Hier der FRST.txt :
FRST Logfile: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
durchgeführt von Aruran (Administrator) auf ARU (04-01-2017 13:32:35)
Gestartet von C:\Users\Aruran\Desktop
Geladene Profile: Aruran & Administrator (Verfügbare Profile: Aruran & Administrator)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes) D:\Anti-Malware\MBAMService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Malwarebytes) D:\Anti-Malware\mbamtray.exe
() C:\Program Files\ZAUU1FC4ZY\ZAUU1FC4Z.exe
() C:\Program Files\NSWWDIN18Z\NSWWDIN18.exe
() C:\Program Files\2LA9XOQK4R\2LA9XOQK4.exe
() C:\Program Files\Z06UCTZZ10\Z06UCTZZ1.exe
() C:\Users\Aruran\AppData\Local\Temp\NBGTI2CFT\NBGTI2CFT.exe
() C:\Program Files\G5NV6PMZQY\TUTAEOS0P.exe
() C:\Program Files\2UPOF0VUZ8\2UPOF0VUZ.exe
() C:\Program Files\H1ASR0KVAA\H1ASR0KVA.exe
() C:\Users\Aruran\AppData\Local\Temp\Y7QHIVYEP\Y7QHIVYEP.exe
() C:\Users\Aruran\AppData\Local\Temp\5ANZUSRV6\5ANZUSRV6.exe
() C:\Program Files\WSYN11RTPB\WSYN11RTP.exe
() C:\Users\Aruran\AppData\Local\Temp\O07ST4XN6\O07ST4XN6.exe
(Mega Limited) C:\Users\Aruran\AppData\Local\MEGAsync\MEGAsync.exe
(Roccat GmbH) C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.exe
(Spotify Ltd) C:\Users\Aruran\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16102.10341.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => D:\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-03-25] (Raptr, Inc)
HKLM-x32\...\Run: [RoccatKova+] => C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE [539688 2011-03-17] (Roccat GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [Spotify] => C:\Users\Aruran\AppData\Roaming\Spotify\Spotify.exe [7153264 2017-01-04] (Spotify Ltd)
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [Spotify Web Helper] => C:\Users\Aruran\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2017-01-04] (Spotify Ltd)
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-06-22] (Disc Soft Ltd)
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [RRRV2SMXUP] => C:\Program Files\ZAUU1FC4ZY\ZAUU1FC4Z.exe [369664 2017-01-01] ()
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [1HNLNTZGDW] => C:\Program Files\NSWWDIN18Z\NSWWDIN18.exe [369664 2017-01-01] ()
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [4YFG394BZN] => C:\Program Files\2LA9XOQK4R\2LA9XOQK4.exe [369664 2017-01-01] ()
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [SA9EN75ICN] => C:\Program Files\Z06UCTZZ10\Z06UCTZZ1.exe [369664 2017-01-01] ()
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [DVQCLJMAEQ] => C:\Users\Aruran\AppData\Local\Temp\NBGTI2CFT\NBGTI2CFT.exe [369664 2017-01-01] () <===== ACHTUNG
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [AWFREW3ZKU] => C:\Program Files\394AHT7JYC\394AHT7JY.exe [369664 2017-01-01] ()
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [7VT3UPTOXR] => C:\Program Files\G5NV6PMZQY\TUTAEOS0P.exe [369664 2017-01-01] ()
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [48ALI829O4] => C:\Program Files\2UPOF0VUZ8\2UPOF0VUZ.exe [369664 2017-01-01] ()
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [B9FKZYJYPU] => C:\Program Files\H1ASR0KVAA\H1ASR0KVA.exe [369664 2017-01-01] ()
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [CIR0HP9PPD] => C:\Users\Aruran\AppData\Local\Temp\Y7QHIVYEP\Y7QHIVYEP.exe [369664 2017-01-01] () <===== ACHTUNG
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [0AYADRMO1L] => C:\Users\Aruran\AppData\Local\Temp\5ANZUSRV6\5ANZUSRV6.exe [369664 2017-01-01] () <===== ACHTUNG
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [HIG670TBSL] => C:\Program Files\WSYN11RTPB\WSYN11RTP.exe [369664 2017-01-01] ()
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Run: [PM1WKY2Y7U] => C:\Users\Aruran\AppData\Local\Temp\O07ST4XN6\O07ST4XN6.exe [369664 2017-01-01] () <===== ACHTUNG
HKU\S-1-5-21-3707763914-2828650107-2775741400-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
ShellExecuteHooks: Kein Name - {0E1572E8-CC3F-11E6-87D6-64006A5CFC23} - C:\Users\Aruran\AppData\Roaming\Lokiied\Coizis.dll -> Keine Datei
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Aruran\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Aruran\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Aruran\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Aruran\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Aruran\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Aruran\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
Startup: C:\Users\Aruran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-09-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Aruran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-07-25]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Aruran\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{a7a15b2f-a811-11e5-afad-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{be3dac52-00a2-4d01-92bc-b7116305b3b7}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{be3dac52-00a2-4d01-92bc-b7116305b3b7}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-3707763914-2828650107-2775741400-500\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001 -> {9FFEE954-DB75-492A-B1CA-BA23C9B83007} URL = hxxp://www.searchpage.com/index.php?v=n11.12.1.194&os_mj=10&os_mn=0&os_bitness=64&f=oJKf752nbc76&keywords={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-09] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-09] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-07-13] (DVDVideoSoft Ltd.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF DefaultProfile: zxukvx4r.default
FF ProfilePath: C:\Users\Aruran\AppData\Roaming\Mozilla\Firefox\Profiles\zxukvx4r.default [2017-01-02]
FF user.js: detected! => C:\Users\Aruran\AppData\Roaming\Mozilla\Firefox\Profiles\zxukvx4r.default\user.js [2015-12-11]
FF Keyword.URL: Mozilla\Firefox\Profiles\zxukvx4r.default -> user_pref("keyword.URL", true);
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-09] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Aruran\AppData\LocalLow\Sony Online Entertainment\npsoe.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3707763914-2828650107-2775741400-1001: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Aruran\AppData\LocalLow\Sony Online Entertainment\npsoe.dll [Keine Datei]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\Aruran\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-01-03] <==== ACHTUNG
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Aruran\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-01]
CHR Extension: (Chrome Media Router) - C:\Users\Aruran\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-03]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR StartupUrls: "hxxp://Google.com/hm?eq=U0EeCFZVBB8SRghGIVsBAgFAQhhGd1hZTA0VFVAOIgtcBRQUQwVCdVoPWQ8TQgwFIk0FA1oDB0VXfV5bFElXTwhkMlxZFX8YT1E="
OPR Session Restore: -> ist aktiviert.
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-09-16] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-04-21] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-03-14] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
S3 iThemes5; C:\Program Files (x86)\Common Files\Services\iThemes.dll [564736 2017-01-04] () [Datei ist nicht signiert] <==== ACHTUNG
R2 Janersharemeing; C:\Program Files (x86)\Delyqgach\cktcontrols.dll [177152 2017-01-01] () [Datei ist nicht signiert]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625640 2015-04-24] (Lenovo)
R2 MBAMService; D:\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-09] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-08-14] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-08-31] (Razer Inc.)
R2 Themes; C:\WINDOWS\system32\themeservice.dll [59392 2015-10-30] (Microsoft Corporation) [DependOnService: iThemes5]<==== ACHTUNG
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2015-06-25] (TuneUp Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation)
S2 Archer; C:\Program Files (x86)\WinArcher\Archer.dll [X]
S2 WinSAPSvc; C:\ProgramData\WinSAPSvc\WinSAP.dll [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-07-24] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-07-24] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R3 KovaPlusFltr; C:\WINDOWS\system32\drivers\KovaPlusFltr.sys [15104 2010-01-25] (ROCCAT Development, Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-01] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-01-03] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-03] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [250816 2017-01-03] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-04] (Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [31144 2015-06-04] (TuneUp Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-04 13:32 - 2017-01-04 13:32 - 00021398 _____ C:\Users\Aruran\Desktop\FRST.txt
2017-01-04 13:32 - 2017-01-04 13:32 - 00000000 ____D C:\FRST
2017-01-04 13:31 - 2017-01-04 13:32 - 02418176 _____ (Farbar) C:\Users\Aruran\Desktop\FRST64.exe
2017-01-04 12:39 - 2017-01-04 12:39 - 00000000 ____D C:\ProgramData\WinSAPSvc
2017-01-04 12:39 - 2017-01-04 12:39 - 00000000 ____D C:\Program Files (x86)\WinArcher
2017-01-04 12:39 - 2017-01-04 12:39 - 00000000 ____D C:\Program Files (x86)\ks6ywgdk
2017-01-04 12:39 - 2017-01-04 12:39 - 00000000 ____D C:\Program Files (x86)\Gubed
2017-01-03 13:03 - 2017-01-03 12:55 - 276458601 ____N C:\Users\Aruran\Desktop\#32 Varo 4.mp4
2017-01-03 12:48 - 2017-01-03 12:53 - 179602814 _____ C:\Users\Aruran\Downloads\DER PALUTEN SNIPE.. • Minecraft VARO 4 _30 _ Fazon.mp4
2017-01-02 15:42 - 2016-11-22 10:24 - 02938408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-01-02 15:42 - 2016-11-22 10:17 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-01-02 15:42 - 2016-11-22 10:16 - 00064072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-01-02 15:42 - 2016-11-22 09:49 - 02195640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-01-02 15:42 - 2016-11-22 09:48 - 01522672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-01-02 15:42 - 2016-11-22 09:47 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-01-02 15:42 - 2016-11-22 09:47 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-01-02 15:42 - 2016-11-22 09:12 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-01-02 15:42 - 2016-11-22 08:54 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2017-01-02 15:42 - 2016-11-22 08:41 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-01-02 15:42 - 2016-11-22 08:38 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-01-02 15:42 - 2016-11-22 08:26 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-01-02 15:42 - 2016-11-22 08:21 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-01-02 15:42 - 2016-11-22 07:59 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-01-02 15:42 - 2016-11-22 07:55 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-01-02 15:42 - 2016-11-22 07:35 - 19350016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-02 15:42 - 2016-11-22 07:34 - 18670080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-02 15:42 - 2016-11-22 07:34 - 12134400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-01-02 15:42 - 2016-11-22 07:32 - 03663872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-01-02 15:42 - 2016-11-22 07:17 - 05658624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-02 15:39 - 2016-11-22 11:03 - 01777280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-01-02 15:39 - 2016-11-22 09:50 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-01-02 15:39 - 2016-11-22 09:32 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-02 15:39 - 2016-11-22 09:04 - 03587584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-02 15:38 - 2016-11-22 11:38 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-02 15:38 - 2016-11-22 11:38 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-01-02 15:38 - 2016-11-22 11:02 - 01399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-01-02 15:38 - 2016-11-22 10:32 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-01-02 15:38 - 2016-11-22 09:54 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-01-02 15:38 - 2016-11-22 09:20 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-01-02 15:38 - 2016-11-22 08:36 - 00766464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-01-02 15:38 - 2016-11-22 08:14 - 04895744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-01-02 15:38 - 2016-11-22 07:49 - 07839232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-02 15:37 - 2016-11-22 11:43 - 03692040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-01-02 15:37 - 2016-11-22 11:35 - 00609056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-02 15:37 - 2016-11-22 09:59 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-02 15:37 - 2016-11-22 09:35 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-01-02 15:37 - 2016-11-22 09:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-01-02 15:37 - 2016-11-22 08:57 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-01-02 15:37 - 2016-11-22 08:26 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-02 15:37 - 2016-11-22 08:15 - 22373376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-02 15:37 - 2016-11-22 08:02 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-02 15:37 - 2016-11-22 08:01 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-01-02 15:36 - 2016-11-22 12:42 - 00384864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-01-02 15:36 - 2016-11-22 11:36 - 00159640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-01-02 15:36 - 2016-11-22 11:35 - 00075448 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-01-02 15:36 - 2016-11-22 11:04 - 02549456 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-01-02 15:36 - 2016-11-22 11:02 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-01-02 15:36 - 2016-11-22 10:21 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2017-01-02 15:36 - 2016-11-22 10:13 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2017-01-02 15:36 - 2016-11-22 10:00 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2017-01-02 15:36 - 2016-11-22 09:55 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-01-02 15:36 - 2016-11-22 08:53 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-01-01 21:39 - 2017-01-01 22:14 - 00000306 __RSH C:\ProgramData\ntuser.pol
2017-01-01 21:28 - 2017-01-04 12:56 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-01-01 21:28 - 2017-01-03 22:17 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-01 21:28 - 2017-01-03 22:17 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-01-01 21:28 - 2017-01-03 22:17 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-01-01 21:28 - 2017-01-01 21:28 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-01-01 21:28 - 2017-01-01 21:28 - 00000645 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-01 21:28 - 2017-01-01 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-01 21:28 - 2017-01-01 21:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-01 21:28 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-01 21:06 - 2017-01-03 22:16 - 00000000 ____D C:\AdwCleaner
2017-01-01 20:45 - 2017-01-01 20:45 - 00000000 ____D C:\Program Files\WSYN11RTPB
2017-01-01 20:42 - 2017-01-01 20:42 - 00499350 _____ C:\WINDOWS\system32\errordetails.xml
2017-01-01 20:40 - 2017-01-01 20:40 - 00000000 ____D C:\Program Files\H1ASR0KVAA
2017-01-01 20:40 - 2017-01-01 20:40 - 00000000 ____D C:\Program Files\G5NV6PMZQY
2017-01-01 20:40 - 2017-01-01 20:40 - 00000000 ____D C:\Program Files\2UPOF0VUZ8
2017-01-01 20:39 - 2017-01-01 20:40 - 00000000 ____D C:\Program Files\394AHT7JYC
2017-01-01 20:36 - 2017-01-01 20:36 - 00000000 ____D C:\WINDOWS\SysWOW64\sstmp
2017-01-01 20:36 - 2017-01-01 20:36 - 00000000 ____D C:\WINDOWS\system32\sstmp
2017-01-01 20:36 - 2017-01-01 20:36 - 00000000 ____D C:\Program Files (x86)\GNR
2017-01-01 20:35 - 2017-01-01 20:35 - 00000000 ____D C:\Program Files\Z06UCTZZ10
2017-01-01 20:35 - 2017-01-01 20:35 - 00000000 ____D C:\Program Files\2LA9XOQK4R
2017-01-01 20:33 - 2017-01-01 20:34 - 00000000 ____D C:\Program Files\NSWWDIN18Z
2017-01-01 20:33 - 2017-01-01 20:33 - 00000000 ____D C:\Program Files\ZAUU1FC4ZY
2017-01-01 20:33 - 2017-01-01 20:33 - 00000000 _____ C:\TOSTACK
2017-01-01 20:32 - 2017-01-01 21:16 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-01-01 20:31 - 2017-01-04 12:39 - 00000000 ____D C:\Program Files (x86)\Delyqgach
2017-01-01 20:31 - 2017-01-01 21:04 - 00000000 ____D C:\Users\Aruran\AppData\Roaming\Lokiied
2017-01-01 20:31 - 2017-01-01 20:31 - 00006116 _____ C:\WINDOWS\System32\Tasks\Pheroghtlqale Collector
2017-01-01 20:31 - 2017-01-01 20:31 - 00000000 ____D C:\Users\Aruran\AppData\Local\Qepoied
2017-01-01 20:31 - 2017-01-01 20:31 - 00000000 ____D C:\Program Files (x86)\Derwution Community
2016-12-24 13:44 - 2016-12-24 13:44 - 04368877 _____ C:\Users\Aruran\Desktop\Chalmaar-StarMusiQ.Com.mp3
2016-12-24 13:43 - 2016-12-24 13:43 - 13131127 _____ C:\Users\Aruran\Desktop\Tamil Music Video _ Vaalibam _ Oru Vaarthai Music Video _ Tha Mystro ft. Thinesh Se _ M.Kowtham.mp3
2016-12-24 13:41 - 2016-12-24 13:41 - 12414163 _____ C:\Users\Aruran\Desktop\Kadhala l Deepa Mathana l Official Music Video _ 5K.mp3
2016-12-23 21:48 - 2016-12-23 21:48 - 05242487 _____ C:\Users\Aruran\Desktop\Neeyum_Naanum_160kbps-StarMusiQ.Com.mp3
2016-12-22 18:09 - 2017-01-03 12:47 - 00003480 _____ C:\WINDOWS\setupact.log
2016-12-22 18:06 - 2016-12-22 18:06 - 00000000 ____D C:\Users\Aruran\AppData\LocalLow\AMD
2016-12-19 16:06 - 2016-12-19 16:06 - 00003974 _____ C:\WINDOWS\System32\Tasks\{B39DCCAA-0436-7B01-115A-E0070E00E8F9}
2016-12-19 16:06 - 2016-12-19 16:06 - 00003974 _____ C:\WINDOWS\System32\Tasks\{689EB747-DF35-00EC-B570-6AB16B35BA53}
2016-12-18 16:06 - 2016-12-18 16:06 - 00003974 _____ C:\WINDOWS\System32\Tasks\{F20603A7-45AD-B40C-1F74-17068C597159}
2016-12-18 16:06 - 2016-12-18 16:06 - 00003974 _____ C:\WINDOWS\System32\Tasks\{A8B45195-1F1F-E63E-863B-391E2A604E67}
2016-12-17 08:52 - 2016-12-17 08:52 - 04816161 _____ C:\Users\Aruran\Desktop\Aandipatti-StarMusiQ.Com.mp3
2016-12-17 08:52 - 2016-12-17 08:52 - 04629757 _____ C:\Users\Aruran\Desktop\Yennai_Maatrum_Kaadhale-StarMusiQ.Com.mp3
2016-12-17 08:48 - 2016-12-17 08:48 - 04274703 _____ C:\Users\Aruran\Desktop\Senjitaley-StarMusiQ.Com.mp3
2016-12-17 08:48 - 2016-12-17 08:48 - 04196763 _____ C:\Users\Aruran\Desktop\Remo_Nee_Kadhalan-StarMusiQ.Com.mp3
2016-12-17 08:47 - 2016-12-17 08:47 - 03967841 _____ C:\Users\Aruran\Desktop\Kadavule_Vidai-StarMusiQ.Com.mp3
2016-12-17 08:47 - 2016-12-17 08:47 - 03786315 _____ C:\Users\Aruran\Desktop\Alladhe_Siragiye-StarMusiQ.Com.mp3
2016-12-17 08:47 - 2016-12-17 08:47 - 03501758 _____ C:\Users\Aruran\Desktop\Come_Closer_(Sirikkadhey_Reprise)-StarMusiQ.Com.mp3
2016-12-17 08:47 - 2016-12-17 08:47 - 03346016 _____ C:\Users\Aruran\Desktop\Kadavule_Vidai_(Reprise)-StarMusiQ.Com.mp3
2016-12-17 08:46 - 2016-12-17 08:46 - 04519586 _____ C:\Users\Aruran\Desktop\Saitji_Saitji-StarMusiQ.Com.mp3
2016-12-17 08:45 - 2016-12-17 08:45 - 04974753 _____ C:\Users\Aruran\Desktop\Nee_Uravaaga-StarMusiQ.Com.mp3
2016-12-17 08:44 - 2016-12-17 08:44 - 03960854 _____ C:\Users\Aruran\Desktop\Nee_Tholaindhaayo-StarMusiQ.Com.mp3
2016-12-17 08:44 - 2016-12-17 08:44 - 03725742 _____ C:\Users\Aruran\Desktop\Un_Kadhal_Irundhal_Podhum_(Reprise)-StarMusiQ.Com.mp3
2016-12-17 08:44 - 2016-12-17 08:44 - 03576264 _____ C:\Users\Aruran\Desktop\Hey_Suzhali-StarMusiQ.Com.mp3
2016-12-17 08:43 - 2016-12-17 08:44 - 04673570 _____ C:\Users\Aruran\Desktop\Un_Kadhal_Irundhal_Podhum-StarMusiQ.Com.mp3
2016-12-17 08:42 - 2016-12-17 08:42 - 04331362 _____ C:\Users\Aruran\Desktop\Senthoora-StarMusiQ.Com.mp3
2016-12-17 08:42 - 2016-12-17 08:42 - 03743833 _____ C:\Users\Aruran\Desktop\Senthooran_(Reprise)-StarMusiQ.Com.mp3
2016-12-16 22:06 - 2016-12-16 22:06 - 00003974 _____ C:\WINDOWS\System32\Tasks\{CECE02B3-7965-B518-E4E7-2F25542EAD08}
2016-12-16 22:06 - 2016-12-16 22:06 - 00003974 _____ C:\WINDOWS\System32\Tasks\{58CCAE19-EF67-19B2-048E-8AA9CB0C36D6}
2016-12-16 13:22 - 2016-12-16 13:22 - 00003974 _____ C:\WINDOWS\System32\Tasks\{FA4CBE32-4DE7-0999-0AE0-D79F1C9059F7}
2016-12-16 13:22 - 2016-12-16 13:22 - 00003974 _____ C:\WINDOWS\System32\Tasks\{11F0C66E-A65B-71C5-D91F-1BAB456A64B0}
2016-12-09 10:33 - 2016-12-08 21:30 - 04734664 _____ () C:\Users\Aruran\Desktop\TechnicLauncher.exe
2016-12-09 10:16 - 2016-12-09 10:16 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-12-09 10:16 - 2016-12-09 10:16 - 00000000 ____D C:\Users\Aruran\AppData\Roaming\Sun
2016-12-09 10:16 - 2016-12-09 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-09 10:16 - 2016-12-09 10:16 - 00000000 ____D C:\Program Files\Java
2016-12-09 10:13 - 2016-12-09 10:14 - 63235648 _____ (Oracle Corporation) C:\Users\Aruran\Desktop\jre-8u111-windows-x64.exe
2016-12-08 20:38 - 2016-12-08 20:41 - 00000000 ____D C:\Users\Aruran\AppData\Roaming\.technic
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-04 13:23 - 2015-09-28 15:03 - 00000000 ____D C:\Users\Aruran\AppData\Local\Spotify
2017-01-04 12:47 - 2015-09-28 15:02 - 00000000 ____D C:\Users\Aruran\AppData\Roaming\Spotify
2017-01-04 12:41 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-04 12:41 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-04 12:38 - 2015-06-18 13:50 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-04 12:36 - 2015-12-21 19:37 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-04 12:36 - 2015-09-17 19:04 - 00000000 __SHD C:\Users\Aruran\IntelGraphicsProfiles
2017-01-03 22:23 - 2015-12-21 19:44 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-03 22:23 - 2015-10-30 19:35 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat
2017-01-03 22:23 - 2015-10-30 19:35 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat
2017-01-03 22:23 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2017-01-03 22:17 - 2016-08-14 17:12 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-01-03 22:17 - 2015-12-21 19:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-03 22:17 - 2015-10-30 07:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2017-01-03 11:35 - 2015-01-12 22:08 - 00000000 ____D C:\Users\Aruran\AppData\Local\Packages
2017-01-02 21:53 - 2015-12-21 21:02 - 00000000 ____D C:\Users\Aruran\AppData\Local\MicrosoftEdge
2017-01-02 20:37 - 2015-06-13 16:07 - 00000000 ____D C:\Users\Aruran\AppData\Local\Opera Software
2017-01-02 20:37 - 2015-06-13 16:06 - 00000000 ____D C:\Program Files (x86)\Opera
2017-01-02 20:30 - 2015-12-21 19:35 - 00357632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-02 16:50 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-02 16:29 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-01 21:35 - 2015-01-17 17:45 - 00000000 ____D C:\Program Files (x86)\d1c802b0-1c53-4d5f-913b-bee5d5ae526f
2017-01-01 21:35 - 2015-01-13 18:12 - 00000000 ____D C:\Program Files (x86)\901e8fd0-3b04-46c8-9b59-587dbc917638
2017-01-01 21:35 - 2015-01-13 16:44 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2017-01-01 21:29 - 2015-01-13 16:43 - 00000000 ____D C:\Program Files (x86)\AMD
2017-01-01 21:13 - 2015-12-21 19:37 - 00000000 ____D C:\Users\Aruran
2017-01-01 21:09 - 2015-02-07 16:22 - 00001134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-01-01 20:36 - 2015-07-15 20:19 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2017-01-01 18:53 - 2016-09-18 14:41 - 00001073 _____ C:\Users\Aruran\Desktop\nativelog.txt
2017-01-01 18:53 - 2015-09-17 19:51 - 00000000 ____D C:\Users\Aruran\AppData\Roaming\.minecraft
2016-12-31 18:29 - 2015-06-18 13:50 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-12-29 20:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\config\RegBack
2016-12-24 13:46 - 2015-09-17 19:04 - 00000000 ___RD C:\Users\Aruran\Music
2016-12-22 19:58 - 2015-09-17 19:30 - 00000000 ____D C:\Users\Aruran\AppData\Roaming\Skype
2016-12-22 18:08 - 2015-09-17 19:41 - 00000000 ____D C:\Users\Aruran\AppData\Roaming\TS3Client
2016-12-22 18:06 - 2015-01-12 22:08 - 00000000 ____D C:\Users\Aruran\AppData\LocalLow
2016-12-16 23:07 - 2015-10-30 08:24 - 00000000 _SHDC C:\WINDOWS\Installer
2016-12-16 23:02 - 2015-01-12 22:09 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 23:02 - 2015-01-12 22:09 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-16 23:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-16 22:52 - 2016-09-20 14:54 - 00000294 _____ C:\Users\Aruran\Desktop\Neues Textdokument.txt
2016-12-14 21:08 - 2015-01-14 14:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-14 21:08 - 2015-01-13 20:07 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-14 21:07 - 2015-01-14 14:53 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-14 15:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\catroot2
2016-12-13 16:38 - 2016-09-14 16:38 - 20632664 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-12-13 16:38 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-13 16:38 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-13 16:38 - 2015-06-18 13:50 - 00004014 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-12-12 00:03 - 2015-10-30 08:26 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:03 - 2015-10-30 08:26 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-09 10:10 - 2015-01-12 22:25 - 00000000 ____D C:\ProgramData\Oracle
2016-12-08 21:29 - 2015-12-21 19:37 - 00000000 ____D C:\Users\Aruran\AppData\Local\Microsoft
2016-12-08 20:53 - 2015-02-21 17:48 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-08 20:53 - 2015-02-21 17:48 - 00000000 ____D C:\ProgramData\Skype
2016-12-08 20:50 - 2016-08-14 19:24 - 00000000 ____D C:\WINDOWS\Minidump
2016-12-07 15:11 - 2015-09-17 19:43 - 00000000 ____D C:\Users\Aruran\AppData\Roaming\OBS
2016-12-07 14:59 - 2015-09-06 20:43 - 00000000 ____D C:\Program Files (x86)\OBS
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-04-07 14:51 - 2016-04-07 14:51 - 0011100 _____ () C:\Users\Aruran\AppData\Local\recently-used.xbel
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Aruran\AppData\Local\Temp\NBGTI2CFT\NBGTI2CFT.exe
C:\Users\Aruran\AppData\Local\Temp\Y7QHIVYEP\Y7QHIVYEP.exe
C:\Users\Aruran\AppData\Local\Temp\5ANZUSRV6\5ANZUSRV6.exe
C:\Users\Aruran\AppData\Local\Temp\O07ST4XN6\O07ST4XN6.exe
Einige Dateien in TEMP:
====================
C:\Users\Aruran\AppData\Local\Temp\60AC.tmp.exe
C:\Users\Aruran\AppData\Local\Temp\763C.tmp.exe
C:\Users\Aruran\AppData\Local\Temp\8BDB.tmp.exe
C:\Users\Aruran\AppData\Local\Temp\8YJPCK20F9.exe
C:\Users\Aruran\AppData\Local\Temp\A17A.tmp.exe
C:\Users\Aruran\AppData\Local\Temp\B503.tmp.exe
C:\Users\Aruran\AppData\Local\Temp\B62D.tmp.exe
C:\Users\Aruran\AppData\Local\Temp\B719.tmp.exe
C:\Users\Aruran\AppData\Local\Temp\drm_dyndata_7400006.dll
C:\Users\Aruran\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2aj05l.dll
C:\Users\Aruran\AppData\Local\Temp\jre-8u111-windows-au.exe
C:\Users\Aruran\AppData\Local\Temp\libeay32.dll
C:\Users\Aruran\AppData\Local\Temp\msvcr120.dll
C:\Users\Aruran\AppData\Local\Temp\NarutoOnline_de_2.3.0.4222_monetize.exe
C:\Users\Aruran\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Aruran\AppData\Local\Temp\soundplus-installer.exe
C:\Users\Aruran\AppData\Local\Temp\sqlite3.dll
C:\Users\Aruran\AppData\Local\Temp\tmd_34011350.exe
C:\Users\Aruran\AppData\Local\Temp\tmd_34011909.exe
C:\Users\Aruran\AppData\Local\Temp\tmd_34014728.exe
C:\Users\Aruran\AppData\Local\Temp\tmd_34018948.exe
C:\Users\Aruran\AppData\Local\Temp\tmd_34019441.exe
C:\Users\Aruran\AppData\Local\Temp\YZDZ3RKHXE.exe
C:\Users\Aruran\AppData\Local\Temp\{7BEF2EC8-1B08-4966-94C4-4B34965D672D}.dll
C:\Users\Aruran\AppData\Local\Temp\~ct863A.tmp.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-29 20:16
==================== Ende von FRST.txt ============================ --- --- ---
Hier der Addition.txt : Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-01-2017
durchgeführt von Aruran (04-01-2017 13:33:09)
Gestartet von C:\Users\Aruran\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-21 19:40:27)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3707763914-2828650107-2775741400-500 - Administrator - Disabled) => C:\Users\Administrator
Aruran (S-1-5-21-3707763914-2828650107-2775741400-1001 - Administrator - Enabled) => C:\Users\Aruran
DefaultAccount (S-1-5-21-3707763914-2828650107-2775741400-503 - Limited - Disabled)
Gast (S-1-5-21-3707763914-2828650107-2775741400-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Assassins Creed Unity (HKLM-x32\...\{XXXXXXXX-XXXX-XXXX-XXXX-BLACKBOX0025}) (Version: 6.0 - Black Box)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Battlefield Play4Free (HKLM-x32\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions)
BenVista PhotoZoom Pro 6.0.8 (HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\PhotoZoom Pro 6) (Version: 6.0.8 - BenVista Ltd.)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bus Simulator 16 (HKLM\...\YnVzc2ltdWxhdG9yMTY_is1) (Version: 1 - )
Bus-Simulator 2012 (HKLM-x32\...\Bus-Simulator 2012_is1) (Version: - astragon)
Camtasia Studio 8 (HKLM-x32\...\{E7AFA156-D5CB-4B8C-843D-E7CA58D36B0A}) (Version: 8.6.0.2054 - TechSmith Corporation)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
City Car Driving 1.2.2 (HKLM-x32\...\{CC457F3D-5CDE-4CE8-9685-90A4EDE81374}_is1) (Version: - Forward Development)
Construction-Simulator 2015 (HKLM-x32\...\Steam App 289950) (Version: - weltenbauer. Software Entwicklung GmbH)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive)
Dropbox (HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.18.1 - SCS Software)
Farming Simulator 15 (HKLM-x32\...\Farming Simulator 15_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.60.713 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.60.713 - DVDVideoSoft Ltd.)
Freemake Audio Converter Version 1.1.3 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.3 - Ellora Assets Corporation)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Killing Floor (HKLM\...\Steam App 1250) (Version: - Tripwire Interactive)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{9E2154A9-2953-4FAC-B943-052DD23057AF}) (Version: 7.0.1.27 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.1.27 - MAGIX Software GmbH) Hidden
MAGIX Video Pro X7 (HKLM\...\MX.{FB081787-6116-4FEA-83A4-D05DB9934C57}) (Version: 14.0.0.96 - MAGIX Software GmbH)
MAGIX Video Pro X7 (Version: 14.0.0.96 - MAGIX Software GmbH) Hidden
Malwarebytes Version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version: - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-003A-0000-0000-0000000FF1CE}_PRJSTD_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version: - Microsoft)
Microsoft Office Project Standard 2007 (HKLM-x32\...\PRJSTD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PlanetSide 2 (2) (HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\SOE-PlanetSide 2 (2)) (Version: 1.0.3.183 - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 6.2.12.0 - Razer Inc.)
RESIDENT EVIL 5 (HKLM-x32\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.)
ROCCAT Kova[+] Mouse Driver (HKLM-x32\...\{A86DDFE3-F661-461C-9BF2-876AC2CA57DE}) (Version: 1.10 - Roccat GmbH)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.2.2.0 - Lenovo Group Limited)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
SOE Web Installer (HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\SOE Web Installer) (Version: 1.0.3.171 - Sony Online Entertainment)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
Spotify (HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.353 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.353 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.353 - TuneUp Software) Hidden
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-003A-0000-0000-0000000FF1CE}_PRJSTD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{1E16FD84-D9BE-C7F6-B731-BCBED65A09AA}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Aruran\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B456BE1-1419-4ECB-B378-AA54D62EF56E} - System32\Tasks\{CECE02B3-7965-B518-E4E7-2F25542EAD08} => C:\ProgramData\{05DDD3DF-B276-6474-5CC7-B86433FAE339}\0D3A5193-BA91-E638-BCD1-616F454D345A.exe <==== ACHTUNG
Task: {345BB094-D7CE-4485-B18B-BB6E6113E67F} - System32\Tasks\{689EB747-DF35-00EC-B570-6AB16B35BA53} => C:\ProgramData\{CC009523-7BAB-2288-230F-30FDE668E57E}\48BE59E1-FF15-EE4A-6008-FDDD5BEB120A.exe <==== ACHTUNG
Task: {351EFF6B-C86A-4118-A266-A51D5DE06CD9} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2015-06-25] (TuneUp Software)
Task: {3A81B063-6ED9-4222-A752-E278C14AB4F2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {3F4499B1-1084-4A66-AFDF-FDBAC970D4EC} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {458306B3-8909-4ABE-A082-A4D69AC20A4C} - System32\Tasks\{51AD42E9-7519-41A3-9144-2B8A2A7B0F58} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\e366fc6e\9007857a.dll" <==== ACHTUNG
Task: {488FC130-EF5C-41A8-B33E-D2AED62E21F4} - System32\Tasks\Aufgaben der Ereignisanzeige\System_Microsoft-Windows-UserPnp_20001 => desktop [Argument = drucker]
Task: {4CB771CD-5932-489A-9AC5-800E4AE28EA2} - System32\Tasks\{FA4CBE32-4DE7-0999-0AE0-D79F1C9059F7} => C:\ProgramData\{62BB382F-D510-8F84-5DC3-EBD1D57EC79D}\E94FCAC8-5EE4-7D63-6411-6C42F26F2043.exe <==== ACHTUNG
Task: {6137476C-FE46-48DD-B0FC-3B3584A2EF54} - System32\Tasks\Pheroghtlqale Collector => C:\Program Files (x86)\Delyqgach\analatain.exe [2017-01-01] (Glarysoft Ltd)
Task: {7F22EA6C-A5D6-40B1-8DF3-49C7038DFE72} - System32\Tasks\{A8B45195-1F1F-E63E-863B-391E2A604E67} => C:\ProgramData\{569357B0-E138-E01B-DF7B-33C9598DB512}\A96D7853-1EC6-CFF8-8017-39589984F9B6.exe <==== ACHTUNG
Task: {8D76A3B0-447F-4E12-867B-3727A7DD52C9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {8FFB5DAA-7BF6-4F75-A127-4903D75EC4FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {9A35D169-00F1-4A3F-9E5A-E7F1EAB861D4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {AE44564B-5525-4814-A13D-AE8C9C7A16C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B44CDA40-5508-4498-B93B-F0350CA7C81E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B5163DAF-6BBD-4D4C-9034-E7AE4963A329} - System32\Tasks\{675B675A-D0F0-D0F1-56D3-080DA1076E60} => C:\ProgramData\{88F78037-3F5C-379C-D3BE-B6783C70F4CA}\4EA4D68D-F90F-6126-5C54-2F00008CD9CA.exe <==== ACHTUNG
Task: {C12A4D22-A980-4748-939A-DC4FBAF8F887} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C8808CE4-E380-4B23-84CA-83D2C4156C73} - System32\Tasks\{F20603A7-45AD-B40C-1F74-17068C597159} => C:\ProgramData\{F5B0148B-421B-A320-68D4-1FB6A68E977A}\B56BB539-02C0-0292-19D1-AF24E7E2B68C.exe <==== ACHTUNG
Task: {D5E0102C-0023-49F8-AD80-683B1AED1D39} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-12-14] (Microsoft Corporation)
Task: {D7DD0DEA-C193-4E85-9271-0002515D2453} - System32\Tasks\{11F0C66E-A65B-71C5-D91F-1BAB456A64B0} => C:\ProgramData\{632EDB6A-D485-6CC1-A891-F262EA8DC3DE}\E6427A4F-51E9-CDE4-D717-311225045A97.exe <==== ACHTUNG
Task: {E678182B-DA87-48B4-BB32-278B433E074A} - System32\Tasks\{58CCAE19-EF67-19B2-048E-8AA9CB0C36D6} => C:\ProgramData\{0A063EFE-BDAD-8955-3A52-44CE203D919E}\58766930-EFDD-DE9B-6D55-05DEC9A921D8.exe <==== ACHTUNG
Task: {E93758AC-FE24-4D87-B491-A4967B679F3C} - System32\Tasks\{B39DCCAA-0436-7B01-115A-E0070E00E8F9} => C:\ProgramData\{3386FBFE-842D-4C55-1EAE-4CDE7EA6597E}\A77CD74F-10D7-60E4-B02B-39DD9772AE03.exe <==== ACHTUNG
Task: {F87FCD1A-8F50-497B-8966-7D8081E30493} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {FA7C4B09-BF43-4198-B586-886BF9D4C302} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {FBF7D260-87B9-4097-8947-D6BE7A2D857D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-01 21:28 - 2016-12-14 12:55 - 02259232 _____ () D:\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-01-01 21:28 - 2016-12-14 12:55 - 02813904 _____ () D:\ANTI-MALWARE\arwlib.dll
2017-01-01 21:28 - 2016-12-14 12:55 - 02247632 _____ () D:\ANTI-MALWARE\MwacLib.dll
2015-05-09 21:12 - 2015-05-09 21:29 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-06-25 06:53 - 2015-06-25 06:53 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2015-08-14 23:33 - 2015-08-14 23:33 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-09-16 14:38 - 2016-09-16 14:38 - 00155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-11-09 17:17 - 2016-10-25 10:42 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-09 17:17 - 2016-10-25 10:42 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-10-31 20:45 - 2016-10-31 20:45 - 00592384 _____ () C:\Users\Aruran\AppData\Local\MEGAsync\ShellExtX64.dll
2015-07-18 00:35 - 2016-11-01 23:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-12-21 19:33 - 2015-12-21 19:33 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-22 15:33 - 2016-07-01 04:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-11-09 17:17 - 2016-10-25 05:49 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 17:17 - 2016-10-25 05:44 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 17:17 - 2016-10-25 05:45 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 17:17 - 2016-10-25 05:48 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2017-01-01 20:33 - 2017-01-01 20:33 - 00369664 _____ () C:\Program Files\ZAUU1FC4ZY\ZAUU1FC4Z.exe
2017-01-01 20:33 - 2017-01-01 20:34 - 00369664 _____ () C:\Program Files\NSWWDIN18Z\NSWWDIN18.exe
2017-01-01 20:35 - 2017-01-01 20:35 - 00369664 _____ () C:\Program Files\2LA9XOQK4R\2LA9XOQK4.exe
2017-01-01 20:35 - 2017-01-01 20:35 - 00369664 _____ () C:\Program Files\Z06UCTZZ10\Z06UCTZZ1.exe
2017-01-01 20:38 - 2017-01-01 20:38 - 00369664 _____ () C:\Users\Aruran\AppData\Local\Temp\NBGTI2CFT\NBGTI2CFT.exe
2017-01-01 20:40 - 2017-01-01 20:40 - 00369664 _____ () C:\Program Files\G5NV6PMZQY\TUTAEOS0P.exe
2017-01-01 20:40 - 2017-01-01 20:40 - 00369664 _____ () C:\Program Files\2UPOF0VUZ8\2UPOF0VUZ.exe
2017-01-01 20:40 - 2017-01-01 20:40 - 00369664 _____ () C:\Program Files\H1ASR0KVAA\H1ASR0KVA.exe
2017-01-01 20:43 - 2017-01-01 20:43 - 00369664 _____ () C:\Users\Aruran\AppData\Local\Temp\Y7QHIVYEP\Y7QHIVYEP.exe
2017-01-01 20:43 - 2017-01-01 20:43 - 00369664 _____ () C:\Users\Aruran\AppData\Local\Temp\5ANZUSRV6\5ANZUSRV6.exe
2017-01-01 20:45 - 2017-01-01 20:45 - 00369664 _____ () C:\Program Files\WSYN11RTPB\WSYN11RTP.exe
2017-01-01 20:48 - 2017-01-01 20:48 - 00369664 _____ () C:\Users\Aruran\AppData\Local\Temp\O07ST4XN6\O07ST4XN6.exe
2017-01-01 20:31 - 2017-01-01 20:31 - 00177152 _____ () c:\program files (x86)\delyqgach\cktcontrols.dll
2016-04-13 09:38 - 2016-04-13 09:38 - 00482304 _____ () C:\Users\Aruran\AppData\Local\MEGAsync\libsodium.dll
2015-08-01 12:43 - 2010-05-29 13:57 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\hiddriver.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\sony.com -> sony.com
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2017-01-01 20:33 - 00004386 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
34.195.153.94 www.google-analytics.com
34.195.153.94 google-analytics.com
34.195.153.94 mc.yandex.ru
34.195.153.94 top-fwz1.mail.ru
34.195.153.94 site.yandex.net
34.195.153.94 pagead2.googlesyndication.com
34.195.153.94 ad.mail.ru
34.195.153.94 ads.adfox.ru
34.195.153.94 ads.pubmatic.com
34.195.153.94 apis.google.com
34.195.153.94 autocontext.begun.ru
34.195.153.94 b.scorecardresearch.com
34.195.153.94 c.amazon-adsystem.com
34.195.153.94 cdn.admixer.net
34.195.153.94 cdn.cxense.com
34.195.153.94 cdn.livefyre.com
34.195.153.94 cdn.onthe.io
34.195.153.94 cdn.optimizely.com
34.195.153.94 cdn.prom.st
34.195.153.94 cdn.pushwoosh.com
Da befinden sich 55 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
HKU\S-1-5-21-3707763914-2828650107-2775741400-500\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\StartupApproved\Run: => "msnmsgr"
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3707763914-2828650107-2775741400-1001\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{6592864C-E7EC-45E0-B757-21D45B786EBB}C:\users\aruran\appdata\roaming\spotify\spotify.exe] => C:\users\aruran\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{F5644A3C-5476-45E7-942D-9FD3B6FC27F1}C:\users\aruran\appdata\roaming\spotify\spotify.exe] => C:\users\aruran\appdata\roaming\spotify\spotify.exe
FirewallRules: [{F2DFB349-EA2A-4749-A597-CCF4C4406999}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{ACB08F27-F1B9-4B7F-8D62-FEB001F3ABC7}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A0102D9B-CFA6-465A-A51F-11127B0F2778}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C98F82BB-88CE-4964-9DC1-75C913AF09D3}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{C41F7B0E-8A41-4B85-8F51-566F3A40ED82}C:\program files\magix\video pro x7\video_pro_x.exe] => C:\program files\magix\video pro x7\video_pro_x.exe
FirewallRules: [UDP Query User{7E2F6382-13F6-47E4-AD6B-D68C0710E6FD}C:\program files\magix\video pro x7\video_pro_x.exe] => C:\program files\magix\video pro x7\video_pro_x.exe
FirewallRules: [{DCE5D83F-23A8-4C40-9B89-1100482DD27D}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{5E81C56F-E220-47ED-A69B-4AE7F4887427}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [TCP Query User{63B02E80-A4C7-450E-A1F1-62560202372B}D:\farming simulator 15\x64\farmingsimulator2015game.exe] => D:\farming simulator 15\x64\farmingsimulator2015game.exe
FirewallRules: [UDP Query User{53CA883F-7F55-4E3B-A045-967CB42C98E6}D:\farming simulator 15\x64\farmingsimulator2015game.exe] => D:\farming simulator 15\x64\farmingsimulator2015game.exe
FirewallRules: [TCP Query User{89DBE122-D5CD-43AF-B0C4-91CB973B8666}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{31AF25F1-0204-43B3-9346-A2C9DD92EC87}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{A49045E0-3EA6-4925-81D9-FF6ECB7A98B0}C:\program files (x86)\city car driving\bin\win32\starter.exe] => C:\program files (x86)\city car driving\bin\win32\starter.exe
FirewallRules: [UDP Query User{F1C17DB7-FDDF-4206-BB1B-A29AC9546477}C:\program files (x86)\city car driving\bin\win32\starter.exe] => C:\program files (x86)\city car driving\bin\win32\starter.exe
FirewallRules: [{0ADF5ACA-59E4-45EC-A77D-08779EB17C1B}] => D:\dayz\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{CDA74254-C62E-4740-BA98-2E57F6FC522A}] => D:\dayz\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{95C430E4-8152-4367-BA6A-3E65F6A7056A}D:\dayz\steamapps\common\dayz\dayz.exe] => D:\dayz\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{72C629BA-2917-4F55-AA89-9CEA04FC514F}D:\dayz\steamapps\common\dayz\dayz.exe] => D:\dayz\steamapps\common\dayz\dayz.exe
FirewallRules: [{45FD29B0-7B2E-451A-862D-3BB01F0A9905}] => C:\Program Files (x86)\Steam\steamapps\common\ConSim2015\ConSim2015.exe
FirewallRules: [{BE6659BE-A6C2-4804-A828-352A9F1304A4}] => C:\Program Files (x86)\Steam\steamapps\common\ConSim2015\ConSim2015.exe
FirewallRules: [TCP Query User{AD7CDB41-6F24-4763-9DFD-D05D5D09A278}D:\games\arma 3 apex\arma3.exe] => D:\games\arma 3 apex\arma3.exe
FirewallRules: [UDP Query User{7F6B232D-B712-4B18-8087-AFA88B6386E6}D:\games\arma 3 apex\arma3.exe] => D:\games\arma 3 apex\arma3.exe
FirewallRules: [TCP Query User{3266C74C-9F1C-4C21-A536-AB5A99962056}C:\users\aruran\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\users\aruran\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{CE72EB24-D4CD-45E8-92B0-7FD9150D1940}C:\users\aruran\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => C:\users\aruran\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D48DCA08-33EC-40E7-A4BD-668F36B35AFC}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CB9A80F6-C5A3-4718-8E3A-57312AFA3B2C}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A731E16B-2ADA-479E-B764-84FAB07C7289}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{197D4D0B-FB9C-48D0-B350-3C3BBEE3A3C3}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B66ED58A-ECB8-44D5-85A2-EA2663CCA826}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{55C5914A-C594-48D2-8CAA-2352C36FA328}] => D:\steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{271C54E2-47B3-4879-B862-B004915BEB7C}] => D:\steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [TCP Query User{8E91E39E-5950-4F01-BE05-F935E663702E}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FCC88078-D9B1-4803-9408-9D50E2202E6D}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{8A3FFA5C-AE52-4543-A81E-C5DECAB85405}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{1874C557-2F47-40BB-8DEE-68D42BCEE279}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [TCP Query User{4F0D9C6B-CA43-414A-A297-F000F7EA1134}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [UDP Query User{91E34703-CF5F-4F14-901C-FB38F2E9CE1C}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => C:\program files\java\jre1.8.0_111\bin\javaw.exe
FirewallRules: [TCP Query User{258660BE-CD7D-4DE8-A6E3-CDE3E552AC4E}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{09BA8A8C-E2BB-4BB6-A786-B55A56575BFC}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{7B9D07F3-176A-48F2-85FA-DCAED0848EBA}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/03/2017 10:26:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.10586.20, Zeitstempel: 0x56540c35
Name des fehlerhaften Moduls: IPHLPAPI.DLL, Version: 10.0.10586.0, Zeitstempel: 0x5632d324
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000089c6
ID des fehlerhaften Prozesses: 0x734
Startzeit der fehlerhaften Anwendung: 0x01d26607fc2add65
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL
Berichtskennung: 9e138a53-ffc6-4388-b7e4-91eb002d9c79
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_25.10586.672.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Error: (01/02/2017 09:59:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Aru)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/01/2017 10:08:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Aru)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/01/2017 09:24:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Aru)
Description: Das Paket „Microsoft.MicrosoftEdge_25.10586.672.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{66c1fdf7-6d26-49b7-8c04-911fedf6b248}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (01/01/2017 09:22:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Smart_Registry_Care.exe, Version: 1.0.0.0, Zeitstempel: 0x5820a069
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.589, Zeitstempel: 0x57cf948c
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000071f28
ID des fehlerhaften Prozesses: 0x1480
Startzeit der fehlerhaften Anwendung: 0x01d2646cbed2fb85
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\GNR\src\Smart_Registry_Care.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\KERNELBASE.dll
Berichtskennung: a8a3404e-97f5-4076-92f3-910eb367d99a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/01/2017 09:22:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Smart_Registry_Care.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ArgumentException
bei System.Diagnostics.Process.GetProcessById(Int32, System.String)
bei Smart_Registry_Care.App.KeepingAlive()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (01/01/2017 09:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Smart_Registry_Care.exe, Version: 1.0.0.0, Zeitstempel: 0x5820a069
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.589, Zeitstempel: 0x57cf948c
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000071f28
ID des fehlerhaften Prozesses: 0x2140
Startzeit der fehlerhaften Anwendung: 0x01d2646ae94e6671
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\GNR\src\Smart_Registry_Care.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\KERNELBASE.dll
Berichtskennung: db38c401-3415-4f9a-aaed-71e2a7d1a8c6
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/01/2017 09:09:09 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Smart_Registry_Care.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ArgumentException
bei System.Diagnostics.Process.GetProcessById(Int32, System.String)
bei Smart_Registry_Care.App.KeepingAlive()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (12/24/2016 01:46:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (12/24/2016 01:46:23 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Systemfehler:
=============
Error: (01/04/2017 12:39:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Archer" wurde mit folgendem Fehler beendet:
Archer ist keine zulässige Win32-Anwendung.
Error: (01/04/2017 12:39:38 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/04/2017 12:39:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WinSAPSvc" wurde mit folgendem Fehler beendet:
WinSAPSvc ist keine zulässige Win32-Anwendung.
Error: (01/04/2017 12:39:36 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "iThemes5" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (01/03/2017 11:01:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_48462" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/03/2017 11:01:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _48462" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/03/2017 11:01:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_48462" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/03/2017 11:01:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_48462" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/03/2017 10:26:46 PM) (Source: DCOM) (EventID: 10016) (User: Aru)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Aru\Aruran" (SID: S-1-5-21-3707763914-2828650107-2775741400-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/03/2017 10:20:32 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2017-01-02 20:31:03.530
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-15 14:40:01.153
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-11 12:02:20.509
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-10 13:17:14.646
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-29 10:15:10.226
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-15 17:11:46.935
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-14 18:15:18.165
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-13 15:04:06.725
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-17 12:36:39.599
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-16 12:48:35.183
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 8055.7 MB
Verfügbarer physikalischer RAM: 5571.72 MB
Summe virtueller Speicher: 9335.7 MB
Verfügbarer virtueller Speicher: 6633.42 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:118.29 GB) (Free:1.39 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.39 GB) (Free:547.84 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================ |