Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015
durchgeführt von Philipp (Administrator) auf PHILIPPS (17-12-2015 20:19:48)
Gestartet von C:\Users\Philipp\Desktop
Geladene Profile: Philipp & (Verfügbare Profile: Philipp)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Sennheiser Communications) C:\Program Files (x86)\Common Files\Sennheiser\SDFUApp\SDFUUpdateService.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\wimserv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Users\Philipp\AppData\Roaming\Win64System\WindowsCoreApplication.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
() C:\Program Files\WindowsApps\9E2F88E3.Twitter_4.3.2.0_x86__wgeqdkkx372wm\Twitter.Windows.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [4468984 2015-09-14] (O&O Software GmbH)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [SecomUpdaterApp] => C:\Program Files (x86)\Sennheiser\Sennheiser Updater\SecomUpdat.exe [1320960 2013-07-05] (Sennheiser Communications)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-03] (Intel Corporation)
HKLM-x32\...\Run: [RoccatKonePure] => C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE [561152 2014-01-20] (ROCCAT GmbH)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe
HKLM-x32\...\Run: [Skiller Pro] => C:\Program Files (x86)\Skiller Pro\Monitor.exe [475136 2014-02-26] ()
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [3716624 2015-08-31] (Simply Super Software)
HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\Run: [SuperWinStartup64] => C:\Users\Philipp\AppData\Roaming\Win64System\WindowsCoreApplication.exe [16896 2015-12-11] ()
HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\RunOnce: [Uninstall C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\RunOnce: [Uninstall C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\RunOnce: [Uninstall C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SuperWinStartup64] => C:\Users\Philipp\AppData\Roaming\Win64System\WindowsCoreApplication.exe [16896 2015-12-11] ()
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [SuperWinStartup64] => C:\Users\Philipp\AppData\Roaming\Win64System\WindowsCoreApplication.exe [16896 2015-12-11] ()
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [Uninstall C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [Uninstall C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [Uninstall C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2015-06-18]
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()
Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2015-06-28]
ShortcutTarget: Curse.lnk -> C:\Users\Philipp\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8ba84fa1-6b03-4e04-933f-dc2ca2fdaf49}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{97b379f3-d40c-4757-b7ca-43aafc0e98cb}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1737141917-724132490-1543452845-1001 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1737141917-724132490-1543452845-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1737141917-724132490-1543452845-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
FireFox:
========
FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\l6e9GYrd.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-01-05] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-09-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1737141917-724132490-1543452845-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-12-05] ()
FF Plugin HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-12-05] ()
FF Plugin HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-12-05] ()
FF Extension: Avira Browser Safety - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\l6e9GYrd.default\Extensions\abs@avira.com [2015-12-16]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google
CHR Profile: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-06-03]
CHR Extension: (YouTube) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-12-12]
CHR Extension: (Google-Suche) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Avira Browserschutz) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-12-14]
CHR Extension: (Google Docs Offline) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-16]
CHR Extension: (agar.io server browser) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\hongpdkjnjhijmdnogoicadboadgllhi [2015-06-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Google Mail) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACTION_SVC; C:\Program Files (x86)\Mirillis\Action!\action_svc.exe [16064 2014-10-25] ()
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-02] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [429784 2015-03-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-10] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [794328 2015-03-10] (BlueStack Systems, Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [245544 2015-07-08] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2013-02-12] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1711352 2015-09-14] (O&O Software GmbH)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-02] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-12-11] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-12-11] ()
R2 SDFUUpdateService; C:\Program Files (x86)\Common Files\Sennheiser\SDFUApp\SDFUUpdateService.exe [89088 2013-06-27] (Sennheiser Communications) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-02] (Avira Operations GmbH & Co. KG)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145624 2015-03-10] (BlueStack Systems)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [4560640 2015-07-22] (Realtek Semiconductor Corporation )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-17 20:19 - 2015-12-17 20:19 - 00026749 _____ C:\Users\Philipp\Desktop\FRST.txt
2015-12-17 20:19 - 2015-12-17 20:19 - 00000000 ____D C:\FRST
2015-12-17 20:18 - 2015-12-17 20:19 - 02370048 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2015-12-17 20:16 - 2015-12-17 20:16 - 00016148 _____ C:\WINDOWS\system32\PHILIPPS_Philipp_HistoryPrediction.bin
2015-12-17 19:36 - 2015-12-17 19:43 - 00000000 ____D C:\Users\Philipp\Desktop\Logfiles virenprogramme
2015-12-17 17:04 - 2015-12-17 17:04 - 00000000 ___HD C:\OneDriveTemp
2015-12-16 19:08 - 2015-12-16 19:08 - 00001309 _____ C:\Users\Public\Desktop\Battlefield 4.lnk
2015-12-14 20:07 - 2015-12-14 20:07 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-12-14 20:06 - 2015-12-14 20:06 - 00001148 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2015-12-14 20:06 - 2015-12-14 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-12-14 20:06 - 2015-12-14 20:06 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2015-12-14 20:06 - 2012-05-02 12:17 - 01070152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2015-12-14 20:06 - 2009-03-24 13:52 - 00129872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL
2015-12-14 20:05 - 2015-12-14 20:05 - 01466656 _____ C:\Users\Philipp\Downloads\SpywareBlaster - CHIP-Installer.exe
2015-12-14 19:04 - 2015-12-14 19:04 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\TestApp
2015-12-14 19:04 - 2015-12-14 19:04 - 00000000 ____D C:\ProgramData\PC Tools
2015-12-14 19:03 - 2015-12-14 19:04 - 01466656 _____ C:\Users\Philipp\Downloads\Spyware Doctor - CHIP-Installer.exe
2015-12-14 18:59 - 2015-12-14 18:59 - 00000000 ____D C:\Users\Philipp\AppData\Local\Macromedia
2015-12-14 18:53 - 2015-12-14 18:59 - 00000000 ____D C:\Users\Philipp\AppData\Local\Mozilla
2015-12-14 18:53 - 2015-12-14 18:53 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-14 18:53 - 2015-12-14 18:53 - 00001216 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-14 18:53 - 2015-12-14 18:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-14 18:53 - 2015-12-14 18:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-14 18:52 - 2015-12-14 18:52 - 00243976 _____ C:\Users\Philipp\Downloads\Firefox Setup Stub 42.0.exe
2015-12-14 17:23 - 2015-12-14 17:23 - 00003478 _____ C:\Users\Philipp\AppData\Local\recently-used.xbel
2015-12-13 20:18 - 2015-12-13 20:18 - 00001208 _____ C:\Users\Public\Desktop\Trojan Remover.lnk
2015-12-13 20:18 - 2015-12-13 20:18 - 00000000 ____D C:\Users\Philipp\Documents\Simply Super Software
2015-12-13 20:18 - 2015-12-13 20:18 - 00000000 ____D C:\ProgramData\Simply Super Software
2015-12-13 20:18 - 2015-12-13 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-12-13 20:05 - 2015-12-17 19:43 - 00000000 ____D C:\ProgramData\TEMP
2015-12-13 20:05 - 2015-12-13 20:18 - 00000000 ____D C:\Program Files (x86)\Trojan Remover
2015-12-13 20:04 - 2015-12-13 20:04 - 01466656 _____ C:\Users\Philipp\Downloads\Trojan Remover - CHIP-Installer.exe
2015-12-13 18:51 - 2015-12-13 18:51 - 00003232 _____ C:\WINDOWS\System32\Tasks\{37CC0161-FFA1-437D-A882-B54193B31E9E}
2015-12-13 15:26 - 2015-12-13 15:26 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-13 15:26 - 2015-12-13 15:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-13 15:25 - 2015-12-13 15:25 - 00000000 ____D C:\Program Files (x86)\ESET
2015-12-13 15:24 - 2015-12-13 15:25 - 02870984 _____ (ESET) C:\Users\Philipp\Downloads\esetsmartinstaller_deu.exe
2015-12-13 15:23 - 2015-12-13 15:25 - 22908888 _____ (Malwarebytes ) C:\Users\Philipp\Downloads\mbam-setup-2.2.0.1024 (3).exe
2015-12-12 21:38 - 2015-12-12 21:38 - 01583804 _____ C:\Users\Philipp\Downloads\worldedit-bukkit-6.1.jar
2015-12-12 19:24 - 2015-12-12 19:24 - 00001193 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2015-12-12 19:19 - 2015-12-13 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-12 19:18 - 2015-12-12 19:18 - 22908888 _____ (Malwarebytes ) C:\Users\Philipp\Downloads\mbam-setup-2.2.0.1024 (2).exe
2015-12-11 20:34 - 2015-12-11 20:34 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\ProductData
2015-12-11 20:33 - 2015-12-12 20:33 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\IObit
2015-12-11 20:33 - 2015-12-11 20:34 - 00000000 ____D C:\Users\Philipp\AppData\LocalLow\IObit
2015-12-11 20:33 - 2015-12-11 20:34 - 00000000 ____D C:\ProgramData\ProductData
2015-12-11 20:33 - 2015-12-11 20:33 - 00000000 ____D C:\ProgramData\IObit
2015-12-11 20:32 - 2015-12-11 20:33 - 09552328 _____ (IObit ) C:\Users\Philipp\Downloads\sm8-24setup.exe
2015-12-11 20:10 - 2015-12-11 20:10 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\idesktop
2015-12-11 20:00 - 2015-12-11 20:00 - 00000000 ____D C:\WINDOWS\system32\log
2015-12-11 17:53 - 2015-12-11 17:54 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Philipp\Downloads\SpyHunter-Installer.exe
2015-12-11 17:32 - 2015-12-11 17:32 - 00000000 ____D C:\ProgramData\Emsisoft
2015-12-11 17:17 - 2015-12-12 17:24 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2015-12-11 17:10 - 2015-12-11 17:11 - 204899464 _____ (Emsisoft Ltd. ) C:\Users\Philipp\Downloads\EmsisoftAntiMalwareSetup11.0.0.5911.exe
2015-12-11 15:04 - 2015-12-11 15:04 - 01738240 _____ C:\Users\Philipp\Downloads\adwcleaner_5.024.exe
2015-12-11 14:26 - 2015-12-17 19:34 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-11 14:26 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-11 14:26 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-11 14:26 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-11 14:25 - 2015-12-11 14:26 - 22908888 _____ (Malwarebytes ) C:\Users\Philipp\Downloads\mbam-setup-2.2.0.1024 (1).exe
2015-12-11 13:30 - 2015-12-11 13:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-11 13:29 - 2015-12-11 13:30 - 22908888 _____ (Malwarebytes ) C:\Users\Philipp\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-11 13:07 - 2015-12-16 21:26 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-12-11 13:07 - 2015-12-11 13:07 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-12-11 13:07 - 2015-03-12 15:40 - 03894632 _____ C:\WINDOWS\SysWOW64\pbsvc.exe
2015-12-11 13:02 - 2015-12-11 13:03 - 00715079 _____ C:\Users\Philipp\Downloads\pb38setup.zip
2015-12-11 11:55 - 2015-12-11 11:55 - 00551725 _____ C:\Users\Philipp\Downloads\McOP-Hackv4.19.rar
2015-12-11 11:55 - 2015-12-11 11:55 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Win64System
2015-12-10 20:08 - 2015-12-10 20:08 - 00000000 ____D C:\Users\Philipp\.ssh
2015-12-09 19:35 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-09 19:35 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-09 19:35 - 2015-11-25 05:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-09 19:35 - 2015-11-25 05:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-09 19:35 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 19:35 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-09 19:35 - 2015-11-25 05:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-09 19:35 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-09 19:35 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 19:35 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-09 19:35 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-09 19:35 - 2015-11-25 05:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-09 19:35 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 19:34 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-09 19:34 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-09 19:34 - 2015-12-01 06:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-09 19:34 - 2015-12-01 06:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-09 19:34 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-09 19:34 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-09 19:34 - 2015-12-01 05:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-09 19:34 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-09 19:34 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-09 19:34 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 19:34 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-09 19:34 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-09 19:34 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 19:34 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-09 19:34 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 19:34 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 19:34 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-09 19:34 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-09 19:34 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-09 19:34 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-09 19:34 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-09 19:34 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-09 19:34 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-09 19:34 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 19:34 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-09 19:34 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-09 19:34 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-09 19:34 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-09 19:34 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-09 19:34 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-09 19:34 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 19:34 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-09 19:34 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 19:34 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-09 19:34 - 2015-11-25 05:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 19:34 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 19:34 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-09 19:34 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-09 19:34 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-09 19:34 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-09 19:34 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-09 19:34 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-09 19:34 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-09 19:34 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-09 19:34 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-09 19:34 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-09 19:34 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-09 19:34 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-09 19:34 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-09 19:34 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-09 19:34 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-09 19:34 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-09 19:34 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-09 19:34 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 19:34 - 2015-11-25 05:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 19:34 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 19:34 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-09 19:34 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-09 19:34 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 19:34 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-09 19:34 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-09 19:34 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-09 19:34 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-09 19:34 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-09 19:34 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-09 19:34 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-09 19:34 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls
2015-12-07 15:46 - 2015-12-07 15:46 - 00000000 ____D C:\Users\Public\Documents\sun
2015-12-07 15:45 - 2015-12-07 15:45 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2015-12-07 15:45 - 2015-12-07 15:45 - 00000000 ____D C:\Users\Philipp\Desktop\OpenOffice 4.1.2 (de) Installation Files
2015-12-07 15:45 - 2015-12-07 15:45 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-12-07 15:42 - 2015-12-07 15:45 - 164803434 _____ C:\Users\Philipp\Downloads\Apache_OpenOffice_4.1.2_Win_x86_install_de.exe
2015-12-06 12:16 - 2015-12-06 12:16 - 00259979 _____ C:\Users\Philipp\Downloads\XRay-4.4.jar
2015-12-06 12:14 - 2015-12-06 12:14 - 00026671 _____ C:\Users\Philipp\Downloads\Xray Ultimate 1.8 (1).zip
2015-12-06 12:12 - 2015-12-06 12:12 - 00026671 _____ C:\Users\Philipp\Downloads\Xray Ultimate 1.8.zip
2015-11-18 20:45 - 2015-12-16 22:39 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Skype
2015-11-18 20:45 - 2015-11-18 20:45 - 00002642 _____ C:\Users\Philipp\Desktop\Skype.lnk
2015-11-18 20:45 - 2015-11-18 20:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-11-18 20:45 - 2015-11-18 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-11-18 20:44 - 2015-11-18 20:44 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Philipp\Downloads\SkypeSetup (1).exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-17 20:19 - 2015-07-10 10:47 - 00000000 ____D C:\Windows
2015-12-17 20:18 - 2015-08-01 19:11 - 00000000 ____D C:\Users\Philipp\AppData\Local\CrashDumps
2015-12-17 20:07 - 2015-09-17 20:16 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-17 19:42 - 2015-08-22 20:49 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-17 19:00 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-17 17:09 - 2015-07-30 23:42 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-17 17:07 - 2015-08-25 13:54 - 00000000 ____D C:\Users\Philipp\AppData\Local\Adobe
2015-12-17 17:06 - 2015-01-05 18:10 - 00004014 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B49B936F-1DA3-4E8A-9D53-B53B2D2F8A19}
2015-12-17 17:04 - 2015-08-22 20:49 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-17 17:04 - 2015-01-05 19:36 - 00000000 __RDO C:\Users\Philipp\OneDrive
2015-12-16 21:16 - 2015-01-31 22:41 - 00000000 ____D C:\ProgramData\Origin
2015-12-16 20:57 - 2015-01-05 19:29 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\.minecraft
2015-12-16 19:45 - 2015-08-19 14:17 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-12-14 20:49 - 2015-09-25 20:48 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-14 20:46 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-14 20:07 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-12-14 20:07 - 2015-07-30 23:40 - 00000000 ____D C:\WINDOWS\INF
2015-12-14 20:07 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-12-14 18:53 - 2015-01-23 16:20 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Mozilla
2015-12-14 17:55 - 2015-01-06 14:24 - 00000000 ____D C:\Users\Philipp\.gimp-2.8
2015-12-14 17:23 - 2015-01-15 22:26 - 00000000 ____D C:\Users\Philipp\AppData\Local\gtk-2.0
2015-12-13 20:11 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-13 20:10 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-13 18:47 - 2015-09-25 19:55 - 00000000 ____D C:\Users\Philipp
2015-12-13 18:47 - 2015-05-01 17:15 - 00000000 ____D C:\Program Files\Andy
2015-12-13 18:47 - 2015-03-28 20:17 - 00000000 ____D C:\Users\Philipp\VirtualBox VMs
2015-12-13 18:47 - 2015-01-06 16:03 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-13 18:44 - 2015-01-31 23:02 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-12-13 17:09 - 2015-09-27 19:57 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-12-13 13:04 - 2015-07-30 22:49 - 04888872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-12 20:39 - 2015-01-15 18:13 - 00000000 ____D C:\searchplugins
2015-12-12 19:25 - 2015-01-23 16:18 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-12 19:24 - 2015-09-27 20:12 - 00000000 ____D C:\Program Files (x86)\Avira
2015-12-12 19:24 - 2015-01-23 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-12 19:24 - 2015-01-23 16:17 - 00000000 ____D C:\ProgramData\Avira
2015-12-12 19:04 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\rescache
2015-12-12 18:35 - 2015-01-29 21:40 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Notepad++
2015-12-11 20:26 - 2015-09-10 06:37 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-11 20:20 - 2015-04-10 19:29 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\vlc
2015-12-11 20:16 - 2015-03-28 20:16 - 00000000 ____D C:\Users\Philipp\.VirtualBox
2015-12-11 20:08 - 2015-10-03 17:07 - 00000000 ___RD C:\Users\Philipp\Desktop\Programme
2015-12-11 15:09 - 2015-09-25 19:52 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-11 13:10 - 2015-09-04 21:18 - 00076152 _____ C:\WINDOWS\system32\PnkBstrA.exe
2015-12-11 12:56 - 2015-01-05 23:07 - 00000000 ____D C:\Users\Philipp\AppData\Local\Packages
2015-12-11 12:37 - 2015-09-25 20:10 - 01793546 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-11 12:37 - 2015-09-10 06:10 - 00772138 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-11 12:37 - 2015-09-10 06:10 - 00154500 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-11 12:27 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-11 12:25 - 2015-07-03 18:57 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\PhotoScape
2015-12-11 12:25 - 2015-03-19 13:20 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\FileZilla
2015-12-11 12:25 - 2015-01-08 16:05 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\TS3Client
2015-12-11 12:22 - 2015-01-08 18:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-11 12:16 - 2015-10-01 19:31 - 00000000 ____D C:\Users\Philipp\Desktop\NWT Fahrad projekt
2015-12-11 12:16 - 2015-01-08 18:51 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-10 16:04 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-09 20:03 - 2015-09-25 20:23 - 00002389 _____ C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-09 04:39 - 2015-01-08 16:17 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-12-07 19:32 - 2015-01-06 12:36 - 00000000 ____D C:\Users\Philipp\Documents\SCHULE
2015-12-07 15:45 - 2015-01-10 14:58 - 00000000 ___RD C:\Users\Philipp\Desktop\Schul Programme
2015-12-05 16:00 - 2015-01-10 14:57 - 00000000 ____D C:\Users\Philipp\Desktop\Spiele
2015-12-05 15:58 - 2015-07-25 15:35 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2015-12-05 15:58 - 2015-07-25 15:33 - 00000000 ____D C:\Users\Philipp\AppData\Local\Battle.net
2015-12-05 15:58 - 2015-07-25 15:33 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-04 13:37 - 2015-08-22 20:49 - 00004194 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 13:37 - 2015-08-22 20:49 - 00003962 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-02 19:54 - 2015-01-31 22:41 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-02 19:46 - 2015-09-27 20:16 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-12-02 19:46 - 2015-09-27 20:16 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-12-02 19:46 - 2015-09-27 20:16 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-12-02 19:46 - 2015-09-27 20:16 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-12-01 01:32 - 2015-07-30 23:43 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:32 - 2015-07-30 23:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-18 20:45 - 2015-01-18 20:35 - 00000000 ____D C:\ProgramData\Skype
2015-11-18 20:37 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-07-03 20:56 - 2015-07-03 21:20 - 0148585 _____ () C:\Users\Philipp\AppData\Roaming\VideoPad.dmp
2015-01-05 19:26 - 2015-01-17 00:26 - 0000095 _____ () C:\Users\Philipp\AppData\Roaming\WB.CFG
2015-12-14 17:23 - 2015-12-14 17:23 - 0003478 _____ () C:\Users\Philipp\AppData\Local\recently-used.xbel
2015-09-25 19:52 - 2015-09-25 19:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Philipp\binkw32.dll
C:\Users\Philipp\fpupdate.exe
C:\Users\Philipp\LaunchEAW.exe
C:\Users\Philipp\LaunchEAWX.exe
C:\Users\Philipp\MCELaunch.exe
C:\Users\Philipp\mss32.dll
C:\Users\Philipp\PerceptionFunctionG.dll
C:\Users\Philipp\StubUpdate.exe
C:\Users\Philipp\swfoc.exe
Einige Dateien in TEMP:
====================
C:\Users\Philipp\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-13 18:05
==================== Ende von FRST.txt ============================ Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-12-2015
durchgeführt von Philipp (2015-12-17 20:20:12)
Gestartet von C:\Users\Philipp\Desktop
Windows 10 Home (X64) (2015-09-25 19:18:03)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1737141917-724132490-1543452845-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1737141917-724132490-1543452845-503 - Limited - Disabled)
Gast (S-1-5-21-1737141917-724132490-1543452845-501 - Limited - Disabled)
Philipp (S-1-5-21-1737141917-724132490-1543452845-1001 - Administrator - Enabled) => C:\Users\Philipp
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0.1 - Adobe Systems Incorporated)
Andy OS (HKLM-x32\...\Andy OS) (Version: 0.43 - Andy OS, Inc)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Blender (HKLM\...\{EA3C8A99-1565-44FF-89FC-926CEEB623B5}) (Version: 2.75.1 - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.17.9138 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{4FCF716C-CEB4-499D-AFB8-A5375105EC2A}) (Version: 0.9.17.9138 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG7100 series Benutzerregistrierung (HKLM-x32\...\Canon MG7100 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.00 - Canon Inc.)
Command & Conquer 3 (HKLM-x32\...\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}) (Version: 1.00.0000 - Ihr Firmenname)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®)
Dropbox (HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.)
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FileZilla Client 3.14.0 (HKLM-x32\...\FileZilla Client) (Version: 3.14.0 - Tim Kosse)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free YouTube Download version 3.2.52.113 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.52.113 - DVDVideoSoft Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.6.12-2 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.12 - The GIMP Team)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
LEGO® Star Wars™ III: The Clone Wars™ (HKLM-x32\...\{6C0A6B81-0D00-453F-B220-E1F7931B3C2A}) (Version: 1.0.0.0 - LucasArts)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.98 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.98 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 355.60 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{0733BC2F-BB0F-47DC-A86F-957B15EE11DD}) (Version: 19.0.87 - O&O Software GmbH)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.26 (HKLM\...\{5771F59A-BFC9-4FAF-A883-7642EF4BA3C3}) (Version: 4.3.26 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Daybreak Games)
PlanetSide 2 (HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version: - Roccat GmbH)
Sennheiser Updater (HKLM-x32\...\{D7C6D808-B1EB-4A94-B599-77329A1B6132}) (Version: 1.00.00 - Sennheiser Communications)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skiller Pro Driver (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 1.0 - )
Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.106 - Skype Technologies S.A.)
SpywareBlaster 5.2 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.2.0 - BrightFort LLC)
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
Star Wars Empire at War Forces of Corruption (HKLM-x32\...\{6592FDEC-2C1A-413A-9985-25FEC2F0848D}) (Version: 1.0 - LucasArts)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TP-LINK TL-WN725N_TL-WN723N Treiber (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Trojan Remover 6.9.3 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.3 - Simply Super Software)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unknown Device Identifier 8.02 (HKLM\...\Unknown Device Identifier_is1) (Version: 8.02 - Huntersoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VideoPad Video-Editor (HKLM-x32\...\VideoPad) (Version: 3.25 - NCH Software)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1737141917-724132490-1543452845-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-86ACE5CDBF29}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1737141917-724132490-1543452845-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Philipp\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1737141917-724132490-1543452845-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1737141917-724132490-1543452845-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1737141917-724132490-1543452845-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1737141917-724132490-1543452845-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1737141917-724132490-1543452845-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1737141917-724132490-1543452845-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1737141917-724132490-1543452845-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1737141917-724132490-1543452845-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1737141917-724132490-1543452845-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
22-11-2015 14:39:25 Windows Update
30-11-2015 18:52:31 Geplanter Prüfpunkt
07-12-2015 15:43:30 OpenOffice 4.1.1 wird entfernt
10-12-2015 15:59:36 Windows Update
16-12-2015 19:07:09 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
16-12-2015 19:07:39 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {06115585-1D09-473B-8929-1201D2A696DF} - System32\Tasks\{37CC0161-FFA1-437D-A882-B54193B31E9E} => pcalua.exe -a "c:\program files\Andy\AndyUninstall.exe"
Task: {152597D2-7025-445D-9D1D-CD6039836617} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {1AF55740-38FE-4417-AA37-6D2CB1EACA95} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {1BD9FE32-54F1-4C45-8998-1D21A5BF0284} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {2A39F4C7-2729-4087-B427-BE8F8B4FEE5B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-22] (Google Inc.)
Task: {2EEEA144-D4D7-4991-9E3A-FD0FF23FFFA8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {47D817DE-835B-48C3-BFB4-68CC9B3ED68F} - System32\Tasks\JetBoost_AutoUpdate => C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe
Task: {4B4D8DA8-F160-4CB8-A22F-2A58AAC37180} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-11] (Microsoft Corporation)
Task: {501EAC79-BA89-4AAE-9845-160A2659CCD0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {58B09F1D-92D2-4C3D-B00B-A00E0B7D7B37} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-philippnoahs1@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04] (Adobe Systems Incorporated)
Task: {5A3BE17D-38C1-4A62-B8D4-3067087BC4B9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {6096CCC2-E899-4C5E-97D1-78B53BE3CC42} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {64ADFE11-D24F-437B-A40F-976404D1ABD8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-22] (Google Inc.)
Task: {6EA8F2C1-278E-4DE3-8126-F1857CCF31CB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {7C5D3661-21AF-4B3C-BA13-B51EC78A5061} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {81E1EC1B-419B-4855-9F65-991FF5375643} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {94B9AA1A-0EEA-48F3-A4A7-DC840DEF2157} - System32\Tasks\{60AADBF1-B9C1-46C0-80B0-6BA74CB6AB9B} => pcalua.exe -a C:\Users\Philipp\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=pjr <==== ACHTUNG
Task: {959E8353-55B6-4B5E-A7CC-F912AEC5D95D} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {9EDDAE9D-A398-4E66-95D6-27AA34AF1368} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {A04BF5FE-644F-4107-84E6-F4409BEA1291} - System32\Tasks\avastBCLRestartS-1-5-21-1737141917-724132490-1543452845-1001 => Chrome.exe
Task: {A38538DA-4F83-432F-A463-6ADA2BFE4B13} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {D505D1DC-FC3C-4EAF-B0C7-833AEF5C7E28} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-09-10 06:12 - 2015-09-10 06:12 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-04 21:18 - 2015-12-11 13:10 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2015-09-10 06:12 - 2015-09-10 06:12 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-09-25 19:52 - 2015-09-13 23:04 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-01 20:32 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-11 11:55 - 2015-12-11 11:55 - 00016896 _____ () C:\Users\Philipp\AppData\Roaming\Win64System\WindowsCoreApplication.exe
2015-12-17 17:07 - 2015-12-17 17:07 - 00015872 _____ () C:\Program Files\WindowsApps\9E2F88E3.Twitter_4.3.2.0_x86__wgeqdkkx372wm\Twitter.Windows.exe
2015-07-10 04:16 - 2015-07-10 05:39 - 00215352 _____ () c:\windows\system32\WerEtw.dll
2015-10-01 20:32 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-09-11 18:02 - 2015-09-11 18:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-10-01 20:31 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-09 19:35 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 19:34 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 19:34 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 20:32 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-01-06 18:09 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-03-31 20:41 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-10 19:28 - 2012-06-23 13:54 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\hiddriver.dll
2015-12-17 17:07 - 2015-12-17 17:07 - 09562624 _____ () C:\Program Files\WindowsApps\9E2F88E3.Twitter_4.3.2.0_x86__wgeqdkkx372wm\Twitter.Windows.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\1001movie.com -> 1001movie.com
Da befinden sich 6091 mehr Seiten.
IE trusted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001movie.com -> 1001movie.com
Da befinden sich 6091 mehr Seiten.
IE trusted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\1001movie.com -> 1001movie.com
Da befinden sich 6091 mehr Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1737141917-724132490-1543452845-1001\Control Panel\Desktop\\Wallpaper -> c:\users\philipp\pictures\desktop hintergrund\futuristic_windows_wallpaper.jpg
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> c:\users\philipp\pictures\desktop hintergrund\futuristic_windows_wallpaper.jpg
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> c:\users\philipp\pictures\desktop hintergrund\futuristic_windows_wallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "TP-LINK-Konfigurationstool.lnk"
HKLM\...\StartupApproved\StartupFolder: => "O&O Defrag Tray.lnk"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "OODefragTray"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Andy"
HKLM\...\StartupApproved\Run32: => "Skiller Pro"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-1737141917-724132490-1543452845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{DBAADA3D-81B4-4E1D-92AA-AF0DA7DC891E}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{0F8B7E47-33ED-4426-889B-A45FD4BE1F42}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{61438F02-8263-4465-B463-43BAE47DC92E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{7AE898F3-4D6E-4DC2-8016-5760D1F2296E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{0B1F190E-8DE6-4133-A0E5-8FFA724EED5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{227D4E91-C030-4D3B-A71F-B7453EE55A8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{8F939C39-7B7A-4B3A-8108-6290E971B553}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
FirewallRules: [TCP Query User{5B280CE3-0E7A-4D23-82B5-E137B9794D8F}C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes\binaries\win32\tribesascend.exe
FirewallRules: [{B814C25F-743E-48C5-A2F3-0A6D901B4537}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F9037EE6-D87F-474D-9949-57A04516D070}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5D4D4D0A-B69C-4645-8197-5136D2805028}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5CA44CB6-D4BB-4890-B9C0-F2C45B844DBB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3AD3C5F6-F4FC-44B4-9406-7A1CEB6AECDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [UDP Query User{EB793208-F729-4581-9E51-8EBA1B8074EF}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [TCP Query User{A759CBF7-BE26-48BB-9005-B521487A2078}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{228B255C-23A6-4DFF-8752-699DA877B4E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{85B299C8-7D71-4BCF-92B3-226B5B812DE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [UDP Query User{4CF343F0-67BB-4DC8-9B8B-4E7DFFFE73D2}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [TCP Query User{AC6CE263-3895-41FD-A5AE-A8CB83409BD9}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{8F3A5D46-8F4E-4B80-9F0D-E91CAB9D1F67}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{899DC019-9E4B-47EB-B802-D52CF05D13E7}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{C779CDE8-FAB8-4522-B2D4-554C364B02A6}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{CE9F538F-7379-4E2C-A5F3-0929BF51494F}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{6BDB5741-0B51-4DB2-99F4-8DE798853E07}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{76478D17-35B0-4EC0-A54D-C8B08C19386D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{73C00ECC-BADD-44F2-B862-82B83867FC09}] => (Allow) C:\Users\Philipp\swfoc.exe
FirewallRules: [{648B9D47-34EF-4EBB-B6C9-4CB6F41C65EC}] => (Allow) C:\Users\Philipp\swfoc.exe
FirewallRules: [{2A4124B3-5BAF-4BC9-899B-14532B50C963}] => (Allow) C:\Users\Philipp\GameData\sweaw.exe
FirewallRules: [{50EA16D0-F353-4536-B90F-1086848F9919}] => (Allow) C:\Users\Philipp\GameData\sweaw.exe
FirewallRules: [{09BE2C94-E0CA-4A10-B15A-E56FAAA8CEC1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E41F256B-4AF5-4657-AEA4-AB5018CACB70}] => (Allow) C:\Program Files (x86)\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat
FirewallRules: [UDP Query User{C8E41A2E-DE17-422D-8265-D9D43BC5936A}C:\users\philipp\desktop\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\philipp\desktop\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{EA4D4172-E6AF-4E9E-9693-2A84864677AA}C:\users\philipp\desktop\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\philipp\desktop\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{06FE0513-2CC3-4ABA-8B85-847E8C378D49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{E43F3199-EC1D-47C7-9C3F-A2D2CFBB8A62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [UDP Query User{495CAA9B-0343-4DA6-B88F-77BACBA4D116}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{3B882E1B-5E35-452F-99EF-E8C77C4F357F}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{9EBBA2D2-E241-466C-B0B0-80A938186326}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{D3463693-08B8-48E6-97F8-B0FDAAEBD382}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [UDP Query User{8575AC1E-D01D-4268-91E0-7AB032B46DD6}C:\program files\andy\andy.exe] => (Block) C:\program files\andy\andy.exe
FirewallRules: [TCP Query User{520B7021-616F-4A26-B074-091A5AC3F7E6}C:\program files\andy\andy.exe] => (Block) C:\program files\andy\andy.exe
FirewallRules: [{02AF8686-EB1F-4DED-944E-83C0C5BE600F}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{0800B6E5-9204-4D78-9D01-E3A8F04FC675}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{A6827A97-EDB5-45B5-8FEE-F2BC11969488}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A2F6EC57-3079-42D4-A298-33161A71E656}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F4E80E03-8AB0-40B2-B9CC-B89F8E6F0482}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9626D51E-6966-4243-9450-8C9669094BB4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B6C0F5F7-3F69-4843-B42B-3EB64EF2D600}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{33D75A84-51A6-41A9-AA33-27BDEA16AB05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [UDP Query User{449364E5-0E34-4354-A33E-6DBDA06F0750}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{72421241-0C8F-45CA-8B91-61B118C11FAE}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{CAB831C1-ADD4-4A30-834F-F29951E63673}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B189B15B-25FD-4A20-B310-CD38965A1100}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{0B1D9045-3B01-4068-9ECB-299CC53CF663}C:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe
FirewallRules: [TCP Query User{FD42F048-730F-429C-B235-44397EA17E7F}C:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 2070\anno5.exe
FirewallRules: [UDP Query User{0A41FBF9-6CF0-4959-9F64-D510E942060F}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{54A436A9-0656-4891-A987-BDC8CE9F6127}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{242F5A4B-7F99-419E-8C2E-9EFE9D69AD18}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{08579D2E-BF2A-45D6-8BA4-F93AFEFAC7BA}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{E78C3BA7-9027-4E91-BC98-7CB1CE63F848}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{9ECEAF79-682A-499B-A888-6864981F74FD}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{ED9CFB50-5DA5-40B6-8987-5BFEAAF4EB34}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{E19ABC7C-3FBC-4B2A-9C91-3AB7999E41A9}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{FBF74A80-C30C-4943-83A6-C2F5566A6544}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{D1FCFD8D-B358-4324-B102-764892417C61}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{5DEB888A-1A0A-4741-A840-AABE23B62B0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{A541D5BC-B6CA-4FC9-B4D8-B67CBEE80868}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{E33375C8-AD45-4F7A-B7C1-789B7B93BAF1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C45EA2D8-18F9-4F1A-9403-3F7BEC26AAFE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{03D50F4E-606B-4A32-9A31-304D72CB2206}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{21E8FEF5-6768-44F3-8DC0-647B8052762E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3BCA426B-0D04-4FDB-A0FC-C1ECDFB42904}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{848E8DBD-92BC-4523-AE83-E90E6818AA07}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{E8A77496-4C9E-4CD6-85B9-AB9613E9692A}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{1B930123-0AB9-4D56-9BB1-07A08484335A}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{017F8E2C-070A-4400-8DFB-69965A46456D}C:\users\philipp\desktop\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\philipp\desktop\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{B7C6D70B-23F0-4E78-96FB-4AE93F82B2DB}C:\users\philipp\desktop\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\philipp\desktop\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{61E1B31B-202B-4D39-87D3-D19CAA678F62}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{2D028140-D2B3-40D9-B4CE-2FBBFF932CD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{838CF681-4456-4464-BCB1-88112A2EBAD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{5A97AF52-3EA1-43A1-BA55-ED41A8911346}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{FD52BC30-68C1-45B6-9412-01813177C6FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{2EFB2988-5D17-47AD-8865-22688297111E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{3B6A7975-0D15-4EDF-B94F-7C989A94AE2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{6A40C602-3F41-4526-98A2-82C7335EC9C5}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{150F3276-22B0-401E-88AE-433EE1F822D2}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{11243B37-830D-471A-B418-530EFB078A75}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{21C0BB95-4EF2-4574-980C-D3DF242A6D2B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7504073A-F936-40A7-A590-EB294BC62A8F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B8A505C7-4E3C-4521-96FA-B537B7397FE1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6C1A190A-29DD-4D55-AA3F-B9F284345570}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{36B94095-E890-4726-83D4-76622CCB6F8A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3630E708-1568-4A67-9D2E-7ABF1C443388}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EE7059DB-9450-4BB9-8242-0DE96B11410A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{B3BDD932-80EF-4EAC-A485-C8781FE99D3B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{ADEE896F-4ACF-45AF-957E-822C193EB18E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{A9705A53-C1E7-4B50-BDA7-4D1A989A6AF0}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/17/2015 08:18:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 10.0.10240.16603, Zeitstempel: 0x56553bcd
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10240.16603, Zeitstempel: 0x5655363f
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ea2ec
ID des fehlerhaften Prozesses: 0x1044
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5
Error: (12/16/2015 07:07:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (12/16/2015 07:07:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (12/16/2015 06:08:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 18 A.E.0.0.4.A.5.C.D.0.7.7.A.1.5.C.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Philipps-2.local.
Error: (12/16/2015 06:08:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.100:5353 16 A.E.0.0.4.A.5.C.D.0.7.7.A.1.5.C.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Philipps.local.
Error: (12/16/2015 06:08:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 18 100.2.168.192.in-addr.arpa. PTR Philipps-2.local.
Error: (12/16/2015 06:08:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.100:5353 16 100.2.168.192.in-addr.arpa. PTR Philipps.local.
Error: (12/16/2015 06:08:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Philipps.local already in use; will try Philipps-2.local instead
Error: (12/16/2015 06:08:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Philipps.local. Addr 192.168.2.100
Error: (12/16/2015 06:08:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.100:5353 16 Philipps.local. AAAA 2003:0072:8F3D:E563:C51A:770D:C5A4:00EA
Systemfehler:
=============
Error: (12/17/2015 05:16:49 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}
Error: (12/17/2015 05:07:04 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (12/17/2015 05:06:12 PM) (Source: DCOM) (EventID: 10016) (User: PHILIPPS)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}PhilippsPhilippS-1-5-21-1737141917-724132490-1543452845-1001LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
Error: (12/16/2015 10:39:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/16/2015 10:39:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/16/2015 10:39:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/16/2015 10:39:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/16/2015 07:13:20 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}
Error: (12/16/2015 06:11:13 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (12/16/2015 06:10:40 PM) (Source: DCOM) (EventID: 10016) (User: PHILIPPS)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}PhilippsPhilippS-1-5-21-1737141917-724132490-1543452845-1001LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
CodeIntegrity:
===================================
Date: 2015-12-13 18:13:21.802
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-13 18:13:21.616
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-13 18:13:21.133
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-13 18:13:20.880
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-13 18:13:20.742
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-13 18:13:20.445
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-13 18:13:20.259
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-13 18:12:54.556
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-13 18:12:54.368
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-13 18:12:54.165
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 8111.13 MB
Verfügbarer physikalischer RAM: 5933.11 MB
Summe virtueller Speicher: 10998.64 MB
Verfügbarer virtueller Speicher: 8128.63 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:931.17 GB) (Free:516.87 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 72FC3695)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================ |