Part 2
FRST Additions Logfile: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-01-2017
durchgeführt von Magic (04-01-2017 20:49:13)
Gestartet von C:\Users\Magic\Downloads\Spam entfernen
Windows 10 Home Version 1607 (X64) (2016-11-26 10:57:10)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2786200759-2278858845-1295660402-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2786200759-2278858845-1295660402-503 - Limited - Disabled)
Gast (S-1-5-21-2786200759-2278858845-1295660402-501 - Limited - Disabled)
Magic (S-1-5-21-2786200759-2278858845-1295660402-1001 - Administrator - Enabled) => C:\Users\Magic
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
10.000 Office Vorlagen Teil 1 (HKLM-x32\...\10.000 Office Vorlagen Teil 1_is1) (Version: - )
10.000 Office Vorlagen Teil 2 (HKLM-x32\...\10.000 Office Vorlagen Teil 2_is1) (Version: - )
3DMark (HKLM-x32\...\{f5aa1c48-f2dc-4f4f-a71d-65bd7d0dc5c5}) (Version: 1.5.893.0 - Futuremark)
3DMark (Version: 1.5.893.0 - Futuremark) Hidden
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{CA2865AD-EFF4-44F0-A2C9-DCDC0A90F27E}) (Version: 14.0.0 - Helmut Buhler)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Alan Wake Complete Collection Version 1.06.17.0155 (HKLM-x32\...\{2DE8F160-BBFF-445B-8B8E-4092A1C106DA}_is1) (Version: 1.06.17.0155 - Remedy Entertainment)
Aliens vs Predator Dedicated Server (HKLM-x32\...\Steam App 34120) (Version: - )
A-Men Technologies USB-to-Serial (HKLM-x32\...\{1805BD6D-C441-4A1C-802D-AFF0232DAACD}) (Version: - )
Ansel (Version: 372.70 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 Server (HKLM-x32\...\Steam App 233780) (Version: - Bohemia Interactive)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Ashampoo ClipFinder HD 2 v.2.47 (HKLM-x32\...\{0A11EA01-0BAC-AC96-8FAD-1840C13B6803}_is1) (Version: 2.47 - Ashampoo GmbH & Co. KG)
ASUS Gaming Center (HKLM-x32\...\{23C8A788-4790-4F3C-B103-0ACC7D9DC5BE}) (Version: 1.0.2 - ASUS)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.5.2.3 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.5.2.3 - ASUSTek COMPUTER INC.) Hidden
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.026 - ASUS)
ASUS ROG MacroKey (HKLM-x32\...\{348022C5-F497-4333-AFEE-208F22F169F2}_is1) (Version: 1.0.0.28 - G-spy Co., Ltd)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.02.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.1 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0038 - ASUS)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AVG (Version: 16.141.7996 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4749 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.63.2.50050 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.63.4 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.141.7996 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.83.6332 - BlueStack Systems, Inc.)
calibre 64bit (HKLM\...\{0224350E-9A3E-4932-8FC8-5D0590F1AF8A}) (Version: 2.55.0 - Kovid Goyal)
Call of Duty Modern Warfare 3 1.0 (HKLM-x32\...\Call of Duty Modern Warfare 3 1.0) (Version: - )
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version: - Infinity Ward - Sledgehammer Games)
CBR (HKLM-x32\...\{91604354-2B64-4A59-AF15-81E85CB4F9BB}) (Version: 0.7 - G.Waser)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
concept/design onlineTV 11 (HKLM-x32\...\{8A4C3184-DA2F-4553-BF61-83F5690C3048}_is1) (Version: 11.16.3.23 - concept/design GmbH)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor 1.29 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CPU-M Benchmark version 1.5 (HKLM-x32\...\{819B2F72-CADC-4C41-BA29-2BA97D7F68CE}_is1) (Version: 1.5 - Major Share (MajorShare.com))
CrystalDiskInfo 6.7.5 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.7.5 - Crystal Dew World)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2019.0 - CyberLink Corp.)
Disk Doctors Undelete Version 1.0.0 (HKLM-x32\...\Disk Doctors Undelete_is1) (Version: - Disk Doctor Labs, Inc.)
DLL-Files.com Client (HKLM-x32\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.1.1000.4462 - DLL-Files.com Client)
Dr. Langeskov, The Tiger, and The Terribly Cursed Emerald: A Whirlwind Heist (HKLM-x32\...\Steam App 409160) (Version: - Crows Crows Crows)
Dreamfall The Longest Journey Version 1.0 (HKLM-x32\...\Dreamfall The Longest Journey_is1) (Version: 1.0 - Funcom) <==== ACHTUNG
Dropbox (HKLM-x32\...\Dropbox) (Version: 16.4.30 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Dying Light Version 1.2 (HKLM-x32\...\Dying Light_is1) (Version: 1.2 - RFT)
eBook Converter (HKLM-x32\...\eBookConverter) (Version: 1.2.1 - eBook Converter)
ELAN Touchpad 11.5.20.3_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.20.3 - ELAN Microelectronic Corp.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fahrenheit (HKLM-x32\...\{BA10AC78-E687-4523-8B93-540428FC256F}) (Version: 1.1 - Ihr Firmenname)
Far Cry (Patch 1.4) (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.02 - Ubisoft)
FileRestorePlus™ 3.0.6.303 (HKLM-x32\...\FileRestorePlus™_is1) (Version: - Copyright © 2010 eSupport.com • All Rights Reserved)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Future Pinball (HKLM-x32\...\Future Pinball_is1) (Version: Version 1.9.1.20101231 - Chris Leathley)
Futuremark SystemInfo (HKLM-x32\...\{79659071-4B68-4EC8-833C-49C97B68FCD0}) (Version: 4.36.512.0 - Futuremark)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.1.1 - Genesys Logic)
Ghost Recon Phantoms - EU (HKU\S-1-5-21-2786200759-2278858845-1295660402-1001\...\61e5da2b7c463135) (Version: 1.36.9879.2 - Ubisoft)
Glary Utilities 5.38 (HKLM-x32\...\Glary Utilities 5) (Version: 5.38.0.58 - Glarysoft Ltd)
GOM Software V8 (HKLM\...\GOM v8.0) (Version: 8.0.0.89084 - GOM mbH, Mittelweg 7-8, 38106 Braunschweig, Germany)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
GSM SIM Utility 9.0 (HKLM-x32\...\{E1ACEF2E-C3C0-43F5-A815-5F0BB968DA70}) (Version: - )
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
HELI-X 6.1 Demo (HKLM-x32\...\EC916548-FECF-4545-B3A0-E8956AB32821_is1) (Version: - HELI-X.net)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Hitman Absolution - Professional Edition (HKLM-x32\...\Hitman Absolution - Professional Edition_is1) (Version: - )
Hitman Codename 47 (HKLM-x32\...\GOGPACKANHITMAN1_is1) (Version: 2.0.0.13 - GOG.com)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1016 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1419.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAV Filters 0.66 (HKLM-x32\...\lavfilters_is1) (Version: 0.66 - Hendrik Leppkes)
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maniac Mansion Deluxe (HKLM-x32\...\Maniac Mansion Deluxe) (Version: - )
Maxx Audio Installer (x64) (Version: 1.6.5073.106 - Waves Audio Ltd.) Hidden
Medusa's Labyrinth (HKLM-x32\...\Steam App 436110) (Version: - Guru Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 47.0.1 (x64 de) (HKLM\...\Mozilla Firefox 47.0.1 (x64 de)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.0 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials V for Windows (HKLM-x32\...\NewBlue Video Essentials V for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VII for Windows (HKLM-x32\...\NewBlue Video Essentials VII for Windows) (Version: 3.0 - NewBlue)
No Man’s Sky Incl. Update 4 MULTi14 1.07 (HKLM-x32\...\No Man’s Sky Incl. Update 4 MULTi14 1.07) (Version: - )
NoteBook FanControl (HKLM-x32\...\{542c1677-eab5-49ee-99aa-5a08eeb3033c}) (Version: 1.3.4.0 - Stefan Hirschmann - StagWare)
NoteBook FanControl (x32 Version: 1.3.4.0 - Stefan Hirschmann - StagWare) Hidden
NVIDIA 3D Vision Treiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.7.4 - Steganos Software GmbH)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Oracle VM VirtualBox 5.0.4 (HKLM\...\{FC191F32-1A67-4231-91D0-0059A57C99A8}) (Version: 5.0.4 - Oracle Corporation)
PhonerLite 2.45 (HKLM-x32\...\PhonerLite_is1) (Version: 2.45 - Heiko Sommerfeldt)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
Q500 GUI version 1.0 (HKLM-x32\...\{05282008-69B0-409A-8B05-CB77A5E0D99E}_is1) (Version: 1.0 - Yuneec)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1031 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7576 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Relic Hunters Zero (HKLM-x32\...\Steam App 382490) (Version: - Rogue Snail)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
ROG Game First III (HKLM-x32\...\{0C6E32E1-31D9-49F1-B67F-2941994002D5}) (Version: 1.00.16 - ASUSTeK Computer Inc.)
Run and Fire (HKLM-x32\...\Steam App 360760) (Version: - )
S.T.A.L.K.E.R. - Shadow of Chernobyl (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0000 - THQ)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
ScummVM 1.4.1 (HKLM-x32\...\ScummVM_is1) (Version: - The ScummVM Team)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Shutdown Timer (HKLM\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)
Shutdown7 Version 2.1.2 (HKLM-x32\...\{37D95233-83D5-4511-8FFA-E6110FBB1F3E}_is1) (Version: 2.1.2 - Marius Lutz)
SIM MAX (HKLM-x32\...\{DAC0B889-5359-4FDC-893A-2B8EF6B71B6F}) (Version: 1.00.0000 - SIM MAX)
Singularity German Uncut Edition 1.1 (HKLM-x32\...\Singularity German Uncut Edition 1.1) (Version: - )
Sleeping Dogs Game Of The Year (30 DLCs) 1.0 (HKLM-x32\...\Sleeping Dogs Game Of The Year (30 DLCs) 1.0) (Version: 1.0 - .x.X.RIDDICK.X.x.)
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden
Sniper Elite 3 Dedicated Server (HKLM-x32\...\Steam App 266910) (Version: - )
SOMA (HKLM\...\U09NQQ==_is1) (Version: 1 - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-2786200759-2278858845-1295660402-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
Star Wars Jedi Knight Jedi Academy (HKLM-x32\...\{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SWAT 4 Gold Edition MULTi7 - ElAmigos Version 1.1 (HKLM-x32\...\{C5A3E12F-8EA1-4698-80A8-32C9C87A11EF}_is1) (Version: 1.1 - Sierra)
TAXMAN 2015 (HKLM-x32\...\{5613CAD3-71ED-4207-95A0-1BA0BF465E38}) (Version: 20.22.94 - Haufe-Lexware GmbH & Co.KG)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
TECUNIONLINE (HKLM-x32\...\TECUNIONLINE) (Version: 1.4.0.1 - ShenZhen ruike Electronics Co.,Ltd)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
The Evil Within MULTi2 1.0 (HKLM-x32\...\The Evil Within MULTi2 1.0) (Version: - )
The Four Kings Casino and Slots (HKLM-x32\...\Steam App 260430) (Version: - Digital Leisure Inc.)
Thunderbolt(TM) Software (HKLM\...\{BED2816F-D47A-41DA-AFCF-44E1B257C368}) (Version: 2.0.4.250 - Intel(R) Corporation)
TimeComX Basic (64-Bit) (HKLM-x32\...\TimeComX Basic 64-Bit) (Version: 1.3.2.7 - Bitdreamers)
Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0 (HKLM-x32\...\Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0) (Version: - )
Tomb Raider 1 + 2 + 3 (HKLM-x32\...\Tomb Raider 1 + 2 + 3_is1) (Version: - GOG.com)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unreal (HKLM-x32\...\Unreal) (Version: - )
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WavePad Audio-Editor (HKLM-x32\...\WavePad) (Version: 6.12 - NCH Software)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.2.524 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.2 - WildTangent)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wise Care 365 3.95 (HKLM-x32\...\Wise Care 365_is1) (Version: 3.95 - WiseCleaner.com, Inc.)
Wise Data Recovery 3.82 (HKLM-x32\...\Wise Data Recovery_is1) (Version: 3.82 - WiseCleaner.com, Inc.)
Wise Folder Hider 3.25 (HKLM-x32\...\Wise Folder Hider_is1) (Version: 3.25 - WiseCleaner.com, Inc.)
Wise Force Deleter 1.23 (HKLM-x32\...\Wise Force Deleter_is1) (Version: 1.23 - WiseCleaner.com, Inc.)
X-Mouse Button Control 2.14 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.14 - Highresolution Enterprises)
Zak McKracken – Between Time and Space Version v2 (HKLM-x32\...\Zak2_is1) (Version: v2 - Artificial Hair Bros.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2786200759-2278858845-1295660402-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2786200759-2278858845-1295660402-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Magic\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2786200759-2278858845-1295660402-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Magic\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02DFFCB2-3023-4270-A6A5-F634C39094C1} - System32\Tasks\WiseCleaner\WFDSkipUAC => C:\Program Files (x86)\Wise\Wise Force Deleter\WiseDeleter.exe [2015-09-11] (WiseCleaner.com)
Task: {038C0AE1-850F-4787-9992-66638585ED62} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {041EC183-7E61-4AC6-A3B9-A38EFB3ECDAD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {04F6987D-26CA-40B1-8689-482DFDE3E68B} - System32\Tasks\WiseCleaner\WFHFreeSkipUAC => C:\Program Files (x86)\Wise\Wise Folder Hider\WiseFolderHider.exe [2015-12-28] (WiseCleaner.com)
Task: {0B61B4D1-FD9B-41A3-B066-E017FDB8707A} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {0D202C58-7664-45C4-849E-0767A07005F7} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {11297B15-450D-498C-8532-812410922210} - System32\Tasks\{76510113-A991-43AD-BA59-4E768F1E4D23} => pcalua.exe -a G:\CM108(7.1)\USB-108-100318-7.12.8.2144(W7-RC-02)\Program\CmElv.exe -d G:\CM108(7.1)\USB-108-100318-7.12.8.2144(W7-RC-02)\Program
Task: {1DE59105-4D61-4520-B402-38EB12995DD5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {25DE50C4-AC1F-497F-9017-E556670099F9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {27EEB4FF-4196-41CA-8C88-6335B4BAFEE7} - \Winsta Update -> Keine Datei <==== ACHTUNG
Task: {2997AACB-9A21-4336-9F3E-89FAD5B54E41} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {299CC0B5-2E81-446A-B9A9-87B63726CF64} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {3397CBD6-EE58-4124-8762-40DDC1078D88} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {38DA5EF2-A658-489A-BD08-2DB863E287C0} - System32\Tasks\{C481FA0A-06A3-4E3A-8A4A-87B51B1D8847} => pcalua.exe -a C:\BlackMesa-Setup.exe -d C:\
Task: {3C3C6874-0AC9-48A6-B9BB-78BDD9180F1C} - System32\Tasks\{3BC09844-F4EF-44F1-B708-E936EFF8B69A} => pcalua.exe -a H:\FahrenheitAutoRun.exe -d H:\
Task: {417E63E1-0816-4F71-AAA9-479BCC90D3A5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-21] (Adobe Systems Incorporated)
Task: {4D3CBD94-09F6-47C8-AF2E-32F8535747E3} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {5AD09BC0-F001-492A-8EE1-A5EC966EA30E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-14] (Google Inc.)
Task: {795A745C-8A04-4E7E-A1E3-06F27CE1CC0D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-14] (Google Inc.)
Task: {7EC08BD6-275A-4FC1-86B8-1251DBC65C57} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)
Task: {80DF9B7D-43AE-465B-942E-90412B11C5A9} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {8A0D5CB2-6D41-4CF8-9D60-196773A10B32} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {8A6EABB4-E890-4149-BD5C-910123342B4A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-08-06] (Realtek Semiconductor)
Task: {900AF312-89A6-41DA-9DE1-EB0506D351A3} - \keepup -> Keine Datei <==== ACHTUNG
Task: {97BB35B8-0317-45F6-B0A7-1BC8A184F847} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-12-22] (Microsoft Corporation)
Task: {A314A88C-AFDB-470A-BADC-531068FA7CFD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {AE0A2B22-6D11-4360-B87C-B57539AE796E} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {AFA17095-B02F-4F6D-BD41-FEA6E473C667} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {B7EC1178-7401-49CB-A673-7E2078897724} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {BC9A6AE0-F474-40EE-8D19-DEAC32A7672F} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe
Task: {C1861428-E1EF-4E59-8DCB-1F86BFB82C23} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-11-09] (Glarysoft Ltd)
Task: {C1D22689-ACD4-4D22-9F02-714ADADA6437} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => start ThunderboltService
Task: {C88A9FB9-551C-428D-8BBA-8FDE021C2822} - \Convertor -> Keine Datei <==== ACHTUNG
Task: {C88ACA29-A7C0-4A66-8A75-D73EA1B9590C} - System32\Tasks\{6DDDBEB5-27E0-410D-806E-613EC08E3078} => pcalua.exe -a H:\FarCryAutoCD.exe -d H:\
Task: {C8DE3303-1801-4CBC-BDB8-9EADEC70A462} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {C9EE5C93-FDCF-463D-8149-D682F1480612} - System32\Tasks\{6B71DFFD-F7AE-4A6D-A0B3-26FD428303D3} => pcalua.exe -a I:\_isauto.exe -d I:\
Task: {D3CFE796-23AC-4F92-A3C5-4DDAE5871AF6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D49C32E1-654B-4E2A-97AC-340CE4796170} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D5400EAB-6F55-4487-B8F1-47FE5A5FF456} - \WPD\SqmUpload_S-1-5-21-2786200759-2278858845-1295660402-1001 -> Keine Datei <==== ACHTUNG
Task: {D8A21171-7310-4137-95FF-A1B5E1B64E40} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {D9DD9300-3117-43D6-A0AE-D77874AA2721} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {DF5AEB94-DA0D-4D51-8BF4-429BE1BB1B5C} - System32\Tasks\WiseCleaner\WDRSkipUAC => C:\Program Files (x86)\Wise\Wise Data Recovery\WiseDataRecovery.exe [2015-08-28] (WiseCleaner.com)
Task: {E07FEEE5-C35D-4E14-A008-FCAF4EF0C0D7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner64.exe [2016-12-06] (Piriform Ltd)
Task: {E13A3BFF-B63D-4C74-AF3A-52B98619CC24} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E415E5D5-1449-4CF8-AE6F-86074AEFAB06} - \DriverMgr -> Keine Datei <==== ACHTUNG
Task: {E42190F5-458B-4385-8915-DDBD26FF151D} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-06-03] (ASUS)
Task: {EAB75945-DAD7-4BB4-8AFD-B8FCE23DB0D1} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {EADE8BF1-7DC3-4C30-9763-14507819D5A6} - System32\Tasks\{C7C2286E-82AC-4DA0-B9E3-9BF42B0B9C92} => pcalua.exe -a "C:\Users\Magic\Downloads\Simcard Reader\Usb-SIM9.0\Setup.exe" -d "C:\Users\Magic\Downloads\Simcard Reader\Usb-SIM9.0"
Task: {EBCCBF76-3C91-457D-9258-2D8A627B00CC} - \WinKit -> Keine Datei <==== ACHTUNG
Task: {EF95605B-2020-4607-B540-621824F3038D} - \WordShark Auto Updater 1.10.0.20 Pending Update -> Keine Datei <==== ACHTUNG
Task: {F6833A5A-E639-43FF-B225-E1BAF8EBF77D} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-07-09] (ASUSTek Computer Inc.)
Task: {F83BD2D4-7F58-42E1-A3E1-034D35B254F6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FA9EC439-B980-4F45-925A-6BCCFB8B2E0F} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe
Task: {FB599219-0404-4FAC-BC17-76DC020A4C7E} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2015-12-18] (WiseCleaner.COM)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Magic\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nch.com.au/de/index.htm
Shortcut: C:\Users\Magic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eBook Converter\Website.lnk -> hxxp://www.ebook-converter.com
Shortcut: C:\Users\Public\Desktop\HELI-X6.1.lnk -> E:\Spiele\HELI-X6.1\runHELI-X.bat ()
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-21 13:37 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-26 11:36 - 2016-08-25 22:12 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe
2012-01-17 10:24 - 2012-01-17 10:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2016-08-20 15:07 - 2016-08-26 00:27 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-08-20 15:07 - 2016-08-26 00:27 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-08-20 15:07 - 2016-08-26 00:27 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-08-20 15:07 - 2016-08-26 00:27 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-12-20 11:09 - 2015-12-20 12:15 - 00066872 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-08-20 15:07 - 2016-08-26 00:27 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-08-20 15:07 - 2016-08-26 00:27 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-08-20 15:07 - 2016-08-26 00:27 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-08-20 15:07 - 2016-08-26 00:27 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-12-21 13:37 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-11-26 12:07 - 2016-11-26 12:07 - 01864384 _____ () C:\Users\Magic\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-11-26 11:32 - 2016-11-26 11:32 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-12-20 14:20 - 2016-12-20 14:21 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-20 14:20 - 2016-12-20 14:21 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-20 14:20 - 2016-12-20 14:21 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-20 14:20 - 2016-12-20 14:21 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2015-06-21 14:31 - 2015-07-16 00:54 - 00053832 _____ () C:\Windows\SysWOW64\UMonit64.exe
2017-01-03 19:57 - 2017-01-03 19:57 - 00566439 _____ () C:\Users\Magic\AppData\Local\JDownloader v2.0\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
2017-01-03 19:57 - 2017-01-03 19:57 - 04078962 _____ () C:\Users\Magic\AppData\Local\JDownloader v2.0\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
2016-12-27 14:41 - 2016-12-27 14:42 - 01274880 _____ () C:\ProgramData\firemin_2086\Firemin.exe
2014-10-24 22:41 - 2013-05-15 14:39 - 00463872 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
2016-08-20 15:07 - 2016-08-26 00:27 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-08-20 15:07 - 2016-08-26 00:27 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2014-10-24 22:35 - 2013-10-23 13:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-06-03 20:01 - 2014-06-03 20:01 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-06-03 20:01 - 2014-06-03 20:01 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-06-03 20:01 - 2014-06-03 20:01 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-06-03 20:01 - 2014-06-03 20:01 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2015-06-11 23:41 - 2016-08-26 00:27 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-02 10:42 - 2016-12-23 20:55 - 51777648 _____ () C:\Users\Magic\AppData\Roaming\Spotify\libcef.dll
2016-10-31 23:31 - 2016-12-23 20:55 - 00110192 _____ () C:\Users\Magic\AppData\Roaming\Spotify\SpotifyWinRT.dll
2016-10-02 10:42 - 2016-12-23 20:55 - 01803888 _____ () C:\Users\Magic\AppData\Roaming\Spotify\libglesv2.dll
2016-10-02 10:42 - 2016-12-23 20:55 - 00086128 _____ () C:\Users\Magic\AppData\Roaming\Spotify\libegl.dll
2016-12-04 11:12 - 2016-12-04 11:12 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2013-04-27 09:24 - 2013-04-27 09:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2786200759-2278858845-1295660402-1001\...\localhost -> localhost
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2786200759-2278858845-1295660402-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Magic\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Steganos HotKeys"
HKLM\...\StartupApproved\Run32: => "SSS17 Chrome Autofill Relay"
HKU\S-1-5-21-2786200759-2278858845-1295660402-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2786200759-2278858845-1295660402-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2786200759-2278858845-1295660402-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-2786200759-2278858845-1295660402-1001\...\StartupApproved\Run: => "SSS17 Browser Monitor"
HKU\S-1-5-21-2786200759-2278858845-1295660402-1001\...\StartupApproved\Run: => "SSS17_Update"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{A3378399-CD48-4CB5-84D7-AA5D39FC70F8}] => LPort=26675
FirewallRules: [{2E84CC4C-E897-4C77-A27C-F46453FF57A0}] => %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{BBDD3259-07C6-44F6-ACDA-C30926B10CD6}] => %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{7C7D8964-26FE-4394-BADF-F9E74C8CD7BB}] => C:\WINDOWS\system32\ftp.exe
FirewallRules: [{528E3B20-13FB-46C9-AF58-9068915F9CB0}] => C:\WINDOWS\system32\ftp.exe
FirewallRules: [UDP Query User{6D3D8870-60B9-477F-9EF4-10A7A077D974}C:\users\magic\appdata\roaming\spotify\spotify.exe] => C:\users\magic\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{557C37B9-4614-478A-A144-7BDBC0F71E55}C:\users\magic\appdata\roaming\spotify\spotify.exe] => C:\users\magic\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E22BCAAB-75C3-42D0-9B33-1479B209D63C}C:\users\magic\appdata\roaming\spotify\spotify.exe] => C:\users\magic\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{F5DBFFDF-EBC9-4C1C-9B44-C236D70E03F7}C:\users\magic\appdata\roaming\spotify\spotify.exe] => C:\users\magic\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D6220419-1177-47AA-BCCE-4354EE6502E4}] => C:\WINDOWS\system32\ftp.exe
FirewallRules: [UDP Query User{AA1BE5BE-4662-43B4-B05A-8C595D6A63AE}C:\program files (x86)\phonerlite\phonerlite.exe] => C:\program files (x86)\phonerlite\phonerlite.exe
FirewallRules: [TCP Query User{B59E3605-07DD-4DA6-B107-4CDF3267B3C3}C:\program files (x86)\phonerlite\phonerlite.exe] => C:\program files (x86)\phonerlite\phonerlite.exe
FirewallRules: [{0E9A4A87-8F02-48AE-9CD8-97EC18EEDEC6}] => D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{8C45D2C4-3DB8-4EE8-85D0-8885DBA46BDB}] => D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{107F23C2-6F3F-4987-B09E-6F79EC2669AA}] => E:\Steamgames\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{08A2F34E-AE03-4118-BF08-018EF54299B9}] => E:\Steamgames\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [UDP Query User{364DDEA2-DBB2-474A-85E0-FC444ADEE1EF}D:\steamlibrary\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe] => D:\steamlibrary\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [TCP Query User{D1D2AB1D-B0A3-4567-80CF-9CF793E2AC55}D:\steamlibrary\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe] => D:\steamlibrary\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{A2122F0D-4041-4156-BAE3-B4018F51C907}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DD7EB97E-8B1F-48C5-B2A4-53302643EB22}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7D321605-0DAF-44BA-BFC5-8988B33C7531}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0704D41B-6043-4C9F-AA02-1ACC4C8046D4}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EC6E740D-1623-4157-AC11-8D2A333FC11C}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B3592C47-CB5A-4520-82B2-F5DAC935DFF8}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7AE4DFFB-BAEE-423C-A3F8-4DD46D0A95AE}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{25102AAE-6315-4BFD-9E4E-AD686C0715A4}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{463E20D5-6EA5-439F-BDE9-E50E3A04997C}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C4D4FB5B-57E9-44B4-97FA-4272D4559CE7}] => C:\WINDOWS\SysWOW64\ftp.exe
FirewallRules: [{C8785C4F-5F64-4205-8BAA-997112F77B0B}] => C:\WINDOWS\SysWOW64\ftp.exe
FirewallRules: [{C070B80D-B7FA-4CD3-A06E-C49C4425DEB3}] => C:\WINDOWS\system32\ftp.exe
FirewallRules: [{24990052-623D-4BCE-8DD3-3E16C6BA298D}] => C:\WINDOWS\system32\ftp.exe
FirewallRules: [UDP Query User{A70A266F-DAD4-4595-9E4C-C01235C6232E}C:\program files (x86)\phonerlite\phonerlite.exe] => C:\program files (x86)\phonerlite\phonerlite.exe
FirewallRules: [TCP Query User{1B1E6CF6-3A42-415C-8E46-9A567FF849D1}C:\program files (x86)\phonerlite\phonerlite.exe] => C:\program files (x86)\phonerlite\phonerlite.exe
FirewallRules: [{9134E917-73DC-418D-B780-83B47836859E}] => H:\Stalker\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{F8696992-A57B-49B0-AC0E-DAFC89EF92E5}] => H:\Stalker\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{BE08A6D6-27E4-4D0F-AFCD-D1A7321611BC}] => H:\Stalker\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{F694934A-23E9-4515-8528-6E664F5FC484}] => H:\Stalker\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{9A3BCAAF-4EAA-4D4D-9936-86C5EDD9CC4F}] => C:\Program Files (x86)\Steam\steamapps\common\Relic Hunters Zero\RelicHuntersZero.exe
FirewallRules: [{82323557-1750-4503-88E9-1E11AFB3DBBC}] => C:\Program Files (x86)\Steam\steamapps\common\Relic Hunters Zero\RelicHuntersZero.exe
FirewallRules: [{86AA60AF-AF2B-4EA9-AA7A-DD5A61A762CA}] => E:\Steamgames\steamapps\common\Medusa's Labyrinth\Medusa.exe
FirewallRules: [{61904DB6-14ED-487B-9E54-CE31551B0BFE}] => E:\Steamgames\steamapps\common\Medusa's Labyrinth\Medusa.exe
FirewallRules: [{479A9F15-CD8A-40ED-9D69-273651CAE1CE}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8886E1F9-2343-42CF-9464-617EFDBA1349}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{E4B521B9-D8EC-4808-9515-36A56A1C58A4}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6C406380-A7C6-4C1C-A0E6-7C5674715F8D}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DF849CE4-D117-4CCE-A3DE-4B88B7CE20FB}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{8CE6309B-8A99-4C41-8E8C-4AD09DAD8382}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{CE249E79-E128-432D-A150-374BA9575B96}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{61CD42B7-590C-4E0B-8FF1-A9C91EC91EEC}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/04/2017 08:20:17 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (01/04/2017 08:20:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: OUTLAW)
Description: Das Paket „Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (01/03/2017 11:58:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: OUTLAW)
Description: Das Paket „Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (01/03/2017 10:05:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: OUTLAW)
Description: Das Paket „Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (01/03/2017 10:01:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: OUTLAW)
Description: Das Paket „Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (01/03/2017 10:01:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: OUTLAW)
Description: Das Paket „Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (01/03/2017 08:00:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: OUTLAW)
Description: Das Paket „Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (01/03/2017 08:00:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SearchUI.exe, Version 10.0.14393.447 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 3ea8
Startzeit: 01d265f3946500eb
Beendigungszeit: 4294967295
Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Berichts-ID: df887f14-d1e6-11e6-832b-ac9e17909450
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI
Error: (01/03/2017 08:00:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: OUTLAW)
Description: Das Paket „Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (01/03/2017 08:00:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: OUTLAW)
Description: Das Paket „Microsoft.Windows.ShellExperienceHost_10.0.14393.576_neutral_neutral_cw5n1h2txyewy+App“ wurde beendet, da das Anhalten zu lange dauerte.
Systemfehler:
=============
Error: (01/04/2017 07:51:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/03/2017 09:59:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/03/2017 07:57:32 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/03/2017 01:34:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AsusGameFirstService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/03/2017 01:34:38 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT-AUTORITÄT)
Description: Fehler "87" beim Laden der Kennwortbenachrichtigungs-DLL "". Stellen Sie sicher, dass der in der Registrierung definierte DLL-Pfad "HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages" sich auf einen korrekten und absoluten Pfad (<Laufwerk>:\<Pfad>\<Dateiname>.<Erw.>) bezieht und nicht auf einen relativen oder ungültigen Pfad. Wenn der DLL-Pfad falsch ist, stellen Sie sicher, dass sich alle Hilfsdateien im gleichen Verzeichnis befinden und dass das Systemkonto sowohl auf den DLL-Pfad als auch die Hilfsdateien Lesezugriff hat. Wenden Sie sich an den Anbieter der Benachrichtigungs-DLL, um weitere Unterstützung zu erhalten. Weitere Informationen finden Sie im Internet unter "hxxp://go.microsoft.com/fwlink/?LinkId=245898".
Error: (01/03/2017 01:34:07 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
Zugriff verweigert
Error: (01/03/2017 01:34:06 AM) (Source: DCOM) (EventID: 10010) (User: OUTLAW)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/03/2017 01:34:06 AM) (Source: DCOM) (EventID: 10010) (User: OUTLAW)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/03/2017 01:34:05 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (01/03/2017 01:33:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Cyberlink RichVideo64 Service(CRVS)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2017-01-04 19:55:08.143
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-04 19:55:00.046
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-04 19:54:56.485
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-04 19:54:54.268
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-04 19:54:54.192
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-04 19:54:53.507
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-04 19:54:47.840
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-03 22:02:57.963
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-03 22:02:50.607
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-03 22:02:50.282
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 16333.16 MB
Verfügbarer physikalischer RAM: 12214.14 MB
Summe virtueller Speicher: 18765.16 MB
Verfügbarer virtueller Speicher: 13650.23 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:95.39 GB) (Free:20.68 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:130.86 GB) (Free:8.2 GB) NTFS
Drive e: (Data1) (Fixed) (Total:465.75 GB) (Free:81.36 GB) NTFS
Drive f: (Data2) (Fixed) (Total:465.76 GB) (Free:10.77 GB) NTFS
Drive g: (STALKER) (CDROM) (Total:3.12 GB) (Free:0 GB) UDF
Drive h: (ESD-USB) (Removable) (Total:119.74 GB) (Free:13.99 GB) exFAT
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: C56CCB18)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: EAAFBC5E)
Partition: GPT.
========================================================
Disk: 2 (Size: 119.7 GB) (Disk ID: 0930975D)
Partition 1: (Not Active) - (Size=119.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
--- --- ---
Suche jetzt ob von den alten Logfiles noch was da ist..
Grüße Code:
23:47:14.0542 0x3874 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
23:47:14.0542 0x3874 UEFI system
23:47:21.0336 0x3874 ============================================================
23:47:21.0337 0x3874 Current date / time: 2016/12/29 23:47:21.0336
23:47:21.0337 0x3874 SystemInfo:
23:47:21.0337 0x3874
23:47:21.0337 0x3874 OS Version: 10.0.14393 ServicePack: 0.0
23:47:21.0337 0x3874 Product type: Workstation
23:47:21.0337 0x3874 ComputerName: OUTLAW
23:47:21.0337 0x3874 UserName: Magic
23:47:21.0338 0x3874 Windows directory: C:\WINDOWS
23:47:21.0338 0x3874 System windows directory: C:\WINDOWS
23:47:21.0338 0x3874 Running under WOW64
23:47:21.0338 0x3874 Processor architecture: Intel x64
23:47:21.0338 0x3874 Number of processors: 8
23:47:21.0338 0x3874 Page size: 0x1000
23:47:21.0338 0x3874 Boot type: Normal boot
23:47:21.0338 0x3874 CodeIntegrityOptions = 0x00000001
23:47:21.0338 0x3874 ============================================================
23:47:21.0647 0x3874 KLMD registered as C:\WINDOWS\system32\drivers\07768363.sys
23:47:21.0647 0x3874 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.576, osProperties = 0x19
23:47:22.0521 0x3874 System UUID: {0A786863-56D2-3542-01D2-8B2A6CA8FB50}
23:47:23.0451 0x3874 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:47:23.0729 0x3874 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:47:24.0848 0x3874 Drive \Device\Harddisk2\DR2 - Size: 0x1DEFF00000 ( 119.75 Gb ), SectorSize: 0x200, Cylinders: 0x3D10, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:47:24.0852 0x3874 ============================================================
23:47:24.0852 0x3874 \Device\Harddisk0\DR0:
23:47:24.0853 0x3874 GPT partitions:
23:47:24.0854 0x3874 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {7A6B32F8-C932-4E8B-A54A-DE07D0BB066A}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
23:47:24.0854 0x3874 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {8EED4308-643D-4896-90C9-3AC676459633}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
23:47:24.0855 0x3874 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EC98BE07-4CC1-4D95-9DCD-7A1E5709A54C}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0xBEC6000
23:47:24.0855 0x3874 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EEED34BB-AE47-4C2C-BDD6-998300B1DA85}, Name: Basic data partition, StartLBA 0xBF38800, BlocksNum 0x105B9800
23:47:24.0855 0x3874 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {740C8B9D-D48F-40C4-887F-F8E2A7732315}, Name: Basic data partition, StartLBA 0x1C4F2000, BlocksNum 0x1801000
23:47:24.0855 0x3874 MBR partitions:
23:47:24.0855 0x3874 \Device\Harddisk1\DR1:
23:47:24.0855 0x3874 GPT partitions:
23:47:24.0856 0x3874 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1D8C42B2-F515-47D5-AAC2-9A5F9BD589AB}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x3A382800
23:47:24.0856 0x3874 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0FD799F3-9B31-4A93-9915-988F6F0E4792}, Name: Basic data partition, StartLBA 0x3A383000, BlocksNum 0x3A383800
23:47:24.0856 0x3874 MBR partitions:
23:47:24.0856 0x3874 \Device\Harddisk2\DR2:
23:47:24.0857 0x3874 MBR partitions:
23:47:24.0857 0x3874 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xEF7F7C1
23:47:24.0857 0x3874 ============================================================
23:47:24.0860 0x3874 C: <-> \Device\Harddisk0\DR0\Partition3
Code:
23:48:15.0196 0x34d4 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
23:48:15.0196 0x34d4 UEFI system
23:48:18.0401 0x34d4 ============================================================
23:48:18.0401 0x34d4 Current date / time: 2016/12/29 23:48:18.0401
23:48:18.0402 0x34d4 SystemInfo:
23:48:18.0402 0x34d4
23:48:18.0402 0x34d4 OS Version: 10.0.14393 ServicePack: 0.0
23:48:18.0402 0x34d4 Product type: Workstation
23:48:18.0402 0x34d4 ComputerName: OUTLAW
23:48:18.0402 0x34d4 UserName: Magic
23:48:18.0402 0x34d4 Windows directory: C:\WINDOWS
23:48:18.0402 0x34d4 System windows directory: C:\WINDOWS
23:48:18.0402 0x34d4 Running under WOW64
23:48:18.0402 0x34d4 Processor architecture: Intel x64
23:48:18.0402 0x34d4 Number of processors: 8
23:48:18.0402 0x34d4 Page size: 0x1000
23:48:18.0402 0x34d4 Boot type: Normal boot
23:48:18.0402 0x34d4 CodeIntegrityOptions = 0x00000001
23:48:18.0402 0x34d4 ============================================================
23:48:18.0406 0x34d4 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.576, osProperties = 0x19
23:48:19.0096 0x34d4 System UUID: {0A786863-56D2-3542-01D2-8B2A6CA8FB50}
23:48:19.0972 0x34d4 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:48:20.0249 0x34d4 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:48:21.0342 0x34d4 Drive \Device\Harddisk2\DR2 - Size: 0x1DEFF00000 ( 119.75 Gb ), SectorSize: 0x200, Cylinders: 0x3D10, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:48:21.0346 0x34d4 ============================================================
23:48:21.0346 0x34d4 \Device\Harddisk0\DR0:
23:48:21.0347 0x34d4 GPT partitions:
23:48:21.0348 0x34d4 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {7A6B32F8-C932-4E8B-A54A-DE07D0BB066A}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
23:48:21.0349 0x34d4 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {8EED4308-643D-4896-90C9-3AC676459633}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
23:48:21.0349 0x34d4 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EC98BE07-4CC1-4D95-9DCD-7A1E5709A54C}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0xBEC6000
23:48:21.0349 0x34d4 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EEED34BB-AE47-4C2C-BDD6-998300B1DA85}, Name: Basic data partition, StartLBA 0xBF38800, BlocksNum 0x105B9800
23:48:21.0349 0x34d4 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {740C8B9D-D48F-40C4-887F-F8E2A7732315}, Name: Basic data partition, StartLBA 0x1C4F2000, BlocksNum 0x1801000
23:48:21.0349 0x34d4 MBR partitions:
23:48:21.0349 0x34d4 \Device\Harddisk1\DR1:
23:48:21.0391 0x34d4 GPT partitions:
23:48:21.0392 0x34d4 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1D8C42B2-F515-47D5-AAC2-9A5F9BD589AB}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x3A382800
23:48:21.0392 0x34d4 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0FD799F3-9B31-4A93-9915-988F6F0E4792}, Name: Basic data partition, StartLBA 0x3A383000, BlocksNum 0x3A383800
23:48:21.0392 0x34d4 MBR partitions:
23:48:21.0392 0x34d4 \Device\Harddisk2\DR2:
23:48:21.0393 0x34d4 MBR partitions:
23:48:21.0393 0x34d4 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xEF7F7C1
23:48:21.0393 0x34d4 ============================================================
23:48:21.0396 0x34d4 C: <-> \Device\Harddisk0\DR0\Partition3
23:48:21.0398 0x34d4 D: <-> \Device\Harddisk0\DR0\Partition4
23:48:21.0412 0x34d4 E: <-> \Device\Harddisk1\DR1\Partition1
23:48:21.0450 0x34d4 F: <-> \Device\Harddisk1\DR1\Partition2
23:48:21.0450 0x34d4 ============================================================
23:48:21.0450 0x34d4 Initialize success
23:48:21.0450 0x34d4 ============================================================
23:48:23.0400 0x34e4 ============================================================
23:48:23.0400 0x34e4 Scan started
23:48:23.0400 0x34e4 Mode: Manual;
23:48:23.0400 0x34e4 ============================================================
23:48:23.0400 0x34e4 KSN ping started
23:48:23.0429 0x34e4 KSN ping finished: false
JRT Logfile: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.8 (09.20.2016)
Operating System: Windows 10 Home x64
Ran by Magic (Administrator) on 04.01.2017 at 21:10:05,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 4
Successfully deleted: C:\Users\Magic\AppData\Roaming\dll-files.com (Folder)
Successfully deleted: C:\Users\Magic\AppData\Roaming\Mozilla\Firefox\Profiles\ozg7dh2g.default\user.js (File)
Successfully deleted: C:\WINDOWS\system32\Tasks\Wise Turbo Checker.job (Task)
Successfully deleted: C:\WINDOWS\prefetch\OKAYFREEDOMCLIENT.EXE-74E257E5.pf (File)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.01.2017 at 21:17:48,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---
avast-browser-cleanup
und
esetsmartinstaller_deu
(alles in der Grundkonfiguration ,bzw. automatisch entfernen.)
lief schon, bei letzterem wurden 4 Sachen gefunden hat aber ca. 9h gedauert ;-(( |
Lesestoff:
FRST 32-Bit | FRST 64-Bit