| Ragesephirot | 21.08.2015 16:13 |
So erstmal die Frst.txt: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-08-2015
durchgeführt von Chrisi (Administrator) auf CHRISI-PC (21-08-2015 17:10:20)
Gestartet von C:\Users\Chrisi\Downloads
Geladene Profile: Chrisi (Verfügbare Profile: Chrisi & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(Hi-Rez Studios) F:\Program Files\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(SteelSeries) F:\Program Files\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Logitech Inc.) C:\Program Files\Logitech\Logitech Vid\Vid.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6609440 2008-10-31] (Realtek Semiconductor)
HKLM\...\Run: [SteelSeries World of Warcraft MMO Gaming Mouse] => F:\Program Files\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exe [1651200 2011-08-18] (SteelSeries)
HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1505144 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2008-10-31] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [863960 2015-04-06] (BlueStack Systems, Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Run: [Facebook Update] => "C:\Users\Chrisi\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Run: [DAEMON Tools Lite] => F:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Run: [Logitech Vid] => C:\Program Files\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.)
HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [2382368 2013-08-13] (Hewlett-Packard Co.)
HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53649536 2015-07-28] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-07] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-07] (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll Keine Datei
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll Keine Datei
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{E6D32D1B-3934-4A7A-A96C-E1F3216F5F5C}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FDD29BFA-6749-4C91-BE2D-0DC928BFA469}: [DhcpNameServer] 192.168.42.129
FireFox:
========
FF ProfilePath: C:\Users\Chrisi\AppData\Roaming\Mozilla\Firefox\Profiles\qrvx0njv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-17] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-02-11] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3644773473-1287165813-3723838049-1000: @nsroblox.roblox.com/launcher -> C:\Users\Chrisi\AppData\Local\Roblox\Versions\version-d0c46c562fb34e08\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3644773473-1287165813-3723838049-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Chrisi\AppData\Local\Roblox\Versions\version-d0c46c562fb34e08\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3644773473-1287165813-3723838049-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Chrisi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll Keine Datei
FF Plugin HKU\S-1-5-21-3644773473-1287165813-3723838049-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Chrisi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-25] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Chrisi\AppData\Roaming\Mozilla\Firefox\Profiles\qrvx0njv.default\searchplugins\google-images.xml [2014-09-17]
FF SearchPlugin: C:\Users\Chrisi\AppData\Roaming\Mozilla\Firefox\Profiles\qrvx0njv.default\searchplugins\google-maps.xml [2014-09-17]
FF SearchPlugin: C:\Users\Chrisi\AppData\Roaming\Mozilla\Firefox\Profiles\qrvx0njv.default\searchplugins\{3A4A90AF-AB48-49EA-A90E-58EE98586A4B}.xml [2013-04-13]
FF Extension: Adblock Plus - C:\Users\Chrisi\AppData\Roaming\Mozilla\Firefox\Profiles\qrvx0njv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-09-22]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-09-26]
FF HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Chrisi\AppData\Roaming\Mozilla\Firefox\Profiles\qrvx0njv.default\extensions\cliqz@cliqz.com
Chrome:
=======
CHR Profile: C:\Users\Chrisi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Chrisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-05]
CHR Extension: (Google Drive) - C:\Users\Chrisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-05]
CHR Extension: (YouTube) - C:\Users\Chrisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-05]
CHR Extension: (Google Search) - C:\Users\Chrisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-05]
CHR Extension: (Google Wallet) - C:\Users\Chrisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-05]
CHR Extension: (Gmail) - C:\Users\Chrisi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-05]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [433880 2015-04-06] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824 2015-04-06] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [798424 2015-04-06] (BlueStack Systems, Inc.)
S4 CTDevice_Srv; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd) [Datei ist nicht signiert]
S4 CTUPnPSv; C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe [64000 2008-05-21] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1883496 2015-08-03] (LogMeIn Inc.)
U2 HiPatchService; F:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2015-02-24] (Hi-Rez Studios) [Datei ist nicht signiert]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-08-03] (LogMeIn, Inc.)
S2 MBAMService; F:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S4 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S3 BRSptSvc; "C:\ProgramData\BitRaider\BRSptSvc.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R5 ACPI; C:\Windows\System32\drivers\acpi.sys [265688 2009-04-11] (Microsoft Corporation)
R5 atapi; C:\Windows\System32\drivers\atapi.sys [19944 2009-04-11] (Microsoft Corporation)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [130776 2015-04-06] (BlueStack Systems)
R5 CLFS; C:\Windows\System32\CLFS.sys [244152 2015-03-05] (Microsoft Corporation)
R5 crcdisk; C:\Windows\System32\drivers\crcdisk.sys [24632 2008-01-21] (Microsoft Corporation)
R5 disk; C:\Windows\System32\drivers\disk.sys [53736 2009-04-11] (Microsoft Corporation)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-11-17] (Disc Soft Ltd)
S3 eapihdrv; C:\Users\Chrisi\AppData\Local\Temp\ehdrv.sys [135760 2015-08-17] (ESET)
R5 Ecache; C:\Windows\System32\drivers\ecache.sys [140224 2015-07-21] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [58936 2008-01-21] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Microsoft Corporation)
R5 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-02-18] (GFI Software)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R5 intelide; C:\Windows\System32\drivers\intelide.sys [17976 2008-01-21] (Microsoft Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [440768 2015-06-12] (Microsoft Corporation)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-08-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
S3 Mo3Fltr; C:\Windows\System32\drivers\Mo3Fltr.sys [11136 2010-08-11] ()
R5 MountMgr; C:\Windows\System32\drivers\mountmgr.sys [56256 2015-07-21] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [16440 2008-01-21] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [48104 2009-04-11] (Microsoft Corporation)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [527848 2009-04-11] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [53120 2012-03-21] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [149480 2009-04-11] (Microsoft Corporation)
R3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2012-07-31] (Screaming Bee LLC)
S3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10384896 2007-08-20] (Sonix Co. Ltd.)
R5 spldr; C:\Windows\system32\Drivers\spldr.sys [21048 2008-01-21] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [905664 2014-04-05] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [52792 2008-01-21] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [292840 2009-04-11] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [224640 2012-08-21] (Microsoft Corporation)
S3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1961072 2010-05-20] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [527064 2013-06-27] (Microsoft Corporation)
S3 BRDriver; \??\C:\programdata\bitraider\BRDriver.sys [X]
S3 EverestDriver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 XDva401; \??\C:\Windows\system32\XDva401.sys [X]
S3 XDva405; \??\C:\Windows\system32\XDva405.sys [X]
S3 XDva424; \??\C:\Windows\system32\XDva424.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-21 17:10 - 2015-08-21 17:11 - 00020475 _____ C:\Users\Chrisi\Downloads\FRST.txt
2015-08-21 17:10 - 2015-08-21 17:10 - 00000000 ____D C:\FRST
2015-08-21 16:25 - 2015-08-21 16:25 - 00001016 _____ C:\Users\Chrisi\Desktop\AdwCleaner[S3].txt
2015-08-21 16:20 - 2015-08-21 16:21 - 00001016 _____ C:\AdwCleaner[S3].txt
2015-08-21 16:13 - 2015-08-21 16:13 - 01677312 _____ (Farbar) C:\Users\Chrisi\Downloads\FRST.exe
2015-08-21 16:08 - 2015-08-21 16:08 - 00000954 _____ C:\AdwCleaner[S2].txt
2015-08-20 09:01 - 2015-08-20 09:01 - 00001000 _____ C:\AdwCleaner[C1].txt
2015-08-20 08:58 - 2015-08-20 08:58 - 00000829 _____ C:\AdwCleaner[S1].txt
2015-08-20 08:58 - 2015-08-20 08:58 - 00000000 ____D C:\AdwCleaner
2015-08-20 08:29 - 2015-08-15 01:03 - 12386816 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-20 08:29 - 2015-08-15 00:56 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-20 08:29 - 2015-08-15 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-17 15:03 - 2015-08-17 15:03 - 00000000 ___RD C:\Users\Chrisi\Documents\Notes
2015-08-17 10:06 - 2015-08-17 10:06 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-17 10:06 - 2015-08-17 10:06 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-08-17 09:45 - 2015-08-17 09:45 - 00000870 _____ C:\Users\Chrisi\Desktop\firefox.exe - Verknüpfung (2).lnk
2015-08-17 00:53 - 2015-08-17 00:53 - 00895965 _____ C:\Users\Chrisi\Desktop\adblock_plus-2.6.9-an_sm_tb_fx.zip
2015-08-17 00:52 - 2015-08-17 00:52 - 158417712 _____ (AVAST Software) C:\Users\Chrisi\Desktop\avast2225_free_antivirus_setup.exe
2015-08-17 00:47 - 2015-08-17 00:47 - 00000846 _____ C:\Users\Chrisi\Desktop\firefox.exe - Verknüpfung.lnk
2015-08-17 00:36 - 2015-08-17 10:16 - 00001384 _____ C:\DelFix.txt
2015-08-17 00:36 - 2015-08-17 04:08 - 00000000 ____D C:\ProgramData\6WinManPro6
2015-08-17 00:29 - 2015-08-17 00:29 - 36128233 _____ C:\Users\Chrisi\Desktop\Flash_Player_18.0.0.232.zip
2015-08-17 00:21 - 2015-08-17 00:21 - 00001057 _____ C:\Users\Chrisi\Desktop\Revo Uninstaller.lnk
2015-08-17 00:21 - 2015-08-17 00:21 - 00000000 ____D C:\Program Files\VS Revo Group
2015-08-16 23:23 - 2015-08-17 00:34 - 00000000 ____D C:\ProgramData\yWinManProy
2015-08-16 22:52 - 2015-08-17 00:42 - 00000004 _____ C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-08-16 22:44 - 2015-08-17 00:34 - 00000000 ____D C:\Program Files\03000200-1439757866-0500-0006-000700080009
2015-08-16 22:44 - 2015-08-16 23:09 - 00000000 ____D C:\Users\Chrisi\AppData\Roaming\Opera Software
2015-08-16 22:44 - 2015-08-16 23:09 - 00000000 ____D C:\Users\Chrisi\AppData\Local\Opera Software
2015-08-16 22:44 - 2015-08-16 23:09 - 00000000 ____D C:\Program Files\Opera
2015-08-16 22:44 - 2006-09-18 23:41 - 00000761 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-16 22:42 - 2015-08-17 00:34 - 00000000 ____D C:\ProgramData\Unpeesohwu
2015-08-16 22:39 - 2015-08-21 10:45 - 00001016 _____ C:\Windows\Tasks\lSOFTE1mUd0mQHukFiNo.job
2015-08-16 22:36 - 2015-08-21 10:36 - 00000994 _____ C:\Windows\Tasks\lmrXcwaGn.job
2015-08-16 22:34 - 2015-08-17 00:34 - 00000000 ____D C:\ProgramData\WWinManProW
2015-08-16 22:33 - 2015-08-16 22:33 - 00000000 _____ C:\Windows\prleth.sys
2015-08-16 22:33 - 2015-08-16 22:33 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-16 22:30 - 2015-08-17 00:36 - 00000868 _____ C:\task.vbs
2015-08-16 00:59 - 2015-08-16 00:59 - 03106640 _____ C:\Users\Chrisi\ts3_recording_15_08_16_0_59_26.wav
2015-08-13 09:56 - 2015-07-21 22:55 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-13 09:56 - 2015-07-21 18:07 - 03605440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-08-13 09:56 - 2015-07-21 18:07 - 03553216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-13 09:56 - 2015-07-21 18:07 - 00140224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-08-13 09:56 - 2015-07-21 18:07 - 00056256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-13 09:56 - 2015-07-21 18:03 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-08-13 09:56 - 2015-07-21 18:03 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-13 09:56 - 2015-07-21 18:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-13 09:55 - 2015-07-31 21:27 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 09:54 - 2015-07-11 17:56 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-13 09:54 - 2015-07-10 21:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-13 09:54 - 2015-07-09 16:20 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-08-13 09:46 - 2015-07-18 18:03 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-13 09:46 - 2015-07-10 21:37 - 01402368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-13 09:46 - 2015-07-10 21:37 - 01253376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-13 09:45 - 2015-08-01 00:08 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-13 09:45 - 2015-07-31 23:46 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-08-13 09:45 - 2015-07-31 23:46 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-08-13 09:45 - 2015-07-31 23:46 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-08-13 09:45 - 2015-07-31 23:46 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-08-13 09:45 - 2015-07-31 22:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-13 09:45 - 2015-07-31 22:40 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-08-13 09:45 - 2015-07-31 22:35 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-08-13 09:45 - 2015-07-31 22:33 - 02066944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-13 09:45 - 2015-07-31 22:33 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-13 09:45 - 2015-07-31 22:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-13 09:45 - 2015-07-31 22:33 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-13 09:44 - 2015-07-01 17:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-13 09:43 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-13 09:43 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 09:25 - 2015-07-22 22:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 09:25 - 2015-07-22 22:51 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 09:25 - 2015-07-22 22:47 - 09751040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 09:25 - 2015-07-22 22:46 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 09:25 - 2015-07-22 22:46 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 09:25 - 2015-07-22 22:45 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 09:25 - 2015-07-22 22:45 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-08-12 09:25 - 2015-07-22 22:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 09:25 - 2015-07-22 22:44 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 09:25 - 2015-07-22 22:44 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 09:25 - 2015-07-22 22:44 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 09:25 - 2015-07-22 22:44 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 09:25 - 2015-07-22 22:43 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 09:25 - 2015-07-22 22:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 09:25 - 2015-07-22 22:43 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 09:25 - 2015-07-22 22:43 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-08-12 09:25 - 2015-07-22 22:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-08-12 09:25 - 2015-07-22 22:43 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-08-12 09:25 - 2015-07-22 22:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-08 10:49 - 2015-08-08 10:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-08 10:49 - 2015-08-08 10:49 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2015-08-05 00:03 - 2015-08-05 00:03 - 00877152 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-08-05 00:03 - 2015-08-05 00:03 - 00538208 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2015-07-28 20:01 - 2015-07-28 20:01 - 00000202 _____ C:\Users\Chrisi\Desktop\Unturned.url
2015-07-24 22:24 - 2015-07-24 22:25 - 00000000 ____D C:\Users\Chrisi\AppData\Roaming\Trove
2015-07-24 22:13 - 2015-07-24 22:13 - 00000202 _____ C:\Users\Chrisi\Desktop\Trove.url
2015-07-24 13:37 - 2015-07-24 13:37 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-24 13:33 - 2015-07-24 18:27 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-23 12:56 - 2015-07-23 12:56 - 00000198 _____ C:\Users\Chrisi\Desktop\Counter-Strike Condition Zero.url
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-21 17:09 - 2008-01-21 03:35 - 01238434 _____ C:\Windows\WindowsUpdate.log
2015-08-21 16:17 - 2006-11-02 14:47 - 00004880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-21 16:17 - 2006-11-02 14:47 - 00004880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-21 16:07 - 2012-01-15 19:58 - 00000000 ____D C:\Users\Chrisi\AppData\Roaming\Skype
2015-08-21 14:48 - 2012-12-09 15:28 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3644773473-1287165813-3723838049-1000UA.job
2015-08-21 14:48 - 2012-12-09 15:28 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3644773473-1287165813-3723838049-1000Core.job
2015-08-21 08:23 - 2008-01-21 09:16 - 01567416 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-21 08:20 - 2013-07-19 17:42 - 00000000 ____D C:\Users\Chrisi\AppData\Local\LogMeIn Hamachi
2015-08-21 08:17 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-21 00:29 - 2006-11-02 15:01 - 00032562 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-21 00:20 - 2011-09-22 19:00 - 00000000 ____D C:\Users\Chrisi\AppData\Roaming\TS3Client
2015-08-20 09:03 - 2008-01-21 04:47 - 00889480 _____ C:\Windows\PFRO.log
2015-08-20 08:26 - 2012-01-15 19:57 - 00000000 ____D C:\ProgramData\Skype
2015-08-17 10:16 - 2014-08-20 17:25 - 00000000 ____D C:\Users\Chrisi\Desktop\Neuer Ordner
2015-08-17 10:13 - 2013-09-12 14:02 - 00000000 ____D C:\Users\Chrisi\AppData\Roaming\.medieval
2015-08-17 00:39 - 2014-05-25 07:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Build and Shoot
2015-08-17 00:39 - 2011-09-21 22:08 - 00000977 _____ C:\Users\Chrisi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-17 00:06 - 2015-02-18 17:46 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-16 23:53 - 2011-09-21 22:08 - 00000000 ____D C:\Users\Chrisi
2015-08-16 23:44 - 2011-09-21 23:54 - 00000000 ____D C:\Users\Chrisi\AppData\Roaming\vlc
2015-08-16 22:52 - 2011-09-21 22:08 - 00000944 _____ C:\Users\Chrisi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-16 22:52 - 2011-09-21 22:08 - 00000915 _____ C:\Users\Chrisi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2015-08-16 22:51 - 2013-02-19 16:47 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-16 22:31 - 2015-06-08 11:02 - 00003944 _____ C:\Windows\setupact.log
2015-08-16 22:24 - 2013-05-22 21:02 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-13 18:23 - 2011-09-22 13:24 - 00000000 ____D C:\Program Files\Common Files\Steam
2015-08-13 10:19 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-13 10:15 - 2006-11-02 14:47 - 00294480 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 10:13 - 2012-04-19 12:42 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 10:12 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-08-13 09:56 - 2012-04-19 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-13 09:53 - 2013-08-15 07:38 - 00000000 ____D C:\Windows\system32\MRT
2015-08-13 09:46 - 2006-11-02 12:24 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-08-08 10:50 - 2011-09-21 22:08 - 00008916 _____ C:\Users\Chrisi\AppData\Local\d3d9caps.dat
2015-08-07 21:17 - 2014-07-17 12:55 - 00000000 ____D C:\Users\Chrisi\AppData\Roaming\HpUpdate
2015-08-03 12:12 - 2013-07-19 17:41 - 00026176 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-07-29 20:40 - 2011-09-22 00:51 - 00159744 _____ C:\Users\Chrisi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-28 20:01 - 2011-09-22 18:29 - 00000000 ____D C:\Users\Chrisi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-28 10:42 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2015-07-24 13:33 - 2014-12-02 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\diclovit's mod pack
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-11-14 23:01 - 2013-12-19 21:38 - 0000096 _____ () C:\Users\Chrisi\AppData\Roaming\Camdata.ini
2013-11-14 23:01 - 2013-12-19 21:38 - 0000408 _____ () C:\Users\Chrisi\AppData\Roaming\CamLayout.ini
2013-11-14 23:01 - 2013-12-19 21:38 - 0000408 _____ () C:\Users\Chrisi\AppData\Roaming\CamShapes.ini
2013-11-14 23:01 - 2013-12-19 21:38 - 0004535 _____ () C:\Users\Chrisi\AppData\Roaming\CamStudio.cfg
2013-11-18 23:32 - 2013-11-21 19:27 - 0087608 _____ () C:\Users\Chrisi\AppData\Roaming\inst.exe
2013-08-12 16:01 - 2013-08-12 16:01 - 0000032 _____ () C:\Users\Chrisi\AppData\Roaming\mbam.context.scan
2013-11-18 23:32 - 2013-11-21 19:27 - 0007887 _____ () C:\Users\Chrisi\AppData\Roaming\pcouffin.cat
2013-11-18 23:32 - 2013-11-21 19:27 - 0001144 _____ () C:\Users\Chrisi\AppData\Roaming\pcouffin.inf
2013-11-18 23:32 - 2013-11-21 19:27 - 0000055 _____ () C:\Users\Chrisi\AppData\Roaming\pcouffin.log
2013-11-18 23:32 - 2013-11-21 19:27 - 0047360 _____ (VSO Software) C:\Users\Chrisi\AppData\Roaming\pcouffin.sys
2013-04-29 14:08 - 2014-01-25 14:55 - 0138056 _____ () C:\Users\Chrisi\AppData\Roaming\PnkBstrK.sys
2013-05-27 22:03 - 2013-05-27 22:03 - 0000850 _____ () C:\Users\Chrisi\AppData\Roaming\Safer-Networking.log
2013-11-14 23:01 - 2013-12-19 21:37 - 0000096 _____ () C:\Users\Chrisi\AppData\Roaming\version2.xml
2014-12-15 15:43 - 2014-12-17 09:43 - 0000129 _____ () C:\Users\Chrisi\AppData\Roaming\WB.CFG
2011-09-21 22:08 - 2015-08-08 10:50 - 0008916 _____ () C:\Users\Chrisi\AppData\Local\d3d9caps.dat
2011-09-22 00:51 - 2015-07-29 20:40 - 0159744 _____ () C:\Users\Chrisi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-17 09:43 - 2014-12-17 09:43 - 0000010 _____ () C:\Users\Chrisi\AppData\Local\DSI.DAT
2014-07-17 12:53 - 2014-07-17 12:53 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-09-26 12:52 - 2011-09-26 13:18 - 0003346 _____ () C:\ProgramData\hpzinstall.log
2012-08-05 15:31 - 2012-08-05 16:36 - 4503728 ____T () C:\ProgramData\rat_0ybba.pad
Einige Dateien in TEMP:
====================
C:\Users\Chrisi\AppData\Local\Temp\5A263F8F-91E3-6040-7C53-23EEED550A5F.dll
C:\Users\Chrisi\AppData\Local\Temp\5A263F8F-91E3-6040-7C53-23EEED550A5F.exe
C:\Users\Chrisi\AppData\Local\Temp\975.exe
C:\Users\Chrisi\AppData\Local\Temp\Quarantine.exe
C:\Users\Chrisi\AppData\Local\Temp\Uninstall.exe
C:\Users\Chrisi\AppData\Local\Temp\UninstallModule.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-21 08:25
==================== Ende vom raportu ============================
und Die Addition.txt Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-08-2015
durchgeführt von Chrisi (2015-08-21 17:11:32)
Gestartet von C:\Users\Chrisi\Downloads
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3644773473-1287165813-3723838049-500 - Administrator - Disabled)
Chrisi (S-1-5-21-3644773473-1287165813-3723838049-1000 - Administrator - Enabled) => C:\Users\Chrisi
Gast (S-1-5-21-3644773473-1287165813-3723838049-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-3644773473-1287165813-3723838049-1002 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
325 USB PC Camera (HKLM\...\{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}) (Version: 0.4.0.000 - Sonix)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Action Replay Code Manager (HKLM\...\Action Replay Code Manager_is1) (Version: - )
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Aegisub 3.0.4 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.0.4 - Aegisub Team)
Age of Empires III (HKLM\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Any Video Converter 5.0.7 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
BitRaider Web Client (HKLM\...\BitRaider Web Client) (Version: 1.1.6.1 - BitRaider, LLC)
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.9.30.4239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{78BF00E5-9FD7-4ACD-B7DE-D6CECED1D29A}) (Version: 0.9.20.5213 - BlueStack Systems, Inc.)
BoneTown (HKLM\...\{5E7C721D-B008-4269-A1C4-2CE7E9757983}) (Version: 1.1.1 - DWC Software)
Brick-Force (HKLM\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 4.4.393.134.20 - Infernum Productions AG)
Brother P-touch Editor 5.0 (HKLM\...\{DF9A6075-9308-4572-8932-A4316243C4D9}) (Version: 5.0.2101 - Brother Industries, Ltd.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build and Shoot Launcher 1.2 (HKLM\...\Build and Shoot Launcher) (Version: 1.2 - Buld Then Snip, LLC)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Castle Crashers (HKLM\...\Steam App 204360) (Version: - The Behemoth)
Copy (Version: 130.0.366.000 - Hewlett-Packard) Hidden
Counter-Strike: Condition Zero (HKLM\...\Steam App 80) (Version: - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM\...\Steam App 100) (Version: - Valve)
Craften Terminal 4.1.2 (HKLM\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.1.2 - Craften.de)
Creative Centrale (HKLM\...\Creative Centrale) (Version: 1.18.03 - Creative Technology Ltd.)
Creative Centrale (Version: 1.18.03 - Creative Technology Ltd.) Hidden
Creative Software Update (Version: 1.03.01 - Creative Technology Ltd.) Hidden
Creative ZEN Style Series Dokumentation (HKLM\...\ZENSTYLESERIESUG) (Version: - Creative Technology Ltd.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
Diablo III (HKLM\...\Diablo III) (Version: - Blizzard Entertainment)
diclovit's mod pack 9.9.1 (HKLM\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 9.9.1 - diclovit)
DJ_AIO_06_F2400_SW_Min (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Dota 2 Workshop Tools Alpha (HKLM\...\Steam App 316570) (Version: - )
F2400 (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
FileZilla Client 3.7.3 (HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Fraps (remove only) (HKLM\...\Fraps) (Version: - )
globalupdate Helper (Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ACHTUNG
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Guns And Robots (HKLM\...\Guns And Robots) (Version: 1.0 - Mastheadstudios Ltd.)
Half-Life 2 (HKLM\...\Steam App 220) (Version: - Valve)
Half-Life 2: Lost Coast (HKLM\...\Steam App 340) (Version: - Valve)
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}) (Version: 13.0 - HP)
HP ENVY 4500 series - Grundlegende Software für das Gerät (HKLM\...\{23808E88-87BA-4BF0-8C8F-DC7D9DB40359}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP ENVY 4500 series Hilfe (HKLM\...\{6767CCD2-B939-4542-BF08-015B5496D4EC}) (Version: 30.0.0 - Hewlett Packard)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (Version: 130.0.303.000 - Hewlett-Packard) Hidden
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Landwirtschafts Simulator 2013 (HKLM\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
Logitech Vid (HKLM\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.10.1009 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.383 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliType Pro 7.1 (HKLM\...\{11E94FDB-C895-45F1-B756-1C9B8C36C8F1}) (Version: 7.10.344.0 - Microsoft)
Microsoft LifeCam (HKLM\...\{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MorphVOX Junior (HKLM\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
Mozilla Firefox 40.0.2 (x86 de) (HKLM\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM\...\{47948554-90C6-4AAC-8CFA-D23CE11C1031}) (Version: 8.3.124 - Nero AG)
NVIDIA 3D Vision Controller-Treiber 320.18 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.18 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 320.18 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.18 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Pokémon Trading Card Game Online (HKLM\...\{9AD6C3C3-C63C-4025-AC81-CCD60189E160}) (Version: 2.25.0 - The Pokémon Company International)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5730 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Robocraft (HKLM\...\Steam App 301520) (Version: - Freejam)
RPG Maker VX Ace Lite (HKLM\...\Steam App 224280) (Version: - Enterbrain)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scribblenauts Unlimited (HKLM\...\Steam App 218680) (Version: - 5th Cell Media)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
ShrinkTo5Basic (HKLM\...\ShrinkTo5Basic) (Version: - )
Skype™ 7.7 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Smite (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 2.1.2598.3 - Hi-Rez Studios)
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spore (HKLM\...\Steam App 17390) (Version: - Maxis™)
Spotify (HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Starbound (HKLM\...\Steam App 211820) (Version: - )
Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Studie zur Verbesserung von HP ENVY 4500 series (HKLM\...\{5C3EB7C3-F5CC-479E-A082-B30B950C0AC4}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
SWF Opener (HKLM\...\{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1) (Version: 1.3 - UnH Solutions)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac: Rebirth (HKLM\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Escapists (HKLM\...\Steam App 298630) (Version: - Mouldy Toof Studios)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total War: SHOGUN 2 (HKLM\...\Steam App 34330) (Version: - The Creative Assembly)
Train Simulator 2014 (HKLM\...\Steam App 24010) (Version: - RailSimulator.com)
TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
Trove (HKLM\...\Steam App 304050) (Version: - Trion Worlds)
Turbo Dismount (HKLM\...\Steam App 263760) (Version: - Secret Exit Ltd.)
Unity Web Player (HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Unturned (HKLM\...\Steam App 304930) (Version: - Nelson Sexton)
VLC media player 2.0.0 (HKLM\...\VLC media player) (Version: 2.0.0 - VideoLAN)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR 4.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Tanks - Common Test (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1) (Version: - Wargaming.net)
World of Tanks (HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warcraft (HKLM\...\World of Warcraft) (Version: 5.2.0.16826 - Blizzard Entertainment)
World of Warcraft MMO Gaming Mouse (HKLM\...\{C9DF0468-5F31-4799-B4FE-CBAD37FFB8DE}) (Version: 1.14.0000 - SteelSeries)
Worms Revolution (HKLM\...\Steam App 200170) (Version: - Team17 Digital Ltd.)
Worms Ultimate Mayhem (HKLM\...\Steam App 70600) (Version: - )
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
XviD4PSP 5.10.271.0 (HKLM\...\XviD4PSP5_is1) (Version: - Winnydows & fcp team)
YGOPro DevPro Version 1.9.2r2 (HKLM\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.2r2 - YGOPro DevPro Online)
Zeta Producer 11 11.2.2 (nur entfernen) (HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\ZetaProducer11) (Version: 11.2.2 - Zeta Software GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> "C:\Users\Chrisi\AppData\Local\Facebook\Update\FacebookUpdate.exe" Keine Datei
CustomCLSID: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Chrisi\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Chrisi\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000_Classes\CLSID\{76D50904-6780-4c8b-8986-1A7EE0B1716D}\InprocServer32 -> C:\Users\Chrisi\AppData\Local\Roblox\Versions\version-d0c46c562fb34e08\RobloxProxy.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Chrisi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Chrisi\AppData\Local\Roblox\Versions\version-d0c46c562fb34e08\RobloxProxy64.dll (ROBLOX Corporation)
==================== Wiederherstellungspunkte =========================
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0087CD7D-8778-4C90-80A8-36E13EDB7E50} - System32\Tasks\HP AR Program Upload - a9ab22a7bfb94fbe8a63e77f84f94ec8ad5e06634a514775a59b7f0aad2d7628 => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2013-08-13] (TODO: <Company name>)
Task: {00C5949D-0CEE-482F-A2F1-06FF3B898C2F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3644773473-1287165813-3723838049-1000Core => C:\Users\Chrisi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {03B4DDC3-79C0-476D-BA31-66153D4835FA} - System32\Tasks\{021DD917-6AC2-4B64-BE67-08AEEB5ACF1A} => pcalua.exe -a C:\Users\Chrisi\AppData\Roaming\.minecraft\versions\13w38c\WDI_0.8.exe -d C:\Users\Chrisi\AppData\Roaming\.minecraft\versions\13w38c
Task: {0AB41E09-F3D4-4C7E-94D5-14B8A6A5256C} - \Unpeesohwu -> Keine Datei <==== ACHTUNG
Task: {14895063-C712-436A-AB70-3A3D2A4A1090} - System32\Tasks\{1DACE068-67E2-42A7-A5E6-4D681C4ADF5F} => pcalua.exe -a "C:\Users\Chrisi\Desktop\homepageteile\Neuer Ordner\auxsetup.exe" -d "C:\Users\Chrisi\Desktop\homepageteile\Neuer Ordner"
Task: {15FC9053-3141-47DA-BE77-0D8066EBAFDF} - System32\Tasks\Asrsetup => E:\ASRSetup.exe
Task: {1B31DB99-BE5B-45B5-9FB1-6C8741F71DA4} - System32\Tasks\{FDF6A4C5-0A1E-4DCA-9806-5155ED209378} => Firefox.exe hxxp://ui.skype.com/ui/0/6.20.0.104/de/abandoninstall?page=tsProgressBar
Task: {1E8ED656-FBB0-4C51-9DD3-7448E13B28AE} - \42c7d91b-7812-4785-a287-623b8d1af162-10_user -> Keine Datei <==== ACHTUNG
Task: {1E8F2932-92BB-4F91-9CC7-C684B4364441} - \globalUpdateUpdateTaskMachineUA -> Keine Datei <==== ACHTUNG
Task: {1ED55EC7-EE03-44F3-88E0-59D5786A67DF} - System32\Tasks\{0AE9FE66-78CC-4174-8D03-47A66E90EA1D} => pcalua.exe -a C:\Users\Chrisi\AppData\Roaming\.minecraft\mods\WDI_0.8.exe -d C:\Users\Chrisi\AppData\Roaming\.minecraft\mods
Task: {1FCAE3FC-D91F-4548-8776-ABB32177C832} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~1\AD-AWA~1\AdAwareLauncher.exe
Task: {294B6A63-F1DA-4026-BA35-70957C2C559E} - System32\Tasks\HP AR Program Upload - de7268eab3cf480ea59227baa5459a55e8a840e34fc24b118250cd306600a61c => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2013-08-13] (TODO: <Company name>)
Task: {43C1D4CB-1400-47EF-960E-CA91304C91F4} - System32\Tasks\cfr3011 => C:\PROGRA~1\FASTSE~1\cfr3011.exe
Task: {47748AA9-E5D8-4E5E-BE3D-4C8CFCD9E1B6} - System32\Tasks\Microsoft_Hardware_Launch_vVX1000_exe => C:\Windows\vVX1000.exe [2010-05-20] (Microsoft Corporation)
Task: {4B86829A-FEB9-4666-81B9-7400BA1AD58E} - System32\Tasks\{BF8D4E13-30D0-485E-BC3E-4B84052A6376} => pcalua.exe -a "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" -c --lang=deDE --uid=diablo3_dede --displayname="Diablo III"
Task: {5C668CF8-6E14-4ADA-B3CD-6AA0FF00FDEB} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2013-08-13] (Hewlett-Packard Co.)
Task: {5EF7BB35-EE4A-407B-9A73-B9602BC719BB} - \42c7d91b-7812-4785-a287-623b8d1af162-5 -> Keine Datei <==== ACHTUNG
Task: {5F60B5AF-0E7D-4761-A734-A998CF647B44} - \Superclean -> Keine Datei <==== ACHTUNG
Task: {649701C3-1612-4B2C-B82D-86F996091AE5} - System32\Tasks\{AF12C017-9D27-482D-A4E8-BFD7CCA56438} => Firefox.exe hxxp://ui.skype.com/ui/0/6.16.59.105/de/abandoninstall?page=tsProgressBar
Task: {717B07F5-6037-4578-B8C6-5D261160F4C6} - System32\Tasks\{C13A4952-BE53-41F6-9E34-E7E117B900CF} => pcalua.exe -a C:\Users\Chrisi\AppData\Roaming\.minecraft\WDI_0.8.exe -d C:\Users\Chrisi\AppData\Roaming\.minecraft
Task: {75418CBD-693B-4611-B053-BDA1B72149CF} - \YOXeJErXlY -> Keine Datei <==== ACHTUNG
Task: {794379FC-C1D0-4ED5-BCAE-DF8FF2A2581F} - \42c7d91b-7812-4785-a287-623b8d1af162-5_user -> Keine Datei <==== ACHTUNG
Task: {7D6D4FD8-2BF4-4E8B-8045-7B7C9685FC46} - System32\Tasks\{E34133B7-60E3-440D-8506-B79595396609} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {809C9AE0-9A4A-4F76-AF6A-DFF28674F716} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {893EF6A6-880B-40F3-8D4C-127BCAAEA9B1} - \42c7d91b-7812-4785-a287-623b8d1af162-1-7 -> Keine Datei <==== ACHTUNG
Task: {8B69BE06-B1C6-47DC-AD1C-54A6BBD960E8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3644773473-1287165813-3723838049-1000UA => C:\Users\Chrisi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {8BBB0DB3-1384-45B8-9403-9DD086EB1BED} - \globalUpdateUpdateTaskMachineCore -> Keine Datei <==== ACHTUNG
Task: {A18C3F31-D15E-496E-8158-F2FD222310FA} - System32\Tasks\lSOFTE1mUd0mQHukFiNo => C:\Users\Chrisi\AppData\Roaming\lSOFTE1mUd0mQHukFiNo.exe <==== ACHTUNG
Task: {B2BB5AE2-A9C9-48EF-BD39-9CBA4755517E} - System32\Tasks\{11A387EA-4242-4ED2-94CF-042972EA58FE} => pcalua.exe -a E:\ASRSetup.exe -d E:\
Task: {B5C5B9AA-7A70-4CE9-B05F-72B33722CF54} - System32\Tasks\{E31BDA84-CDBD-488B-8002-F726927C8AE3} => pcalua.exe -a E:\setup.exe -d E:\
Task: {BA5095EC-D790-4DB9-B81E-688E34C7AA8E} - System32\Tasks\HP AR Program Upload - a96a75c916564176a1a2a8b6b41236dfcb3fc44ae0d34d4ebd9329555156bb29 => C:\Program Files\HP\HP ENVY 4500 series\bin\HPRewards.exe [2013-08-13] (TODO: <Company name>)
Task: {DA22FBB9-ACD0-401D-926D-EF7559EB9361} - \42c7d91b-7812-4785-a287-623b8d1af162-1-6 -> Keine Datei <==== ACHTUNG
Task: {E2BA937D-7D3C-4AB1-9DFA-D958262383D8} - System32\Tasks\{F3FB23B9-9A2D-4EBA-9C7F-2B0001813FB2} => pcalua.exe -a L:\setup.exe -d L:\
Task: {F1D8E66B-F304-456A-98D5-CAD42DC9CDD1} - System32\Tasks\lmrXcwaGn => C:\Users\Chrisi\AppData\Roaming\lmrXcwaGn.exe <==== ACHTUNG
Task: {F7F67283-1B60-482B-B92D-C4D2610C7187} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-11-05] (Microsoft Corporation)
Task: {F99C190F-76C1-4455-A629-40D1D84BD169} - \42c7d91b-7812-4785-a287-623b8d1af162-4 -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3644773473-1287165813-3723838049-1000Core.job => C:\Users\Chrisi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3644773473-1287165813-3723838049-1000UA.job => C:\Users\Chrisi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\lmrXcwaGn.job => C:\Users\Chrisi\AppData\Roaming\lmrXcwaGn.exe <==== ACHTUNG
Task: C:\Windows\Tasks\lSOFTE1mUd0mQHukFiNo.job => C:\Users\Chrisi\AppData\Roaming\lSOFTE1mUd0mQHukFiNo.exe <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2011-09-22 00:06 - 2010-08-11 14:18 - 00010752 _____ () F:\Program Files\SteelSeries\World of Warcraft MMO Gaming Mouse\VDHIDWDM.DLL
2009-07-16 16:34 - 2009-07-16 16:34 - 02140944 _____ () C:\Program Files\Logitech\Logitech Vid\QtCore4.dll
2009-07-16 16:34 - 2009-07-16 16:34 - 07704336 _____ () C:\Program Files\Logitech\Logitech Vid\QtGui4.dll
2009-07-16 16:34 - 2009-07-16 16:34 - 00968976 _____ () C:\Program Files\Logitech\Logitech Vid\QtNetwork4.dll
2009-07-16 16:34 - 2009-07-16 16:34 - 00475408 _____ () C:\Program Files\Logitech\Logitech Vid\QtOpenGL4.dll
2009-07-16 16:35 - 2009-07-16 16:35 - 00363792 _____ () C:\Program Files\Logitech\Logitech Vid\QtXml4.dll
2009-07-16 16:34 - 2009-07-16 16:34 - 00199952 _____ () C:\Program Files\Logitech\Logitech Vid\QtSql4.dll
2009-07-16 16:35 - 2009-07-16 16:35 - 00027408 _____ () C:\Program Files\Logitech\Logitech Vid\SDL.dll
2009-07-16 16:35 - 2009-07-16 16:35 - 11311888 _____ () C:\Program Files\Logitech\Logitech Vid\QtWebKit4.dll
2009-07-16 16:34 - 2009-07-16 16:34 - 00291600 _____ () C:\Program Files\Logitech\Logitech Vid\phonon4.dll
2009-07-16 16:36 - 2009-07-16 16:36 - 00028944 _____ () C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll
2009-07-16 16:36 - 2009-07-16 16:36 - 00035088 _____ () C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qico4.dll
2009-07-16 16:36 - 2009-07-16 16:36 - 00138000 _____ () C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll
2015-08-17 10:06 - 2015-08-17 10:06 - 17482952 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\...\sony.com -> sony.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3644773473-1287165813-3723838049-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chrisi\AppData\Roaming\Microsoft\Windows Photo Gallery\wows_bismarck_1280x1024_del_001_eng.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: )
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BrowserDefendert => 2
MSCONFIG\Services: CTDevice_Srv => 2
MSCONFIG\Services: CTUPnPSv => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: napagent => 3
MSCONFIG\Services: Nero BackItUp Scheduler 3 => 2
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: PLFlash DeviceIoControl Service => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Chrisi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "F:\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: FixCamera => C:\Windows\FixCamera.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: Skytel => C:\Program Files\Realtek\Audio\HDA\Skytel.exe
MSCONFIG\startupreg: snp325 => C:\Windows\vsnp325.exe
MSCONFIG\startupreg: SoftAuto.exe => "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Chrisi\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Chrisi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: Steam => "F:\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: tsnp325 => C:\Windows\tsnp325.exe
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{D8D2F0DB-5322-42C7-981E-FA7CD7FCD4ED}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1E74C2CB-9547-4DE9-AC50-3AE6F19C3231}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{9ED2FFFC-6645-4134-865B-90998822A41F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{1E1B9B6F-360A-4237-BF2A-F47A6C76A2DE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{B06CE38C-ECDD-4E09-9754-3970F7F0772C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{54F8DAFF-FB57-4681-8D09-1722F56D2BDE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{B09D88E0-0DB5-4BFF-ABE7-35C9C617BD37}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{B3CACB23-85C6-4BFB-A8DF-E5DF1E2EB677}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{90BD7CB6-AFC1-4AC0-8D3E-AAB09A946BE1}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{03E91573-1B3E-42F2-8405-D96ED69C7705}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{B4E663F3-E848-4D29-BA4D-DD634B036E40}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{FE585DC4-42AA-4CA2-99CE-BC0E71B86050}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{17D28232-D817-440B-A946-B4F603A2E0C0}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{93EE909A-452C-4E18-AA0D-10F234433BA3}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [{976A3818-4B13-4A4B-8825-D89083C4F744}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{0A0942A3-ED02-4F09-A76B-6B37C74E8C49}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{D5F8CE7D-060A-4ABF-AFA1-D003D8953B0A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{ED5FF5A8-A42F-4C22-879F-DE5568EA358F}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0A4B56DF-C69A-4016-B95C-3B5297A3F3A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6ED1FD8B-2592-4F9A-A9B7-57291EA6AB90}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{572D14CD-E937-4B0A-8A0F-E7B84C991F94}] => (Allow) LPort=2869
FirewallRules: [{5931C3EA-91DA-4666-8625-A58031182C99}] => (Allow) LPort=1900
FirewallRules: [{0EC16D13-3066-4A1A-BBF9-30475DF74EBB}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C89DBF20-B5AB-4D89-BB67-D9F4A6D69056}] => (Allow) F:\Steam\SteamApps\sephiroth19\counter-strike\hl.exe
FirewallRules: [{F24D840E-499F-4132-A5D7-D92C15AE443C}] => (Allow) F:\Steam\SteamApps\sephiroth19\counter-strike\hl.exe
FirewallRules: [{DC12E4A3-9260-43C3-AC66-A729D550A2A9}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{0978285E-3045-4071-9112-85057DA574E5}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{A4FA24D6-9DA6-42AB-A2D7-C1810BF0F40B}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{E809E3E5-EDC0-4C9E-9D10-ADDA9ADDD7B7}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{8DFB3EBB-53B2-4CC5-9C7D-95A903B0688F}] => (Allow) F:\Steam\SteamApps\sephiroth19\condition zero\hl.exe
FirewallRules: [{5C22CD21-4F39-404D-AB89-A656D6B6D750}] => (Allow) F:\Steam\SteamApps\sephiroth19\condition zero\hl.exe
FirewallRules: [TCP Query User{60C94F26-3FB3-4AD4-A90A-A577EA9CD763}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [UDP Query User{81920079-D706-44AE-8C8D-505DCD80F9D7}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [{92147873-706D-4A8D-B36C-389E8C5FA42F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [{47177E2C-89CA-46E2-9DA9-D6D2D013E55F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [TCP Query User{DCC26EC0-5EB1-4435-91BC-9A3D384BE76B}F:\diablo iii\diablo iii.exe] => (Allow) F:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{FA2689BC-FABE-4F3A-AF35-6D0AE59CBFC1}F:\diablo iii\diablo iii.exe] => (Allow) F:\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{EF165D6F-0349-4D58-BD49-A65E3E863DE7}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{F1D60C1A-651C-424D-A57B-E928D9B20DA0}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{64F8B2D6-E14D-432E-94B2-224E8E8AC5B6}J:\kernis ordner\netzwerk\spiele\quake iii arena\quake3.exe] => (Allow) J:\kernis ordner\netzwerk\spiele\quake iii arena\quake3.exe
FirewallRules: [UDP Query User{17DDABEF-F235-4CB7-8887-71765895A195}J:\kernis ordner\netzwerk\spiele\quake iii arena\quake3.exe] => (Allow) J:\kernis ordner\netzwerk\spiele\quake iii arena\quake3.exe
FirewallRules: [{01B83E72-B2C3-4FED-A879-28ED80F59FB1}] => (Allow) F:\Steam\SteamApps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [{E9E1CEBB-5CBF-454D-BDC3-C3643AAFC2BB}] => (Allow) F:\Steam\SteamApps\common\Gotham City Impostors F2P\Engine.exe
FirewallRules: [TCP Query User{9FDA3360-2303-4C02-921B-EC5097ADC185}F:\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Block) F:\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [UDP Query User{D777427A-882F-4315-981E-724334E62E3E}F:\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Block) F:\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [{12BC57D3-BCF0-43C9-A748-9E873C378EB5}] => (Allow) F:\Steam\SteamApps\common\wormsxhd\Launcher.exe
FirewallRules: [{073DA792-7903-47BA-AF30-388979F5967F}] => (Allow) F:\Steam\SteamApps\common\wormsxhd\Launcher.exe
FirewallRules: [{2951E3C5-BE57-489F-883E-D2F7D794390C}] => (Allow) C:\Users\Chrisi\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{0A39492D-2791-49E4-958F-DF48DCF889E4}C:\users\chrisi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chrisi\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6ADDD2A2-BE1B-4F1B-A978-9750668B7746}C:\users\chrisi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chrisi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C7921031-1201-4047-8EAF-021E3BD58B23}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{EF62A453-D30A-4999-A642-867D0AA901EC}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{22EDC1C1-1079-418A-854F-CFF444E61082}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{AD63EDE2-E6A0-4AFA-8BA6-DBAF93CF13D6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{92CC7B23-6153-46F9-9E2F-601BF6BC7734}] => (Allow) F:\Steam\SteamApps\sephiroth19\condition zero\hl.exe
FirewallRules: [{41FBD74D-954B-4950-9A1E-2BC18E3E6D41}] => (Allow) F:\Steam\SteamApps\sephiroth19\condition zero\hl.exe
FirewallRules: [TCP Query User{1553C54D-A429-4CC1-8F64-460513429D4D}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{8009AE83-EE37-4610-9A06-655E5DA2CD95}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [{87704A5B-0285-4F19-BCCE-F8EE15D5EA18}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{C4DC6E1A-6108-4DA0-8279-FA9D16E74E2F}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{734976DD-0D51-4FBE-A112-36BE21078637}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{963F2FE4-0DD4-46D7-B6E5-04E9EC861EE7}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{CACC782D-35E6-4EA9-9F2B-EA2BC7FCC070}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{AACC63A8-C109-492E-80AB-4CE78EC02757}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{8FF47138-6B3D-4067-B2AC-EC31590D9638}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [{638DC779-D0AF-45C1-93D9-EEA608D6607F}] => (Allow) C:\Windows\System32\ARFC\wrtc.exe
FirewallRules: [TCP Query User{2359F5B9-CC9F-4204-B190-299BBECB8C8C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{50697E30-03CA-410F-8C35-AF5CD02E8327}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{705040F4-72CF-4197-BD03-E500B919A18A}F:\program files\tera\tera-launcher.exe] => (Allow) F:\program files\tera\tera-launcher.exe
FirewallRules: [UDP Query User{FF5C06D4-A7D1-4DD2-820B-D54ED167BD10}F:\program files\tera\tera-launcher.exe] => (Allow) F:\program files\tera\tera-launcher.exe
FirewallRules: [{10C6DE66-3178-44E2-AD38-E61F806729EE}] => (Allow) F:\Steam\SteamApps\adriano2003\condition zero\hl.exe
FirewallRules: [{C2FD8B3D-168B-4BCB-A98B-D2A3F33C7FE2}] => (Allow) F:\Steam\SteamApps\adriano2003\condition zero\hl.exe
FirewallRules: [{EE48E056-62C5-433F-AC22-F35E808B770D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{2C24E2B9-EC85-482A-B20E-C5419B03CE8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [TCP Query User{41B09284-2838-498E-BB2A-9E6DA33E12CA}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{A5FE8325-F0DB-44E7-8977-AA4B6E97A410}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [{474378DB-54D9-4439-A8EF-0D5E823034FC}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{9756A3A8-091B-49D2-BF23-1EB4CE188EB2}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{E7FE1CC6-DEA2-44B9-8B05-59710689E466}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{C14756C7-2722-46BF-A097-F32CC20D5FE9}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{355FBFBA-9E80-4ECA-A645-36A106A0868F}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{79113EAD-A320-4B9E-B86A-50F04498B890}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [TCP Query User{43E0B360-4A65-4811-9C3F-4FCC705733FD}C:\program files\spybot - search & destroy 2\sdfiles.exe] => (Allow) C:\program files\spybot - search & destroy 2\sdfiles.exe
FirewallRules: [UDP Query User{F572FF4E-E3BC-44C6-851B-A1B5FC002C3B}C:\program files\spybot - search & destroy 2\sdfiles.exe] => (Allow) C:\program files\spybot - search & destroy 2\sdfiles.exe
FirewallRules: [TCP Query User{1F2D3DAD-795A-48A1-916E-5C2B7AFDC6B9}C:\program files\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{C2F0F922-98A9-4999-92B8-2BE75D1E3D9F}C:\program files\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [{9CC87279-1747-4BBD-87D9-DB90766F59E0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{1DE44AC4-0DF5-4CC9-B7AF-BC87BF6169E7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{7692AA4C-5C25-4E93-B4C2-4624BAAF90C1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{A615D716-D563-43BF-B239-EDA4BE804629}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{0FFCA49F-9495-45E1-80E5-F9A51BF42A81}] => (Allow) C:\Program Files\Iminent\Iminent.exe
FirewallRules: [{0C7A97A2-AD0F-4365-9349-101E888818D9}] => (Allow) C:\Program Files\Iminent\Iminent.Messengers.exe
FirewallRules: [TCP Query User{48BE7FF6-2D2B-44F8-BAC1-25511FC769AB}F:\steam\steamapps\sephiroth19\team fortress 2\hl2.exe] => (Block) F:\steam\steamapps\sephiroth19\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{0826D573-01A4-434B-AE6F-D9A63954B5A1}F:\steam\steamapps\sephiroth19\team fortress 2\hl2.exe] => (Block) F:\steam\steamapps\sephiroth19\team fortress 2\hl2.exe
FirewallRules: [{82BC69BE-F31A-4EF7-99A0-0605694FB55A}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{7681D874-8E08-421E-B30E-5C9EF2404E72}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{9CC4BD11-DE5A-483A-B39E-1CB57959DE82}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{D2B6F72D-2091-4E15-A64E-B84CFF8D859E}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [TCP Query User{4DFB6D4B-47FC-45A3-AF73-E728BF951FCA}C:\program files\ea games\battlefield play4free\bfp4f.exe] => (Block) C:\program files\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{98D37983-A6FA-4244-B999-A22E93F9353F}C:\program files\ea games\battlefield play4free\bfp4f.exe] => (Block) C:\program files\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [TCP Query User{3C412190-8F60-4553-9953-CDEABEC610B1}F:\program files\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe] => (Allow) F:\program files\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe
FirewallRules: [UDP Query User{9215C1DC-76DD-4F7D-86F0-C7D62861F6D6}F:\program files\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe] => (Allow) F:\program files\secret identity studios\marvel heroes beta\unrealengine3\binaries\win32\marvelgame.exe
FirewallRules: [{5E8CD7E7-B7CD-4F8E-BE9D-F6E62FE64955}] => (Allow) C:\Users\Chrisi\AppData\Local\Temp\DSOClient\dlcache\app.n3app
FirewallRules: [{9A338C97-CE99-442C-9791-187F6966AABD}] => (Allow) C:\Users\Chrisi\AppData\Local\Temp\DSOClient\dlcache\app.n3app
FirewallRules: [{0F4208ED-409E-4F72-A1DE-35D7542D2963}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{BF3399A6-6CAA-4F44-8C46-E1DEDD08872A}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5219694D-86E1-45BE-87A5-609282BD632F}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B6805707-EE98-4256-915A-2E17B4EE6AE2}] => (Allow) C:\Program Files\ExpressFiles\expressdl.exe
FirewallRules: [{87F3999C-A08D-414D-95F6-B876937DA2A0}] => (Allow) C:\Program Files\ExpressFiles\expressdl.exe
FirewallRules: [{BFBF1B74-398B-495F-B991-6169DD8BBE2A}] => (Allow) C:\Program Files\ExpressFiles\ExpressFiles.exe
FirewallRules: [{129236A6-2DA6-4FFC-9784-0D76E4567F3F}] => (Allow) C:\Program Files\ExpressFiles\ExpressFiles.exe
FirewallRules: [{C277BEB1-3AE2-474A-9587-0F4F57650F19}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{7CADA7D0-A60F-44EA-8454-115C3D779E9B}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [TCP Query User{457F18E5-039D-436D-B0D0-1ACC18B4A692}F:\steam\steamapps\common\trine 2\trine2_32bit.exe] => (Block) F:\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [UDP Query User{1B20DC5C-5102-4CEF-88EF-BFEDFC6E3501}F:\steam\steamapps\common\trine 2\trine2_32bit.exe] => (Block) F:\steam\steamapps\common\trine 2\trine2_32bit.exe
FirewallRules: [{4E5B538F-AD68-472B-868F-11458ED49965}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{B53B9E79-A170-467E-BBEB-FBF807E59FEC}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{282FFC34-2AB7-47B1-B553-293A3444952E}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\data\encyclopedia\how_to_play.html
FirewallRules: [{EB41E7EC-9982-40EC-8B9C-E15F5BA0AE92}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\data\encyclopedia\how_to_play.html
FirewallRules: [{6CBE1824-359B-46B2-84DD-BA0E463FA090}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{1EC14EC4-C782-4294-9931-584A76DCBFDF}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{F3D3B51C-07BF-4AE3-B035-48444CEB435F}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{3BAF8A02-57FA-4FFF-9F91-B09ED121417E}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{C0992869-211C-49B6-A627-6F3582FE250B}] => (Allow) F:\Steam\SteamApps\common\GodMode\bin\GodMode.exe
FirewallRules: [{96728385-8BB8-48A5-B598-54CD2DAECF57}] => (Allow) F:\Steam\SteamApps\common\GodMode\bin\GodMode.exe
FirewallRules: [{BB0A6D0B-D8E3-43DF-BF03-B2F8B56B3834}] => (Allow) C:\Users\Chrisi\AppData\Local\Temp\DSOClient\dlcache\app.n3app
FirewallRules: [{F00D728A-9D35-42C2-BC10-B8AF7A8BB587}] => (Allow) C:\Users\Chrisi\AppData\Local\Temp\DSOClient\dlcache\app.n3app
FirewallRules: [{A1DC1772-BCF4-4F1D-B28A-1996089D5541}] => (Allow) F:\Steam\SteamApps\common\GodMode\bin\GodMode.exe
FirewallRules: [{6D155D41-887A-4431-90F0-0F5CD393DE8C}] => (Allow) F:\Steam\SteamApps\common\GodMode\bin\GodMode.exe
FirewallRules: [{20BFB949-7C3E-4B98-9453-D353ED4411CC}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1611A33E-50D0-4FA2-99E8-EA8608D0C811}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{748D153D-B3D9-497A-A34F-35CE0922879C}] => (Allow) C:\Program Files\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{8B3E7DA6-80E7-411C-B070-FF9336D54A75}] => (Allow) C:\Program Files\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{353C3128-6726-4904-A380-A73AC2B3B0AA}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0E10CA15-520D-4D92-B542-0A90B568EDEE}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1285683D-ACE8-472A-9512-52B4FD37F14F}] => (Allow) F:\Steam\SteamApps\common\wormsxhd\Launcher.exe
FirewallRules: [{24EEEEFF-2F53-4427-ABC0-53B116FB62AE}] => (Allow) F:\Steam\SteamApps\common\wormsxhd\Launcher.exe
FirewallRules: [{F65B3214-EE45-449B-95C3-E45DF1B3FE07}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{EEAF336C-3ED9-4ABC-8D08-38C13887B3EB}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{886E93FB-0989-4A23-B7D4-75E184D375F2}] => (Allow) F:\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{EE56B18A-49ED-4363-85DF-219CDA4C6A64}] => (Allow) F:\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{13CB33FB-8AEB-48A8-B0B5-AB6B0CE9E480}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{2D8B3779-58E2-4C1C-A38A-D8683CD76876}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B27A7E3E-835E-4192-8AFB-5915146B4DA0}] => (Allow) F:\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{EE255767-CDD7-4E3F-B047-053992936D27}] => (Allow) F:\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{C432940D-C114-4388-BA61-5E430312D120}] => (Allow) F:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{AD0E939E-8570-4A28-B15B-292E48956A50}] => (Allow) F:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{AAF356BE-1909-4250-BC89-12241D88B0AB}] => (Allow) F:\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{C88AFDAB-FDEC-4AC9-B6EA-299A0BEAC7CB}] => (Allow) F:\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{5D854747-B36D-4C07-A7C0-9420CD95C07C}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{72A1CD62-914A-4834-98FC-15ECF6BB3ED7}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{B3DCA67D-0D6B-4089-89A0-C62EA7F729DF}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{73F6AA1B-8D2B-4793-83A3-09D81384C992}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{BB059679-6418-4108-A383-588A7172E1A1}] => (Allow) F:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{DE6CC7AD-2948-4F1C-A53B-31EE056AABF1}] => (Allow) F:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{040CE2C2-402E-4638-8923-FF52925C35F7}] => (Allow) F:\Program Files\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{69CFC6D5-411E-4D0C-91B5-F33E0555BCF1}] => (Allow) F:\Program Files\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{7DB12A66-689C-4BE2-860D-0158E877113B}] => (Allow) F:\Program Files\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{DC8FF882-74F3-4387-B920-FC6DC1238224}] => (Allow) F:\Program Files\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [TCP Query User{369ABED5-916E-4EB9-A1AC-C448EAA5D20B}C:\program files\logitech\logitech vid\vid.exe] => (Allow) C:\program files\logitech\logitech vid\vid.exe
FirewallRules: [UDP Query User{3DDE70BF-0466-431A-9E7D-016E829A071B}C:\program files\logitech\logitech vid\vid.exe] => (Allow) C:\program files\logitech\logitech vid\vid.exe
FirewallRules: [{F42FA5DF-0B99-40FC-84D6-83D791FDAB7B}] => (Allow) F:\Steam\SteamApps\common\TurboDismount\TurboDismount.exe
FirewallRules: [{08C32B73-C4B7-41AD-A664-57055A7088EE}] => (Allow) F:\Steam\SteamApps\common\TurboDismount\TurboDismount.exe
FirewallRules: [{EE806D3D-1291-4A48-947D-0139F2274F3D}] => (Allow) C:\Program Files\WinZip Driver Updater\winzipdu.exe
FirewallRules: [TCP Query User{79CE8F91-624C-4079-A3F8-78534CAEDF80}F:\battlefield play4free\bfp4f.exe] => (Allow) F:\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{399D4047-7D14-4EF2-8487-CA30D6926955}F:\battlefield play4free\bfp4f.exe] => (Allow) F:\battlefield play4free\bfp4f.exe
FirewallRules: [{1216032A-BB86-4794-B497-D3B810A30343}] => (Allow) c:\BrickForce\BfLauncher.exe
FirewallRules: [{0AB0C5AF-5D5F-4121-AFB5-56D43966814D}] => (Allow) c:\BrickForce\BrickForce.exe
FirewallRules: [{4AD35957-09D2-41FF-9BC1-44C6D1C980C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{E9213D1C-0BA5-4C99-ABEF-3CB277FF381F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{32005095-7697-4087-B8FA-ECB7F5D54655}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{5C39E795-5E88-44CD-9F23-8FFC3492E757}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{06B09E3E-8C8F-41DE-9E1C-59F84F0D54FA}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [{35DDC7FD-1FF6-4153-9028-2BA842FEF76E}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [{124EB86D-524F-4FEB-BA53-BDFD993B04AC}] => (Allow) F:\Battle.net\Battle.net.exe
FirewallRules: [{E433F382-8474-4521-8F6F-0F6E4C076050}] => (Allow) F:\Battle.net\Battle.net.exe
FirewallRules: [{BDAC63DD-F65C-49D3-989F-CE78736EB4F3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{1B9AB74D-6EB6-41EF-B1A8-1B02C54EF7C2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{2FD69946-F93D-4BB9-80A1-D126A1366460}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{D7BB30A2-8618-42E5-9C4B-76D98BE84CEB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{8BA1BABB-0A04-4E3B-8E95-416C1BAB66DE}] => (Allow) F:\Program Files\Landwirtschafts Simulator 2013\x64\FarmingSimulator2013Game.exe
FirewallRules: [{8317D375-AE16-446B-9CFB-4E529F14C56C}] => (Allow) F:\Program Files\Landwirtschafts Simulator 2013\x64\FarmingSimulator2013Game.exe
FirewallRules: [{50DBE45D-CE11-480B-BB95-3C5991046004}] => (Allow) F:\Program Files\Landwirtschafts Simulator 2013\x86\FarmingSimulator2013Game.exe
FirewallRules: [{65EF90C2-5382-4CC1-A6C5-2B06A3EB3D7C}] => (Allow) F:\Program Files\Landwirtschafts Simulator 2013\x86\FarmingSimulator2013Game.exe
FirewallRules: [{6981F111-D990-40A4-9633-CDE8A95ECB23}] => (Allow) F:\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{9ACE83A9-9F5E-443B-ABFF-A49B90C68ADE}] => (Allow) F:\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{BD58791F-DE53-4252-9D16-6C8A0A78DAEC}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [{DE123A50-FE94-4003-A12F-644382EEB1EA}] => (Allow) LPort=5357
FirewallRules: [{65C9BB38-BEDC-4D07-AC88-ACEFE9F03CC7}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{A82BE0E2-2042-45F8-A2E3-B44E56D7F74C}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{9939AE0F-8B92-4321-84F1-BCD1364564E8}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{5F8E36D4-9E31-4491-AABB-0ABDF495FBAB}] => (Allow) F:\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{6FC09857-2AA1-4EC8-AD35-3F5E675D8B11}] => (Allow) F:\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{7A1452D9-A9A2-4E68-8344-3ACC7F99C32C}] => (Allow) F:\Steam\SteamApps\common\Scribblenauts\Scribble.exe
FirewallRules: [{2DBF5F9B-A4A4-44F6-9C2A-0F19866EF03A}] => (Allow) F:\Steam\SteamApps\common\Scribblenauts\Scribble.exe
FirewallRules: [{5E78BBFD-C69A-440A-8F5C-4AB5E2CC35E5}] => (Allow) F:\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{533F3579-DB58-4697-A520-46FA64357EB9}] => (Allow) F:\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{0327309F-DDA2-4D82-A5E4-9C48C4748A0C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FBC57E44-A863-494C-8CEE-6EEDE2C05EE5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1875B40B-9D6D-4BE5-8A50-C1599B22DA9B}] => (Allow) F:\Steam\SteamApps\common\The Escapists\TheEscapists.exe
FirewallRules: [{38DB5E55-849A-42B3-94E2-41B8C3819F17}] => (Allow) F:\Steam\SteamApps\common\The Escapists\TheEscapists.exe
FirewallRules: [{13308C36-D932-4426-98D2-5DD8F6461E7C}] => (Allow) F:\Program Files\Brick-Force\BfLauncher.exe
FirewallRules: [{B41B107A-2F0A-4EDD-90C3-A0C29EBD5F30}] => (Allow) F:\Program Files\Brick-Force\BrickForce.exe
FirewallRules: [{9DFF3BCD-470F-4BAE-8648-6DA0886294B1}] => (Allow) F:\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{493FA4A8-B19A-4B5C-AF7F-3A1B6F2A2FB9}] => (Allow) F:\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{7A6ECD8F-1E87-4AC8-A209-CA780C603E3F}] => (Allow) F:\Steam\SteamApps\common\RPG Maker VX Ace Lite\RPGVXAceLite.exe
FirewallRules: [{D7E567F4-18E0-45EA-A920-F7C40DC73DBE}] => (Allow) F:\Steam\SteamApps\common\RPG Maker VX Ace Lite\RPGVXAceLite.exe
FirewallRules: [{FF6241EC-9C94-4943-B975-795F26D406A0}] => (Allow) F:\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{DFE7C6BD-8844-44BF-BBBA-7B8CBC6950A8}] => (Allow) F:\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{A406EB38-B5CF-400F-947D-FA184F24D12C}] => (Allow) F:\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{ED8593EA-A8A9-433C-B22E-110B8662F7FC}] => (Allow) F:\Steam\SteamApps\common\Starbound\win32\launcher\launcher.exe
FirewallRules: [{4068C92F-4B0C-466B-9B0B-1C5F98F474F1}] => (Allow) F:\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{2BAA9143-61EC-41DB-922D-3005CC8B70CE}] => (Allow) F:\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{AE7DDBAF-11FF-4707-BBA4-BCA38976706B}] => (Allow) F:\Steam\SteamApps\common\The Binding of Isaac Rebirth\isaac-ng.exe
FirewallRules: [{7E40AC67-43A5-471E-9E4E-A5C24C2FB206}] => (Allow) F:\Steam\SteamApps\common\The Binding of Isaac Rebirth\isaac-ng.exe
FirewallRules: [{3A79F3F1-8DBE-49FC-8421-597CFB1BD6D7}] => (Allow) F:\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{5AF7C18F-BA3D-46CE-9209-FE6324722904}] => (Allow) F:\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [TCP Query User{39F35FAD-E462-464C-89E7-517012344D4F}F:\games\world_of_tanks\worldoftanks.exe] => (Allow) F:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{F388A316-4F6F-4FEF-9F19-7511B14EB912}F:\games\world_of_tanks\worldoftanks.exe] => (Allow) F:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{ADDB8E17-011C-4ED1-91D6-88F8E5B0C518}] => (Allow) F:\Steam\SteamApps\common\Trove\GlyphClient.exe
FirewallRules: [{6C1B7381-9CFC-427E-9C3D-4F0D213A06BE}] => (Allow) F:\Steam\SteamApps\common\Trove\GlyphClient.exe
FirewallRules: [TCP Query User{DFB12DF9-0BC7-467F-B9C5-7B2E855E8723}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{7B960604-9EA5-4E1F-87B3-C9DCF429A2C0}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{CDC7A8ED-101E-4EA9-8651-326AE9EB5744}F:\games\world_of_tanks\wotlauncher.exe] => (Allow) F:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{69329C04-D181-4914-96E3-7660CACC150C}F:\games\world_of_tanks\wotlauncher.exe] => (Allow) F:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{C3CC35FC-F326-401A-B522-EF5DA198A908}] => (Allow) F:\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{F61658A3-8973-4FE5-8329-F5A52019DCCF}] => (Allow) F:\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{657E9741-588C-484A-8ACA-1A7CEE218F52}] => (Allow) C:\Program Files\Max Driver Updater\maxdu.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/21/2015 08:18:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/21/2015 08:17:30 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (08/20/2015 09:05:44 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (08/20/2015 09:05:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/20/2015 08:48:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\DROPDOWN.PNG> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\DROPDOWN.PNG> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\CONNECTION.PNG> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\CONNECTION.PNG> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\CHECKBOX.PNG> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Systemfehler:
=============
Error: (08/21/2015 05:11:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Error: (08/21/2015 05:11:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: RAS-VerbindungsverwaltungTelefonie%%1058
Microsoft Office:
=========================
Error: (08/21/2015 08:18:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/21/2015 08:17:30 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (08/20/2015 09:05:44 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (08/20/2015 09:05:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/20/2015 08:48:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\DROPDOWN.PNG
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\DROPDOWN.PNG
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\CONNECTION.PNG
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\CONNECTION.PNG
Error: (08/20/2015 08:26:27 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\USERS\CHRISI\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\CHECKBOX.PNG
CodeIntegrity:
===================================
Date: 2015-08-21 17:11:05.935
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-21 17:11:05.694
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-21 17:11:05.449
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-21 17:11:05.182
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-17 00:23:23.216
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-17 00:23:23.013
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-17 00:23:22.809
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-17 00:23:22.577
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-17 00:23:22.343
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-17 00:23:22.125
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Prozentuale Nutzung des RAM: 75%
Installierter physikalischer RAM: 3262.58 MB
Verfügbarer physikalischer RAM: 790.64 MB
Summe virtueller Speicher: 6761.29 MB
Verfügbarer virtueller Speicher: 3627.08 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:49.68 GB) (Free:1.87 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive e: (AOE III DISC 1) (CDROM) (Total:0.52 GB) (Free:0 GB) CDFS
Drive f: () (Fixed) (Total:881.83 GB) (Free:608.44 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 9FA558AC)
Partition 1: (Active) - (Size=49.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=881.8 GB) - (Type=07 NTFS)
==================== Ende vom raportu ============================
sry bin ein wenig eingerostet |
FRST 32-Bit | FRST 64-Bit
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: