helpme156 | 23.11.2016 15:52 | Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2016 01
durchgeführt von ducanh (Administrator) auf VIP (23-11-2016 14:43:23)
Gestartet von C:\Users\ducanh\Desktop
Geladene Profile: ducanh (Verfügbare Profile: ducanh & Administrator)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(%CFullName%) C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\ducanh\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\ducanh\AppData\Roaming\Spotify\Spotify.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Spotify Ltd) C:\Users\ducanh\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\ducanh\AppData\Roaming\Spotify\Spotify.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Spotify Ltd) C:\Users\ducanh\AppData\Roaming\Spotify\Spotify.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
(IO3O LLC) C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\mywifi.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7642328 2016-01-25] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2198872 2014-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2811120 2014-03-13] (Synaptics Incorporated)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5250280 2015-12-04] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-10-28] (Apple Inc.)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-09-14] (COMODO)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896608 2015-12-01] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)
HKU\S-1-5-21-4038466168-2714463032-1615967804-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom)
HKU\S-1-5-21-4038466168-2714463032-1615967804-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27021952 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4038466168-2714463032-1615967804-1001\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1728952 2015-06-22] (CyberLink Corp.)
HKU\S-1-5-21-4038466168-2714463032-1615967804-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-4038466168-2714463032-1615967804-1001\...\Run: [Spotify Web Helper] => C:\Users\ducanh\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-11-13] (Spotify Ltd)
HKU\S-1-5-21-4038466168-2714463032-1615967804-1001\...\Run: [Spotify] => C:\Users\ducanh\AppData\Roaming\Spotify\Spotify.exe [6987376 2016-11-13] (Spotify Ltd)
HKU\S-1-5-21-4038466168-2714463032-1615967804-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-4038466168-2714463032-1615967804-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-4038466168-2714463032-1615967804-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-4038466168-2714463032-1615967804-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-4038466168-2714463032-1615967804-1001\...\MountPoints2: {4002a6a9-1392-11e5-8288-a08869bf085f} - "G:\HTC_Sync_Manager_PC.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-05-12]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2015-12-04]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Who Is On My Wifi.lnk [2016-08-30]
ShortcutTarget: Who Is On My Wifi.lnk -> C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\mywifi.exe (IO3O LLC)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{4BDC64C7-1BFA-40ED-BBD8-617C53B4CA6F}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{BB2EEAC3-52F6-42A4-8DFE-2CDFECA0FAF2}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{DC171AA7-770F-4C4A-9599-6C9E21E36C8C}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-4038466168-2714463032-1615967804-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131237249141147113&GUID=DDE61BD2-0B14-9938-4ABA-529488C50ADF
HKU\S-1-5-21-4038466168-2714463032-1615967804-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
SearchScopes: HKLM -> {A1646118-552A-42A1-A4E7-A43AB3F0603F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-4038466168-2714463032-1615967804-1001 -> DefaultScope {ABAA9DAC-E150-11E4-825E-A08869BF085F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4038466168-2714463032-1615967804-1001 -> {ABAA9DAC-E150-11E4-825E-A08869BF085F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
FireFox:
========
FF ProfilePath: C:\Users\ducanh\AppData\Roaming\TomTom\HOME\Profiles\27zmdx5y.default [2016-04-15]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2015-11-02] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2016-01-14] [ist nicht signiert]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-22] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433760 2015-12-01] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413280 2015-12-01] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855648 2015-12-01] (BlueStack Systems, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817256 2016-09-15] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-09-14] (COMODO)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [315376 2016-01-25] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-04-22] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-03-28] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20539168 2014-03-28] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [124928 2015-07-02] (Softex Inc.) [Datei ist nicht signiert]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2016-01-25] (Realtek Semiconductor)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5250280 2015-12-04] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [190704 2014-03-13] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2015-04-22] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146016 2015-12-01] (BlueStack Systems)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-08] (CyberLink)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [32224 2016-08-31] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [853904 2016-08-31] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [45592 2016-08-31] (COMODO)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [162512 2014-02-14] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [138560 2016-08-31] (COMODO)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 Neo_VPN; C:\WINDOWS\system32\DRIVERS\Neo_VPN.sys [38432 2015-12-04] (SoftEther Corporation)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3497752 2015-04-16] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [40392 2014-03-28] (NVIDIA Corporation)
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [506072 2016-06-15] (Realsil Semiconductor Corporation)
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [51232 2015-12-04] (SoftEther Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-03-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-03-13] (Synaptics Incorporated)
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 X6va062; \??\C:\WINDOWS\SysWOW64\Drivers\X6va062 [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-11-22 17:06 - 2016-11-23 14:31 - 00000990 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-22 17:06 - 2016-11-23 02:11 - 00000994 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-22 17:06 - 2016-11-22 17:06 - 00003966 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-11-22 17:06 - 2016-11-22 17:06 - 00003730 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-11-22 17:06 - 2016-11-22 17:06 - 00002294 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-22 17:06 - 2016-11-22 17:06 - 00002282 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-20 19:55 - 2016-11-20 19:55 - 00000544 _____ C:\Users\ducanh\Desktop\JRT.txt
2016-11-20 18:20 - 2016-11-20 18:20 - 00001057 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2016-11-20 18:20 - 2016-11-20 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-11-20 18:20 - 2016-11-20 18:20 - 00000000 ____D C:\Program Files\VS Revo Group
2016-11-20 18:19 - 2016-11-20 18:19 - 07100088 _____ (VS Revo Group ) C:\Users\ducanh\Downloads\revosetup201.exe
2016-11-20 07:14 - 2016-11-20 07:14 - 00852720 _____ C:\Users\ducanh\Downloads\SecurityCheck.exe
2016-11-20 07:10 - 2016-11-20 07:10 - 00852720 _____ C:\Users\ducanh\Desktop\SecurityCheck.exe
2016-11-20 07:08 - 2016-11-20 07:08 - 00004456 _____ C:\Users\ducanh\Downloads\asdasd.txt
2016-11-19 22:39 - 2016-11-19 22:39 - 00032276 _____ C:\Users\ducanh\Desktop\mbam.txt
2016-11-19 21:19 - 2016-11-19 21:19 - 00000000 ____D C:\Program Files (x86)\ESET
2016-11-19 21:18 - 2016-11-19 21:18 - 02870984 _____ (ESET) C:\Users\ducanh\Downloads\esetsmartinstaller_deu.exe
2016-11-19 21:04 - 2016-11-19 21:04 - 00030420 _____ C:\Users\ducanh\Desktop\mbamlog.txt
2016-11-19 20:47 - 2016-11-19 20:47 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-11-19 20:47 - 2016-11-19 20:47 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-11-19 20:47 - 2016-11-19 20:47 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-11-19 20:47 - 2016-11-19 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-19 20:47 - 2016-11-19 20:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-19 20:45 - 2016-11-19 20:46 - 22851472 _____ (Malwarebytes ) C:\Users\ducanh\Downloads\mbam-setup-2.2.1.1043.exe
2016-11-19 20:31 - 2016-11-21 20:37 - 00052159 _____ C:\Users\ducanh\Desktop\Addition.txt
2016-11-19 20:29 - 2016-11-23 14:43 - 00022770 _____ C:\Users\ducanh\Desktop\FRST.txt
2016-11-19 14:46 - 2016-11-21 20:34 - 00000000 ____D C:\Users\ducanh\Desktop\FRST-OlderVersion
2016-11-19 14:46 - 2016-11-19 20:40 - 00002597 _____ C:\Users\ducanh\Desktop\Fixlog.txt
2016-11-19 14:45 - 2016-11-23 14:43 - 00000000 ____D C:\FRST
2016-11-18 21:21 - 2016-11-19 13:14 - 00000000 ____D C:\Users\ducanh\Downloads\FRST-OlderVersion
2016-11-17 22:18 - 2016-11-17 22:18 - 01631928 _____ (Malwarebytes) C:\Users\ducanh\Desktop\JRT.exe
2016-11-17 21:40 - 2016-11-20 19:44 - 00000000 ____D C:\AdwCleaner
2016-11-17 21:40 - 2016-11-17 21:40 - 03910208 _____ C:\Users\ducanh\Downloads\AdwCleaner_6.030.exe
2016-11-16 21:49 - 2016-11-16 21:50 - 00250840 _____ C:\TDSSKiller.3.1.0.12_16.11.2016_21.49.49_log.txt
2016-11-16 21:49 - 2016-11-16 21:49 - 04747704 _____ (AO Kaspersky Lab) C:\Users\ducanh\Downloads\tdsskiller (2).exe
2016-11-16 21:38 - 2016-11-16 21:49 - 00849254 _____ C:\TDSSKiller.3.1.0.12_16.11.2016_21.38.19_log.txt
2016-11-16 21:38 - 2016-11-16 21:38 - 04747704 _____ (AO Kaspersky Lab) C:\Users\ducanh\Downloads\tdsskiller (1).exe
2016-11-16 21:34 - 2016-11-16 21:38 - 00248970 _____ C:\TDSSKiller.3.1.0.12_16.11.2016_21.34.25_log.txt
2016-11-16 21:34 - 2016-11-16 21:34 - 04747704 _____ (AO Kaspersky Lab) C:\Users\ducanh\Downloads\tdsskiller.exe
2016-11-16 14:31 - 2016-11-19 22:37 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-16 14:31 - 2016-11-19 20:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-16 14:31 - 2016-11-17 21:36 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-11-16 14:30 - 2016-11-19 20:47 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-11-16 14:30 - 2016-11-16 21:32 - 00000000 ____D C:\Users\ducanh\Desktop\mbar
2016-11-16 14:30 - 2016-11-16 14:30 - 16563352 _____ (Malwarebytes Corp.) C:\Users\ducanh\Downloads\mbar-1.09.3.1001.exe
2016-11-16 14:04 - 2016-11-16 14:04 - 00014652 _____ C:\Users\ducanh\Desktop\virus.htm
2016-11-16 02:51 - 2016-11-18 21:23 - 00039428 _____ C:\Users\ducanh\Downloads\Addition.txt
2016-11-16 02:32 - 2016-11-19 13:16 - 00102900 _____ C:\Users\ducanh\Downloads\FRST.txt
2016-11-16 02:31 - 2016-11-16 02:53 - 00000000 ___HD C:\VTRoot
2016-11-16 02:30 - 2016-11-21 20:34 - 02412544 _____ (Farbar) C:\Users\ducanh\Desktop\FRST64.exe
2016-11-16 02:30 - 2016-11-20 19:40 - 00082334 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2016-11-16 01:43 - 2016-11-16 01:43 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2016-11-16 01:21 - 2016-11-16 01:21 - 00001141 _____ C:\Users\ducanh\Desktop\Battle.net.lnk
2016-11-16 00:23 - 2016-11-16 00:23 - 00000000 ____D C:\NVIDIA Corporation
2016-11-16 00:20 - 2016-11-23 14:39 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2016-11-16 00:20 - 2016-11-16 00:20 - 00001904 _____ C:\Users\Public\Desktop\COMODO Internet Security.lnk
2016-11-16 00:20 - 2016-11-16 00:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2016-11-16 00:20 - 2016-11-16 00:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2016-11-16 00:19 - 2016-11-16 00:19 - 00000000 ____D C:\Program Files\COMODO
2016-11-16 00:17 - 2016-11-16 00:18 - 00000000 ____D C:\ProgramData\Comodo
2016-11-16 00:17 - 2016-11-16 00:17 - 71955456 _____ (COMODO) C:\Users\ducanh\Downloads\cispremium_only_installer.exe
2016-11-16 00:17 - 2016-11-16 00:17 - 00000000 ____D C:\ProgramData\Shared Space
2016-11-16 00:13 - 2016-11-17 22:11 - 00000008 __RSH C:\Users\ducanh\ntuser.pol
2016-11-16 00:10 - 2016-11-17 22:11 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-11-16 00:07 - 2016-11-16 00:07 - 00594944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\ducanh\Documents\libeay32.dll
2016-11-16 00:07 - 2016-11-16 00:07 - 00152576 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\ducanh\Documents\ssleay32.dll
2016-11-16 00:06 - 2016-11-16 00:30 - 00000000 ____D C:\WINDOWS\system32\SSL
2016-11-15 23:58 - 2016-11-16 00:01 - 73981120 _____ (NVIDIA Corporation) C:\Users\ducanh\Documents\GeForce_Experience_v3.1.0.52.exe
2016-11-14 19:03 - 2016-11-20 19:37 - 00000000 ____D C:\Users\ducanh\AppData\Roaming\TS3Client
2016-11-14 19:03 - 2016-11-14 19:03 - 00000986 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-11-14 19:03 - 2016-11-14 19:03 - 00000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-11-14 19:03 - 2016-11-14 19:03 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-11-14 01:53 - 2016-11-14 01:53 - 00000219 _____ C:\Users\ducanh\Desktop\Counter-Strike Global Offensive.url
2016-11-09 16:40 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-09 16:39 - 2016-11-02 21:48 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-09 16:39 - 2016-11-02 21:48 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-09 16:39 - 2016-11-02 15:03 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-09 16:39 - 2016-11-02 15:00 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-09 16:39 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-11-09 16:39 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-09 16:39 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-11-09 16:39 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-09 16:39 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-09 16:39 - 2016-10-27 19:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-09 16:39 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-09 16:39 - 2016-10-27 18:57 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-09 16:39 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-11-09 16:39 - 2016-10-27 18:47 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-11-09 16:39 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-11-09 16:39 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-11-09 16:39 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-11-09 16:39 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-09 16:39 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-09 16:39 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-09 16:39 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 16:39 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-09 16:39 - 2016-10-25 15:11 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-09 16:39 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-11-09 16:39 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-11-09 16:39 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-09 16:39 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-11-09 16:39 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-09 16:39 - 2016-10-22 17:57 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-09 16:39 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-09 16:39 - 2016-10-22 17:51 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-09 16:39 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-11-09 16:39 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-11-09 16:39 - 2016-10-22 17:45 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-11-09 16:39 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-09 16:39 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-11-09 16:39 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-09 16:39 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-09 16:39 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-09 16:39 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-09 16:39 - 2016-10-13 20:06 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-09 16:39 - 2016-10-13 20:06 - 01124376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-09 16:39 - 2016-10-12 09:01 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-09 16:39 - 2016-10-11 21:21 - 00497448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-09 16:39 - 2016-10-11 21:21 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-09 16:39 - 2016-10-11 19:34 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 16:39 - 2016-10-11 18:47 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-09 16:39 - 2016-10-11 17:55 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-09 16:39 - 2016-10-10 22:17 - 00444248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-09 16:39 - 2016-10-10 22:17 - 00333656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-09 16:39 - 2016-10-09 23:59 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-09 16:39 - 2016-10-09 00:12 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-11-09 16:39 - 2016-10-08 23:53 - 03754496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 16:39 - 2016-10-08 23:21 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-09 16:39 - 2016-10-08 23:18 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-11-09 16:39 - 2016-10-08 23:07 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 16:39 - 2016-10-08 23:02 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-11-09 16:39 - 2016-10-08 22:49 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-09 16:39 - 2016-10-08 22:21 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-09 16:39 - 2016-10-08 02:34 - 01660040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-09 16:39 - 2016-10-08 02:34 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-09 16:39 - 2016-10-04 21:39 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-09 16:39 - 2016-10-04 21:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-09 16:39 - 2016-10-04 21:08 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-09 16:39 - 2016-10-04 21:08 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-09 16:39 - 2016-09-09 23:52 - 00921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2016-11-09 16:39 - 2016-09-09 23:14 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2016-11-09 16:39 - 2016-09-09 15:15 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-11-09 16:39 - 2016-09-09 15:09 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2016-11-09 16:39 - 2016-09-09 15:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-11-09 16:39 - 2016-09-09 15:03 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-11-09 16:39 - 2016-09-09 15:02 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-11-09 16:39 - 2016-09-09 14:38 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-09 16:39 - 2016-09-03 19:20 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsidsc.dll
2016-11-09 16:39 - 2016-09-03 19:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2016-11-09 16:39 - 2016-09-03 18:21 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsidsc.dll
2016-11-09 16:39 - 2016-09-03 17:12 - 00512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-11-09 16:39 - 2016-09-03 17:05 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-11-09 16:39 - 2016-09-03 16:58 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-11-09 16:39 - 2016-09-02 15:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-11-09 16:39 - 2016-09-02 15:05 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-11-09 16:39 - 2016-09-01 15:33 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-11-09 16:39 - 2016-09-01 15:33 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-11-09 16:39 - 2016-09-01 15:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-11-09 16:39 - 2016-08-30 15:11 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-09 16:39 - 2016-08-30 03:45 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll
2016-11-09 16:39 - 2016-08-30 03:18 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-11-09 16:39 - 2016-08-30 03:18 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-11-09 16:39 - 2016-08-30 03:03 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-11-09 16:39 - 2016-08-22 14:34 - 01628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-11-01 19:36 - 2016-11-01 19:36 - 00001772 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-11-01 19:36 - 2016-11-01 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-11-01 19:35 - 2016-11-01 19:36 - 00000000 ____D C:\Program Files\iTunes
2016-11-01 19:35 - 2016-11-01 19:35 - 00000000 ____D C:\Program Files\iPod
2016-10-31 17:03 - 2016-10-31 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-10-25 17:34 - 2016-10-25 17:34 - 00000000 ____D C:\Users\ducanh\AppData\Local\Arktos Entertainment
2016-10-25 17:25 - 2016-10-25 17:25 - 00000000 ____D C:\Users\ducanh\Documents\FredaikisAB
2016-10-25 17:25 - 2016-10-25 17:25 - 00000000 ____D C:\Users\ducanh\AppData\Local\FredaikisAB
2016-10-25 17:23 - 2016-10-25 17:23 - 00000000 ____D C:\Users\ducanh\Desktop\a
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-11-23 14:41 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-23 14:41 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-23 14:37 - 2016-02-16 19:11 - 00000000 ____D C:\Users\ducanh\AppData\Roaming\Spotify
2016-11-23 14:33 - 2016-01-27 17:22 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-23 14:33 - 2014-06-06 14:31 - 00000000 ____D C:\Users\ducanh\Documents\Youcam
2016-11-23 14:32 - 2016-08-30 21:20 - 00000000 ____D C:\wifidata
2016-11-23 14:32 - 2016-05-16 01:52 - 00000000 ___RD C:\Users\ducanh\iCloudDrive
2016-11-23 14:32 - 2016-02-16 19:11 - 00000000 ____D C:\Users\ducanh\AppData\Local\Spotify
2016-11-22 22:31 - 2016-08-30 21:01 - 00003160 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForducanh
2016-11-22 22:31 - 2016-08-30 21:01 - 00000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForducanh.job
2016-11-22 22:16 - 2015-04-16 21:12 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-11-22 21:02 - 2016-04-13 16:09 - 00000000 ____D C:\Users\ducanh\Desktop\PBE
2016-11-22 17:29 - 2015-04-12 16:35 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4038466168-2714463032-1615967804-1001
2016-11-22 17:21 - 2014-06-06 15:52 - 00001727 _____ C:\Users\ducanh\Desktop\Play League of Legends.lnk
2016-11-22 17:20 - 2015-04-12 16:54 - 00001727 _____ C:\Users\Public\Desktop\League of Legends.lnk
2016-11-22 17:07 - 2015-04-12 16:33 - 00000000 ____D C:\Users\ducanh\AppData\Local\Google
2016-11-22 17:06 - 2015-04-12 16:33 - 00000000 ____D C:\Users\ducanh\AppData\Local\Deployment
2016-11-22 17:06 - 2015-04-12 16:33 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-21 21:26 - 2015-05-01 18:40 - 00000000 ____D C:\Users\ducanh\AppData\Roaming\Skype
2016-11-20 23:42 - 2015-04-19 10:04 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-11-20 19:46 - 2015-12-04 19:52 - 00000000 ____D C:\Program Files\SoftEther VPN Client
2016-11-20 19:41 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-20 18:40 - 2015-10-20 19:00 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-11-20 18:40 - 2015-10-20 18:59 - 00000000 ____D C:\ProgramData\Battle.net
2016-11-20 18:31 - 2015-04-12 16:44 - 00000000 ____D C:\Users\ducanh\AppData\Local\CrashDumps
2016-11-19 21:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppCompat
2016-11-19 21:04 - 2015-12-14 16:03 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2016-11-19 14:47 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-11-17 22:18 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-11-17 22:11 - 2015-04-12 16:24 - 00000000 ____D C:\Users\ducanh
2016-11-16 14:51 - 2016-10-23 02:14 - 00000000 ___RD C:\Users\ducanh\Desktop\dfgg
2016-11-16 02:45 - 2014-05-12 19:24 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-16 00:51 - 2016-02-21 13:42 - 00000000 ____D C:\Wooxy
2016-11-16 00:51 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-16 00:50 - 2015-12-03 18:40 - 00000000 ____D C:\Boom
2016-11-16 00:39 - 2015-04-16 21:12 - 00000000 ____D C:\Program Files (x86)\AutoIt3
2016-11-16 00:38 - 2013-08-22 16:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-16 00:23 - 2015-04-12 16:49 - 00000000 ____D C:\NVIDIA
2016-11-16 00:08 - 2016-10-09 22:41 - 00000000 ____D C:\Program Files (x86)\InfestationNewZ
2016-11-16 00:08 - 2016-08-30 21:20 - 00000000 ____D C:\Program Files (x86)\IO3O LLC
2016-11-16 00:08 - 2016-04-20 23:52 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-11-16 00:08 - 2016-04-15 23:11 - 00000000 ____D C:\Program Files (x86)\7-Zip
2016-11-16 00:08 - 2016-01-16 21:32 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-11-16 00:08 - 2016-01-14 18:16 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-11-16 00:08 - 2016-01-14 16:50 - 00000000 ____D C:\Program Files (x86)\HP
2016-11-16 00:08 - 2015-12-26 19:53 - 00000000 ____D C:\Program Files (x86)\Opera
2016-11-16 00:08 - 2015-11-29 01:20 - 00000000 ____D C:\Program Files (x86)\Boom
2016-11-16 00:08 - 2015-11-02 23:59 - 00000000 ____D C:\Program Files (x86)\MyDrive Connect
2016-11-16 00:08 - 2015-11-02 23:50 - 00000000 ____D C:\Program Files (x86)\TomTom HOME 2
2016-11-16 00:08 - 2015-11-02 23:49 - 00000000 ____D C:\Program Files (x86)\TomTom International B.V
2016-11-16 00:08 - 2015-10-20 19:05 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2016-11-16 00:08 - 2015-10-20 18:59 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-11-16 00:08 - 2015-06-21 19:42 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-11-16 00:08 - 2015-06-21 19:40 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2016-11-16 00:08 - 2015-06-21 19:40 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-11-16 00:08 - 2015-06-11 22:03 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2016-11-16 00:08 - 2015-05-01 18:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-16 00:08 - 2015-05-01 14:34 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2016-11-16 00:08 - 2015-04-20 00:03 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2016-11-16 00:08 - 2015-04-12 16:54 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-11-16 00:08 - 2014-07-20 23:42 - 00000000 ____D C:\csmtalk
2016-11-16 00:08 - 2014-07-20 12:39 - 00000000 ____D C:\Temp
2016-11-16 00:08 - 2014-05-12 19:43 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-11-16 00:08 - 2014-05-12 19:36 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-11-16 00:08 - 2014-05-12 19:36 - 00000000 ____D C:\Program Files (x86)\WildGames
2016-11-16 00:08 - 2014-05-12 19:34 - 00000000 ____D C:\Program Files (x86)\CyberLink
2016-11-16 00:08 - 2014-05-12 19:21 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-16 00:08 - 2014-05-12 19:18 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-11-16 00:08 - 2014-05-12 19:17 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-11-16 00:08 - 2014-05-12 19:12 - 00000000 ____D C:\Program Files (x86)\Intel
2016-11-16 00:08 - 2014-05-06 20:59 - 00000000 ___RD C:\Program Files (x86)\Online Services
2016-11-16 00:08 - 2014-05-06 20:59 - 00000000 ____D C:\Program Files (x86)\Evernote
2016-11-16 00:08 - 2014-05-06 20:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-16 00:08 - 2014-05-06 20:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-11-16 00:08 - 2014-05-06 20:50 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-11-16 00:08 - 2014-04-02 10:50 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-11-16 00:08 - 2014-04-02 10:50 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-11-16 00:08 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-11-16 00:08 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-11-16 00:08 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-11-16 00:08 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-11-16 00:08 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-11-16 00:08 - 2013-08-22 16:36 - 00000000 ____D C:\PerfLogs
2016-11-15 23:58 - 2013-08-22 14:25 - 00000223 _____ C:\WINDOWS\win.ini
2016-11-15 23:37 - 2014-05-12 19:21 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-15 12:28 - 2014-05-07 06:28 - 00787018 _____ C:\WINDOWS\system32\perfh007.dat
2016-11-15 12:28 - 2014-05-07 06:28 - 00170888 _____ C:\WINDOWS\system32\perfc007.dat
2016-11-15 12:28 - 2014-03-18 10:53 - 01924576 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-14 17:06 - 2016-01-27 17:07 - 00000000 ____D C:\Users\ducanh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-11-10 16:16 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-11-10 14:18 - 2013-08-22 15:44 - 00378816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-10 00:25 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-11-09 18:57 - 2015-04-22 08:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-09 18:54 - 2015-04-22 08:31 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-03 19:52 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-11-01 20:41 - 2016-03-19 17:12 - 00000000 ____D C:\Users\ducanh\AppData\LocalLow\Smartly Dressed Games
2016-11-01 19:35 - 2015-04-12 16:50 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-10-28 22:04 - 2013-08-22 16:38 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-28 22:04 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-28 16:31 - 2015-05-01 18:40 - 00000000 ____D C:\ProgramData\Skype
2016-10-28 02:22 - 2015-05-08 15:38 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-25 18:10 - 2015-11-25 18:17 - 0002633 _____ () C:\Users\ducanh\AppData\Roaming\droid4xinstaller.log
2016-05-10 14:09 - 2016-05-10 14:09 - 0007608 _____ () C:\Users\ducanh\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\ducanh\AppData\Local\Temp\libeay32.dll
C:\Users\ducanh\AppData\Local\Temp\msvcr120.dll
C:\Users\ducanh\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-11-19 16:35
==================== Ende von FRST.txt ============================ Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-11-2016 01
durchgeführt von ducanh (23-11-2016 14:44:17)
Gestartet von C:\Users\ducanh\Desktop
Windows 8.1 (Update) (X64) (2015-04-12 15:26:00)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4038466168-2714463032-1615967804-500 - Administrator - Disabled) => C:\Users\Administrator
ducanh (S-1-5-21-4038466168-2714463032-1615967804-1001 - Administrator - Enabled) => C:\Users\ducanh
Gast (S-1-5-21-4038466168-2714463032-1615967804-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4038466168-2714463032-1615967804-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: COMODO Antivirus (Enabled - Out of date) {D0CC7563-ABD2-DEBE-138E-FDD553335AF2}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Enabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.14 (HKLM-x32\...\7-Zip) (Version: 15.14 - Igor Pavlov)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AutoIt v3.3.12.0 (HKLM-x32\...\AutoItv3) (Version: 3.3.12.0 - AutoIt Team)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BlueStacks App Player (HKLM-x32\...\{D080F290-4B2A-4C67-9757-63DA0C6E8855}) (Version: 2.0.0.1011 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
COMODO Internet Security Premium (HKLM\...\{C7C71F0C-4CC1-4B17-943C-96E5196DDA74}) (Version: 8.4.0.5165 - COMODO Security Solutions Inc.)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.9.4928 - CyberLink Corp.)
CyberLink MediaEspresso 6.7 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.7.4.6127 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.6.5104 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.10.5422 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3604 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.6.5011 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Evernote v. 5.2 (HKLM-x32\...\{412F6426-A3C7-11E3-8A71-00163E98E7D6}) (Version: 5.2.0.2951 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Free YouTube Download version 3.2.59.616 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.59.616 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hỗ trợ Ứng dụng Apple (32 bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Hỗ trợ Ứng dụng Apple (64 bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{4BBA238C-9E5D-40F9-8AC6-FACB736752B9}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.46 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E959FD01-BD01-4CC4-9BB8-4EBE8309BF37}) (Version: 8.3.34.7 - HP)
HP Support Solutions Framework (HKLM-x32\...\{E2CB09C1-3C76-4395-BB47-50C066535CF8}) (Version: 12.5.32.37 - HP)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{36F80C5F-DC0D-4DF4-AF09-DC1867F0EB0A}) (Version: 2.4.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company)
iCloud (HKLM\...\{29AAC3D3-23FC-496D-8266-0E3833686758}) (Version: 6.0.2.10 - Apple Inc.)
Infestation New Z (HKLM-x32\...\Infestation New Z) (Version: v26.01.16 Beta - Fredaikis AB)
Inst5675 (Version: 8.01.46 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.46 - Softex Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) PRO/Wireless Driver (HKLM\...\{c1a7f0cd-91ec-424a-8edf-e0606e915765}) (Version: 17.16.0002.2705 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{8B4EA042-9E21-46FB-8286-225F4D51CC52}) (Version: 4.2.41.2710 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{33AD9A5D-209C-4D2A-91BB-C1F3B4BF87A3}) (Version: 17.0.1407.02 - Intel Corporation)
iTunes (HKLM\...\{2C49F336-2E86-4407-83E2-16AC65598EF4}) (Version: 12.5.3.16 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead (HKLM\...\Steam App 500) (Version: - Valve)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 4 (HKLM\...\Steam App 349040) (Version: - CyberConnect2 Co. Ltd.)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.22 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.55 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7358 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
SHIELD Streaming (Version: 1.8.315 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.19.9599 - SoftEther VPN Project)
Spotify (HKU\S-1-5-21-4038466168-2714463032-1615967804-1001\...\Spotify) (Version: 1.0.42.151.g19de0aa6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.5.2 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
UniKey 4.0 RC2 (build 1101) (HKLM-x32\...\{AC006985-A51F-42AC-A7E9-5E66D8AC8063}_is1) (Version: - Pham Kim Long)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Warface (HKLM\...\Steam App 291480) (Version: - Crytek)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Who Is On My Wifi version 4.0.0 (HKLM-x32\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 4.0.0 - IO3O LLC)
WildTangent Games App für HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4038466168-2714463032-1615967804-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4038466168-2714463032-1615967804-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4038466168-2714463032-1615967804-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4038466168-2714463032-1615967804-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4038466168-2714463032-1615967804-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4038466168-2714463032-1615967804-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4038466168-2714463032-1615967804-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0A7EACC3-DEAE-4B6E-9DD1-B6EF8757BDDB} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2015-02-11] (CyberLink Corp.)
Task: {25AFB360-0501-453E-B66B-942CBCD209A6} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2015-07-02] (Hewlett-Packard)
Task: {262E31D1-4BC7-42F2-810C-47E4CE191273} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-14] (COMODO)
Task: {2E0E4990-D6CA-4B3F-90E3-C53BBB2EA1C9} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2015-07-02] (Hewlett-Packard)
Task: {4C55E198-6AA8-4231-9608-CE0D9EFC2219} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {5D915A6F-A679-4586-A698-B881A244CDEC} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-08-18] (HP Inc.)
Task: {66665A9F-AEC1-4628-8D97-F2134177BAE1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-22] (Google Inc.)
Task: {6AC0D694-2771-410B-BAA0-E0E4C24AFBFB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-22] (Google Inc.)
Task: {815B3BEA-45AB-4DEF-A4EE-4DBEF2B686EC} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {86332851-384A-4B5F-8499-401DE9423E9E} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-09-14] (COMODO)
Task: {8BEBFA66-B6B8-4EFD-8FFC-A63F78C13EBD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {9548583C-07A4-4D26-970D-7B7BB77D570F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {9751F857-8DFA-4B1C-B96C-EF4766B6AAB3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {988FF597-F2E1-4F14-ABB9-006C4887B2E8} - System32\Tasks\{DA8E6507-0DF1-41D5-AB60-6D254E02F562} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends"
Task: {B5FABC50-B368-461E-ACCB-410EC6B77A38} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-09-14] (COMODO)
Task: {BAFB62B2-E8DE-40BC-8FC9-7E7028D05F22} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-09-14] (COMODO)
Task: {C958479A-1F6D-4E7B-A5B5-114E93DB467D} - System32\Tasks\HPCeeScheduleForducanh => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {D3424280-2D97-41CF-84CC-7955A5092B96} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-09-14] (COMODO)
Task: {EE5AB25E-8C16-41E2-9FBA-AA8170CF0D96} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {F3568130-C271-40EF-AC99-BDE3D504FC29} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2015-07-02] (Hewlett-Packard)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForducanh.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-04 07:44 - 2013-12-04 07:44 - 00200168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-12-04 07:44 - 2013-12-04 07:44 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-12-04 07:44 - 2013-12-04 07:44 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2016-03-16 11:25 - 2016-03-16 11:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2016-11-22 17:06 - 2016-11-08 22:03 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-22 17:06 - 2016-11-08 22:03 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
2014-05-12 19:13 - 2013-12-10 16:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-01-27 17:24 - 2016-09-08 04:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-01-27 17:24 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-01-27 17:24 - 2016-10-13 02:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2016-01-27 17:24 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-01-27 17:24 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-01-27 17:23 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-01-27 17:23 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-01-27 17:23 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-01-27 17:23 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-01-27 17:23 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-01-27 17:23 - 2016-10-13 02:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 14:59 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-02-16 19:11 - 2016-11-13 15:23 - 51776112 _____ () C:\Users\ducanh\AppData\Roaming\Spotify\libcef.dll
2016-10-05 18:18 - 2016-10-05 18:18 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-05 18:18 - 2016-10-05 18:18 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-02-16 19:11 - 2016-11-13 15:23 - 01803888 _____ () C:\Users\ducanh\AppData\Roaming\Spotify\libglesv2.dll
2016-02-16 19:11 - 2016-11-13 15:23 - 00086128 _____ () C:\Users\ducanh\AppData\Roaming\Spotify\libegl.dll
2016-08-30 21:20 - 2015-07-09 11:26 - 00839680 _____ () C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\System.Data.SQLite.dll
2016-10-13 23:37 - 2016-08-04 21:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2016-01-27 17:23 - 2015-09-25 00:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbam.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbamchameleon.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mwac.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\ducanh:Heroes & Generals [38]
AlternateDataStreams: C:\Users\ducanh\Desktop\JRT.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\ducanh\Desktop\SecurityCheck.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\ducanh\Desktop\SecurityCheck.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\ducanh\Downloads\AdwCleaner_6.030.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\ducanh\Downloads\AdwCleaner_6.030.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\ducanh\Downloads\esetsmartinstaller_deu.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\ducanh\Downloads\esetsmartinstaller_deu.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\ducanh\Downloads\mbam-setup-2.2.1.1043.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\ducanh\Downloads\mbam-setup-2.2.1.1043.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\ducanh\Downloads\mbar-1.09.3.1001.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\ducanh\Downloads\mbar-1.09.3.1001.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\ducanh\Downloads\revosetup201.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\ducanh\Downloads\revosetup201.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\ducanh\Downloads\SecurityCheck.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\ducanh\Downloads\SecurityCheck.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\ducanh\Downloads\tdsskiller (1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\ducanh\Downloads\tdsskiller (1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\ducanh\Downloads\tdsskiller (2).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\ducanh\Downloads\tdsskiller (2).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\ducanh\Downloads\tdsskiller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\ducanh\Downloads\tdsskiller.exe:$CmdZnID [26]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2015-12-07 21:58 - 00000855 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4038466168-2714463032-1615967804-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-4038466168-2714463032-1615967804-1001\...\StartupApproved\Run: => "Power2GoExpress8"
HKU\S-1-5-21-4038466168-2714463032-1615967804-1001\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5FD27008-3998-46BB-90B6-3044A679D7A0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{64F99A8C-0877-4B8C-94CE-390678F196D6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E9824D4A-D2B9-4603-88DD-9D56AC1FEEC0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8318E001-968B-4E8B-B17F-15FDE8954A84}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E661CB3D-9069-4F87-A514-EC4D8B6F4088}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0920AF33-0DFE-4A94-A7C1-63FE973AC765}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2A275877-CB2D-4E34-A912-B976EC447341}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{396C0FA5-1015-42CA-9895-03D56641FF4B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{082F1F63-8E15-431E-B321-4DBB5C5B9D56}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{95A44F63-5CFD-4E3E-88E5-4C665149614D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B5942159-CBB5-4928-9D64-B7815B446120}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{62A8800F-1117-49C0-AD8B-5BA97820C29C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [TCP Query User{E74A733F-BEAA-476E-9114-150E3C14580E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{9156F99C-8455-4C89-A59F-B80AD9CD8B0F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{76A9F238-5454-4462-8B76-749BFD216B86}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{15C931F1-6174-4C65-B36A-B53C8FA5446A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{D614E9CD-5AF0-4D8C-ADCF-D0A3A3CBA7D9}C:\users\ducanh\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Allow) C:\users\ducanh\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [{45281AB2-57C6-40DA-952D-0BC19F57C46C}] => (Allow) C:\Program Files (x86)\Droid4X\Droid4X.exe
FirewallRules: [{D8DC9170-2FA1-402E-9D5C-6907DBF9578D}] => (Allow) C:\Program Files (x86)\Droid4X\download\MiniThunderPlatform.exe
FirewallRules: [{C0951403-CA57-4A47-B041-4099A689E3E3}] => (Allow) C:\Program Files\Oracle\VirtualBox\vboxheadless.exe
FirewallRules: [{85BA7E11-3AC1-4B62-9C6A-A2384EA9611F}] => (Allow) C:\Boom\ca.exe
FirewallRules: [{367AEB9A-0BB0-4C4E-A795-6C81A2990669}] => (Allow) C:\Boom\ca.exe
FirewallRules: [{FB2064E3-BD41-4CE6-A627-6655F4CC3EA2}] => (Allow) C:\Boom\nmcosrv.exe
FirewallRules: [{85B63B22-A0EF-48F7-B7C5-738BE83463B9}] => (Allow) C:\Boom\nmcosrv.exe
FirewallRules: [{D31C5AD3-7853-48D2-AD3A-3035A6D503E7}] => (Allow) C:\Program Files (x86)\Boom\ca.exe
FirewallRules: [{93EA3A94-BC0F-4152-AFFC-799A3061ADE7}] => (Allow) C:\Program Files (x86)\Boom\ca.exe
FirewallRules: [{41263AB9-849C-4D24-8F97-0A41C1F2403D}] => (Allow) C:\Program Files (x86)\Boom\nmcosrv.exe
FirewallRules: [{9DAB86AD-92FF-4BF8-BF33-38059B62327A}] => (Allow) C:\Program Files (x86)\Boom\nmcosrv.exe
FirewallRules: [{F9F6192B-03EA-48CF-A1C5-62BEF33A20AC}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{FC378735-65A8-40D2-9D47-36EF65CA149E}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{0E5F91E2-C802-45EC-B715-DFB6C960AE20}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{439FBE5B-9690-4221-8657-0CD1BB8AF005}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{9A06B6DC-85D5-49F0-82A1-A943F92BAA8F}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{7D8DA4FC-676F-4284-ADDD-24CA9ADF3DE0}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{C3B6062E-B56A-4ABB-A84F-8C34A2D8E1DE}] => (Allow) C:\Boom\nmcosrv.exe
FirewallRules: [{2470A7F5-F78C-4814-9D37-E76E36716462}] => (Allow) C:\Boom\nmcosrv.exe
FirewallRules: [{382B10B0-19C0-4AE0-AAF8-7D98F533CB71}] => (Allow) C:\Users\ducanh\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{846B9078-B408-4788-B348-D8A6FA88FD97}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{2EF23D5D-277A-4B5F-AB8E-3988077F787C}] => (Allow) C:\Program Files (x86)\Droid4X\MultiMgr.exe
FirewallRules: [{95992841-61AA-48D5-84D6-2DCB39A68E39}] => (Allow) c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{6668C0E0-D29D-4941-B3C8-42970422DB28}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{04AF7958-E784-454F-A088-772C3543FC45}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DA1D80AD-9BF7-421A-B6FE-DFF148586062}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{84783F8B-58B8-49CA-AB34-55FBDE757613}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3E4BFE81-9293-41BD-B3FE-E61300D856C8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{69CE4CFA-269D-4E32-9AC8-1CB7BFFA33AC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D659635A-7148-4ED0-882B-06E2EA6F4BEE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BEFB88BD-7CDF-46D8-A2CF-6F0EA6E403FF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E6D9AC72-E5BE-4FBD-B090-654100676F13}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [TCP Query User{7D95D3DE-E2B6-4355-9493-E89AE643F390}C:\users\ducanh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ducanh\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DF26136E-B4DF-4ECF-9D2C-E63F82020023}C:\users\ducanh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ducanh\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7839A1E7-EA87-4EB6-853B-A177DF252E00}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{E64B121A-2694-4BD7-AFB4-4B3EF3028433}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{A4BA125A-BD9D-4A3A-897B-BE25C39B6405}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{3C2D556D-AEE2-4818-A30F-3EBD74EC48FF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{D8FC0380-D597-4FE1-BC00-E3961317FD29}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{5D481C33-F3A2-4607-A335-DE4DBC2F3D77}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{86C66020-9F98-4E62-A7D1-CE52367E5511}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{63CAA03B-43A1-4565-9A80-6F9887E5AFD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{86EFA35B-AD4F-4DB3-A3E8-9767BD0F55BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe
FirewallRules: [{439FA976-2AB3-45D2-9A33-C1628236ACAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe
FirewallRules: [{93D407C5-8B80-41A8-809A-AD366D51CFD9}] => (Allow) C:\Program Files (x86)\InfestationNewZ\TheNewZ.exe
FirewallRules: [{EA806DA6-D1A4-4FBC-969A-B2F0FF62DC72}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{04158EE1-B463-4DFE-A444-985B2459D19F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C65052DE-9427-42F8-823E-D85B6EAA2BC2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B0C481B7-05FF-42FE-9416-751BAB294F6E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{120CB8E8-3B92-40CF-A8AB-A36B92E5B739}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{31F30A1A-11AB-4A3C-A98F-FC1B86AA1143}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{4374C69D-EF14-4B24-9CA4-CB6C3EC832FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{29FF15C1-E9F7-4D92-ADBB-849AD8CCF1FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D29037BC-9560-42A6-82CA-C2D6DEE1B3E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{908D91CC-35BE-49B2-B1B6-15C1BEAF1604}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
18-11-2016 16:44:47 JRT Pre-Junkware Removal
19-11-2016 00:45:22 JRT Pre-Junkware Removal
19-11-2016 00:45:55 JRT Pre-Junkware Removal
20-11-2016 18:24:57 Revo Uninstaller's restore point - Google Chrome
20-11-2016 18:33:36 Revo Uninstaller's restore point - Java 8 Update 40
20-11-2016 18:33:50 Removed Java 8 Update 40
20-11-2016 18:36:35 Revo Uninstaller's restore point - Heroes of the Storm
20-11-2016 18:40:16 Revo Uninstaller's restore point - Google Chrome
20-11-2016 19:45:27 JRT Pre-Junkware Removal
22-11-2016 16:53:47 Revo Uninstaller's restore point - Google Chrome
22-11-2016 16:54:17 Revo Uninstaller's restore point - Google Chrome
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/20/2016 08:44:03 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Error: (11/20/2016 07:44:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm cistray.exe, Version 8.4.0.5165 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: e14
Startzeit: 01d2435db4556cc2
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Berichts-ID: 6688e4fa-af51-11e6-846f-a08869bf085f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/20/2016 06:31:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.18123, Zeitstempel: 0x563faf80
Name des fehlerhaften Moduls: MSHTML.dll, Version: 11.0.9600.18525, Zeitstempel: 0x5812433c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000c959f
ID des fehlerhaften Prozesses: 0xa54
Startzeit der fehlerhaften Anwendung: 0x01d24353c067a259
Pfad der fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\MSHTML.dll
Berichtskennung: 2afc8faf-af47-11e6-846e-a08869bf085f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/20/2016 06:25:39 PM) (Source: HP Active Health) (EventID: 1002) (User: )
Description: Error iterating on DiskLogical. Fetched 0 records. Exception is: System.Management.ManagementException: Ungültiger Namespace
at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
at System.Management.ManagementScope.InitializeGuts(Object o)
at System.Management.ManagementScope.Initialize()
at System.Management.ManagementObjectSearcher.Initialize()
at System.Management.ManagementObjectSearcher.Get()
at HP.ActiveHealth.Commons.Objects.AgentDataQuery.ManagementProperties..ctor(String query, String scope)
at HP.ActiveHealth.Agents.DiskLogical.DiskLogicalAgent.GetEncryptedVolumes()
at HP.ActiveHealth.Agents.DiskLogical.DiskLogicalAgent.GetNewDataClasses(FileInfo agentStateFile)
Error: (11/20/2016 06:24:54 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {64f8405a-f6c5-4959-90c9-1242f98df90e}
Error: (11/20/2016 07:50:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 1.8.315.0, Zeitstempel: 0x5331827a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18438, Zeitstempel: 0x57ae642e
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ecdd0
ID des fehlerhaften Prozesses: 0x17d0
Startzeit der fehlerhaften Anwendung: 0x01d242fa56dfe165
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 94ab6c5e-aeed-11e6-846e-a08869bf085f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/20/2016 07:50:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 1.8.315.0, Zeitstempel: 0x5331827a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18438, Zeitstempel: 0x57ae642e
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ecdd0
ID des fehlerhaften Prozesses: 0x1984
Startzeit der fehlerhaften Anwendung: 0x01d242fa55ae2a99
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 937e79d6-aeed-11e6-846e-a08869bf085f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/20/2016 07:50:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 1.8.315.0, Zeitstempel: 0x5331827a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18438, Zeitstempel: 0x57ae642e
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ecdd0
ID des fehlerhaften Prozesses: 0x14f0
Startzeit der fehlerhaften Anwendung: 0x01d242fa54b20bf3
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 9290a95a-aeed-11e6-846e-a08869bf085f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/20/2016 07:08:43 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (11/20/2016 05:47:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Name des fehlerhaften Moduls: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00037b59
ID des fehlerhaften Prozesses: 0x183c
Startzeit der fehlerhaften Anwendung: 0x01d242a1b8bef996
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Berichtskennung: 664ccdba-aedc-11e6-846e-a08869bf085f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (11/23/2016 02:47:38 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/23/2016 02:23:59 AM) (Source: DCOM) (EventID: 10010) (User: ViP)
Description: Der Server "{BF6C1E47-86EC-4194-9CE5-13C15DCB2001}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/23/2016 02:23:29 AM) (Source: DCOM) (EventID: 10010) (User: ViP)
Description: Der Server "{1B1F472E-3221-4826-97DB-2C2324D389AE}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/22/2016 12:03:15 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/21/2016 10:00:18 PM) (Source: DCOM) (EventID: 10010) (User: ViP)
Description: Der Server "{1B1F472E-3221-4826-97DB-2C2324D389AE}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/21/2016 09:59:48 PM) (Source: DCOM) (EventID: 10010) (User: ViP)
Description: Der Server "{BF6C1E47-86EC-4194-9CE5-13C15DCB2001}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/21/2016 12:39:10 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/20/2016 07:46:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "SoftEther VPN Client" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/20/2016 07:46:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/20/2016 07:45:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2016-11-23 14:32:54.552
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-22 22:46:15.662
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-22 21:45:31.880
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-22 17:29:25.385
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-22 16:51:17.675
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-22 15:48:06.529
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-21 21:47:52.047
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-21 20:31:50.842
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-21 00:38:54.729
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-21 00:22:20.051
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 12218.15 MB
Verfügbarer physikalischer RAM: 7675.07 MB
Summe virtueller Speicher: 14074.15 MB
Verfügbarer virtueller Speicher: 9079.48 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:910.44 GB) (Free:664.21 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.05 GB) (Free:2.01 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E1B0F7F4)
Partition: GPT.
==================== Ende von Addition.txt ============================ |