Tedelmann | 31.10.2016 17:42 | Hi M-K-D-B,
Hier die LOGs:
Addition: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-10-2016
durchgeführt von admin (31-10-2016 17:29:32)
Gestartet von C:\Users\admin\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-12 23:10:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
admin (S-1-5-21-2499327049-1345700090-1954953358-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-2499327049-1345700090-1954953358-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2499327049-1345700090-1954953358-503 - Limited - Disabled)
Gast (S-1-5-21-2499327049-1345700090-1954953358-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Active Directory Authentication Library für SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library für SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Benutzerhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Useg) (Version: - )
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.7 - BlueJ Team)
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version: - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)
Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation)
CASIO FA-124 (HKLM-x32\...\{FB47E710-6249-4EFA-BE36-E922B0612AF4}) (Version: 2.04.0000 - CASIO COMPUTER CO., LTD.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CrystalDiskInfo 6.6.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.6.1 - Crystal Dew World)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.2 - Bloodshed Software)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{FD639F4D-1460-42E6-B32D-FEC1745D0BDC}) (Version: 13.0.1601.5 - Microsoft Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.2.0.5.2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.5.2 Alpha - ETS2MP Team)
F1 2014 (HKLM-x32\...\Steam App 226580) (Version: - Codemasters)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
FireStorm version V1.0.46.005 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.46.005 - )
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.5.323 - DVDVideoSoft Ltd.)
Free Video to Flash Converter version 5.0.55.113 (HKLM-x32\...\Free Video to Flash Converter_is1) (Version: 5.0.55.113 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.51.1215 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.51.1215 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.59 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
LibreOffice 5.1.4.2 (HKLM-x32\...\{D5D4AC5C-C757-4EB2-857C-B021DB22482C}) (Version: 5.1.4.2 - The Document Foundation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6129.5001 - Microsoft Corporation)
Microsoft PowerPoint Home and Student 2010 (HKLM-x32\...\Office14.POWERPOINTR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{264B070C-82D7-4C9C-B1CE-A0B124BCC787}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{4EFF12AE-599C-42A2-ACFA-0D95C3B11A19}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{E8F3D249-7DE6-4422-AC86-1CE7D5CCFA0F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.60519.0) (HKLM-x32\...\{9F367648-EC0C-4F97-B351-D12A51E38F96}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2016 Management Objects (HKLM-x32\...\{35A7B00B-4F9C-4B4D-919C-86FFFEE46AD6}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{7F6DCED8-6A2B-4436-AF20-8F659D04E388}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{48BF289B-F3FA-4023-9251-80ABF7B726F9}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Netzwerkhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Netg) (Version: - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.1 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.7 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PlanetSide 2 (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7640 - Realtek Semiconductor Corp.)
Recordify 2016 (HKLM-x32\...\{E25B0FAA-66E5-4D2E-9B48-3B85B31543BF}_is1) (Version: 1.54 - Abelssoft)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Roslyn Language Services - x86 (x32 Version: 14.0.25425 - Microsoft Corporation) Hidden
Samsung Kies (x32 Version: 2.6.3.14074.11 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Scansoft PDF Professional (x32 Version: - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0018-0000-0000-0000000FF1CE}_Office14.POWERPOINTR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Spotify (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Spotify) (Version: 1.0.39.157.g674ae377 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25521 - Microsoft) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechSmith Screen Capture Codec (x32 Version: 3.1.0 - TechSmith Corporation) Hidden
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com)
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00EC848C-86C9-47BC-B85B-13FA387FDF59} - kein Dateipfad
Task: {031FE6EA-3811-413F-9C38-968399449312} - System32\Tasks\{E6D8422F-5911-48C8-A2CB-4839FC783C13} => C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
Task: {049E94B2-F0AB-43A3-A7E3-ABFDCFB2C1CE} - kein Dateipfad
Task: {04DB3C46-6919-4F66-945A-81B4A588BFE7} - System32\Tasks\{A13D3229-3538-4A9B-BC9D-4D7E46FEA6D1} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {053D44B9-7A00-49D6-9344-FD129CD575D1} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {073795C9-8A8F-499A-A1E9-4F464494A6E4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0BA0124E-9A6D-4875-BCC6-5F9AB9333055} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {0C3D1C09-F503-40AB-B1E9-5A5D061F520E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {0DE5621F-D1D7-472C-96B2-658556860924} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {17B7F027-9973-4196-8D91-ADE023D54742} - System32\Tasks\{1AE02D85-E364-45B6-92B0-A30EC8FDDDC9} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {17C6AD99-1673-4817-AD75-8F22CE4F1F18} - System32\Tasks\{9CF80396-B379-427D-9DBE-54858E636648} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {196EB3B7-F969-44FB-8904-FC3FFEBCEA36} - System32\Tasks\{E61D7DD5-0347-491C-94EE-5B2A55F53E7F} => pcalua.exe -a "C:\Users\admin\Desktop\lgs510 (1).exe" -d C:\Users\admin\Desktop
Task: {1B373374-5B77-4BD2-9CAC-A088601DAAA0} - \SimpleFiles Installer Starter -> Keine Datei <==== ACHTUNG
Task: {1C57893A-73C3-488F-B526-A8887F2953A7} - kein Dateipfad
Task: {1EC1E15D-F018-4723-9070-4D369E8FEC5C} - System32\Tasks\{DD61DBDB-E610-4BA6-A9B8-8B08C63A417E} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {2567BB02-4670-455E-9C02-C931857870E6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {2B1E6290-3296-4B86-934C-BC5EDCE018AD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2BF4E1F4-BBF9-4735-A379-CD2D2324F79A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {35931239-6C01-4EB9-9F06-B5E34733FB8A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {3835EB9A-A64B-475E-8C88-55D172209009} - System32\Tasks\{BE51D640-5212-4286-940E-DCA2AE9961AB} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {3A147D4D-2142-4D6A-8909-CE683B68FE9A} - System32\Tasks\{A3A353F9-9F9B-44FE-B96D-31646B313523} => pcalua.exe -a C:\Users\admin\Downloads\lgs510.exe -d C:\Users\admin\Downloads
Task: {3ACDCFF8-92A6-4952-A33F-65AF05026115} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29] (Oracle Corporation)
Task: {3BA6A0E0-A338-4CA3-B585-0615270FA949} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {41EBF101-ACE4-4536-8696-90E37984A3E8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {48B78AE7-76A1-472C-8530-AAED256A3D7D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {4B4680D9-E2FE-4D78-8188-B1D11D741EBF} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4D52F5DD-1E4E-4B32-B1B5-BD1C7C4887A1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4ED0E3B6-4DC7-469D-9BD7-A7DA52E08299} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {4FE790BC-A8CB-4349-9629-E4036E9775AF} - System32\Tasks\{39F95DBA-5A4E-4CD2-BB4A-CCE9B94F3079} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {52861456-C744-4ECB-9338-A5EEADA219FA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {557BC2D0-F3F2-4A25-B697-21EC090FDE04} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {56EA4D43-A086-4470-B96E-9FB1768E6ED3} - System32\Tasks\{78912F09-9E09-46ED-8941-11871D4D0C4F} => C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
Task: {57E88640-41B7-4F5D-B851-AFD2838B1C63} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {5E324125-D66E-4D57-8894-976BA96DA865} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5EDE42A2-4A64-484D-800F-C420FA956798} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {67E03967-E26A-4558-8EAB-94C6D7F4330E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {6CFCB68E-50BB-4EC0-85D2-F81762436F24} - System32\Tasks\{47953A5F-E19D-43A8-9964-E39351028038} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {70125431-E640-4C46-8962-AB99C000B9DD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {70278F75-C037-45E7-BF31-69E4C0C8AE56} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {70CE0011-D1AA-42E4-953D-619628912C34} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {75C6EF2C-5336-4D15-964D-A3FA8A1B8BDE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {77F56DD3-E368-46A5-953A-04C3CC67DFDB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-12] (Google Inc.)
Task: {7A28B1AA-97A0-44B4-98F5-467B1CB68A43} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7BBA2D3D-7FA5-4DB4-98CB-C570319C1451} - System32\Tasks\{BC2D6434-8781-46B3-A9A1-BA1C57245AF3} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {8838DCD1-B08E-428D-BF01-24E3B9250A53} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {88F45939-0423-4D4B-96F8-374FF864A93E} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {8B63AD8C-9FAF-4D05-AA3F-27B212A2DFCC} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8F02CB1D-35C4-4102-82B6-66D4C8008C1C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {8F430278-2F26-4A86-B85E-42AAEE59C70A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {94670801-FB2B-4E67-AF37-4058B0DCE01A} - System32\Tasks\{F602CB6B-B3B2-4743-AF06-2F66C7BE8499} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {98198969-9034-402D-A679-29DA601446CB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9D5C522B-37BD-46E3-A442-AC23F73592B2} - System32\Tasks\{5C3EC2B9-4AC5-4839-8D87-302FA3C3ACBE} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {AA88E7A4-D1C3-4D6A-A6E3-DA77B9294E7A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AC033A59-1DF9-4ED5-BCFA-794A7A14E327} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {AE2CC07B-7448-4E97-8DFB-A9AF57990CC7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AEB1413A-1D68-4FF8-926E-D120A0757E6E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation)
Task: {AFDBEA67-0843-4AB5-BD1D-9CA29F285BBD} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {B30CA99E-2FB7-4A1F-9310-5086E459D3E4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {B47DB38F-7D31-430C-9BBE-8D3C4ABF9FB3} - System32\Tasks\{7992860A-8431-4122-927D-23C50BAB92FB} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {B558C71A-7D97-4074-92B9-1D455069D76A} - System32\Tasks\{E2612081-8FB6-438B-922C-0A1CE766B7A5} => pcalua.exe -a C:\Users\admin\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=smt
Task: {B7A19E07-846D-409F-B7F6-DEEFFA568013} - System32\Tasks\{7D4F9702-F680-43B7-B33D-5D0B50533B71} => C:\Users\admin\Desktop\Generador de tarjetas\Credit wizard\Credit.exe
Task: {BA7A3D4D-05B7-4289-8E31-C295248928FE} - System32\Tasks\{45951CB7-774E-4695-A9EB-B860317AA6D3} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {C250493C-00EE-4DDB-9199-E8025EFF9C17} - System32\Tasks\Aufgaben der Ereignisanzeige\System_Service Control Manager_7001 => C:\Program Files (x86)\Dev-Cpp\devcpp.exe [2014-11-01] (Bloodshed Software)
Task: {C8F39163-2C68-480A-942F-B9FBC1D1FE6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-12] (Google Inc.)
Task: {CB36B87D-3291-4E1F-9773-48A3A334D53A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CEA0DE1F-289A-4695-A878-D208156D0A94} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {CFB8ABEC-6757-46E6-8EFC-E0BE2EDF389D} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe
Task: {D9A1225A-818F-490E-A8D2-87CDB5D762B8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation)
Task: {DD422558-2E0D-41BD-B876-DD539DF6525E} - System32\Tasks\{2B222A2F-11BC-41E4-B2DF-21B4FC5268D1} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
Task: {DE537368-396A-4F53-B6D5-96B4AD35DE41} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E2484FC4-A3C9-4BAF-8E8C-15E6D2B8018B} - System32\Tasks\{36036BFE-A7D1-4FEC-9723-E0E4A6990D8E} => pcalua.exe -a C:\Users\admin\Downloads\ensharpendecoder_win.exe -d C:\Users\admin\Downloads
Task: {E7D0D2C6-A37C-487D-A5C3-98BE9DE6BA04} - System32\Tasks\{9ECFA4AD-89C0-4631-8D5F-B2FBE5DAA7BD} => C:\Games\Rising World v0.5.3.1\Rising World.exe
Task: {EC581E02-D4D8-41BB-9CD8-CBFBF873D645} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F3B427A6-5261-478B-A816-B72D733BC307} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FBCF94F8-5346-4EBD-8FF9-0D3B616042BB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FD8AE7A9-F8A2-4A3F-8C71-265A9D8A58A9} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE90EA90-D163-4504-94C1-EDDC81748B3F} - System32\Tasks\{D7330FEA-6FA4-4A05-862C-DE04F8EE8934} => C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17] (Piriform Ltd)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV\Go to OpenIV web site.lnk -> hxxp://openiv.com/
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-12 23:34 - 2015-12-10 17:08 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-09-14 18:34 - 2016-09-30 05:24 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-14 18:34 - 2016-09-30 05:24 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-14 18:35 - 2016-09-30 05:24 - 00418240 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2015-01-19 14:51 - 2005-04-22 05:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2016-01-08 15:47 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-14 10:07 - 2016-07-01 05:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-14 10:07 - 2016-07-01 05:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-10-20 13:13 - 2016-10-12 06:56 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.59\libglesv2.dll
2016-10-20 13:13 - 2016-10-12 06:56 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.59\libegl.dll
2016-10-31 16:29 - 2016-10-31 16:30 - 00165376 _____ () C:\Users\admin\Downloads\SystemLook_x64.exe
2015-12-12 23:34 - 2016-10-31 16:21 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-12-12 23:34 - 2015-12-10 17:08 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2014-12-26 21:29 - 2016-03-23 14:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-01-08 15:48 - 2016-09-30 05:24 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-14 18:35 - 2016-09-29 18:20 - 00500792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-14 18:35 - 2016-09-29 18:20 - 02801208 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-14 18:35 - 2016-09-29 18:20 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-09-14 18:35 - 2016-09-30 05:23 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2015-08-12 16:21 - 2015-07-20 16:15 - 00057344 _____ () C:\Program Files (x86)\Skiller PRO\lan.dll
2015-08-12 16:21 - 2012-08-14 21:41 - 00061440 _____ () C:\Program Files (x86)\Skiller PRO\hiddriver.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\Temp:$DATA [16]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\sony.com -> sony.com
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-10-29 15:19 - 00003845 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\Downloads\OgFbo9.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: Amazon Music => "C:\Users\admin\AppData\Local\Amazon Music\Amazon Music Helper.exe"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "FireStormStartUpAutoRun"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\StartupFolder: => "OMSI Addon Manager.lnk"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\StartupApproved\Run: => "GalaxyClient"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{02C426C7-9C4E-4A46-BD30-BF2CB5EF4DD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{E842F5E6-2B29-4074-9BF2-B355FD57CFE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{BE839E79-17A6-44E9-BD8C-744EDA451B12}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ED4D5EED-E19E-4B6D-BBC4-BD8EEFEE7381}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8FBBDFE3-4CB1-4C44-B130-9F4E3F691FAC}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E1761EA9-656C-45B2-B863-546C635E23F1}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{669459B0-4C41-4592-8E72-A0FB0805CD8C}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{752A7395-9B28-4E39-BCF6-7E3DD8054A8F}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6B8081F3-87E9-4699-87CF-57090607BD27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{71DC30A2-BC07-4ABA-BDA2-63EEE592F38B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [UDP Query User{FF3FF898-C74B-4BCA-B925-FE7B4D0F9193}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{8AC22E5D-7405-449A-8388-77E105A7FE3F}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{A670B346-EA46-4CAC-BF18-9BEF4316F6AE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0CDA39B9-771A-404F-89FE-D53CB2DF686A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B6DDF0D4-02B1-418B-B571-607D5A78445A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7DE4A39E-7657-462E-8DD9-DE820B7DD6BD}] => (Allow) LPort=80
FirewallRules: [{ECF6FA0C-4E01-41DD-A7F2-140111367D8E}] => (Allow) LPort=443
FirewallRules: [{DE1D9E03-8B7F-4268-8F96-9D9AA50517C4}] => (Allow) LPort=20010
FirewallRules: [{6758E0B6-6176-480E-9BD0-5588169E534A}] => (Allow) LPort=3478
FirewallRules: [{E2BECC4D-BF05-4A53-8EE8-FB929BE83063}] => (Allow) LPort=7850
FirewallRules: [{5E150AAC-48A4-42EF-A89E-E176DC0A97D2}] => (Allow) LPort=7852
FirewallRules: [{B49401C2-80B7-4D07-AE02-5957A1596873}] => (Allow) LPort=7853
FirewallRules: [{88985BEC-DDAD-4887-B7CD-4F130BB6118F}] => (Allow) LPort=27022
FirewallRules: [{7BA48D57-BBD5-4901-9C1F-E5BF4AAFD049}] => (Allow) LPort=6881
FirewallRules: [{3BE55950-CB5E-4CF2-9CAC-EF312DB32D00}] => (Allow) LPort=33333
FirewallRules: [{0AAF2623-F139-4A7D-916D-4069E7F8C1AC}] => (Allow) LPort=20443
FirewallRules: [{68DA44FA-FB2A-4903-AEC6-5D94CF1B949F}] => (Allow) LPort=8090
FirewallRules: [{F8C76348-E4E0-441E-A1FF-CF88497A089F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{6FC93E4D-5540-43D1-89EB-A96BD31D0F1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{D626B09E-7F01-42A0-AD69-CC6BE3770C29}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{59D57AD8-BBF7-47F9-873E-DE7AB528406E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D38884A6-7B75-4271-AA3B-71D8920FAABE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{23707E11-254F-44DA-AD9A-5457B22B8AFA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{84A71B2D-C33C-4F54-A1EE-F65495F71620}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{6026356A-7674-43FC-8085-74D21AEC89E2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{0239E52D-A3B7-4126-B38D-13D5E4242B3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{070B69FA-53FB-42E3-BDD8-8538E7CC30B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{98106D20-060A-48F3-8359-991D1DE45EE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{D0DBCDE8-177C-4A8B-B38F-9F4B49C7C324}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{7BEC5473-494D-40F1-A37E-7A367D96E928}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{EE651D0F-2E98-4B07-BDAA-C862782EBF74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{0A5056C0-4DB0-4206-B872-924322C961B6}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{0ADABA06-D9B3-4FC5-9E64-163A4837B7F9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B881BF59-13EC-4FEB-B124-A313EE74C6B7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{EFC84F2E-9AF3-4AAD-B1CC-BADD16C6A4F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{0DF3284A-B5EB-44AF-A5EF-9FBE6A91FE96}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{98999DE2-D041-446D-B6DB-D1598A3A560C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{CA9CEFFD-7057-4EA3-8E17-4C2DA545D13A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{4D460F5B-1E4D-435A-A2D7-12DDF57B93E6}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{C2CD94CE-1158-4F41-B6C8-61F0F264BB14}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{1B41650B-8C0A-417B-9EE0-26A0CA7900DF}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{EDAACE47-D7CC-436F-B457-BC3E0D182D33}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{641126E5-7F8E-47F5-A691-E1879DE5DFFF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{BAAF648D-A884-4BDD-BFB4-7C23E3F2D419}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{6C9FBCC4-DDA9-4DD9-844C-1710FE6F0DE7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E7B3426-674E-4744-8A34-8FEC5D89E744}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{04B12B99-4B38-47DF-AFFC-5BEE580B5E06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{112ED707-0790-4C38-A0C1-47772EA9E61F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2DEC3BC6-5A7F-451C-84F4-FD5985360ECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2014\F1_2014.exe
FirewallRules: [{29D97B07-E473-46E2-9397-3B88065E54A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2014\F1_2014.exe
FirewallRules: [{8AAAC971-5D08-488F-A9CB-4C3E83EBE438}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{A4C04855-1259-4E93-95DF-B3D7ABAE27D8}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [TCP Query User{238B3ED3-2017-4B3C-8774-004E2F2B4B6A}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{24118DF0-B1A6-40F9-AF54-ADDC6D6A7696}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{182D7FB5-34AC-41B1-B80D-3E14A7C3284D}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{A38DC822-8450-4E90-B948-763473EBFE62}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{34C8DCA4-9CB4-44EB-BDA4-2243B6A94638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{460924A2-DAB1-4BDE-B6F1-EBDAE9624B00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{52E7285A-54BF-4106-B38A-D532E6665E86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{55C59A32-7325-4163-9BBA-CECB8AC28884}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{69AADE24-7EB2-4BA0-B3E2-5022DBB3A73F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{4650E401-DB1C-4EE4-83FF-38ADA29F2284}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{D00893C0-8221-4E36-AE8E-207288F031D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{9FF1999F-00BA-459E-AE40-2778EB9B185F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{7D58F99F-B3EE-401F-9AAD-2F279AD69E15}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DDFC01D2-2BFA-4485-B57F-A3D08551180F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D12B0F98-80C9-414C-9231-12FF2EBD8733}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{9733224E-A078-49E6-964F-6532CBB534D0}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{C2A1FE85-9E02-45CC-AD6F-848DC061BD60}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{CFD11295-DA2F-430B-882A-978CE9849D24}] => (Block) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{6B332141-CA19-461B-AD50-22159F724AFA}] => (Block) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{9958D6F7-0D3E-439E-948B-1DA972AE7C93}] => (Allow) LPort=8317
FirewallRules: [{E2363DDC-96F7-4E0E-862B-0174D03365D5}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{459DC2E5-725B-42DD-8765-1001B4E93F6D}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [TCP Query User{41731BD2-7856-4EC2-8C24-868437B044B5}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5A1E15B3-7ABC-42A3-8DEC-94BCC3EE5989}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9C8281FE-3507-4B1B-96D5-1D4B179C6794}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{393A4BCA-8F94-4A5F-85EF-946A9827A55A}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7E95AA5A-3F59-4CA4-96C2-81D1682A08CD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{815E643C-390A-46F8-8F85-5E9E6F7473F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{160CD63E-1ED4-4CFB-A225-6D27F11A3F1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{7113C531-C03B-4057-B84A-C9CA43320428}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D0C966EC-3480-46FC-A3A5-4DF6EAC62FBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{44561A87-45DB-4C4D-8EF4-40DEAF86E3C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
==================== Wiederherstellungspunkte =========================
29-10-2016 22:09:58 Removed Vegas Pro 12.0 (64-bit)
30-10-2016 12:22:32 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/31/2016 05:19:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 05:19:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 05:19:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 05:19:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HxTsr.exe, Version: 16.0.7369.4079, Zeitstempel: 0x57fd796c
Name des fehlerhaften Moduls: Mso20Imm.dll, Version: 16.0.7329.1013, Zeitstempel: 0x57e535af
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005567d
ID des fehlerhaften Prozesses: 0x44c
Startzeit der fehlerhaften Anwendung: 0x01d2339280be4373
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7369.40791.0_x64__8wekyb3d8bbwe\HxTsr.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7369.40791.0_x64__8wekyb3d8bbwe\Mso20Imm.dll
Berichtskennung: 9cb70f8c-303e-4e03-8c02-e6fb1dddda7f
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.7369.40791.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (10/31/2016 05:19:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 05:19:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 05:19:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 05:19:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HxTsr.exe, Version: 16.0.7369.4079, Zeitstempel: 0x57fd796c
Name des fehlerhaften Moduls: Mso20Imm.dll, Version: 16.0.7329.1013, Zeitstempel: 0x57e535af
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005567d
ID des fehlerhaften Prozesses: 0x8d0
Startzeit der fehlerhaften Anwendung: 0x01d233927dbb797a
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7369.40791.0_x64__8wekyb3d8bbwe\HxTsr.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7369.40791.0_x64__8wekyb3d8bbwe\Mso20Imm.dll
Berichtskennung: ac6601a9-7659-4860-aa22-5f0093515d7e
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.7369.40791.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (10/31/2016 05:17:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ADMIN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/31/2016 05:17:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Microsoft.Photos.exe, Version: 1.0.1607.22006, Zeitstempel: 0x57929979
Name des fehlerhaften Moduls: mrt100_app.dll, Version: 1.0.23901.0, Zeitstempel: 0x56d4ea70
Ausnahmecode: 0xc0000602
Fehleroffset: 0x000000000000329f
ID des fehlerhaften Prozesses: 0xf4
Startzeit der fehlerhaften Anwendung: 0x01d2339237f4628c
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.1.3_1.3.23901.0_x64__8wekyb3d8bbwe\mrt100_app.dll
Berichtskennung: 1565caf1-65ca-4bf8-b319-78283132204b
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Systemfehler:
=============
Error: (10/31/2016 05:19:09 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:19:06 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:19:06 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:19:02 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:19:01 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:19:01 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:17:11 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:17:05 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:17:04 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/31/2016 05:17:04 PM) (Source: DCOM) (EventID: 10010) (User: ADMIN-PC)
Description: Der Server "Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2016-10-30 12:18:27.360
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 12:18:27.348
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 12:18:27.337
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 12:18:27.055
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 12:18:26.677
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 11:58:22.472
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 11:58:22.462
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 11:58:22.451
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 11:58:21.988
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-10-30 11:58:21.894
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 8129.95 MB
Verfügbarer physikalischer RAM: 4427.31 MB
Summe virtueller Speicher: 16321.95 MB
Verfügbarer virtueller Speicher: 12898.93 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.44 GB) (Free:250.32 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive h: (Tevion) (Removable) (Total:7.4 GB) (Free:6.56 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3B0461CD)
Partition 1: (Active) - (Size=203 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 2 (Size: 7.4 GB) (Disk ID: 66205247)
No partition Table on disk 2.
==================== Ende von Addition.txt ============================ FRST: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2016
durchgeführt von admin (Administrator) auf ADMIN-PC (31-10-2016 17:28:54)
Gestartet von C:\Users\admin\Desktop
Geladene Profile: admin (Verfügbare Profile: admin & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Sharkoon Technologies) C:\Program Files (x86)\Skiller PRO\Monitor.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Users\admin\Downloads\SystemLook_x64.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1842624 2016-09-30] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-02-28] (Power Software Ltd)
HKLM-x32\...\Run: [Skiller PRO] => C:\Program Files (x86)\Skiller PRO\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278528 2015-12-07] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [Spotify Web Helper] => C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1483888 2016-10-19] (Spotify Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [Spotify] => C:\Users\admin\AppData\Roaming\Spotify\Spotify.exe [6884976 2016-10-19] (Spotify Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [4090944 2016-09-20] (GOG.com)
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\...\MountPoints2: {4c30d469-9739-11e4-bb0a-382c4a739a73} - "F:\pushinst.exe"
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1aec2684-a865-4e41-9c8d-e825774221ec}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{1aec2684-a865-4e41-9c8d-e825774221ec}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5f030b30-5b32-48cf-92e1-9d9ca305ca6d}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8ba5c6f2-89a0-4423-9b49-1493df0677f5}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131124827243312315&GUID=5059F630-8847-C004-A9EE-042B72110A1F
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2499327049-1345700090-1954953358-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131124827243338633&GUID=5059F630-8847-C004-A9EE-042B72110A1F
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\grq6bzao.default [2016-10-31]
FF Extension: (Adblock Plus) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\grq6bzao.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-28]
FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{8C679308-89F3-402C-9323-8D9B3B6D57B2}] - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi
FF Extension: (Recordify Title Discover) - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi [2016-01-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-12] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: lejutplovshprohey
CHR StartupUrls: lejutplovshprohey -> "hxxps://www.google.de/"
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit [2016-10-31] <==== ACHTUNG
CHR Extension: (Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-12]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-12]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-12]
CHR Extension: (Google Mail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-12]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey [2016-10-31] <==== ACHTUNG
CHR Extension: (Google Präsentationen) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-31]
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-31]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-31]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-31]
CHR Extension: (Google Tabellen) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-31]
CHR Extension: (Google Docs Offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-31]
CHR Extension: (Recordify Title Discover) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\kkgbclpocodjecojibeaaglcgndegljl [2016-10-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-31]
CHR Extension: (Amazon) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2016-10-31]
CHR Extension: (Google Mail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-31]
CHR HKLM-x32\...\Chrome\Extension: [kkgbclpocodjecojibeaaglcgndegljl] - C:\Program Files (x86)\Recordify\Extensions\recordify_chrome_0.3.18.crx [2016-09-17]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\admin\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-12-28]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2015-12-10] ()
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave Ltd.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [281152 2016-09-20] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6411840 2016-09-19] (GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-09-30] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-09-04] (Electronic Arts)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 vmicvss; C:\WINDOWS\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 abelssoft_recordify; C:\WINDOWS\system32\drivers\recordify.sys [68536 2016-03-30] (Abelssoft)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-12-10] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-04-10] (Phoenix Technologies) [Datei ist nicht signiert]
S3 fwlanusb5; C:\WINDOWS\system32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH) [Datei ist nicht signiert]
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-30] (Malwarebytes)
R3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2196480 2015-10-30] (MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-09-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-09-02] (NVIDIA Corporation)
S3 PVUSB; C:\WINDOWS\System32\drivers\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2000-01-01] (Realtek )
S3 scramby; C:\WINDOWS\System32\drivers\scramby.sys [29480 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\WINDOWS\System32\drivers\scramby_out.sys [34336 2007-08-08] (RapidSolution Software AG)
R3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
R3 Sftfs; C:\WINDOWS\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation)
R3 Sftplay; C:\WINDOWS\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation)
R3 Sftredir; C:\WINDOWS\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation)
R3 Sftvol; C:\WINDOWS\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2000-01-01] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102576 2015-08-26] ()
S1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25904 2015-08-26] ()
S1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [701232 2015-08-26] ()
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Datei ist nicht signiert]
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-10-31 17:28 - 2016-10-31 17:28 - 00013070 _____ C:\Users\admin\Desktop\SystemLook.txt
2016-10-31 17:19 - 2016-10-31 17:27 - 00013068 _____ C:\Users\admin\Downloads\SystemLook.txt
2016-10-31 16:29 - 2016-10-31 16:30 - 00165376 _____ C:\Users\admin\Downloads\SystemLook_x64.exe
2016-10-31 16:29 - 2016-10-31 16:29 - 00165376 _____ C:\Users\admin\Downloads\SystemLook_x64 (2).exe
2016-10-31 16:29 - 2016-10-31 16:29 - 00165376 _____ C:\Users\admin\Downloads\SystemLook_x64 (1).exe
2016-10-31 16:27 - 2016-10-31 16:28 - 424747146 _____ C:\Users\admin\Desktop\Quarantine.zip
2016-10-31 16:26 - 2016-10-31 16:26 - 00001058 _____ C:\Users\admin\Desktop\Windows Defender.lnk
2016-10-31 16:20 - 2016-10-31 16:20 - 00029104 _____ C:\Users\admin\Desktop\Fixlog.txt
2016-10-31 15:54 - 2016-10-31 15:54 - 00000000 ____D C:\Users\admin\Desktop\FRST-OlderVersion
2016-10-30 21:27 - 2016-10-30 21:28 - 00397804 _____ C:\WINDOWS\Minidump\103016-21390-01.dmp
2016-10-30 21:27 - 2016-10-30 21:27 - 878092529 _____ C:\WINDOWS\MEMORY.DMP
2016-10-30 12:29 - 2016-10-31 17:28 - 00022539 _____ C:\Users\admin\Desktop\FRST.txt
2016-10-30 12:29 - 2016-10-31 15:57 - 00069038 _____ C:\Users\admin\Desktop\Addition.txt
2016-10-30 12:25 - 2016-10-30 12:25 - 00001191 _____ C:\Users\admin\Desktop\JRT.txt
2016-10-30 12:18 - 2016-10-30 12:18 - 00001196 _____ C:\Users\admin\Desktop\mbam.txt
2016-10-30 12:01 - 2016-10-30 12:01 - 00002340 _____ C:\Users\admin\Desktop\AdwCleaner[C4].txt
2016-10-30 11:51 - 2016-10-30 12:22 - 01631928 _____ (Malwarebytes) C:\Users\admin\Desktop\JRT.exe
2016-10-30 11:50 - 2016-10-30 11:51 - 01631928 _____ (Malwarebytes) C:\Users\admin\Downloads\JRT.exe
2016-10-30 11:48 - 2016-10-30 11:49 - 22851472 _____ (Malwarebytes ) C:\Users\admin\Downloads\mbam-setup-2.2.1.1043.exe
2016-10-30 11:47 - 2016-10-30 11:51 - 03910208 _____ C:\Users\admin\Desktop\AdwCleaner_6.030 (1).exe
2016-10-30 11:47 - 2016-10-30 11:47 - 03910208 _____ C:\Users\admin\Downloads\AdwCleaner_6.030 (1).exe
2016-10-29 22:05 - 2016-10-31 17:28 - 00000000 ____D C:\FRST
2016-10-29 22:04 - 2016-10-31 15:54 - 02408960 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2016-10-29 22:04 - 2016-10-29 22:04 - 02408448 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2016-10-29 21:57 - 2016-10-29 21:57 - 00036731 _____ C:\Users\admin\Downloads\Logs.rar
2016-10-29 20:10 - 2016-10-29 20:11 - 00406582 _____ C:\Users\admin\Downloads\startmenu.diagcab
2016-10-29 15:33 - 2016-10-29 15:33 - 03910208 _____ C:\Users\admin\Downloads\adwcleaner_6.030.exe
2016-10-29 15:28 - 2016-10-29 15:28 - 00041208 _____ C:\Users\admin\Documents\cc_20161029_162824.reg
2016-10-29 11:57 - 2016-10-29 11:57 - 00002210 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-10-29 11:57 - 2016-10-25 21:00 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-10-29 11:57 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-10-29 11:57 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-10-29 11:57 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-10-29 11:57 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-10-29 11:56 - 2016-10-29 11:56 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-10-29 11:54 - 2016-10-26 02:09 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 40123840 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 35224632 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 28202040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 20718400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 17577728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 14516216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 10912232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 10782952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 10332664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 09120512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 08913512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 08723968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 02940352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 02574784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437570.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437570.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00617696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00572584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00470584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00390200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00384448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00172920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00153184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00150784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00131720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-10-29 11:54 - 2016-10-25 22:40 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-10-29 11:54 - 2016-10-25 22:40 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-10-26 15:20 - 2016-10-26 15:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-25 19:41 - 2016-10-25 19:41 - 13165792 _____ (Microsoft Corporation) C:\Users\admin\Downloads\Silverlight_x64.exe
2016-10-24 15:04 - 2016-10-24 15:09 - 00009631 _____ C:\Users\admin\Documents\Italiensich Spicker v.1.odt
2016-10-20 13:47 - 2016-10-20 13:47 - 00071140 _____ C:\Users\admin\Downloads\TradeMan 1.22h4-6-1-22.zip
2016-10-20 13:41 - 2016-10-20 13:42 - 38827969 _____ C:\Users\admin\Downloads\E3FX V7-23-7.zip
2016-10-20 13:37 - 2016-10-20 13:38 - 41576087 _____ C:\Users\admin\Downloads\E3FX 8.5 (Alternative Bloom)-23-8-5.zip
2016-10-20 13:33 - 2016-10-20 13:33 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2 (2).exe
2016-10-20 13:32 - 2016-10-20 13:33 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2 (1).exe
2016-10-20 13:22 - 2016-10-20 13:22 - 03879936 _____ (crosire) C:\Users\admin\Downloads\ReShade_Setup_3.0.2.exe
2016-10-18 16:37 - 2016-10-18 16:38 - 02891915 _____ C:\Users\admin\Downloads\Fair Sale - Better sale prices v1.03 -4-1-03.7z
2016-10-10 18:01 - 2016-10-01 22:11 - 01935808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437306.dll
2016-10-10 18:01 - 2016-10-01 22:11 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437306.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-10-31 17:19 - 2015-01-13 17:44 - 00000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2016-10-31 16:27 - 2015-12-12 23:39 - 02087808 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-31 16:27 - 2015-10-30 19:35 - 00888452 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-31 16:27 - 2015-10-30 19:35 - 00197278 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-31 16:27 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-10-31 16:22 - 2016-08-12 17:27 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-31 16:22 - 2015-12-12 23:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-31 16:21 - 2015-12-12 23:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-31 16:20 - 2015-10-30 07:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-10-31 15:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-31 15:04 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-30 21:27 - 2016-01-16 20:44 - 00000000 ____D C:\WINDOWS\Minidump
2016-10-30 21:22 - 2014-12-25 18:09 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-30 15:11 - 2016-09-07 13:12 - 00000000 ____D C:\Users\admin\Documents\The Witcher 3
2016-10-30 12:55 - 2015-01-24 12:20 - 00000000 ____D C:\Users\admin\AppData\Roaming\TS3Client
2016-10-30 12:03 - 2015-01-11 15:40 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-30 11:59 - 2016-07-08 21:51 - 00000008 __RSH C:\Users\admin\ntuser.pol
2016-10-30 11:59 - 2016-07-08 21:11 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-10-30 11:59 - 2015-12-12 23:40 - 00000000 ____D C:\Users\admin
2016-10-30 11:59 - 2015-08-01 17:21 - 00000000 ____D C:\AdwCleaner
2016-10-30 11:50 - 2015-07-09 11:23 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-10-30 11:50 - 2015-01-11 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-10-30 11:50 - 2015-01-11 15:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-10-29 20:11 - 2015-01-25 18:59 - 00000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2016-10-29 15:57 - 2016-09-18 11:48 - 00000000 ____D C:\ProgramData\updater2
2016-10-29 15:42 - 2015-12-12 23:30 - 04995152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-29 15:27 - 2016-01-21 16:52 - 00000000 ____D C:\Program Files\CCleaner
2016-10-29 11:57 - 2016-09-04 11:58 - 00000000 ____D C:\WINDOWS\LastGood
2016-10-29 11:57 - 2016-01-08 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-10-29 11:57 - 2015-12-12 23:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-10-29 11:56 - 2015-12-12 23:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-10-29 11:56 - 2015-12-12 23:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-29 11:56 - 2015-04-07 21:02 - 00000000 ____D C:\Users\admin\AppData\Local\NVIDIA Corporation
2016-10-28 02:22 - 2010-11-21 04:27 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-10-26 23:16 - 2016-01-08 15:46 - 14159928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-10-26 15:36 - 2014-11-08 17:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-26 15:36 - 2014-11-08 17:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-26 15:36 - 2014-11-08 17:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-26 14:28 - 2014-12-27 19:56 - 00000000 ____D C:\Users\admin\AppData\Local\TeamSpeak 3 Client
2016-10-26 02:09 - 2015-11-12 17:25 - 01595456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-10-26 02:09 - 2015-11-12 17:25 - 00212936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-10-25 22:40 - 2016-01-08 15:46 - 24365624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-10-25 22:40 - 2016-01-08 15:46 - 03927288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-10-25 22:40 - 2016-01-08 15:46 - 03468736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-10-25 22:40 - 2016-01-08 15:46 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2016-10-25 21:17 - 2016-01-08 15:47 - 06386232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-10-25 21:17 - 2016-01-08 15:47 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-10-25 21:13 - 2016-09-14 18:34 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-10-25 19:41 - 2014-11-08 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-24 07:31 - 2016-01-08 15:47 - 07507695 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-10-21 10:23 - 2016-09-08 13:08 - 00002004 _____ C:\Users\admin\Desktop\The Witcher® 3 - Wild Hunt.lnk
2016-10-20 13:13 - 2016-08-12 17:28 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-20 13:13 - 2016-08-12 17:28 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-19 22:00 - 2016-04-07 18:50 - 00000000 ____D C:\Users\admin\AppData\Local\Spotify
2016-10-19 21:58 - 2016-09-17 08:53 - 00000000 ____D C:\Users\admin\Documents\Recordify
2016-10-19 21:32 - 2016-04-07 18:49 - 00000000 ____D C:\Users\admin\AppData\Roaming\Spotify
2016-10-18 16:42 - 2016-09-23 13:09 - 00000931 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-10-18 16:42 - 2016-09-23 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-10-18 16:42 - 2016-09-23 13:09 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-10-10 17:46 - 2016-09-22 17:17 - 00003736 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:35 - 00003924 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:35 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-10-10 17:46 - 2016-09-14 18:34 - 00003988 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:34 - 00003960 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:34 - 00003898 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-10 17:46 - 2016-09-14 18:34 - 00003694 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-06 17:53 - 2016-09-04 18:11 - 00000000 ____D C:\Users\admin\Desktop\Memes
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-22 17:24 - 2015-04-22 17:24 - 0549471 _____ () C:\Program Files\vac414demo.zip
2014-10-10 13:07 - 2014-10-10 13:07 - 0000000 _____ () C:\Users\admin\AppData\Roaming\gdfw.log
2014-10-10 13:07 - 2014-10-10 13:07 - 0000779 _____ () C:\Users\admin\AppData\Roaming\gdscan.log
2016-03-20 13:57 - 2016-03-20 13:57 - 0003584 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-10 14:36 - 2015-04-10 14:36 - 0000058 _____ () C:\Users\admin\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-05-26 20:44 - 2015-12-12 17:05 - 0007601 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2015-12-12 23:35 - 2015-12-12 23:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-30 19:56 - 2015-03-01 19:57 - 0000032 ____R () C:\ProgramData\hash.dat
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\hash.dat
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-22 14:01
==================== Ende von FRST.txt ============================ Systemlook: Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 17:19 on 31/10/2016 by admin
Administrator - Elevation successful
========== filefind ==========
Searching for "*SlimWare*"
No files found.
Searching for "*DriverSetupUtility*"
No files found.
Searching for "*lejutplovshprohey*"
No files found.
Searching for "*berjuspgraatherfufi*"
No files found.
========== folderfind ==========
Searching for "*SlimWare*"
No folders found.
Searching for "*DriverSetupUtility*"
No folders found.
Searching for "*lejutplovshprohey*"
C:\FRST\Quarantine\C\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey d------ [14:44 25/12/2014]
C:\Users\admin\AppData\Local\Google\Chrome\User Data\lejutplovshprohey d------ [15:23 31/10/2016]
Searching for "*berjuspgraatherfufi*"
C:\Users\admin\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit d------ [20:15 12/07/2016]
========== regfind ==========
Searching for "SlimWare"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\952BA647474611149866C1269F6A0E36\InstallProperties]
"Publisher"="SlimWare Utilities, Inc."
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{746AB259-6474-4111-8966-1C62F9A6E063}]
"Publisher"="SlimWare Utilities, Inc."
Searching for "DriverSetupUtility"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\DriverSetupUtility\FUB\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\DriverSetupUtility\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BCA54414D85CCD4BA470C00DF8ABE34]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\FUB.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1581BD06EE19F0A49A756BCC0E523251]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\LiveUpdate.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\413C9810C8243BA46ACD761B24057875]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\DiagnosticEvent.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4661330A6D81B0F4E9C43623EF6E1690]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\LogDebug.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\533EE321A4198764E85F9A7EA50BB1FB]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\ACCPlugin.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5A95336BE4C06E64DBD1282AC156E221]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\LogDll.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\651B665F1569DCB4792824703B812035]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\SharpBITS.Base.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65546D56A04F9E44F94E17DB3AE653DD]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\FUB.bat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\80266C0C4DCE4CD4689BF2E086645DB6]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\82B714016F6354A49A293D740A529A06]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\ManagedNativeUtilities.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C78AEE94E49F3F4FB42B8869274C2BB]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\DiagnosticPlugin.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6CB15808A8754749B4C65A7478EC402]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\ADCommonType.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C96C454C7299FFB4CB9FAB84D515A053]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\LiveUpdateChecker.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1F0A5CD4BBDC4D4B8029209B07C046B]
"A38C15B2D5649AE4C9CDE19DE50DA96C"="C:\Program Files\DriverSetupUtility\FUB\ACCUtilities.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}]
"Comments"=" DriverSetupUtility"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}]
"InstallLocation"="C:\Program Files\Other\Other DriverSetupUtility\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}]
"UninstallString"="Msiexec.exe /i {2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6} ACER=1 PRODUCTNAME=" DriverSetupUtility" REMOVEUSEC=1 BOOTSTRATOR=1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}]
"DisplayName"=" DriverSetupUtility"
Searching for "lejutplovshprohey"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search]
"JumpListChangedAppIds"="Microsoft.Windows.ControlPanel Chrome.UserData.lejutplovshprohey {6D809377-6AF0-444B-8957-A3773F02200E}\CCleaner\CCleaner64.exe E7CF176E110C211B {7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Steam\Steam.exe {6D809377-6AF0-444B-8957-A3773F02200E}\WinRAR\WinRAR.exe {1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\notepad.exe"
[HKEY_USERS\S-1-5-21-2499327049-1345700090-1954953358-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Search]
"JumpListChangedAppIds"="Microsoft.Windows.ControlPanel Chrome.UserData.lejutplovshprohey {6D809377-6AF0-444B-8957-A3773F02200E}\CCleaner\CCleaner64.exe E7CF176E110C211B {7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Steam\Steam.exe {6D809377-6AF0-444B-8957-A3773F02200E}\WinRAR\WinRAR.exe {1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\notepad.exe"
Searching for "berjuspgraatherfufi"
No data found.
-= EOF =- MfG, |