5B8D-AF74-4E05-BD29-FC70AE576709}D:\steam\steamapps\common\total war warhammer\warhammer.exe] => D:\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{6E995F57-FD6B-4103-B4B1-00ADFB7D3537}C:\program files (x86)\airdroid\airdroid.exe] => C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [UDP Query User{3A0457DE-F585-4B4C-AAFB-18454028B18C}C:\program files (x86)\airdroid\airdroid.exe] => C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{CFE949C7-DEF8-4327-B83F-EBCCA68250EF}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{00C520C6-6352-47F0-ABAC-8EFC87226455}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{307DF031-DDE4-4BCE-97DF-B7419C15F55E}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D5F685E7-B5C5-4EF7-A4DC-987F70CF6453}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BDCA39D0-25CD-4552-9297-6BD5708C6C20}] => D:\Steam\steamapps\common\Wolcen\win_x64\Wolcen.exe
FirewallRules: [{B8950063-3A1F-4AFE-8158-5988296A97DC}] => D:\Steam\steamapps\common\Wolcen\win_x64\Wolcen.exe
FirewallRules: [{E0379937-13F7-4682-A9FB-132CF0051966}] => D:\Steam\steamapps\common\How to Survive 2\Exe\HowToSurvive2.exe
FirewallRules: [{82522F76-9015-432A-9678-B5ACC4A4D5C8}] => D:\Steam\steamapps\common\How to Survive 2\Exe\HowToSurvive2.exe
FirewallRules: [{5B14A1AB-F510-4959-8A63-1E2A8DC1E1D4}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division\TheDivision.exe
FirewallRules: [{E2E03B96-686A-4E4A-AB08-7AFB08486890}] => D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{27AF7F03-0254-4028-AE31-CBD6D3BA01E9}] => D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{6CEC33C8-0BC4-4CF1-AA3F-3AC4896DE355}] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{AAD09435-7629-46A4-92C4-0BF4412D3E57}] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{85E83FF6-AB0D-43AA-B165-931E19250471}] => C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{B12E5F70-9D93-4189-B27D-4BE89EFC8CF3}] => C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [TCP Query User{F4B46B22-43D3-4DF6-874C-D0F159BE2A62}C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm.exe] => C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm.exe
FirewallRules: [UDP Query User{698782D2-8C0D-4AF1-B3EB-80A824B89E25}C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm.exe] => C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm.exe
FirewallRules: [{C43E6989-9C85-4A70-B6D7-61ED93737D6D}] => D:\Steam\steamapps\common\Dishonored2\Dishonored2.exe
FirewallRules: [{458AA6CC-4444-4158-85FB-CE84E47CE0DF}] => D:\Steam\steamapps\common\Dishonored2\Dishonored2.exe
FirewallRules: [TCP Query User{013E6EC7-8959-4CE2-9B36-CCC02BE56538}C:\gog games\gwent\gwent.exe] => C:\gog games\gwent\gwent.exe
FirewallRules: [UDP Query User{4A9B70CA-2449-4972-B9D1-793A6D2CD93C}C:\gog games\gwent\gwent.exe] => C:\gog games\gwent\gwent.exe
FirewallRules: [TCP Query User{CC9B9F35-BC41-4777-A5B8-779DF526F3D1}C:\program files (x86)\heroes of the storm\versions\base48297\heroesofthestorm.exe] => C:\program files (x86)\heroes of the storm\versions\base48297\heroesofthestorm.exe
FirewallRules: [UDP Query User{BE5885CF-12CD-49DD-802E-60BC71F62B03}C:\program files (x86)\heroes of the storm\versions\base48297\heroesofthestorm.exe] => C:\program files (x86)\heroes of the storm\versions\base48297\heroesofthestorm.exe
FirewallRules: [{D924F747-86E8-4645-A559-58B710F021E2}] => D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3F37CB3F-D5B3-4EF5-B85B-A442B7A4A5E4}] => D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7011B0D9-8930-4B24-86BC-951C4C90E788}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{06569F85-BA34-46AA-84BE-C7152193AE5E}] => D:\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{404E1F38-FD2F-479E-92C8-2BA1F73414D0}] => D:\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{FD5A5B3F-4A66-4CD4-9E99-13D97711D4DF}] => D:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{91BD9679-40FE-4B72-8A69-73F4810D0E3A}] => D:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{FA75CE1F-835E-45F9-931E-3B86083C9F42}] => D:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{0BCEDA18-8A52-4A27-849B-5509A12519EA}] => D:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{E97D4C8C-F6EF-4404-B775-B94FA06FE8C4}] => D:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{6DD127F3-D9C4-47C0-8136-4E681535D2FC}] => D:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{28601C56-EBB8-4AA8-A69E-EF0676AE02B0}] => D:\Steam\steamapps\common\Wolcen\win_x64\Wolcen.exe
FirewallRules: [{2F1B23F0-4F51-4300-8210-3D720633205B}] => D:\Steam\steamapps\common\Wolcen\win_x64\Wolcen.exe
FirewallRules: [{D66D6626-C5E9-4649-95EE-74A638754DE8}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6957B582-14D7-4264-8791-D8ADAEC5D1AB}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{679E17E2-6610-4666-8253-73381AFDBDB0}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{96B33869-E91C-4276-A2A3-B59FD1D3C24A}] => D:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{B25458AF-5C54-4F72-95AD-469750094E46}] => D:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{9C896262-4BE2-49D8-8BAB-2E9ED3626D79}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{F02C68A0-3A8A-4B5A-8AB7-AAF6E419E466}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{CB6A2BA9-4228-45EA-A75E-97C7C3BB3CC5}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{06667E90-F57E-413F-A88A-01CBDCEBE9F2}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{92264551-342E-402E-81BD-252CE33441B0}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3D8F08B4-396C-4FCC-9566-F5F060F35897}] => D:\Steam\steamapps\common\Tyranny\Tyranny.exe
FirewallRules: [{C0D76143-77D3-41BD-97ED-F6C4FAEE17C1}] => D:\Steam\steamapps\common\Tyranny\Tyranny.exe
==================== Wiederherstellungspunkte =========================
05-01-2017 17:34:37 Windows Update
08-01-2017 14:04:39 Installed Cisco AnyConnect Secure Mobility Client
11-01-2017 17:12:57 Windows Update
15-01-2017 14:37:59 Windows Update
15-01-2017 15:20:45 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/16/2017 01:46:07 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {F60368A6-685A-4F5A-8D62-771EC8824BA7}
Error: (01/16/2017 01:46:07 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {F60368A6-685A-4F5A-8D62-771EC8824BA7}
Error: (01/16/2017 01:44:42 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {F60368A6-685A-4F5A-8D62-771EC8824BA7}
Error: (01/16/2017 01:44:42 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {F60368A6-685A-4F5A-8D62-771EC8824BA7}
Error: (01/16/2017 06:47:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899b5a
Name des fehlerhaften Moduls: USBKeyCredentialProvider.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x53d9fa55
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002b3c6
ID des fehlerhaften Prozesses: 0x22fc
Startzeit der fehlerhaften Anwendung: 0x01d26f666c93cd1f
Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\LogonUI.exe
Pfad des fehlerhaften Moduls: USBKeyCredentialProvider.dll
Berichtskennung: 5f7088de-6fb5-4772-a05f-36c1dbc3837e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/15/2017 03:21:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/15/2017 03:15:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\nero\nero 9\nero photosnap\PhotoSnap.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (01/15/2017 03:12:52 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/15/2017 03:12:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (01/15/2017 02:40:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Tyranny.exe, Version 1.0.3.31 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b14
Startzeit: 01d26f3464973e9b
Beendigungszeit: 4294967295
Anwendungspfad: D:\Steam\steamapps\common\Tyranny\Tyranny.exe
Berichts-ID: 26f31892-db28-11e6-832a-d050999924a3
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Systemfehler:
=============
Error: (01/16/2017 12:36:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/16/2017 12:32:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200b fehlgeschlagen: Hewlett-Packard - Imaging - Null Print - HP Deskjet 3520 series
Error: (01/16/2017 12:23:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/16/2017 12:23:17 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "NVIDIA LocalSystem Container" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (01/16/2017 12:23:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/16/2017 12:23:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/16/2017 12:23:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Origin Web Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/16/2017 12:23:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Telemetry Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/16/2017 12:23:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Sophos Web Filter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/16/2017 12:23:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Sophos Web Intelligence Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-01-16 12:24:46.698
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-15 15:17:58.290
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-15 11:34:49.821
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-01-15 11:34:47.964
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-01-11 10:08:50.106
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-01-11 10:08:49.523
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 8142.85 MB
Verfügbarer physikalischer RAM: 4311.91 MB
Summe virtueller Speicher: 9422.85 MB
Verfügbarer virtueller Speicher: 5034.31 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:455.5 GB) (Free:225.12 GB) NTFS
Drive d: (DATA) (Fixed) (Total:456.01 GB) (Free:241.71 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DE6E102E)
Partition: GPT.
==================== Ende von Addition.txt ============================
16.01.2017, 13:49
Hybrid-Darstellung
