Chrome öffnet ständig Seite namens: x.24.jquery11.com

Glueckskeks · 25.03.2017, 18:21

Hallo,

bei meinem Neffen öffnen sich ständig Tabs im Chrome (auch wenn er dort nichts macht) und zwar zeigen die dann die Seite x.24.jquery11.com.

Er hatte schon mal was ähnliches, das konnte ich auch bereinigen, aber nach 3 Monaten hat er jetzt wieder was und ich finde dazu nichts und möchte euch darum um Hilfe bitten.

LG Gluecki

cosinus · 25.03.2017, 23:54

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

cosinus · 25.03.2017, 23:54

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Glueckskeks · 04.04.2017, 19:54

FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
durchgeführt von Fritz (Administrator) auf FRITZI-RECHNER (04-04-2017 20:50:45)
Gestartet von D:\Downloads
Geladene Profile: Fritz (Verfügbare Profile: Fritz)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Razer Inc.) D:\Programme\Razer\Razer Cortex\RzKLService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(LogMeIn Inc.) D:\Programme\Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) D:\Programme\Hamachi\x64\LMIGuardianSvc.exe
(Malwarebytes) D:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Malwarebytes) D:\Programme\Malwarebytes\Anti-Malware\mbamtray.exe
(MY.COM B.V.) C:\Users\Fritz\AppData\Local\MyComGames\MyComGames.exe
(Mixesoft Project) C:\Users\Fritz\AppData\Local\Mixesoft\AppNHost\appnhost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mega Limited) C:\Users\Fritz\AppData\Local\MEGAsync\MEGAsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer Inc.) D:\Programme\Razer\Razer Cortex\RazerCortex.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(MY.COM B.V.) C:\Users\Fritz\AppData\Local\MyComGames\MyComGames.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(The CefSharp Authors) D:\Programme\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
(Razer Inc.) D:\Programme\Razer\Razer Cortex\FPSRunner32.exe
(Razer Inc.) D:\Programme\Razer\Razer Cortex\x64\FPSRunner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Razer, Inc.) D:\Programme\Razer\Razer Cortex\RzFpsApplet\RzFpsApplet.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\staem.de\Steam\Steam.exe
(Valve Corporation) D:\staem.de\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\staem.de\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\staem.de\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => D:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2014-03-12] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-02] (AVAST Software)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-04] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [RazerCortex] => D:\Programme\Razer\Razer Cortex\CortexLauncher.exe [222160 2016-09-28] (Razer Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programme\Hamachi\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Run: [World of Tanks] => D:\Spiele\World_of_Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Run: [MyComGames] => C:\Users\Fritz\AppData\Local\MyComGames\MyComGames.exe [5357968 2017-03-30] (MY.COM B.V.)
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Run: [appnhost] => C:\Users\Fritz\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project)
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\MountPoints2: {ad654ec5-2f7f-11e4-8282-806e6f6e6963} - "G:\autorun.exe" 
HKU\S-1-5-18\...\Run: [AppLauncher] => C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe [969632 2012-08-10] (Ashampoo)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
Startup: C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-03-26]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Fritz\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
GroupPolicy: Beschränkung <======= ACHTUNG
GroupPolicy\User: Beschränkung <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{21E9DD45-9C19-4F96-B095-FC6328402E68}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{A9470B01-B732-4F7E-99F4-834D4029F35A}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{C6E5E4A7-6E64-471C-A729-B581D98BD2D3}: [NameServer] 5.8.8.85,8.8.8.8
Tcpip\..\Interfaces\{C6E5E4A7-6E64-471C-A729-B581D98BD2D3}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{C7C99009-0D44-4F54-9B12-4918276100D6}: [NameServer] 5.8.8.85,8.8.8.8
Tcpip\..\Interfaces\{C7C99009-0D44-4F54-9B12-4918276100D6}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F6024DB0-DB82-40D4-8423-C1C0FE57897B}: [NameServer] 5.8.8.85,8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-05] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-02] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-05] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-28] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-02] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-28] (Oracle Corporation)
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -  Keine Datei
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: hj71rkax.default
FF ProfilePath: C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default [2017-04-04]
FF NewTab: Mozilla\Firefox\Profiles\hj71rkax.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\hj71rkax.default -> ?????@Mail.Ru
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\hj71rkax.default -> Avast Search
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\hj71rkax.default -> ?????@Mail.Ru
FF Homepage: Mozilla\Firefox\Profiles\hj71rkax.default -> hxxps://mail.ru/cnt/11956636?fr=ffhp1.0.3&gp=811036
FF Keyword.URL: Mozilla\Firefox\Profiles\hj71rkax.default -> hxxp://go.mail.ru/distib/ep/?product_id=%7B6E899E04-9C9B-4A50-9844-D0FFD235B88A%7D&gp=811037
FF Extension: (???????? ???????? Mail.Ru) - C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default\Extensions\homepage@mail.ru [2017-02-23]
FF Extension: (?????@Mail.Ru) - C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default\Extensions\search@mail.ru [2017-02-23]
FF Extension: (?????????? ???????? @Mail.Ru) - C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default\Extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} [2017-02-23]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-18]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-27] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-05] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-27] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-26] (Google Inc.)
FF Plugin HKU\S-1-5-21-2589094953-1922200633-4272172180-1001: @my.com/Games -> C:\Users\Fritz\AppData\Local\MyComGames\NPMyComDetector.dll [2017-02-11] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-2589094953-1922200633-4272172180-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Fritz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
StartMenuInternet: FIREFOX.EXE - D:\Programme\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default [2017-04-04]
CHR Extension: (Google Präsentationen) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-26]
CHR Extension: (Google Docs) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-26]
CHR Extension: (Google Drive) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-26]
CHR Extension: (YouTube) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-26]
CHR Extension: (Avast SafePrice) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-26]
CHR Extension: (Google Tabellen) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-26]
CHR Extension: (Google Docs Offline) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-26]
CHR Extension: (Avast Online Security) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-26]
CHR Extension: (Google Mail) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-26]
CHR Extension: (Chrome Media Router) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-02] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-02] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1489416 2017-03-28] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [400656 2017-03-01] (EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 Hamachi2Svc; D:\Programme\Hamachi\x64\hamachi-2.exe [3416584 2017-03-02] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 MBAMService; D:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-10] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2017-02-10] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2122248 2017-03-01] (Electronic Arts)
S2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [2184208 2017-03-01] (Electronic Arts)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [69760 2016-06-20] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
R2 RzKLService; D:\Programme\Razer\Razer Cortex\RzKLService.exe [133376 2016-09-28] (Razer Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files (x86)\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files (x86)\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-02] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-02] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-02] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-02] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-02] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-02] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-02] (AVAST Software)
S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [44640 2014-09-30] (The OpenVPN Project)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-01] (Disc Soft Ltd)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-02-27] (LogMeIn Inc.)
S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-11] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-10] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2017-02-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2017-02-10] (NVIDIA Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation                           )
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [51224 2016-04-07] (Razer Inc)
R3 rzmpos; C:\Windows\System32\drivers\rzmpos.sys [47640 2016-04-07] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U3 DfSdkS; kein ImagePath
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-04 20:50 - 2017-04-04 20:50 - 00000000 ____D C:\FRST
2017-04-03 16:41 - 2017-04-03 16:41 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2017-04-02 21:33 - 2017-04-02 21:33 - 00000000 ____D C:\Users\Fritz\AppData\LocalLow\Temp
2017-03-30 21:34 - 2017-03-30 21:34 - 00000000 ____D C:\Users\Fritz\AppData\LocalLow\Raft
2017-03-26 22:34 - 2017-03-26 22:34 - 00000000 ____D C:\Users\Fritz\Documents\MEGAsync
2017-03-26 22:33 - 2017-03-26 22:33 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2017-03-26 22:33 - 2017-03-26 22:33 - 00000000 ____D C:\Users\Fritz\AppData\Local\MEGAsync
2017-03-26 17:57 - 2017-03-26 17:57 - 11127744 _____ C:\Users\Fritz\Downloads\LiquidBounce1.8.8 - b20.5.zip
2017-03-26 17:40 - 2017-03-26 17:40 - 00083260 _____ C:\Users\Fritz\Downloads\Lockette.jar
2017-03-26 17:38 - 2017-03-26 17:39 - 00119583 _____ C:\Users\Fritz\Downloads\WorldBorder (1).jar
2017-03-26 17:34 - 2017-03-26 17:35 - 01032874 _____ C:\Users\Fritz\Downloads\NoCheatPlus.jar
2017-03-26 17:23 - 2017-03-26 17:23 - 00990670 _____ C:\Users\Fritz\Downloads\Essentials.zip
2017-03-26 16:35 - 2017-03-26 16:35 - 00000000 ____D C:\Users\Fritz\AppData\Local\Vitalwerks
2017-03-26 16:34 - 2017-03-26 16:34 - 00241736 _____ C:\Users\Fritz\Downloads\DUCSetup_v4_1_1.exe
2017-03-26 16:22 - 2017-03-26 16:22 - 19758011 _____ C:\Users\Fritz\Downloads\spigot-1.8.8-R0.1-SNAPSHOT-latest.jar
2017-03-26 14:59 - 2017-03-26 14:59 - 00000046 _____ C:\Users\Fritz\Downloads\start(2).bat
2017-03-26 14:57 - 2017-03-26 14:57 - 00000185 _____ C:\Users\Fritz\Downloads\eula.txt
2017-03-26 14:57 - 2017-03-26 14:57 - 00000062 _____ C:\Users\Fritz\Downloads\server.properties
2017-03-26 14:56 - 2017-03-26 14:56 - 19556772 _____ C:\Users\Fritz\Downloads\spigot-1.8.8.jar
2017-03-26 00:37 - 2017-03-26 00:37 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-03-26 00:37 - 2017-03-26 00:37 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-03-26 00:37 - 2017-03-26 00:37 - 00002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-26 00:36 - 2017-03-26 00:37 - 00000000 ____D C:\Program Files (x86)\GUM7AE9.tmp
2017-03-24 23:32 - 2017-03-24 23:36 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\DVDVideoSoft
2017-03-24 23:08 - 2017-03-25 19:37 - 00000000 ____D C:\Users\Fritz\Desktop\VID Teil2
2017-03-24 23:01 - 2017-03-24 23:21 - 00000000 ____D C:\Users\Fritz\Desktop\VID
2017-03-24 22:12 - 2017-03-24 22:59 - 00000000 ____D C:\Users\Fritz\Desktop\bilder
2017-03-22 17:18 - 2017-03-22 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-03-22 17:18 - 2017-03-02 15:35 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-21 21:52 - 2017-03-21 21:55 - 00000000 ____D C:\CFLog
2017-03-21 21:52 - 2017-03-21 21:54 - 00000000 ____D C:\Users\Fritz\Documents\Cross Fire
2017-03-21 21:37 - 2017-03-21 21:49 - 00000000 ____D C:\ProgramData\Solid State Networks
2017-03-19 22:23 - 2017-03-19 22:23 - 00002033 _____ C:\Users\Fritz\AppData\Local\recently-used.xbel
2017-03-16 20:53 - 2017-03-16 20:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-16 20:53 - 2017-03-16 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-16 19:48 - 2017-03-04 09:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-03-16 19:48 - 2017-03-04 08:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-03-16 19:48 - 2017-03-04 06:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-03-16 19:48 - 2017-03-02 20:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-03-16 19:48 - 2017-03-02 19:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-03-16 19:48 - 2017-03-02 19:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-03-16 19:48 - 2017-03-02 19:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-03-16 19:48 - 2017-03-02 18:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-03-16 19:48 - 2017-02-11 07:12 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-03-16 19:48 - 2017-02-11 06:58 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-03-16 19:48 - 2017-02-10 07:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-03-16 19:48 - 2017-02-10 07:09 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-03-16 19:48 - 2017-02-10 07:00 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-03-16 19:48 - 2017-02-10 06:59 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-03-16 19:47 - 2017-03-04 10:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-03-16 19:47 - 2017-03-04 09:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-03-16 19:47 - 2017-03-04 09:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-03-16 19:47 - 2017-03-04 09:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-03-16 19:47 - 2017-03-04 09:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-03-16 19:47 - 2017-03-04 09:05 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-03-16 19:47 - 2017-03-04 08:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-03-16 19:47 - 2017-03-04 08:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-03-16 19:47 - 2017-03-04 08:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-03-16 19:47 - 2017-03-04 08:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-03-16 19:47 - 2017-03-02 19:25 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-03-16 19:47 - 2017-03-02 19:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-03-16 19:47 - 2017-03-02 19:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-03-16 19:47 - 2017-03-02 18:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-03-16 19:47 - 2017-03-02 18:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-03-16 19:47 - 2017-02-11 21:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-03-16 19:47 - 2017-02-11 07:12 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-03-16 19:47 - 2017-02-11 07:00 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-03-16 19:47 - 2017-02-11 06:56 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-03-16 19:47 - 2017-02-10 21:09 - 04169728 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-03-16 19:47 - 2017-02-10 07:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-03-16 19:47 - 2017-02-10 07:08 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-03-16 19:47 - 2017-02-10 07:01 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-03-16 19:47 - 2017-02-10 03:31 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-03-16 19:47 - 2017-02-10 02:12 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-03-16 19:47 - 2017-02-09 17:28 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-03-16 19:47 - 2017-02-09 17:19 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-03-16 19:47 - 2017-02-09 17:16 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-03-16 19:47 - 2017-02-09 17:16 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-03-16 19:47 - 2017-02-09 16:59 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2017-03-16 19:47 - 2017-02-09 16:58 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2017-03-16 19:47 - 2017-02-09 16:58 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2017-03-16 19:47 - 2017-02-04 22:32 - 07444832 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-03-16 19:47 - 2017-02-04 22:30 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-03-16 19:47 - 2017-02-04 22:30 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-03-16 19:47 - 2017-02-04 22:30 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-03-16 19:47 - 2017-02-04 22:30 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-03-16 19:47 - 2017-02-04 21:32 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2017-03-16 19:47 - 2017-02-04 21:30 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-03-16 19:47 - 2017-02-04 20:14 - 01001472 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-03-16 19:47 - 2017-02-04 19:50 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-03-16 19:47 - 2017-02-04 19:40 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-03-16 19:47 - 2017-02-04 19:32 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-03-16 19:47 - 2017-02-04 19:17 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-03-16 19:47 - 2017-02-04 19:10 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-03-16 19:47 - 2017-02-04 19:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-03-16 19:47 - 2017-01-21 23:37 - 00567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-03-16 19:47 - 2017-01-21 21:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-03-16 19:47 - 2017-01-21 21:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-03-16 19:47 - 2017-01-21 21:22 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-03-16 19:47 - 2017-01-21 21:20 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-03-16 19:47 - 2017-01-21 20:40 - 00756736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-03-16 19:47 - 2017-01-21 20:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-03-16 19:47 - 2017-01-21 20:37 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-03-16 19:47 - 2017-01-21 19:58 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-03-16 19:47 - 2017-01-21 19:48 - 01437696 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-03-16 19:47 - 2017-01-14 19:49 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2017-03-16 19:47 - 2017-01-11 21:37 - 02345984 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-03-16 19:47 - 2017-01-10 21:08 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-03-16 19:47 - 2017-01-05 20:20 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-03-16 19:47 - 2017-01-05 20:09 - 07076864 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2017-03-16 19:47 - 2017-01-05 19:36 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-03-16 19:47 - 2017-01-05 19:29 - 05273600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2017-03-16 19:47 - 2017-01-05 19:13 - 07796224 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-03-16 19:47 - 2017-01-05 18:57 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-03-16 19:47 - 2016-11-09 21:22 - 00681472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-03-10 20:49 - 2017-03-10 20:49 - 00000000 ____D C:\Users\Fritz\Azure
2017-03-08 15:53 - 2017-03-08 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-03-05 02:15 - 2017-03-05 02:15 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-04 20:28 - 2015-07-20 17:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-04-04 16:07 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2017-04-04 16:00 - 2014-09-30 18:17 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CFB2E40D-C6E0-48A8-8A2A-6E7E44AB2346}
2017-04-04 15:57 - 2017-02-28 19:32 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-04 15:57 - 2017-02-11 00:23 - 00000000 ____D C:\Users\Fritz\AppData\Local\MyComGames
2017-04-04 15:57 - 2014-09-30 18:09 - 00000000 ___RD C:\Users\Fritz\OneDrive
2017-04-03 20:51 - 2016-08-28 20:06 - 00000000 ____D C:\Users\Fritz\AppData\Local\fabi.me
2017-04-03 20:45 - 2017-01-03 23:52 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\.minecraft
2017-04-03 17:15 - 2014-09-30 18:13 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2589094953-1922200633-4272172180-1001
2017-04-03 14:35 - 2016-02-19 22:14 - 00000000 ____D C:\Users\Fritz\AppData\Local\CrashDumps
2017-04-02 21:19 - 2014-04-28 13:38 - 00765378 _____ C:\Windows\system32\perfh007.dat
2017-04-02 21:19 - 2014-04-28 13:38 - 00159696 _____ C:\Windows\system32\perfc007.dat
2017-04-02 21:19 - 2014-03-18 17:26 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-02 21:19 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-04-02 00:24 - 2015-11-21 21:53 - 00000000 ____D C:\Users\Fritz\Documents\TmForever
2017-03-31 22:13 - 2016-11-12 17:19 - 00000000 ____D C:\Users\Fritz\AppData\Local\LogMeIn Hamachi
2017-03-30 16:39 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-28 16:21 - 2017-01-01 21:21 - 00000000 ____D C:\Users\Fritz\Desktop\Spiele
2017-03-28 16:02 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-26 13:58 - 2016-03-18 15:13 - 00000000 ____D C:\Users\Fritz\Documents\Euro Truck Simulator 2
2017-03-26 00:37 - 2015-11-21 20:03 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-26 00:37 - 2014-09-30 18:34 - 00000000 ____D C:\Users\Fritz\AppData\Local\Google
2017-03-26 00:36 - 2014-09-30 18:34 - 00000000 ____D C:\Users\Fritz\AppData\Local\Deployment
2017-03-26 00:35 - 2016-12-27 02:46 - 00000000 ____D C:\Users\Fritz\AppData\LocalLow\Mozilla
2017-03-24 23:23 - 2016-04-09 14:14 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2017-03-24 19:54 - 2016-06-04 13:06 - 00000000 ____D C:\ProgramData\Origin
2017-03-24 17:45 - 2017-02-26 00:44 - 00000606 _____ C:\Users\Fritz\Desktop\Script für infoviedio  +  Codenummer.txt
2017-03-24 13:49 - 2017-03-03 21:30 - 00001023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone 3 Browser.lnk
2017-03-24 13:49 - 2016-01-28 15:19 - 00003926 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1453987192
2017-03-22 17:18 - 2017-03-02 15:35 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-22 17:18 - 2014-09-30 19:45 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-19 22:23 - 2017-02-08 23:04 - 00000000 ____D C:\Users\Fritz\AppData\Local\gtk-2.0
2017-03-19 22:23 - 2017-01-12 20:05 - 00000000 ____D C:\Users\Fritz\.gimp-2.8
2017-03-19 20:56 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-19 10:44 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-03-17 19:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2017-03-17 14:25 - 2017-02-28 19:47 - 00347040 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-16 21:06 - 2014-10-04 14:33 - 00000000 ____D C:\Windows\system32\MRT
2017-03-16 21:06 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2017-03-16 21:05 - 2014-04-24 18:12 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-16 20:53 - 2016-07-08 19:59 - 00000000 ____D C:\ProgramData\Skype
2017-03-16 20:53 - 2014-09-30 20:03 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-14 15:35 - 2014-09-30 19:45 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-03-13 22:24 - 2015-06-14 16:28 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\Skype
2017-03-13 14:49 - 2014-09-30 19:45 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-11 14:37 - 2017-01-21 21:04 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-11 14:37 - 2017-01-21 21:04 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-10 20:49 - 2014-09-30 18:06 - 00000000 ____D C:\Users\Fritz
2017-03-10 15:35 - 2014-09-30 19:45 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.149019591053109
2017-03-10 06:34 - 2013-08-22 17:38 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-10 06:34 - 2013-08-22 17:38 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-09 15:51 - 2015-09-23 17:49 - 00000000 ____D C:\temp
2017-03-06 19:25 - 2016-01-02 23:47 - 00000000 ____D C:\Users\Fritz\AppData\Local\ftblauncher
2017-03-05 02:15 - 2016-07-17 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-03-05 02:14 - 2016-07-17 16:10 - 00000000 ____D C:\Program Files\Java
2017-03-05 02:10 - 2016-01-02 23:47 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\ftblauncher

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-12-23 12:26 - 2015-08-25 08:26 - 0000221 _____ () C:\Users\Fritz\AppData\Roaming\WB.CFG
2017-01-27 14:41 - 2017-01-27 14:41 - 0000000 ____H () C:\Users\Fritz\AppData\Local\BIT9584.tmp
2017-01-08 19:50 - 2017-01-08 19:50 - 0003584 _____ () C:\Users\Fritz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-01-02 17:36 - 2017-01-02 17:36 - 0000000 ___SH () C:\Users\Fritz\AppData\Local\LumaEmu
2017-03-19 22:23 - 2017-03-19 22:23 - 0002033 _____ () C:\Users\Fritz\AppData\Local\recently-used.xbel
2014-09-30 19:54 - 2017-01-04 15:12 - 0007605 _____ () C:\Users\Fritz\AppData\Local\resmon.resmoncfg
2017-01-15 23:15 - 2016-11-23 15:37 - 0000570 _____ () C:\Users\Fritz\AppData\Local\TroubleshooterConfig.json
2017-02-03 21:35 - 2017-02-03 22:36 - 0000037 _____ () C:\Users\Fritz\AppData\Local\X-Plane Installer.prf
2017-02-03 22:36 - 2017-02-03 22:37 - 0000015 _____ () C:\Users\Fritz\AppData\Local\X-Plane_drm_11.prf
2017-02-03 21:35 - 2017-02-03 21:35 - 0000023 _____ () C:\Users\Fritz\AppData\Local\x-plane_install_11.txt
2017-01-27 14:41 - 2017-01-27 14:41 - 0000000 _____ () C:\Users\Fritz\AppData\Local\{9D140C0B-B1AE-4EFB-B5ED-86199672863D}
2014-11-26 19:40 - 2014-11-26 19:40 - 0000000 _____ () C:\Users\Fritz\AppData\Local\{AEFF9ACD-116D-4505-98DD-5A29BB9CE78B}
2015-02-09 20:03 - 2015-02-09 20:03 - 0000000 _____ () C:\Users\Fritz\AppData\Local\{E3702F5A-940C-4936-A2B2-32C0F23DA403}
2014-08-19 13:09 - 2014-08-19 13:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-11-30 22:31 - 2016-11-30 22:31 - 0000016 _____ () C:\ProgramData\mntemp
2017-01-01 22:48 - 2017-01-01 22:48 - 0000032 _____ () C:\ProgramData\Temp.log
2014-08-19 13:23 - 2014-08-19 13:23 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-08-19 13:20 - 2014-08-19 13:20 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-08-19 13:23 - 2014-08-19 13:23 - 0000032 _____ () C:\ProgramData\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}.log
2014-08-19 13:22 - 2014-08-19 13:22 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-08-19 13:18 - 2014-08-19 13:18 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2014-08-19 13:22 - 2014-08-19 13:22 - 0000032 _____ () C:\ProgramData\{E1646825-D391-42A0-93AA-27FA810DA093}.log
2014-08-19 13:19 - 2014-08-19 13:19 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
2014-08-19 13:20 - 2014-08-19 13:20 - 0000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log

Einige Dateien in TEMP:
====================
2017-03-26 18:38 - 2017-03-26 18:38 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-1156133977092190632.dll
2017-03-26 18:12 - 2017-03-26 18:12 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-1183857964705709983.dll
2017-03-26 15:35 - 2017-03-26 15:35 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-1255889390127493652.dll
2017-03-26 15:35 - 2017-03-26 15:35 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-1419921203732016063.dll
2017-03-27 12:15 - 2017-03-27 12:15 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-2237448965582862950.dll
2017-03-26 19:14 - 2017-03-26 19:14 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-2633886668500820597.dll
2017-03-26 18:11 - 2017-03-26 18:11 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-2924941846129932772.dll
2017-03-26 14:56 - 2017-03-26 14:56 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-3339494108290317049.dll
2017-03-26 15:24 - 2017-03-26 15:24 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-4631202162911088074.dll
2017-03-26 18:12 - 2017-03-26 18:12 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-473815464550042425.dll
2017-03-26 18:13 - 2017-03-26 18:13 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-474737885146204927.dll
2017-03-26 16:25 - 2017-03-26 16:25 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-4993673459245968672.dll
2017-03-26 18:33 - 2017-03-26 18:33 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-5204322312476300889.dll
2017-03-26 15:04 - 2017-03-26 15:04 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-5465550519586136679.dll
2017-03-27 12:12 - 2017-03-27 12:12 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-5562341965054720879.dll
2017-03-26 15:37 - 2017-03-26 15:37 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-565764272598991269.dll
2017-03-26 17:04 - 2017-03-26 17:04 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-5792485033925151240.dll
2017-03-26 15:35 - 2017-03-26 15:35 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-6161368520921815246.dll
2017-03-26 14:57 - 2017-03-26 14:57 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-6377810549293930098.dll
2017-03-26 17:53 - 2017-03-26 17:53 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-736355771900536423.dll
2017-03-26 16:25 - 2017-03-26 16:25 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-8072484581763269693.dll
2017-03-26 15:34 - 2017-03-26 15:34 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-812501182027476784.dll
2017-03-26 15:06 - 2017-03-26 15:06 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Fritz\AppData\Local\Temp\jansi-64-git-Spigot-db6de12-18fbb24-8157219306358747475.dll
2017-03-26 17:53 - 2017-03-26 17:53 - 0515584 _____ () C:\Users\Fritz\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-29 21:53

==================== Ende von FRST.txt ============================

Glueckskeks · 04.04.2017, 19:55

Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Fritz (04-04-2017 20:51:08)
Gestartet von D:\Downloads
Windows 8.1 (Update) (X64) (2014-09-30 16:07:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2589094953-1922200633-4272172180-500 - Administrator - Disabled)
Fritz (S-1-5-21-2589094953-1922200633-4272172180-1001 - Administrator - Enabled) => C:\Users\Fritz
Gast (S-1-5-21-2589094953-1922200633-4272172180-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2589094953-1922200633-4272172180-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7zip Packages (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\7zip Packages) (Version:  - ) <==== ACHTUNG
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Advanced Omnibus Driver (HKLM-x32\...\{E084E6F2-2B8A-4A71-938F-0C4C808EA439}_is1) (Version: 4.3 - PeDePe)
Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft)
aerosoft's - OMSI 2 - Drei Generationen (HKLM-x32\...\{C88376AA-BF64-40F4-9AD6-F8A18DA394F2}) (Version: 1.10 - aerosoft)
aerosoft's - OMSI 2 - Hamburg (HKLM-x32\...\{5BF6B590-F7F5-46B5-B5F4-B0CA93423AD6}) (Version: 2.01 - aerosoft)
AIDA64 Extreme v5.80 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.80 - FinalWire Ltd.)
AMD Catalyst Install Manager (HKLM\...\{770EA7C3-0B5A-C557-E641-A09244603B84}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ansel (Version: 378.66 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project)
Ashampoo AppLauncher v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 11 v.11.0.4 (HKLM-x32\...\Ashampoo Burning Studio 11_is1) (Version: 11.0.4 - Ashampoo GmbH & Co. KG)
Ashampoo GetBack Photo v.1.0.1 (HKLM-x32\...\Ashampoo GetBack Photo_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo HDD Control 2 v.2.1.0 (HKLM-x32\...\Ashampoo HDD Control 2_is1) (Version: 2.1.0 - Ashampoo GmbH & Co. KG)
Ashampoo Music Studio 4 v.4.0.1 (HKLM-x32\...\Ashampoo Music Studio 4_is1) (Version: 4.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 10 v.10.1.3 (HKLM-x32\...\Ashampoo Photo Commander 10_is1) (Version: 10.1.3 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 5 v.5.1.2 (HKLM-x32\...\Ashampoo Photo Optimizer 5_is1) (Version: 5.1.2 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio HD 2 v.2.0.5 (HKLM-x32\...\Ashampoo Slideshow Studio HD 2_is1) (Version: 2.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 5 v.5.1.5 (HKLM-x32\...\Ashampoo Snap 5_is1) (Version: 5.1.5 - Ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 4 v.4.30 (HKLM-x32\...\Ashampoo UnInstaller 4_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2017 (HKLM-x32\...\{4209F371-6CE9-533C-2CDC-94E053273B35}_is1) (Version: 14.00.04 - Ashampoo GmbH & Co. KG)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Blacklight: Retribution (HKLM\...\Steam App 209870) (Version:  - Hardsuit Labs)
Blender (HKLM\...\{437221A8-91D1-42A0-9E04-0AD64B502374}) (Version: 2.78.1 - Blender Foundation)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version:  - Cheat Engine)
Construction-Simulator 2015 (HKLM-x32\...\Steam App 289950) (Version:  - weltenbauer. Software Entwicklung GmbH)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4430.0 - CyberLink Corp.)
CyberLink PhotoDirector 5 (Version: 5.0.4430.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2230.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2230.0 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dirty Bomb (HKLM\...\Steam App 333930) (Version:  - Splash Damage®)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-402 403 405 406 Series Printer Uninstall (HKLM\...\EPSON XP-402 403 405 406 Series) (Version:  - SEIKO EPSON Corporation)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version:  - SCS Software)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotograf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Galeria de Fotografias (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Gameforge Live 2.0.12 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.12 - Gameforge)
GFACE Launcher (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.4.2.0 - GIANTS Software)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 12.6.0.0 - Lightworks)
Line of Sight (HKLM\...\Steam App 436520) (Version:  - BlackSpot Entertainment)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.558 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.558 - LogMeIn, Inc.) Hidden
Malwarebytes Version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MorphVOX Pro (HKLM-x32\...\{5a385481-7640-4f10-8ca5-04a2030b4623}) (Version: 4.4.65.20341 - Screaming Bee)
MorphVOX Pro (x32 Version: 4.4.65.20341 - Screaming Bee) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
My.com Game Center (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\MyComGames) (Version: 3.194 - My.com B.V.)
Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.0.0.0 - Electronic Arts)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 378.66 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
OMSI 2 - Addon Wien (HKLM-x32\...\{FFAB9F9B-C38C-4FC2-A1EC-1099D2832D18}) (Version: 1.10 - aerosoft)
OMSI 2 (HKLM-x32\...\Steam App 252530) (Version:  - MR-Software GbR)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
PlanetSide 2 (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\DGC-PlanetSide 2) (Version: 1.0.3.192 - Daybreak Game Company)
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
RaceRoom Racing Experience  (HKLM\...\Steam App 211500) (Version:  - Sector3 Studios)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.7.8 - Razer Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.6.8.66 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.804 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden
SCANIA Truck Driving Simulator 1.0.0 (HKLM-x32\...\SCANIA Truck Driving Simulator) (Version: 1.0.0 - SCS Software)
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Shotcut (HKLM-x32\...\Shotcut) (Version:  - )
SketchUp 2017 (HKLM\...\{3A83073A-B35A-4497-8DD0-5542C36E052E}) (Version: 17.0.18899 - Trimble Navigation Limited)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spintires (HKLM\...\Steam App 263280) (Version:  - Oovee® Game Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
TP-LINK Archer T2U_T2UH Driver (HKLM-x32\...\{F2496892-5295-4208-AB93-21F1AFD07C97}) (Version: 1.3.1 - TP-LINK)
TP-LINK TL-WN725N_TL-WN723N Treiber (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Train Simulator (HKLM\...\Steam App 24010) (Version:  - Dovetail Games)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Unity Web Player (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS)
Valokuvavalikoima (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
VirtualDJ 8 (HKLM-x32\...\{1D8DF06F-CCAB-437E-8C99-8D741D04CE74}) (Version: 8.2.3398.0 - Atomix Productions)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Warface My.Com (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Warface My.Com) (Version: 1.31 - My.com B.V.)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
Zula Europe (HKLM\...\Steam App 513650) (Version:  - Madbyte Games)
S?????? f?t???af??? (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1EC06144-9468-D082-12F1-B1EF85889A47} => Keine Datei
CustomCLSID: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Fritz\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {58E99A66-9468-D082-300A-98A985889A47} => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02B407E2-29F7-4ACA-903B-DC14349370AF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-10] (NVIDIA Corporation)
Task: {06B784D0-9B74-479A-9AF5-BFF1B14D1F6D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-27] (Adobe Systems Incorporated)
Task: {1F1C5716-E9C5-4BF3-8AB0-92CE10A02CF2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {25B5FD24-88F0-4BEE-80AF-C99AC02B00EF} - System32\Tasks\Overwolf Updater Task => D:\Programme\Over\Overwolf\OverwolfUpdater.exe 
Task: {2CA4DAD2-8795-4612-96F7-D25B49B0CDED} - System32\Tasks\{B5C2F6FB-8006-4263-BACB-0047260886B2} => pcalua.exe -a D:\Programme\EHE\everesthome220.exe -d D:\Programme\EHE
Task: {34E301E1-48A7-4EBA-98A0-1542446D3977} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2014-05-27] (CyberLink Corp.)
Task: {3623BA5F-8512-4880-93D6-AD5968B446AC} - System32\Tasks\journalaboutlifeorgscopem => Chrome.exe journalaboutlife.org/scopem <==== ACHTUNG
Task: {47469224-54DB-4834-82CC-D07F6ADF918A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-10] (NVIDIA Corporation)
Task: {5DB13895-23E2-468A-B550-20B318320CA1} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12] (Oracle Corporation)
Task: {73E73DA3-EC78-46D2-8D85-263A4876E759} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-10] (NVIDIA Corporation)
Task: {868BFC48-5462-4B79-82D1-1AAED19F6D62} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-02] (AVAST Software)
Task: {8E5A6E72-EAED-4331-A53B-8B82684541CF} - System32\Tasks\{11B5C937-AACC-4DDD-B169-DA6C351787DF} => pcalua.exe -a D:\Downloads\forge-1.7.10-10.13.4.1558-1.7.10-installer-win.exe
Task: {A231A173-2493-4BC5-B017-C55ED36751DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {A9AC5491-BA37-422F-982B-F07F7A470C21} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {B2317746-99DE-4679-AB30-4B3DD4615C89} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-10] (NVIDIA Corporation)
Task: {B8E9E83E-CCE3-4483-865C-AF88A8194E71} - System32\Tasks\{50DBF8D4-40C6-41E5-B84F-9C64C7CA416B} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{5BF6B590-F7F5-46B5-B5F4-B0CA93423AD6}\setup.exe" -c -runfromtemp -l0x0007 -uninst -removeonly
Task: {BB71B8D6-F026-4B8A-944B-A4C56DE8BC78} - System32\Tasks\SafeZone scheduled Autoupdate 1453987192 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-03] (Avast Software)
Task: {BC2116DD-E2C3-418A-AC1B-860B738A3118} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-26] (Google Inc.)
Task: {CA8E826E-7664-4A33-947F-7AFA98699724} - System32\Tasks\{D8F0B4BF-BC21-480B-83A4-2A87254A2F8E} => Chrome.exe hxxp://ui.skype.com/ui/0/7.24.0.104/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {D04AD4D5-652C-48B5-91F7-908F89CFA9FE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-10] (NVIDIA Corporation)
Task: {D5D35B28-EE6D-4048-B5CE-172F4D88D04A} - System32\Tasks\{3C52AA0E-ACAB-4535-88EF-7701777DAB15} => pcalua.exe -a "D:\Spiele\Flughafen-Feuerwehr-Simulator 2013\unins000.exe"
Task: {D92D22EA-F25E-489F-9380-4D53EEBF724F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {D93E1DA5-0A6F-4589-A073-8AC166EECDC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-26] (Google Inc.)
Task: {F2369E7C-AF34-4637-A25D-B1E444AD0DB1} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe 
Task: {FE19AD68-A327-4360-9F41-23D1DAC3CB5C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-10] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-08-19 13:32 - 2012-07-30 11:48 - 01518504 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
2017-02-28 19:33 - 2017-02-10 02:52 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-28 19:33 - 2017-02-10 02:52 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-02-28 19:33 - 2017-02-10 02:52 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-25 01:20 - 2016-09-25 01:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-08-19 13:22 - 2012-08-08 22:36 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-02-28 19:32 - 2017-02-10 00:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-31 21:45 - 2016-10-31 21:45 - 00592384 _____ () C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX64.dll
2017-02-08 04:52 - 2017-02-08 04:52 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-06-15 04:39 - 2016-06-15 04:39 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2017-03-26 00:37 - 2017-03-16 06:11 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.110\libglesv2.dll
2017-03-26 00:37 - 2017-03-16 06:11 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.110\libegl.dll
2013-05-09 18:58 - 2013-05-09 18:58 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2014-08-19 12:54 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-02-28 19:33 - 2017-02-10 02:52 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-02-28 19:33 - 2017-02-10 02:52 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-02-28 19:33 - 2017-02-10 02:52 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-28 19:33 - 2017-02-10 02:52 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-02-28 19:33 - 2017-02-10 02:52 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-02-28 19:33 - 2017-02-10 02:52 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-02-28 19:33 - 2017-02-10 02:52 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-02-28 19:33 - 2017-02-10 02:52 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2017-02-28 19:33 - 2017-02-10 02:52 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-02-28 19:33 - 2017-02-10 02:52 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2017-02-11 00:23 - 2017-02-11 00:23 - 00144896 _____ () C:\Users\Fritz\AppData\Local\MyComGames\zlib1.dll
2017-02-11 00:23 - 2017-02-11 00:23 - 00076176 _____ () C:\Users\Fritz\AppData\Local\MyComGames\pxd.dll
2017-02-11 00:23 - 2017-02-11 00:23 - 00186256 _____ () C:\Users\Fritz\AppData\Local\MyComGames\LightUpdate.dll
2017-02-11 00:23 - 2017-03-13 14:24 - 02411408 _____ () C:\Users\Fritz\AppData\Local\MyComGames\BigUp2.dll
2016-05-23 20:36 - 2016-05-23 20:36 - 48962048 _____ () C:\Users\Fritz\AppData\Local\MyComGames\Chrome\3.2623.1401\libcef.dll
2016-04-13 10:38 - 2016-04-13 10:38 - 00482304 _____ () C:\Users\Fritz\AppData\Local\MEGAsync\libsodium.dll
2017-03-02 15:35 - 2017-03-02 15:35 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-26 13:34 - 2016-09-26 13:34 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-02 15:35 - 2017-03-02 15:35 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-03-02 15:35 - 2017-03-02 15:35 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-07-21 12:43 - 2016-07-21 12:43 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-08-23 13:27 - 2015-08-27 23:30 - 40622592 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll
2017-03-08 22:19 - 2016-09-07 22:42 - 50656768 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2017-02-28 20:43 - 2016-08-19 17:12 - 00149352 _____ () D:\Programme\Razer\Razer Cortex\SimbaDeviceControl.dll
2017-02-28 20:43 - 2016-09-28 19:31 - 00989176 _____ () D:\Programme\Razer\Razer Cortex\Cef\CefSharp.Core.dll
2017-02-28 20:43 - 2016-09-28 19:31 - 51063432 _____ () D:\Programme\Razer\Razer Cortex\Cef\libcef.dll
2017-03-08 22:19 - 2016-09-07 22:42 - 01874944 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2017-03-08 22:19 - 2016-09-07 22:42 - 00075264 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2016-08-23 13:27 - 2015-08-27 23:30 - 00911360 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll
2016-08-23 13:27 - 2015-08-27 23:30 - 00134144 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll
2017-02-28 20:43 - 2016-09-28 19:31 - 00659640 _____ () D:\Programme\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.Core.dll
2017-02-28 20:43 - 2016-09-28 19:31 - 01897704 _____ () D:\Programme\Razer\Razer Cortex\Cef\libglesv2.dll
2017-02-28 20:43 - 2016-09-28 19:31 - 00082216 _____ () D:\Programme\Razer\Razer Cortex\Cef\libegl.dll
2017-02-28 20:44 - 2016-09-07 22:42 - 50656768 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzFpsApplet\cef\libcef.dll
2017-02-28 20:44 - 2016-09-07 22:42 - 01874944 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzFpsApplet\cef\libglesv2.dll
2017-02-28 20:44 - 2016-09-07 22:42 - 00075264 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzFpsApplet\cef\libegl.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2013-03-07 13:53 - 2013-03-07 13:53 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2010-01-12 17:55 - 2010-01-12 17:55 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2010-01-12 17:55 - 2010-01-12 17:55 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2010-12-16 13:16 - 2010-12-16 13:16 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2010-01-18 00:34 - 2010-01-18 00:34 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2013-03-07 13:55 - 2013-03-07 13:55 - 00472576 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2013-03-07 13:58 - 2013-03-07 13:58 - 00499488 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2013-03-07 13:54 - 2013-03-07 13:54 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2010-12-17 13:56 - 2010-12-17 13:56 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2017-03-31 13:13 - 2017-03-10 02:13 - 00674592 _____ () D:\staem.de\Steam\SDL2.dll
2017-03-31 13:13 - 2016-09-01 03:02 - 04969248 _____ () D:\staem.de\Steam\v8.dll
2017-03-31 13:13 - 2017-03-23 02:52 - 02465056 _____ () D:\staem.de\Steam\video.dll
2017-03-31 13:13 - 2016-09-01 03:02 - 01563936 _____ () D:\staem.de\Steam\icui18n.dll
2017-03-31 13:13 - 2016-09-01 03:02 - 01195296 _____ () D:\staem.de\Steam\icuuc.dll
2017-03-31 13:13 - 2016-01-27 09:49 - 02549760 _____ () D:\staem.de\Steam\libavcodec-56.dll
2017-03-31 13:13 - 2016-01-27 09:49 - 00491008 _____ () D:\staem.de\Steam\libavformat-56.dll
2017-03-31 13:13 - 2016-01-27 09:49 - 00332800 _____ () D:\staem.de\Steam\libavresample-2.dll
2017-03-31 13:13 - 2016-01-27 09:49 - 00442880 _____ () D:\staem.de\Steam\libavutil-54.dll
2017-03-31 13:13 - 2016-01-27 09:49 - 00485888 _____ () D:\staem.de\Steam\libswscale-3.dll
2017-03-31 13:13 - 2017-03-31 00:46 - 00848672 _____ () D:\staem.de\Steam\bin\chromehtml.DLL
2017-03-31 13:13 - 2016-07-05 00:17 - 00266560 _____ () D:\staem.de\Steam\openvr_api.dll
2017-03-31 13:13 - 2017-01-30 23:41 - 68875552 _____ () D:\staem.de\Steam\bin\cef\cef.win7\libcef.dll
2017-03-31 13:13 - 2017-03-23 02:52 - 00383776 _____ () D:\staem.de\Steam\steam.dll
2017-03-31 13:13 - 2015-09-25 01:52 - 00119208 _____ () D:\staem.de\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\Users\Fritz:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2017-03-11 19:00 - 00000002 ____A C:\Windows\system32\Drivers\etc\hosts



==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 5.8.8.85 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\StartupFolder: => "TP-LINK-Konfigurationstool.lnk"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\StartupFolder: => "Product Registration.lnk"
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "Memestar Update Checker (Inactive)"
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "gflauncher"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FFC0F777-525B-4416-8BC1-E5B95DBB29E8}] => (Allow) LPort=2869
FirewallRules: [{7444B070-8E08-48C8-A0B1-22DE9F908422}] => (Allow) LPort=1900
FirewallRules: [{E1130690-19CB-4121-AF72-AAF876DEBB04}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{A9650492-3927-400A-9603-D8ED4E7CBCDD}] => (Allow) C:\Users\Fritz\steam\Steam.exe
FirewallRules: [{5D86B1CC-8C89-457B-97C2-9A864B0059D2}] => (Allow) C:\Users\Fritz\steam\Steam.exe
FirewallRules: [{46E30189-3D71-46B8-894F-2F6291A3D9CB}] => (Allow) D:\cbad7ef91886080c4c6a9230\Steam\Steam.exe
FirewallRules: [{D7D4653A-0B77-439D-B8AD-7E146D5BF93B}] => (Allow) D:\cbad7ef91886080c4c6a9230\Steam\Steam.exe
FirewallRules: [TCP Query User{9058F47D-16BE-46E5-9C55-8CF79E609E0C}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{1C0BFDEA-5735-42D6-8B8A-EF7BD2B1E6C6}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D99646E2-75C2-4AD0-BAB1-B9A31DD46416}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{986662C3-FF79-4B70-907B-B13892DDBDF9}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{B18A85E1-32DF-49C6-B28B-02DF377071F7}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{E47A500C-7A39-464C-99D5-A437D09B5ED1}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{6E54DAC6-EC1B-464A-8433-5AA0B1A3D5A5}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{E28D9B69-85E5-4943-9CBD-76F24633AC4F}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{D29A0904-6032-4C17-AEC2-578A6A30A933}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{1D9BEBB8-A104-419C-B2BB-0C52A01CE910}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{42E81CC3-4F47-4767-85B3-E305FF3481F3}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{B301D72A-7363-4348-A136-8828E383DAFC}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{47F10786-BFFF-4D84-AB8A-4191302FF1AD}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{83692087-1BCB-47CC-B5C4-E29551BD501B}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{8A055C27-F908-4ABF-8A45-738C6BF8991B}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{535F425E-CBC0-41B4-86E7-4BFB372D464C}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{16E65E5F-0736-415C-876A-C08989BDB2B6}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{8E215670-A1A8-4DE0-82E0-A66F67EA6E5D}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{DE2CA8C9-A7E7-4B2F-BD4F-A91C0FBDCA62}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{11D3D38D-3639-4C5D-98BD-BBD96048BD58}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{9AD5D8F0-2A15-4DA6-9FA9-C03963B11B8B}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{F3BB5A70-8781-4687-8453-7A2E6C9F740B}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{4978C2E6-7B14-4B11-A93B-F6BFF49B27C1}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{FF276E89-B354-4B1D-8836-989E95CF81A6}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{83ACC1AF-D0DF-491E-AA89-F03672540946}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{758064E0-3E29-48CB-83A6-DFB0A1D3634E}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{F36E10F2-83E1-4040-A059-DA3C101FD4BD}] => (Allow) D:\staem.de\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{9EDE79B4-A25E-4263-B987-128297282D63}] => (Allow) D:\staem.de\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{7A4F4F37-E052-4A1F-B30F-081F40552858}] => (Allow) D:\staem.de\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{88B4732A-FED6-452E-BAB3-4907427CB4CF}] => (Allow) D:\staem.de\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{8B4F7E88-DE04-4B8A-808E-433DE2121530}] => (Allow) E:\ETS2 NEU\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D2CAC890-BD5A-4B18-970C-937AD25E2EAE}] => (Allow) E:\ETS2 NEU\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C91492AC-43AD-4F8A-9DFA-E3F9A337D3A3}] => (Allow) E:\ETS2 NEU\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{6E92F3EB-8C6F-4A3A-9CFF-59104F0DF5D6}] => (Allow) E:\ETS2 NEU\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [TCP Query User{1A5C5E4C-10EE-4776-BD52-34ADFC4C5BF5}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{E440EE6C-9661-4502-A800-A7D0CFC11133}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{4B4CB57F-92E0-47B1-B796-B34D3F0E2928}D:\spiele\tmnationsforever\tmforever.exe] => (Allow) D:\spiele\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{AD0B1924-F1C6-4907-B8DB-7A9D2D871352}D:\spiele\tmnationsforever\tmforever.exe] => (Allow) D:\spiele\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{0C2D5200-F2EE-474F-9C57-1D68A1E6D668}D:\spiele\tmnationsforever\tmforever.exe] => (Block) D:\spiele\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{9A7DFE99-A5E2-4DDE-AACE-E5181904E14A}D:\spiele\tmnationsforever\tmforever.exe] => (Block) D:\spiele\tmnationsforever\tmforever.exe
FirewallRules: [{353B94D8-FFD3-4C21-B1A7-C6ACE640683D}] => (Allow) D:\staem.de\Steam\steamapps\common\ConSim2015\ConSim2015.exe
FirewallRules: [{931F2755-9A13-4FC7-8688-D87E98166DCB}] => (Allow) D:\staem.de\Steam\steamapps\common\ConSim2015\ConSim2015.exe
FirewallRules: [{CFA1A9FA-B26C-48E5-A8A0-34D657931AB1}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe
FirewallRules: [{2E1F08CB-5B01-4760-B90B-2173004C56CE}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe
FirewallRules: [{B1811997-354B-469F-8ADE-51A22BE511EC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{BD3183D1-7B59-492A-9F04-FA9CB4EF3E1D}] => (Allow) D:\Spiele\NFS\Need for Speed\NFS16.exe
FirewallRules: [{DD0F7A7F-9DD3-4211-B865-A4E98F81DECA}] => (Allow) D:\Spiele\NFS\Need for Speed\NFS16.exe
FirewallRules: [{3ACC4120-C2AD-40C7-8DCA-C487A4AA17EF}] => (Allow) D:\Spiele\NFS\Need for Speed\NFS16_trial.exe
FirewallRules: [{A79EEF7F-C02F-4FEB-9E4F-237EDE9F8457}] => (Allow) D:\Spiele\NFS\Need for Speed\NFS16_trial.exe
FirewallRules: [TCP Query User{E43ABAE4-04D3-46BB-83A5-7D7822953785}D:\spiele\nfs\need for speed\nfs16.exe] => (Block) D:\spiele\nfs\need for speed\nfs16.exe
FirewallRules: [UDP Query User{3EFDB123-7955-4B97-A777-B4520C332DF0}D:\spiele\nfs\need for speed\nfs16.exe] => (Block) D:\spiele\nfs\need for speed\nfs16.exe
FirewallRules: [{655D3060-B334-4E32-95D5-D2CD5BD7B96B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{4DF27530-63A8-412B-B6FB-B3B4CECD1E34}D:\spiele\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) D:\spiele\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [UDP Query User{01583D0F-C8A8-4FD2-B1D8-1DBD26A81C42}D:\spiele\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) D:\spiele\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [{0A9BEE98-15D4-490B-9A4B-870C3E5F817E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B61BB212-F192-4A76-8FD4-DE2AC746EB21}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CA7732F6-E90D-4C89-8FDA-4F694BAF23AC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FE84EBDA-7A82-4359-88C8-D83550016CE7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6289CEAB-0389-45B8-9A6C-09EDB2E26771}] => (Allow) D:\staem.de\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe
FirewallRules: [{2F199068-4308-4C26-B0CB-42844B45D59D}] => (Allow) D:\staem.de\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe
FirewallRules: [{0CA6FFA4-60C7-44BD-AD93-08B903D23C21}] => (Allow) D:\staem.de\Steam\steamapps\common\blacklightretribution\Binaries\Win32\FoxGame-win32-Shipping.exe
FirewallRules: [{BCAA94CF-FE46-49F8-B477-0D403DD4E65F}] => (Allow) D:\staem.de\Steam\steamapps\common\blacklightretribution\Binaries\Win32\FoxGame-win32-Shipping.exe
FirewallRules: [{9F994B97-C62F-4280-913E-350EB4047197}] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{099A161F-9056-41EC-9765-1BCB77845FEB}] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D637AC00-4295-4950-B95A-61EEE0FC17AD}] => (Allow) LPort=25565
FirewallRules: [{E32B07F2-1DB8-4C8B-8BA4-0BD2F0A3F433}] => (Allow) D:\staem.de\Steam\steamapps\common\RailWorks\RailWorks.exe
FirewallRules: [{A0D955B4-3334-4BAB-A542-E0261C3E8C6B}] => (Allow) D:\staem.de\Steam\steamapps\common\RailWorks\RailWorks.exe
FirewallRules: [{1A12DDCA-BB03-4B34-92B1-C6C11AE203E4}] => (Allow) D:\staem.de\Steam\steamapps\common\Zula EU\zula_launcher.exe
FirewallRules: [{D187E17D-1AFC-457B-BE47-E993AF1825F4}] => (Allow) D:\staem.de\Steam\steamapps\common\Zula EU\zula_launcher.exe
FirewallRules: [TCP Query User{BE6AEAF9-E8A1-4EDC-BC9E-65684FF2E1BF}D:\staem.de\steam\steamapps\common\omsi 2\omsiplugin.exe] => (Allow) D:\staem.de\steam\steamapps\common\omsi 2\omsiplugin.exe
FirewallRules: [UDP Query User{754ED3E4-8611-4EEA-8AC4-ABC19552926C}D:\staem.de\steam\steamapps\common\omsi 2\omsiplugin.exe] => (Allow) D:\staem.de\steam\steamapps\common\omsi 2\omsiplugin.exe
FirewallRules: [{67922556-1DD0-4805-B212-BB83196156C5}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{CB0554F5-ACD8-41CE-A4F3-FAAD4306630C}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{560D6E29-71EA-4446-B7BD-18682E1C4C68}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{E30EA182-1F1B-4C70-ABA0-E8AFDA7FBDF6}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{E244783D-B274-4BF8-AED0-017C85CA80C9}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{E570F06E-B6C1-4F80-9608-EDF53867AB39}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{302F3006-3740-42E8-A818-6067E7FA4576}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{71A64C1C-F7B3-4ED1-A2CD-72145A2A3483}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{C1D1DBB8-5694-4116-89BC-79F1F6B3D0A5}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{C6200C32-71F4-414F-A388-6434881D7440}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{75B6DEA5-9D8A-49D8-B587-D95ED9E35DCB}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{4CBF261A-C4C7-49B2-A28B-253C442CD5C6}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{CA212F62-5F2E-4C6F-A11E-4BDDC0635525}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{A4C76A25-1962-4BCB-8E8D-5F22E96E0051}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{CFCB03A3-123E-4E86-9D46-83EFECC5D607}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{DD415E41-1CD6-4000-8519-1464BDCA85FF}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{6C07D6DB-CFD9-4CCE-A239-771A8127F7E3}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [TCP Query User{83744070-C77B-4803-931D-5D7CD436A463}D:\spiele\world_of_tanks\worldoftanks.exe] => (Allow) D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{16859025-1EF8-4937-9197-F20BBFE34B33}D:\spiele\world_of_tanks\worldoftanks.exe] => (Allow) D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [{4996CB76-C202-4DCB-A74D-EAC004F1C60F}] => (Allow) D:\Spiele\GameforgeLive\gfl_client.exe
FirewallRules: [{0DA3B126-6FB9-4EED-8E0A-2C293D30E05F}] => (Allow) D:\staem.de\Steam\Steam.exe
FirewallRules: [{4EDE1659-97CE-4B11-87C8-9B7478D59372}] => (Allow) D:\staem.de\Steam\Steam.exe
FirewallRules: [{AB1E843E-9D6A-4219-A5F6-AFC9798C265E}] => (Allow) D:\staem.de\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{953A51A8-DC81-43E3-9104-8AFC41557105}] => (Allow) D:\staem.de\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{2060B6B9-ADA0-4148-998B-3C601758D02E}D:\spiele\world_of_tanks\wotlauncher.exe] => (Block) D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{94471A63-A1DC-492F-B143-E1AA8A989429}D:\spiele\world_of_tanks\wotlauncher.exe] => (Block) D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{64C6DF76-FD33-4F4B-80A3-EBB960B9C6E1}D:\garrysmod.exe] => (Allow) D:\garrysmod.exe
FirewallRules: [UDP Query User{31FD5525-888A-48D0-B6C6-113CDD1B6B9F}D:\garrysmod.exe] => (Allow) D:\garrysmod.exe
FirewallRules: [{E45132F8-9235-45DE-917A-7D96B4D18F89}] => (Allow) D:\staem.de\Steam\steamapps\common\OMSI 2\Omsi.exe
FirewallRules: [{E95273D5-60A2-4106-B6AA-0CC7AD78A47E}] => (Allow) D:\staem.de\Steam\steamapps\common\OMSI 2\Omsi.exe
FirewallRules: [TCP Query User{44EB2550-F00F-40BE-B683-01E400BFC62F}D:\spiele\planetside2_x64.exe] => (Allow) D:\spiele\planetside2_x64.exe
FirewallRules: [UDP Query User{FF4C42DA-24C6-482A-85B6-96FA68FAF2DC}D:\spiele\planetside2_x64.exe] => (Allow) D:\spiele\planetside2_x64.exe
FirewallRules: [{79DFB3B2-0E0B-46B0-8193-6001D3983D09}] => (Allow) D:\staem.de\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{08A492BF-6B87-44D1-9C8B-AA029C81069E}] => (Allow) D:\staem.de\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [TCP Query User{6AB5431C-6F75-4EBA-9BE4-93730AB7B0ED}C:\users\fritz\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\fritz\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{3F80C7B5-F93B-44E2-9BF0-71DE6C085C65}C:\users\fritz\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\fritz\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{686806E4-EF12-4994-9BB1-AFFA18961BE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{8A28F1EA-35E0-4958-8518-96FF425E1E18}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0E2131BC-1AC1-47DF-8AF6-502148E98A77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{8A47EDEE-763A-4DE1-8756-8D5A4BD0FFF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8290EA43-CF24-4DA1-A872-B962B6B6EBAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AFBD03E4-822E-44BA-A9AA-609CA53BB6AB}] => (Allow) D:\staem.de\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{87C06EB8-5EFB-48D4-BB8C-1F71775CECB6}] => (Allow) D:\staem.de\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [TCP Query User{29F4CB74-70DD-4B50-A38B-CAE9D695D3C1}D:\staem.de\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) D:\staem.de\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe
FirewallRules: [UDP Query User{640EC7D4-CEE5-40F4-ACAA-DF35B966FC2E}D:\staem.de\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) D:\staem.de\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe
FirewallRules: [TCP Query User{E9429EE0-3AA0-4EA6-9902-A2EFBD75B5C0}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{CFF28640-AFC3-490B-9DD2-292C8E01CD49}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [{09682146-7BC7-482C-867C-D8F36E266699}] => (Allow) D:\staem.de\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{0B199E5F-7858-45D8-AEE9-99ED293A33D0}] => (Allow) D:\staem.de\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{48352985-B3CE-45AA-95E6-25B9F60C61CF}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
FirewallRules: [{E811075A-6568-4853-87B6-A18B0CD01E8B}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590_0\SZBrowser.exe
FirewallRules: [{AFD22375-0A1B-445C-836D-BF33F263F625}] => (Allow) D:\staem.de\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{B533C653-1DF5-484B-ACD3-891101AA67CE}] => (Allow) D:\staem.de\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{99CE8EF6-0F01-48FA-8C40-CE2BFC2D196C}] => (Allow) D:\staem.de\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{65979547-3ED2-4663-A1CF-8CC46AFB3BAA}] => (Allow) D:\staem.de\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{E3E5EBAF-3F91-4450-98AF-99154B401B24}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{DC4885AA-1800-40BA-946E-0E8DD8455364}C:\users\fritz\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\fritz\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{524A21D5-EA7C-49D4-BCA2-7A2C4EC76C69}C:\users\fritz\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\fritz\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{A50E4149-0DC0-4A3B-B06D-7241A17149A3}] => (Allow) D:\staem.de\Steam\steamapps\common\Line of Sight\Binaries\Win32\LSGame_BE.exe
FirewallRules: [{790C28BD-6F9C-42E8-900E-0A172BAA4303}] => (Allow) D:\staem.de\Steam\steamapps\common\Line of Sight\Binaries\Win32\LSGame_BE.exe

==================== Wiederherstellungspunkte =========================

04-04-2017 18:02:53 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/04/2017 03:58:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector5\kernel\ces\CES_CacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/04/2017 03:58:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector5\kernel\ces\CES_AudioCacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/03/2017 09:00:58 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "D:\Programme\Razer\Razer Cortex\StreamingServicesAPI.dll.Manifest". Fehler in Manifest- oder Richtliniendatei "D:\Programme\Razer\Razer Cortex\StreamingServicesAPI.dll.Manifest" in Zeile 2.
Der Wert "F:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dll" des "name"-Attributs im urn:schemas-microsoft-com:asm.v1^file-Element ist ungültig.

Error: (04/03/2017 04:43:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector5\kernel\ces\CES_CacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/03/2017 04:43:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector5\kernel\ces\CES_AudioCacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/03/2017 04:42:23 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "D:\Programme\Razer\Razer Cortex\StreamingServicesAPI.dll.Manifest". Fehler in Manifest- oder Richtliniendatei "D:\Programme\Razer\Razer Cortex\StreamingServicesAPI.dll.Manifest" in Zeile 2.
Der Wert "F:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dll" des "name"-Attributs im urn:schemas-microsoft-com:asm.v1^file-Element ist ungültig.

Error: (04/03/2017 02:35:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MinecraftLauncher.exe, Version: 1.0.1.0, Zeitstempel: 0x58c26df9
Name des fehlerhaften Moduls: MinecraftLauncher.exe, Version: 1.0.1.0, Zeitstempel: 0x58c26df9
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00051469
ID des fehlerhaften Prozesses: 0x2954
Startzeit der fehlerhaften Anwendung: 0x01d2ac764a911249
Pfad der fehlerhaften Anwendung: D:\Spiele\Minecraft\MinecraftLauncher.exe
Pfad des fehlerhaften Moduls: D:\Spiele\Minecraft\MinecraftLauncher.exe
Berichtskennung: 084da5b8-186a-11e7-84b5-c03fd5aa9ee7
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/03/2017 01:30:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: metin2client.bin, Version: 1.0.27056.0, Zeitstempel: 0x58ca8124
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4e1d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001debe
ID des fehlerhaften Prozesses: 0x984
Startzeit der fehlerhaften Anwendung: 0x01d2ac088ef3a2d7
Pfad der fehlerhaften Anwendung: D:\Metin\GameforgeLive\Games\ROU_ron\Metin2\metin2client.bin
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: 67ff46aa-17fc-11e7-84b5-c03fd5aa9ee7
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/03/2017 01:25:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PDVD12Serv.exe, Version: 12.0.24034.3720, Zeitstempel: 0x52dcc4ac
Name des fehlerhaften Moduls: npggNT.des_unloaded, Version: 2016.10.19.1, Zeitstempel: 0x5806fd14
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000e240
ID des fehlerhaften Prozesses: 0x1088
Startzeit der fehlerhaften Anwendung: 0x01d2aba6777cbe76
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
Pfad des fehlerhaften Moduls: npggNT.des
Berichtskennung: b70b37b4-17fb-11e7-84b5-c03fd5aa9ee7
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/03/2017 01:25:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WerFault.exe, Version: 6.3.9600.17415, Zeitstempel: 0x54503815
Name des fehlerhaften Moduls: aswhookx.dll, Version: 17.2.2.60911, Zeitstempel: 0x58ac6c5d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00004954
ID des fehlerhaften Prozesses: 0x5a4
Startzeit der fehlerhaften Anwendung: 0x01d2ac087111d6a9
Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\WerFault.exe
Pfad des fehlerhaften Moduls: C:\Program Files\AVAST Software\Avast\aswhookx.dll
Berichtskennung: b0ff2dc8-17fb-11e7-84b5-c03fd5aa9ee7
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (04/04/2017 04:07:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneVideo

Error: (04/04/2017 04:07:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.BingNews

Error: (04/04/2017 04:07:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneVideo

Error: (04/04/2017 04:07:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.MicrosoftMinesweeper

Error: (04/04/2017 04:07:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneVideo

Error: (04/04/2017 04:07:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.BingNews

Error: (04/04/2017 04:07:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneVideo

Error: (04/04/2017 03:56:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Dienst wurde nicht gestartet.

Error: (04/04/2017 03:56:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Dienst wurde nicht gestartet.

Error: (04/04/2017 03:56:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der Dienst wurde nicht gestartet.


CodeIntegrity:
===================================
  Date: 2016-07-04 15:44:38.593
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Fritz\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-04 15:44:38.433
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Programme\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-04 15:42:12.993
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Fritz\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-04 15:42:12.811
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Programme\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 51%
Installierter physikalischer RAM: 8144.42 MB
Verfügbarer physikalischer RAM: 3957.54 MB
Summe virtueller Speicher: 12212.25 MB
Verfügbarer virtueller Speicher: 6454.41 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:57.91 GB) (Free:0.65 GB) NTFS
Drive d: (Data) (Fixed) (Total:871.39 GB) (Free:483.13 GB) NTFS
Drive e: (Recover) (Fixed) (Total:40.03 GB) (Free:19.5 GB) NTFS
Drive g: (FarmingSimulator) (CDROM) (Total:1.91 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 59.6 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Danke!

cosinus · 04.04.2017, 22:35

Bitte Avast deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Auch andere Freewareanbieter wie Avira, AVG oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel.

Gib Bescheid wenn Avast weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!

Glueckskeks · 07.04.2017, 21:36

Danke, Avast ist deinstalliert

cosinus · 08.04.2017, 17:41

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Glueckskeks · 12.04.2017, 17:41

Ich melde mich in 1,5 Wochen wieder. Mein Neffe ist im Urlaub.

Glueckskeks

Glueckskeks · 23.04.2017, 18:28

Schade, nichts gefunden. Seite öffnet sich auch immer noch.

Grüße

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.04.23.04
  rootkit: v2017.04.02.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18618
Fritz :: FRITZI-RECHNER [administrator]

23.04.2017 18:56:38
mbar-log-2017-04-23 (18-56-38).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 298751
Time elapsed: 11 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus · 23.04.2017, 19:32

Zitat:

Zitat von Glueckskeks

Schade, nichts gefunden. Seite öffnet sich auch immer noch.

Ich werd solche Aussagen nie verstehen. Wie kann man darüber enttäuscht sein, dass der Rechner rootkitfrei ist?

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Wir haben leider noch ne ältere Anleitung vom adwCleaner, daher das Tool so einstellen wie in diesem Screenshot:

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Glueckskeks · 26.04.2017, 18:54

ADW Cleaner:

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v6.046 - Bericht erstellt am 26/04/2017 um 19:44:39
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-04-25.1 [Server]
# Betriebssystem : Windows 8.1  (X64)
# Benutzername : Fritz - FRITZI-RECHNER
# Gestartet von : C:\Users\Fritz\Desktop\AdwCleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\amigo.exe


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [7205 Bytes] - [24/10/2016 13:48:30]
C:\AdwCleaner\AdwCleaner[C2].txt - [3227 Bytes] - [04/12/2016 15:16:56]
C:\AdwCleaner\AdwCleaner[C3].txt - [5175 Bytes] - [28/02/2017 19:10:25]
C:\AdwCleaner\AdwCleaner[C4].txt - [1271 Bytes] - [26/04/2017 19:44:39]
C:\AdwCleaner\AdwCleaner[S0].txt - [6889 Bytes] - [24/10/2016 13:47:55]
C:\AdwCleaner\AdwCleaner[S1].txt - [3208 Bytes] - [04/12/2016 15:15:36]
C:\AdwCleaner\AdwCleaner[S2].txt - [1622 Bytes] - [06/12/2016 20:54:06]
C:\AdwCleaner\AdwCleaner[S3].txt - [1695 Bytes] - [16/12/2016 17:32:42]
C:\AdwCleaner\AdwCleaner[S4].txt - [4990 Bytes] - [28/02/2017 19:02:13]
C:\AdwCleaner\AdwCleaner[S5].txt - [1941 Bytes] - [26/04/2017 19:44:04]

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [1782 Bytes] ##########

--- --- ---

[/CODE]

JRT

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 8.1 x64 
Ran by Fritz (Administrator) on 26.04.2017 at 19:50:02,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 13 

Successfully deleted: C:\ProgramData\mntemp (File) 
Successfully deleted: C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} (Folder) 
Successfully deleted: C:\Windows\hgfs.sys (File) 
Successfully deleted: C:\Windows\prleth.sys (File) 
Successfully deleted: C:\Program Files\checker (Folder) 
Successfully deleted: C:\Windows\system32\REN206E.tmp (File) 
Successfully deleted: C:\Windows\system32\REN7364.tmp (File) 
Successfully deleted: C:\Windows\system32\REN8F78.tmp (File) 
Successfully deleted: C:\Windows\system32\RENA120.tmp (File) 
Successfully deleted: C:\Windows\system32\RENC45E.tmp (File) 
Successfully deleted: C:\Windows\system32\REND6DC.tmp (File) 
Successfully deleted: C:\Windows\system32\RENE08.tmp (File) 
Successfully deleted: C:\Windows\system32\RENFCC9.tmp (File) 

Deleted the following from C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default\prefs.js
user_pref(browser.search.defaultenginename, ?????@Mail.Ru);
user_pref(browser.search.selectedEngine, ?????@Mail.Ru);
user_pref(browser.startup.homepage, hxxps://mail.ru/cnt/11956636?fr=ffhp1.0.3&gp=811036);
user_pref(extensions.homepage@mail.ru.go_metric_url, hxxp://go.mail.ru/distib/mark/?product_id=%7BAB3A925B-FD78-4116-855D-104458D27599%7D&install_id=%7B4DB8C304-D31B-47B1-A
user_pref(extensions.homepage@mail.ru.info, {\gp\:\811036\,\product_id\:\{AB3A925B-FD78-4116-855D-104458D27599}\,\install_id\:\{4DB8C304-D31B-47B1-A9D7-DED70AE3D
user_pref(extensions.homepage@mail.ru.install_id, {4DB8C304-D31B-47B1-A9D7-DED70AE3D3E3});
user_pref(extensions.homepage@mail.ru.lastHomepage, about:home);
user_pref(extensions.homepage@mail.ru.lastPageType, 0);
user_pref(extensions.homepage@mail.ru.metric_state_go_metric, {\lastDayNumber\:1,\lastDayDate\:\2017-03-25T00:00:00.000Z\});
user_pref(extensions.homepage@mail.ru.metric_state_mrds_metric, {\lastDayNumber\:1,\lastDayDate\:\2017-03-25T00:00:00.000Z\});
user_pref(extensions.homepage@mail.ru.mrds_metric_url, hxxp://mrds.mail.ru/update/2/version.txt?type=product_online_metric&product_id=%7BAB3A925B-FD78-4116-855D-104458D2759
user_pref(extensions.homepage@mail.ru.partner_product_online_url, hxxp://ec2-54-171-243-238.eu-west-1.compute.amazonaws.com/affect?guid={guid}&sid=16045&homesearch=1&label=
user_pref(extensions.homepage@mail.ru.product_id, {AB3A925B-FD78-4116-855D-104458D27599});
user_pref(extensions.homepage@mail.ru.product_type, ff_xtnhp);
user_pref(extensions.homepage@mail.ru.rfr, 811036);
user_pref(extensions.search@mail.ru.go_metric_url, hxxp://go.mail.ru/distib/mark/?product_id=%7BCFD64415-F148-4E21-A5C9-6421400E55EE%7D&install_id=%7B4DB8C304-D31B-47B1-A9D
user_pref(extensions.search@mail.ru.info, {\gp\:\811037\,\product_id\:\{CFD64415-F148-4E21-A5C9-6421400E55EE}\,\install_id\:\{4DB8C304-D31B-47B1-A9D7-DED70AE3D3E
user_pref(extensions.search@mail.ru.install_id, {4DB8C304-D31B-47B1-A9D7-DED70AE3D3E3});
user_pref(extensions.search@mail.ru.metric_state_go_metric, {\lastDayNumber\:1,\lastDayDate\:\2017-03-25T00:00:00.000Z\});
user_pref(extensions.search@mail.ru.metric_state_mrds_metric, {\lastDayNumber\:1,\lastDayDate\:\2017-03-25T00:00:00.000Z\});
user_pref(extensions.search@mail.ru.mrds_metric_url, hxxp://mrds.mail.ru/update/2/version.txt?type=product_online_metric&product_id=%7BCFD64415-F148-4E21-A5C9-6421400E55EE%
user_pref(extensions.search@mail.ru.partner_product_online_url, hxxp://ec2-54-171-243-238.eu-west-1.compute.amazonaws.com/affect?guid={guid}&sid=16045&homesearch=1&label=81
user_pref(extensions.search@mail.ru.product_id, {CFD64415-F148-4E21-A5C9-6421400E55EE});
user_pref(extensions.search@mail.ru.product_type, ff_xtndse);
user_pref(extensions.search@mail.ru.rfr, 811037);
user_pref(extensions.xpiState, {\app-profile\:{\homepage@mail.ru\:{\d\:\C:\\\\Users\\\\Fritz\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hj71rkax.defa
user_pref(extensions.{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.go_metric_url, hxxp://go.mail.ru/distib/mark/?product_id=%7B53E77BDF-6EB2-41A0-B7C3-61A0671E3FF5%7D&install_id=%
user_pref(extensions.{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.info, {\gp\:\811038\,\product_id\:\{53E77BDF-6EB2-41A0-B7C3-61A0671E3FF5}\,\install_id\:\{4DB8C304-D3
user_pref(extensions.{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.mrds_metric_url, hxxp://mrds.mail.ru/update/2/version.txt?type=product_online_metric&product_id=%7B53E77BDF-6EB2
user_pref(keyword.URL, hxxp://go.mail.ru/distib/ep/?product_id=%7B6E899E04-9C9B-4A50-9844-D0FFD235B88A%7D&gp=811037);



Registry: 2 

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.04.2017 at 19:51:12,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cosinus · 26.04.2017, 20:54

Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

Glueckskeks · 01.05.2017, 19:25

FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05-2017
durchgeführt von Fritz (Administrator) auf FRITZI-RECHNER (01-05-2017 20:00:48)
Gestartet von D:\Downloads
Geladene Profile: Fritz (Verfügbare Profile: Fritz)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Razer Inc.) D:\Programme\Razer\Razer Cortex\RzKLService.exe
(@ByELDI) D:\Spiele\KMSpico\Service_KMS.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(LogMeIn Inc.) D:\Programme\Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) D:\Programme\Hamachi\x64\LMIGuardianSvc.exe
(Malwarebytes) D:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe
(LogMeIn Inc.) D:\Programme\Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) D:\Programme\Hamachi\LMIGuardianSvc.exe
(Malwarebytes) D:\Programme\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(MY.COM B.V.) C:\Users\Fritz\AppData\Local\MyComGames\MyComGames.exe
(Mixesoft Project) C:\Users\Fritz\AppData\Local\Mixesoft\AppNHost\appnhost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mega Limited) C:\Users\Fritz\AppData\Local\MEGAsync\MEGAsync.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Razer Inc.) D:\Programme\Razer\Razer Cortex\RazerCortex.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(The CefSharp Authors) D:\Programme\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
(MY.COM B.V.) C:\Users\Fritz\AppData\Local\MyComGames\MyComGames.exe
(Razer Inc.) D:\Programme\Razer\Razer Cortex\FPSRunner32.exe
(Razer Inc.) D:\Programme\Razer\Razer Cortex\x64\FPSRunner64.exe
(Razer, Inc.) D:\Programme\Razer\Razer Cortex\RzFpsApplet\RzFpsApplet.exe
(Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe
(Razer, Inc.) C:\Users\Fritz\AppData\Local\Razer\InGameEngine\cache\RzFpsApplet\rzcefrenderprocess.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Farbar) D:\Downloads\FRST64 (1).exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => D:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15642744 2016-03-30] (Logitech Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2014-03-12] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-04] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [RazerCortex] => D:\Programme\Razer\Razer Cortex\CortexLauncher.exe [222160 2016-09-28] (Razer Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programme\Hamachi\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Run: [World of Tanks] => D:\Spiele\World_of_Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Run: [MyComGames] => C:\Users\Fritz\AppData\Local\MyComGames\MyComGames.exe [5377936 2017-04-23] (MY.COM B.V.)
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Run: [appnhost] => C:\Users\Fritz\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project)
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\MountPoints2: {57593653-1a15-11e7-84b5-c03fd5aa9ee7} - "I:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\MountPoints2: {5759365d-1a15-11e7-84b5-c03fd5aa9ee7} - "I:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\MountPoints2: {5759365f-1a15-11e7-84b5-c03fd5aa9ee7} - "I:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\MountPoints2: {ad654ec5-2f7f-11e4-8282-806e6f6e6963} - "G:\autorun.exe" 
HKU\S-1-5-18\...\Run: [AppLauncher] => C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe [969632 2012-08-10] (Ashampoo)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] ()
Startup: C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-03-26]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Fritz\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{A9470B01-B732-4F7E-99F4-834D4029F35A}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{C7C99009-0D44-4F54-9B12-4918276100D6}: [NameServer] 5.8.8.85,8.8.8.8
Tcpip\..\Interfaces\{C7C99009-0D44-4F54-9B12-4918276100D6}: [DhcpNameServer] 192.168.0.1
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = 
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-05] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-05] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-28] (Oracle Corporation)
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -  Keine Datei
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: hj71rkax.default
FF ProfilePath: C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default [2017-05-01]
FF NewTab: Mozilla\Firefox\Profiles\hj71rkax.default -> about:newtab
FF Extension: (???????? ???????? Mail.Ru) - C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default\Extensions\homepage@mail.ru [2017-02-23]
FF Extension: (?????@Mail.Ru) - C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default\Extensions\search@mail.ru [2017-02-23]
FF Extension: (Kein Name) - C:\Users\Fritz\AppData\Roaming\Mozilla\Firefox\Profiles\hj71rkax.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} [nicht gefunden]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-27] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-05] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-27] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-2589094953-1922200633-4272172180-1001: @my.com/Games -> C:\Users\Fritz\AppData\Local\MyComGames\NPMyComDetector.dll [2017-02-11] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-2589094953-1922200633-4272172180-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Fritz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
StartMenuInternet: FIREFOX.EXE - D:\Programme\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default [2017-05-01]
CHR Extension: (Google Präsentationen) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-26]
CHR Extension: (Google Docs) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-26]
CHR Extension: (Google Drive) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-26]
CHR Extension: (YouTube) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-26]
CHR Extension: (Google Tabellen) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-26]
CHR Extension: (Google Docs Offline) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-26]
CHR Extension: (Google Mail) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-26]
CHR Extension: (Chrome Media Router) - C:\Users\Fritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-26]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530376 2017-04-07] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [400656 2017-03-01] (EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 Hamachi2Svc; D:\Programme\Hamachi\x64\hamachi-2.exe [3416584 2017-03-02] (LogMeIn Inc.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2605176 2017-04-21] (AnchorFree Inc.)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-03-30] (Logitech Inc.)
R2 MBAMService; D:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3611808 2015-07-22] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-10] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-10] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2017-02-10] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2146704 2017-04-27] (Electronic Arts)
S2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3115928 2017-04-27] (Electronic Arts)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [69760 2016-06-20] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
R2 RzKLService; D:\Programme\Razer\Razer Cortex\RzKLService.exe [133376 2016-09-28] (Razer Inc.)
R2 Service KMSELDI; D:\Spiele\KMSpico\Service_KMS.exe [743616 2015-12-02] (@ByELDI) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files (x86)\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files (x86)\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AFTrafMgr1.2; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_2_64.sys [57272 2017-03-27] (AnchorFree Inc.)
S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [44640 2014-09-30] (The OpenVPN Project)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-01] (Disc Soft Ltd)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-02-27] (LogMeIn Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-10] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2017-02-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2017-02-10] (NVIDIA Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation                           )
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [51224 2016-04-07] (Razer Inc)
R3 rzmpos; C:\Windows\System32\drivers\rzmpos.sys [47640 2016-04-07] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42064 2017-04-21] (Anchorfree Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U3 DfSdkS; kein ImagePath
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-01 19:58 - 2017-05-01 19:58 - 00347040 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-01 19:54 - 2017-05-01 19:54 - 00000000 ____D C:\Users\Fritz\Downloads\SafeZone Installer
2017-05-01 14:11 - 2017-05-01 14:11 - 00004608 _____ C:\Windows\SECOH-QAD.exe
2017-05-01 14:11 - 2017-05-01 14:11 - 00003584 _____ C:\Windows\SECOH-QAD.dll
2017-05-01 14:11 - 2017-05-01 14:11 - 00003350 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2017-05-01 14:11 - 2017-05-01 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-05-01 14:11 - 2010-12-06 04:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2017-04-29 00:10 - 2017-04-29 00:10 - 00000000 ____D C:\Users\Fritz\AppData\LocalLow\Amistech
2017-04-26 19:51 - 2017-04-26 19:51 - 00005415 _____ C:\Users\Fritz\Desktop\JRT.txt
2017-04-26 19:40 - 2017-04-26 19:39 - 04102600 _____ C:\Users\Fritz\Desktop\AdwCleaner_6.046.exe
2017-04-26 19:40 - 2017-04-26 19:39 - 01663672 _____ (Malwarebytes) C:\Users\Fritz\Desktop\JRT.exe
2017-04-25 21:18 - 2017-04-25 21:19 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2017-04-25 21:18 - 2017-04-25 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2017-04-25 21:18 - 2017-04-25 21:18 - 00000000 ____D C:\ProgramData\Hotspot Shield
2017-04-25 17:44 - 2017-04-25 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2017-04-23 18:56 - 2017-04-23 19:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-04-23 18:55 - 2017-04-23 19:07 - 00000000 ____D C:\Users\Fritz\Desktop\mbar
2017-04-21 16:16 - 2017-04-21 16:16 - 00042064 _____ (Anchorfree Inc.) C:\Windows\system32\Drivers\taphss6.sys
2017-04-04 21:27 - 2017-04-04 21:27 - 00000000 ____D C:\Program Files\Logitech
2017-04-04 21:26 - 2017-04-25 17:46 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2017-04-04 20:50 - 2017-05-01 20:00 - 00000000 ____D C:\FRST
2017-04-03 16:41 - 2017-04-03 16:41 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2017-04-02 21:33 - 2017-04-02 21:33 - 00000000 ____D C:\Users\Fritz\AppData\LocalLow\Temp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-01 19:59 - 2017-02-11 00:23 - 00000000 ____D C:\Users\Fritz\AppData\Local\MyComGames
2017-05-01 19:59 - 2016-11-12 17:19 - 00000000 ____D C:\Users\Fritz\AppData\Local\LogMeIn Hamachi
2017-05-01 19:59 - 2014-09-30 18:09 - 00000000 ___RD C:\Users\Fritz\OneDrive
2017-05-01 19:58 - 2017-02-28 19:32 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-01 19:58 - 2015-12-03 14:49 - 00000000 ____D C:\Program Files\Common Files\AV
2017-05-01 19:58 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-01 19:58 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-05-01 19:41 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-01 19:28 - 2015-07-20 17:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-05-01 19:05 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2017-05-01 18:52 - 2014-09-30 18:17 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CFB2E40D-C6E0-48A8-8A2A-6E7E44AB2346}
2017-05-01 15:08 - 2016-02-19 22:14 - 00000000 ____D C:\Users\Fritz\AppData\Local\CrashDumps
2017-04-30 20:55 - 2014-09-30 18:13 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2589094953-1922200633-4272172180-1001
2017-04-30 14:26 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2017-04-30 01:05 - 2017-01-03 23:52 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\.minecraft
2017-04-30 00:21 - 2016-01-05 20:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-04-29 10:29 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-28 18:42 - 2017-03-26 00:37 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 18:42 - 2017-03-26 00:37 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-27 21:04 - 2016-06-04 13:06 - 00000000 ____D C:\ProgramData\Origin
2017-04-27 21:03 - 2016-06-04 14:26 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\Origin
2017-04-27 19:43 - 2014-09-30 18:07 - 00000000 ____D C:\Users\Fritz\AppData\Local\VirtualStore
2017-04-27 16:57 - 2017-03-24 22:12 - 00000000 ____D C:\Users\Fritz\Desktop\bilder
2017-04-26 20:00 - 2014-04-28 13:38 - 00765378 _____ C:\Windows\system32\perfh007.dat
2017-04-26 20:00 - 2014-04-28 13:38 - 00159696 _____ C:\Windows\system32\perfc007.dat
2017-04-26 20:00 - 2014-03-18 17:26 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-26 19:47 - 2016-01-05 20:40 - 00000000 ____D C:\Users\Fritz\AppData\Roaming\TeamViewer
2017-04-26 19:44 - 2016-10-24 13:47 - 00000000 ____D C:\AdwCleaner
2017-04-26 19:44 - 2014-12-31 15:55 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-04-25 21:18 - 2014-09-30 20:03 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-25 19:51 - 2016-08-28 20:06 - 00000000 ____D C:\Users\Fritz\AppData\Local\fabi.me
2017-04-24 19:35 - 2017-02-09 22:06 - 00000000 ____D C:\ProgramData\TruckersMP
2017-04-23 19:13 - 2014-09-30 18:06 - 00000000 ____D C:\Users\Fritz
2017-04-23 18:57 - 2016-12-13 16:44 - 00003184 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-23 18:57 - 2016-05-07 12:50 - 00002370 _____ C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-04-23 18:57 - 2016-05-06 17:18 - 00003192 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2589094953-1922200633-4272172180-1001
2017-04-23 18:56 - 2017-01-21 21:04 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-04-23 18:56 - 2017-01-21 21:04 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-04-23 18:56 - 2016-03-17 16:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-07 14:32 - 2017-01-01 21:21 - 00000000 ____D C:\Users\Fritz\Desktop\Spiele
2017-04-06 15:24 - 2017-03-26 00:37 - 00002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-04 21:16 - 2016-09-16 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-12-23 12:26 - 2015-08-25 08:26 - 0000221 _____ () C:\Users\Fritz\AppData\Roaming\WB.CFG
2017-01-08 19:50 - 2017-01-08 19:50 - 0003584 _____ () C:\Users\Fritz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-01-02 17:36 - 2017-01-02 17:36 - 0000000 ___SH () C:\Users\Fritz\AppData\Local\LumaEmu
2017-03-19 22:23 - 2017-03-19 22:23 - 0002033 _____ () C:\Users\Fritz\AppData\Local\recently-used.xbel
2014-09-30 19:54 - 2017-01-04 15:12 - 0007605 _____ () C:\Users\Fritz\AppData\Local\resmon.resmoncfg
2017-01-15 23:15 - 2016-11-23 15:37 - 0000570 _____ () C:\Users\Fritz\AppData\Local\TroubleshooterConfig.json
2017-02-03 21:35 - 2017-02-03 22:36 - 0000037 _____ () C:\Users\Fritz\AppData\Local\X-Plane Installer.prf
2017-02-03 22:36 - 2017-02-03 22:37 - 0000015 _____ () C:\Users\Fritz\AppData\Local\X-Plane_drm_11.prf
2017-02-03 21:35 - 2017-02-03 21:35 - 0000023 _____ () C:\Users\Fritz\AppData\Local\x-plane_install_11.txt
2017-01-27 14:41 - 2017-01-27 14:41 - 0000000 _____ () C:\Users\Fritz\AppData\Local\{9D140C0B-B1AE-4EFB-B5ED-86199672863D}
2014-11-26 19:40 - 2014-11-26 19:40 - 0000000 _____ () C:\Users\Fritz\AppData\Local\{AEFF9ACD-116D-4505-98DD-5A29BB9CE78B}
2015-02-09 20:03 - 2015-02-09 20:03 - 0000000 _____ () C:\Users\Fritz\AppData\Local\{E3702F5A-940C-4936-A2B2-32C0F23DA403}
2014-08-19 13:09 - 2014-08-19 13:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-01-01 22:48 - 2017-01-01 22:48 - 0000032 _____ () C:\ProgramData\Temp.log
2014-08-19 13:23 - 2014-08-19 13:23 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-08-19 13:20 - 2014-08-19 13:20 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-08-19 13:23 - 2014-08-19 13:23 - 0000032 _____ () C:\ProgramData\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}.log
2014-08-19 13:22 - 2014-08-19 13:22 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-08-19 13:18 - 2014-08-19 13:18 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2014-08-19 13:22 - 2014-08-19 13:22 - 0000032 _____ () C:\ProgramData\{E1646825-D391-42A0-93AA-27FA810DA093}.log
2014-08-19 13:19 - 2014-08-19 13:19 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
2014-08-19 13:20 - 2014-08-19 13:20 - 0000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-04-30 14:26

==================== Ende von FRST.txt ============================

Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-05-2017
durchgeführt von Fritz (01-05-2017 20:01:18)
Gestartet von D:\Downloads
Windows 8.1 (Update) (X64) (2014-09-30 16:07:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2589094953-1922200633-4272172180-500 - Administrator - Disabled)
Fritz (S-1-5-21-2589094953-1922200633-4272172180-1001 - Administrator - Enabled) => C:\Users\Fritz
Gast (S-1-5-21-2589094953-1922200633-4272172180-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2589094953-1922200633-4272172180-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7zip Packages (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\7zip Packages) (Version:  - ) <==== ACHTUNG
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Advanced Omnibus Driver (HKLM-x32\...\{E084E6F2-2B8A-4A71-938F-0C4C808EA439}_is1) (Version: 4.3 - PeDePe)
Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft)
aerosoft's - OMSI 2 - Drei Generationen (HKLM-x32\...\{C88376AA-BF64-40F4-9AD6-F8A18DA394F2}) (Version: 1.10 - aerosoft)
aerosoft's - OMSI 2 - Hamburg (HKLM-x32\...\{5BF6B590-F7F5-46B5-B5F4-B0CA93423AD6}) (Version: 2.01 - aerosoft)
AIDA64 Extreme v5.80 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.80 - FinalWire Ltd.)
AMD Catalyst Install Manager (HKLM\...\{770EA7C3-0B5A-C557-E641-A09244603B84}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ansel (Version: 378.66 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project)
Ashampoo AppLauncher v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 11 v.11.0.4 (HKLM-x32\...\Ashampoo Burning Studio 11_is1) (Version: 11.0.4 - Ashampoo GmbH & Co. KG)
Ashampoo GetBack Photo v.1.0.1 (HKLM-x32\...\Ashampoo GetBack Photo_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo HDD Control 2 v.2.1.0 (HKLM-x32\...\Ashampoo HDD Control 2_is1) (Version: 2.1.0 - Ashampoo GmbH & Co. KG)
Ashampoo Music Studio 4 v.4.0.1 (HKLM-x32\...\Ashampoo Music Studio 4_is1) (Version: 4.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 10 v.10.1.3 (HKLM-x32\...\Ashampoo Photo Commander 10_is1) (Version: 10.1.3 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 5 v.5.1.2 (HKLM-x32\...\Ashampoo Photo Optimizer 5_is1) (Version: 5.1.2 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio HD 2 v.2.0.5 (HKLM-x32\...\Ashampoo Slideshow Studio HD 2_is1) (Version: 2.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 5 v.5.1.5 (HKLM-x32\...\Ashampoo Snap 5_is1) (Version: 5.1.5 - Ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 4 v.4.30 (HKLM-x32\...\Ashampoo UnInstaller 4_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2017 (HKLM-x32\...\{4209F371-6CE9-533C-2CDC-94E053273B35}_is1) (Version: 14.00.04 - Ashampoo GmbH & Co. KG)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Blacklight: Retribution (HKLM\...\Steam App 209870) (Version:  - Hardsuit Labs)
Blender (HKLM\...\{437221A8-91D1-42A0-9E04-0AD64B502374}) (Version: 2.78.1 - Blender Foundation)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version:  - Cheat Engine)
Construction-Simulator 2015 (HKLM-x32\...\Steam App 289950) (Version:  - weltenbauer. Software Entwicklung GmbH)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4430.0 - CyberLink Corp.)
CyberLink PhotoDirector 5 (Version: 5.0.4430.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2230.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2230.0 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dirty Bomb (HKLM\...\Steam App 333930) (Version:  - Splash Damage®)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-402 403 405 406 Series Printer Uninstall (HKLM\...\EPSON XP-402 403 405 406 Series) (Version:  - SEIKO EPSON Corporation)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version:  - SCS Software)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotograf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Galeria de Fotografias (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Gameforge Live 2.0.12 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.12 - Gameforge)
GFACE Launcher (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Hotspot Shield 6.7.1 (HKLM-x32\...\{4f8b3512-f7fa-41c6-9977-ade9d7107247}) (Version: 6.7.1.10444 - AnchorFree Inc.)
Hotspot Shield 6.7.1 (x32 Version: 6.7.1 - AnchorFree Inc.) Hidden
Hotspot Shield 6.7.1 (x32 Version: 6.7.1.10444 - AnchorFree Inc.) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.4.2.0 - GIANTS Software)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 12.6.0.0 - Lightworks)
Line of Sight (HKLM\...\Steam App 436520) (Version:  - BlackSpot Entertainment)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.82 (HKLM\...\Logitech Gaming Software) (Version: 8.82.151 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.558 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.558 - LogMeIn, Inc.) Hidden
Malwarebytes Version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MorphVOX Pro (HKLM-x32\...\{5a385481-7640-4f10-8ca5-04a2030b4623}) (Version: 4.4.65.20341 - Screaming Bee)
MorphVOX Pro (x32 Version: 4.4.65.20341 - Screaming Bee) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
My.com Game Center (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\MyComGames) (Version: 3.194 - My.com B.V.)
Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.0.0.0 - Electronic Arts)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 378.66 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
OMSI 2 - Addon Wien (HKLM-x32\...\{FFAB9F9B-C38C-4FC2-A1EC-1099D2832D18}) (Version: 1.10 - aerosoft)
OMSI 2 (HKLM-x32\...\Steam App 252530) (Version:  - MR-Software GbR)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.8.36918 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
PlanetSide 2 (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\DGC-PlanetSide 2) (Version: 1.0.3.192 - Daybreak Game Company)
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
RaceRoom Racing Experience  (HKLM\...\Steam App 211500) (Version:  - Sector3 Studios)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.7.8 - Razer Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.6.8.66 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.804 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
SCANIA Truck Driving Simulator 1.0.0 (HKLM-x32\...\SCANIA Truck Driving Simulator) (Version: 1.0.0 - SCS Software)
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Shotcut (HKLM-x32\...\Shotcut) (Version:  - )
SketchUp 2017 (HKLM\...\{3A83073A-B35A-4497-8DD0-5542C36E052E}) (Version: 17.0.18899 - Trimble Navigation Limited)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spintires (HKLM\...\Steam App 263280) (Version:  - Oovee® Game Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
TP-LINK Archer T2U_T2UH Driver (HKLM-x32\...\{F2496892-5295-4208-AB93-21F1AFD07C97}) (Version: 1.3.1 - TP-LINK)
TP-LINK TL-WN725N_TL-WN723N Treiber (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Train Simulator (HKLM\...\Steam App 24010) (Version:  - Dovetail Games)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Unity Web Player (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS)
Valokuvavalikoima (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
VirtualDJ 8 (HKLM-x32\...\{1D8DF06F-CCAB-437E-8C99-8D741D04CE74}) (Version: 8.2.3398.0 - Atomix Productions)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Warface My.Com (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\Warface My.Com) (Version: 1.34 - My.com B.V.)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
Zula Europe (HKLM\...\Steam App 513650) (Version:  - Madbyte Games)
S?????? f?t???af??? (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1EC06144-9468-D082-12F1-B1EF85889A47} => Keine Datei
CustomCLSID: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Fritz\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2589094953-1922200633-4272172180-1001_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {58E99A66-9468-D082-300A-98A985889A47} => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02B407E2-29F7-4ACA-903B-DC14349370AF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-10] (NVIDIA Corporation)
Task: {06B784D0-9B74-479A-9AF5-BFF1B14D1F6D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-27] (Adobe Systems Incorporated)
Task: {1F1C5716-E9C5-4BF3-8AB0-92CE10A02CF2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {25B5FD24-88F0-4BEE-80AF-C99AC02B00EF} - System32\Tasks\Overwolf Updater Task => D:\Programme\Over\Overwolf\OverwolfUpdater.exe 
Task: {2CA4DAD2-8795-4612-96F7-D25B49B0CDED} - System32\Tasks\{B5C2F6FB-8006-4263-BACB-0047260886B2} => pcalua.exe -a D:\Programme\EHE\everesthome220.exe -d D:\Programme\EHE
Task: {34E301E1-48A7-4EBA-98A0-1542446D3977} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2014-05-27] (CyberLink Corp.)
Task: {3623BA5F-8512-4880-93D6-AD5968B446AC} - System32\Tasks\journalaboutlifeorgscopem => Chrome.exe journalaboutlife.org/scopem <==== ACHTUNG
Task: {47469224-54DB-4834-82CC-D07F6ADF918A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-10] (NVIDIA Corporation)
Task: {5DB13895-23E2-468A-B550-20B318320CA1} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12] (Oracle Corporation)
Task: {73E73DA3-EC78-46D2-8D85-263A4876E759} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-10] (NVIDIA Corporation)
Task: {8E5A6E72-EAED-4331-A53B-8B82684541CF} - System32\Tasks\{11B5C937-AACC-4DDD-B169-DA6C351787DF} => pcalua.exe -a D:\Downloads\forge-1.7.10-10.13.4.1558-1.7.10-installer-win.exe
Task: {A231A173-2493-4BC5-B017-C55ED36751DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {A9AC5491-BA37-422F-982B-F07F7A470C21} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {B2317746-99DE-4679-AB30-4B3DD4615C89} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-10] (NVIDIA Corporation)
Task: {B8E9E83E-CCE3-4483-865C-AF88A8194E71} - System32\Tasks\{50DBF8D4-40C6-41E5-B84F-9C64C7CA416B} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{5BF6B590-F7F5-46B5-B5F4-B0CA93423AD6}\setup.exe" -c -runfromtemp -l0x0007 -uninst -removeonly
Task: {BC2116DD-E2C3-418A-AC1B-860B738A3118} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-26] (Google Inc.)
Task: {C3856F8C-D2A3-4686-8496-C21724E05E28} - System32\Tasks\AutoPico Daily Restart => D:\Spiele\KMSpico\AutoPico.exe [2015-12-02] (@ByELDI)
Task: {CA8E826E-7664-4A33-947F-7AFA98699724} - System32\Tasks\{D8F0B4BF-BC21-480B-83A4-2A87254A2F8E} => Chrome.exe hxxp://ui.skype.com/ui/0/7.24.0.104/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {D04AD4D5-652C-48B5-91F7-908F89CFA9FE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-10] (NVIDIA Corporation)
Task: {D5D35B28-EE6D-4048-B5CE-172F4D88D04A} - System32\Tasks\{3C52AA0E-ACAB-4535-88EF-7701777DAB15} => pcalua.exe -a "D:\Spiele\Flughafen-Feuerwehr-Simulator 2013\unins000.exe"
Task: {D93E1DA5-0A6F-4589-A073-8AC166EECDC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-26] (Google Inc.)
Task: {F2369E7C-AF34-4637-A25D-B1E444AD0DB1} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe 
Task: {FE19AD68-A327-4360-9F41-23D1DAC3CB5C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-10] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\Fritz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-02-28 19:32 - 2017-02-10 00:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-19 13:32 - 2012-07-30 11:48 - 01518504 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
2017-02-28 19:33 - 2017-02-10 02:52 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-28 19:33 - 2017-02-10 02:52 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-02-28 19:33 - 2017-02-10 02:52 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-10-31 21:45 - 2016-10-31 21:45 - 00592384 _____ () C:\Users\Fritz\AppData\Local\MEGAsync\ShellExtX64.dll
2016-09-25 01:20 - 2016-09-25 01:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-08-19 13:22 - 2012-08-08 22:36 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-03-30 19:17 - 2016-03-30 19:17 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-03-30 19:17 - 2016-03-30 19:17 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-02-08 04:52 - 2017-02-08 04:52 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-06-15 04:39 - 2016-06-15 04:39 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2017-04-21 15:53 - 2017-04-21 15:53 - 00166520 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
2017-02-28 19:33 - 2017-02-10 02:52 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-02-28 19:33 - 2017-02-10 02:52 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-02-28 19:33 - 2017-02-10 02:52 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-28 19:33 - 2017-02-10 02:52 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-02-28 19:33 - 2017-02-10 02:52 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-02-28 19:33 - 2017-02-10 02:52 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-02-28 19:33 - 2017-02-10 02:52 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-02-28 19:33 - 2017-02-10 02:52 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2017-02-28 19:33 - 2017-02-10 02:52 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-02-28 19:33 - 2017-02-10 02:52 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2017-02-11 00:23 - 2017-02-11 00:23 - 00144896 _____ () C:\Users\Fritz\AppData\Local\MyComGames\zlib1.dll
2017-02-11 00:23 - 2017-02-11 00:23 - 00076176 _____ () C:\Users\Fritz\AppData\Local\MyComGames\pxd.dll
2017-02-11 00:23 - 2017-02-11 00:23 - 00186256 _____ () C:\Users\Fritz\AppData\Local\MyComGames\LightUpdate.dll
2017-02-11 00:23 - 2017-03-13 14:24 - 02411408 _____ () C:\Users\Fritz\AppData\Local\MyComGames\BigUp2.dll
2016-05-23 20:36 - 2016-05-23 20:36 - 48962048 _____ () C:\Users\Fritz\AppData\Local\MyComGames\Chrome\3.2623.1401\libcef.dll
2016-04-13 10:38 - 2016-04-13 10:38 - 00482304 _____ () C:\Users\Fritz\AppData\Local\MEGAsync\libsodium.dll
2016-07-21 12:43 - 2016-07-21 12:43 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-08-23 13:27 - 2015-08-27 23:30 - 40622592 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll
2017-02-28 20:43 - 2016-08-19 17:12 - 00149352 _____ () D:\Programme\Razer\Razer Cortex\SimbaDeviceControl.dll
2017-02-28 20:43 - 2016-09-28 19:31 - 00989176 _____ () D:\Programme\Razer\Razer Cortex\Cef\CefSharp.Core.dll
2017-02-28 20:43 - 2016-09-28 19:31 - 51063432 _____ () D:\Programme\Razer\Razer Cortex\Cef\libcef.dll
2017-03-08 22:19 - 2016-09-07 22:42 - 50656768 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2017-03-08 22:19 - 2016-09-07 22:42 - 01874944 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2017-03-08 22:19 - 2016-09-07 22:42 - 00075264 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2016-08-23 13:27 - 2015-08-27 23:30 - 00911360 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll
2016-08-23 13:27 - 2015-08-27 23:30 - 00134144 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll
2017-02-28 20:43 - 2016-09-28 19:31 - 00659640 _____ () D:\Programme\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.Core.dll
2017-02-28 20:43 - 2016-09-28 19:31 - 01897704 _____ () D:\Programme\Razer\Razer Cortex\Cef\libglesv2.dll
2017-02-28 20:43 - 2016-09-28 19:31 - 00082216 _____ () D:\Programme\Razer\Razer Cortex\Cef\libegl.dll
2017-02-28 20:44 - 2016-09-07 22:42 - 50656768 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzFpsApplet\cef\libcef.dll
2017-02-28 20:44 - 2016-09-07 22:42 - 01874944 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzFpsApplet\cef\libglesv2.dll
2017-02-28 20:44 - 2016-09-07 22:42 - 00075264 _____ () C:\Users\Fritz\AppData\Local\razer\InGameEngine\cache\RzFpsApplet\cef\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\Users\Fritz:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2017-03-11 19:00 - 00000002 _____ C:\Windows\system32\Drivers\etc\hosts



==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 5.8.8.85 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\StartupFolder: => "TP-LINK-Konfigurationstool.lnk"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\StartupFolder: => "Product Registration.lnk"
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "Memestar Update Checker (Inactive)"
HKU\S-1-5-21-2589094953-1922200633-4272172180-1001\...\StartupApproved\Run: => "gflauncher"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{FFC0F777-525B-4416-8BC1-E5B95DBB29E8}] => (Allow) LPort=2869
FirewallRules: [{7444B070-8E08-48C8-A0B1-22DE9F908422}] => (Allow) LPort=1900
FirewallRules: [{E1130690-19CB-4121-AF72-AAF876DEBB04}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{A9650492-3927-400A-9603-D8ED4E7CBCDD}] => (Allow) C:\Users\Fritz\steam\Steam.exe
FirewallRules: [{5D86B1CC-8C89-457B-97C2-9A864B0059D2}] => (Allow) C:\Users\Fritz\steam\Steam.exe
FirewallRules: [{46E30189-3D71-46B8-894F-2F6291A3D9CB}] => (Allow) D:\cbad7ef91886080c4c6a9230\Steam\Steam.exe
FirewallRules: [{D7D4653A-0B77-439D-B8AD-7E146D5BF93B}] => (Allow) D:\cbad7ef91886080c4c6a9230\Steam\Steam.exe
FirewallRules: [TCP Query User{9058F47D-16BE-46E5-9C55-8CF79E609E0C}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{1C0BFDEA-5735-42D6-8B8A-EF7BD2B1E6C6}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D99646E2-75C2-4AD0-BAB1-B9A31DD46416}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{986662C3-FF79-4B70-907B-B13892DDBDF9}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{B18A85E1-32DF-49C6-B28B-02DF377071F7}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{E47A500C-7A39-464C-99D5-A437D09B5ED1}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{6E54DAC6-EC1B-464A-8433-5AA0B1A3D5A5}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{E28D9B69-85E5-4943-9CBD-76F24633AC4F}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{D29A0904-6032-4C17-AEC2-578A6A30A933}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{1D9BEBB8-A104-419C-B2BB-0C52A01CE910}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{42E81CC3-4F47-4767-85B3-E305FF3481F3}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{B301D72A-7363-4348-A136-8828E383DAFC}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{47F10786-BFFF-4D84-AB8A-4191302FF1AD}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{83692087-1BCB-47CC-B5C4-E29551BD501B}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{8A055C27-F908-4ABF-8A45-738C6BF8991B}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{535F425E-CBC0-41B4-86E7-4BFB372D464C}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{16E65E5F-0736-415C-876A-C08989BDB2B6}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{8E215670-A1A8-4DE0-82E0-A66F67EA6E5D}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{DE2CA8C9-A7E7-4B2F-BD4F-A91C0FBDCA62}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{11D3D38D-3639-4C5D-98BD-BBD96048BD58}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{9AD5D8F0-2A15-4DA6-9FA9-C03963B11B8B}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{F3BB5A70-8781-4687-8453-7A2E6C9F740B}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{4978C2E6-7B14-4B11-A93B-F6BFF49B27C1}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{FF276E89-B354-4B1D-8836-989E95CF81A6}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{83ACC1AF-D0DF-491E-AA89-F03672540946}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{758064E0-3E29-48CB-83A6-DFB0A1D3634E}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RTLDHCP.exe
FirewallRules: [{F36E10F2-83E1-4040-A059-DA3C101FD4BD}] => (Allow) D:\staem.de\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{9EDE79B4-A25E-4263-B987-128297282D63}] => (Allow) D:\staem.de\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{7A4F4F37-E052-4A1F-B30F-081F40552858}] => (Allow) D:\staem.de\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{88B4732A-FED6-452E-BAB3-4907427CB4CF}] => (Allow) D:\staem.de\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{8B4F7E88-DE04-4B8A-808E-433DE2121530}] => (Allow) E:\ETS2 NEU\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D2CAC890-BD5A-4B18-970C-937AD25E2EAE}] => (Allow) E:\ETS2 NEU\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C91492AC-43AD-4F8A-9DFA-E3F9A337D3A3}] => (Allow) E:\ETS2 NEU\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{6E92F3EB-8C6F-4A3A-9CFF-59104F0DF5D6}] => (Allow) E:\ETS2 NEU\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [TCP Query User{1A5C5E4C-10EE-4776-BD52-34ADFC4C5BF5}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{E440EE6C-9661-4502-A800-A7D0CFC11133}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{4B4CB57F-92E0-47B1-B796-B34D3F0E2928}D:\spiele\tmnationsforever\tmforever.exe] => (Allow) D:\spiele\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{AD0B1924-F1C6-4907-B8DB-7A9D2D871352}D:\spiele\tmnationsforever\tmforever.exe] => (Allow) D:\spiele\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{0C2D5200-F2EE-474F-9C57-1D68A1E6D668}D:\spiele\tmnationsforever\tmforever.exe] => (Block) D:\spiele\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{9A7DFE99-A5E2-4DDE-AACE-E5181904E14A}D:\spiele\tmnationsforever\tmforever.exe] => (Block) D:\spiele\tmnationsforever\tmforever.exe
FirewallRules: [{353B94D8-FFD3-4C21-B1A7-C6ACE640683D}] => (Allow) D:\staem.de\Steam\steamapps\common\ConSim2015\ConSim2015.exe
FirewallRules: [{931F2755-9A13-4FC7-8688-D87E98166DCB}] => (Allow) D:\staem.de\Steam\steamapps\common\ConSim2015\ConSim2015.exe
FirewallRules: [{CFA1A9FA-B26C-48E5-A8A0-34D657931AB1}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe
FirewallRules: [{2E1F08CB-5B01-4760-B90B-2173004C56CE}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe
FirewallRules: [{B1811997-354B-469F-8ADE-51A22BE511EC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{BD3183D1-7B59-492A-9F04-FA9CB4EF3E1D}] => (Allow) D:\Spiele\NFS\Need for Speed\NFS16.exe
FirewallRules: [{DD0F7A7F-9DD3-4211-B865-A4E98F81DECA}] => (Allow) D:\Spiele\NFS\Need for Speed\NFS16.exe
FirewallRules: [{3ACC4120-C2AD-40C7-8DCA-C487A4AA17EF}] => (Allow) D:\Spiele\NFS\Need for Speed\NFS16_trial.exe
FirewallRules: [{A79EEF7F-C02F-4FEB-9E4F-237EDE9F8457}] => (Allow) D:\Spiele\NFS\Need for Speed\NFS16_trial.exe
FirewallRules: [TCP Query User{E43ABAE4-04D3-46BB-83A5-7D7822953785}D:\spiele\nfs\need for speed\nfs16.exe] => (Block) D:\spiele\nfs\need for speed\nfs16.exe
FirewallRules: [UDP Query User{3EFDB123-7955-4B97-A777-B4520C332DF0}D:\spiele\nfs\need for speed\nfs16.exe] => (Block) D:\spiele\nfs\need for speed\nfs16.exe
FirewallRules: [{655D3060-B334-4E32-95D5-D2CD5BD7B96B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{4DF27530-63A8-412B-B6FB-B3B4CECD1E34}D:\spiele\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) D:\spiele\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [UDP Query User{01583D0F-C8A8-4FD2-B1D8-1DBD26A81C42}D:\spiele\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) D:\spiele\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [{0A9BEE98-15D4-490B-9A4B-870C3E5F817E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B61BB212-F192-4A76-8FD4-DE2AC746EB21}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CA7732F6-E90D-4C89-8FDA-4F694BAF23AC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FE84EBDA-7A82-4359-88C8-D83550016CE7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6289CEAB-0389-45B8-9A6C-09EDB2E26771}] => (Allow) D:\staem.de\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe
FirewallRules: [{2F199068-4308-4C26-B0CB-42844B45D59D}] => (Allow) D:\staem.de\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe
FirewallRules: [{0CA6FFA4-60C7-44BD-AD93-08B903D23C21}] => (Allow) D:\staem.de\Steam\steamapps\common\blacklightretribution\Binaries\Win32\FoxGame-win32-Shipping.exe
FirewallRules: [{BCAA94CF-FE46-49F8-B477-0D403DD4E65F}] => (Allow) D:\staem.de\Steam\steamapps\common\blacklightretribution\Binaries\Win32\FoxGame-win32-Shipping.exe
FirewallRules: [{9F994B97-C62F-4280-913E-350EB4047197}] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{099A161F-9056-41EC-9765-1BCB77845FEB}] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D637AC00-4295-4950-B95A-61EEE0FC17AD}] => (Allow) LPort=25565
FirewallRules: [{1A12DDCA-BB03-4B34-92B1-C6C11AE203E4}] => (Allow) D:\staem.de\Steam\steamapps\common\Zula EU\zula_launcher.exe
FirewallRules: [{D187E17D-1AFC-457B-BE47-E993AF1825F4}] => (Allow) D:\staem.de\Steam\steamapps\common\Zula EU\zula_launcher.exe
FirewallRules: [TCP Query User{BE6AEAF9-E8A1-4EDC-BC9E-65684FF2E1BF}D:\staem.de\steam\steamapps\common\omsi 2\omsiplugin.exe] => (Allow) D:\staem.de\steam\steamapps\common\omsi 2\omsiplugin.exe
FirewallRules: [UDP Query User{754ED3E4-8611-4EEA-8AC4-ABC19552926C}D:\staem.de\steam\steamapps\common\omsi 2\omsiplugin.exe] => (Allow) D:\staem.de\steam\steamapps\common\omsi 2\omsiplugin.exe
FirewallRules: [{67922556-1DD0-4805-B212-BB83196156C5}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{CB0554F5-ACD8-41CE-A4F3-FAAD4306630C}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{560D6E29-71EA-4446-B7BD-18682E1C4C68}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{E30EA182-1F1B-4C70-ABA0-E8AFDA7FBDF6}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{E244783D-B274-4BF8-AED0-017C85CA80C9}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{E570F06E-B6C1-4F80-9608-EDF53867AB39}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{302F3006-3740-42E8-A818-6067E7FA4576}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{71A64C1C-F7B3-4ED1-A2CD-72145A2A3483}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{C1D1DBB8-5694-4116-89BC-79F1F6B3D0A5}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{C6200C32-71F4-414F-A388-6434881D7440}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{75B6DEA5-9D8A-49D8-B587-D95ED9E35DCB}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{4CBF261A-C4C7-49B2-A28B-253C442CD5C6}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{CA212F62-5F2E-4C6F-A11E-4BDDC0635525}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{A4C76A25-1962-4BCB-8E8D-5F22E96E0051}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{CFCB03A3-123E-4E86-9D46-83EFECC5D607}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{DD415E41-1CD6-4000-8519-1464BDCA85FF}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [{6C07D6DB-CFD9-4CCE-A239-771A8127F7E3}] => (Allow) Advanced Omnibus Driver Plugin
FirewallRules: [TCP Query User{83744070-C77B-4803-931D-5D7CD436A463}D:\spiele\world_of_tanks\worldoftanks.exe] => (Allow) D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{16859025-1EF8-4937-9197-F20BBFE34B33}D:\spiele\world_of_tanks\worldoftanks.exe] => (Allow) D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [{4996CB76-C202-4DCB-A74D-EAC004F1C60F}] => (Allow) D:\Spiele\GameforgeLive\gfl_client.exe
FirewallRules: [{0DA3B126-6FB9-4EED-8E0A-2C293D30E05F}] => (Allow) D:\staem.de\Steam\Steam.exe
FirewallRules: [{4EDE1659-97CE-4B11-87C8-9B7478D59372}] => (Allow) D:\staem.de\Steam\Steam.exe
FirewallRules: [{AB1E843E-9D6A-4219-A5F6-AFC9798C265E}] => (Allow) D:\staem.de\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{953A51A8-DC81-43E3-9104-8AFC41557105}] => (Allow) D:\staem.de\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{2060B6B9-ADA0-4148-998B-3C601758D02E}D:\spiele\world_of_tanks\wotlauncher.exe] => (Block) D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{94471A63-A1DC-492F-B143-E1AA8A989429}D:\spiele\world_of_tanks\wotlauncher.exe] => (Block) D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{64C6DF76-FD33-4F4B-80A3-EBB960B9C6E1}D:\garrysmod.exe] => (Allow) D:\garrysmod.exe
FirewallRules: [UDP Query User{31FD5525-888A-48D0-B6C6-113CDD1B6B9F}D:\garrysmod.exe] => (Allow) D:\garrysmod.exe
FirewallRules: [{E45132F8-9235-45DE-917A-7D96B4D18F89}] => (Allow) D:\staem.de\Steam\steamapps\common\OMSI 2\Omsi.exe
FirewallRules: [{E95273D5-60A2-4106-B6AA-0CC7AD78A47E}] => (Allow) D:\staem.de\Steam\steamapps\common\OMSI 2\Omsi.exe
FirewallRules: [TCP Query User{44EB2550-F00F-40BE-B683-01E400BFC62F}D:\spiele\planetside2_x64.exe] => (Allow) D:\spiele\planetside2_x64.exe
FirewallRules: [UDP Query User{FF4C42DA-24C6-482A-85B6-96FA68FAF2DC}D:\spiele\planetside2_x64.exe] => (Allow) D:\spiele\planetside2_x64.exe
FirewallRules: [{79DFB3B2-0E0B-46B0-8193-6001D3983D09}] => (Allow) D:\staem.de\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{08A492BF-6B87-44D1-9C8B-AA029C81069E}] => (Allow) D:\staem.de\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [TCP Query User{6AB5431C-6F75-4EBA-9BE4-93730AB7B0ED}C:\users\fritz\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\fritz\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{3F80C7B5-F93B-44E2-9BF0-71DE6C085C65}C:\users\fritz\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\fritz\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{686806E4-EF12-4994-9BB1-AFFA18961BE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{8A28F1EA-35E0-4958-8518-96FF425E1E18}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0E2131BC-1AC1-47DF-8AF6-502148E98A77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{8A47EDEE-763A-4DE1-8756-8D5A4BD0FFF9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8290EA43-CF24-4DA1-A872-B962B6B6EBAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AFBD03E4-822E-44BA-A9AA-609CA53BB6AB}] => (Allow) D:\staem.de\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{87C06EB8-5EFB-48D4-BB8C-1F71775CECB6}] => (Allow) D:\staem.de\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [TCP Query User{29F4CB74-70DD-4B50-A38B-CAE9D695D3C1}D:\staem.de\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) D:\staem.de\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe
FirewallRules: [UDP Query User{640EC7D4-CEE5-40F4-ACAA-DF35B966FC2E}D:\staem.de\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) D:\staem.de\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe
FirewallRules: [TCP Query User{E9429EE0-3AA0-4EA6-9902-A2EFBD75B5C0}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{CFF28640-AFC3-490B-9DD2-292C8E01CD49}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{DC4885AA-1800-40BA-946E-0E8DD8455364}C:\users\fritz\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\fritz\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{524A21D5-EA7C-49D4-BCA2-7A2C4EC76C69}C:\users\fritz\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\fritz\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{A50E4149-0DC0-4A3B-B06D-7241A17149A3}] => (Allow) D:\staem.de\Steam\steamapps\common\Line of Sight\Binaries\Win32\LSGame_BE.exe
FirewallRules: [{790C28BD-6F9C-42E8-900E-0A172BAA4303}] => (Allow) D:\staem.de\Steam\steamapps\common\Line of Sight\Binaries\Win32\LSGame_BE.exe
FirewallRules: [{4E9BAE2E-6BAF-4603-A96B-2F1BD252D26D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D1647F80-C232-48BF-ACE5-9AF1A0ADAC3A}] => (Allow) D:\staem.de\Steam\steamapps\common\RailWorks\RailWorks.exe
FirewallRules: [{C3B8CC61-98E7-496E-B06F-85D3E23DDDC2}] => (Allow) D:\staem.de\Steam\steamapps\common\RailWorks\RailWorks.exe
FirewallRules: [TCP Query User{20C994E8-2315-4340-91FE-187FA4E99140}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{9D79506A-48EB-47A5-B7DB-194AFD954744}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{5BB2D4BE-A470-446C-A319-05A6D11AE23B}] => (Allow) D:\staem.de\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{D9F0273C-31E3-41A2-9577-313CEC76F43B}] => (Allow) D:\staem.de\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{D4D0B0C5-C847-46D1-BA6A-81B44AA53BE7}] => (Allow) D:\staem.de\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{F5C6D476-ACF6-41BE-86F2-FC6FF4C2CB18}] => (Allow) D:\staem.de\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{1D4D353F-0F08-4B96-B0BB-AC8D0194BDB0}] => (Allow) D:\staem.de\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{25A27F21-3F97-4B38-95C7-B4E80ADAAC31}] => (Allow) D:\staem.de\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe

==================== Wiederherstellungspunkte =========================

30-04-2017 15:02:16 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/01/2017 07:51:48 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (05/01/2017 07:49:10 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2005) (User: NT-AUTORITÄT)
Description: There was an error communicating to the Orion DCS server

Error: (05/01/2017 05:50:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FarmingSimulator2015Game.exe, Version 6.0.2.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2470

Startzeit: 01d2c2929939c118

Endzeit: 67

Anwendungspfad: D:\Spiele\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe

Berichts-ID: ea6a692b-2e85-11e7-84b8-c03fd5aa9ee7

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/01/2017 03:08:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FarmingSimulator2015Game.exe, Version: 6.0.2.0, Zeitstempel: 0x56975dfc
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18438, Zeitstempel: 0x57ae642e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f1b70
ID des fehlerhaften Prozesses: 0x21d4
Startzeit der fehlerhaften Anwendung: 0x01d2c27a72965680
Pfad der fehlerhaften Anwendung: D:\Spiele\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: 445d1c38-2e6f-11e7-84b8-c03fd5aa9ee7
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/01/2017 02:24:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Game.exe, Version: 1.14700.103.34300, Zeitstempel: 0x58f86e6b
Name des fehlerhaften Moduls: D3DREF9.DLL_unloaded, Version: 0.0.0.0, Zeitstempel: 0x58678739
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ab15
ID des fehlerhaften Prozesses: 0x2d24
Startzeit der fehlerhaften Anwendung: 0x01d2c275ba4d012b
Pfad der fehlerhaften Anwendung: D:\MyGames\Warface My.Com\Bin32Release\Game.exe
Pfad des fehlerhaften Moduls: D3DREF9.DLL
Berichtskennung: 2439a68d-2e69-11e7-84b8-c03fd5aa9ee7
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/01/2017 02:23:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Game.exe, Version: 1.14700.103.34300, Zeitstempel: 0x58f86e6b
Name des fehlerhaften Moduls: D3DREF9.DLL, Version: 0.0.0.0, Zeitstempel: 0x58678739
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000012a5
ID des fehlerhaften Prozesses: 0x2d24
Startzeit der fehlerhaften Anwendung: 0x01d2c275ba4d012b
Pfad der fehlerhaften Anwendung: D:\MyGames\Warface My.Com\Bin32Release\Game.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\D3DREF9.DLL
Berichtskennung: fe3dfbb1-2e68-11e7-84b8-c03fd5aa9ee7
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/01/2017 02:23:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Game.exe, Version: 1.14700.103.34300, Zeitstempel: 0x58f86e6b
Name des fehlerhaften Moduls: D3DREF9.DLL, Version: 0.0.0.0, Zeitstempel: 0x58678739
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000012a5
ID des fehlerhaften Prozesses: 0x2d24
Startzeit der fehlerhaften Anwendung: 0x01d2c275ba4d012b
Pfad der fehlerhaften Anwendung: D:\MyGames\Warface My.Com\Bin32Release\Game.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\D3DREF9.DLL
Berichtskennung: fe0fde10-2e68-11e7-84b8-c03fd5aa9ee7
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/01/2017 02:23:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Game.exe, Version: 1.14700.103.34300, Zeitstempel: 0x58f86e6b
Name des fehlerhaften Moduls: D3DREF9.DLL, Version: 0.0.0.0, Zeitstempel: 0x58678739
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000012a5
ID des fehlerhaften Prozesses: 0x2d24
Startzeit der fehlerhaften Anwendung: 0x01d2c275ba4d012b
Pfad der fehlerhaften Anwendung: D:\MyGames\Warface My.Com\Bin32Release\Game.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\D3DREF9.DLL
Berichtskennung: fde0fd68-2e68-11e7-84b8-c03fd5aa9ee7
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/01/2017 02:23:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Game.exe, Version: 1.14700.103.34300, Zeitstempel: 0x58f86e6b
Name des fehlerhaften Moduls: D3DREF9.DLL, Version: 0.0.0.0, Zeitstempel: 0x58678739
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000012a5
ID des fehlerhaften Prozesses: 0x2d24
Startzeit der fehlerhaften Anwendung: 0x01d2c275ba4d012b
Pfad der fehlerhaften Anwendung: D:\MyGames\Warface My.Com\Bin32Release\Game.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\D3DREF9.DLL
Berichtskennung: fdb26aec-2e68-11e7-84b8-c03fd5aa9ee7
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/01/2017 02:23:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Game.exe, Version: 1.14700.103.34300, Zeitstempel: 0x58f86e6b
Name des fehlerhaften Moduls: D3DREF9.DLL, Version: 0.0.0.0, Zeitstempel: 0x58678739
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000012a5
ID des fehlerhaften Prozesses: 0x2d24
Startzeit der fehlerhaften Anwendung: 0x01d2c275ba4d012b
Pfad der fehlerhaften Anwendung: D:\MyGames\Warface My.Com\Bin32Release\Game.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\D3DREF9.DLL
Berichtskennung: fd84ea86-2e68-11e7-84b8-c03fd5aa9ee7
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (05/01/2017 07:59:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (05/01/2017 07:59:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (05/01/2017 07:05:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneVideo

Error: (05/01/2017 07:05:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneVideo

Error: (05/01/2017 07:05:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.BingNews

Error: (05/01/2017 07:05:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneVideo

Error: (05/01/2017 07:05:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.MicrosoftMinesweeper

Error: (05/01/2017 07:05:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.BingNews

Error: (05/01/2017 07:05:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.BingNews

Error: (05/01/2017 07:05:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneVideo


CodeIntegrity:
===================================
  Date: 2016-07-04 15:44:38.593
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Fritz\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-04 15:44:38.433
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Programme\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-04 15:42:12.993
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Users\Fritz\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-04 15:42:12.811
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Programme\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8144.42 MB
Verfügbarer physikalischer RAM: 5314.4 MB
Summe virtueller Speicher: 9872.42 MB
Verfügbarer virtueller Speicher: 6826.79 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:57.91 GB) (Free:2.54 GB) NTFS
Drive d: (Data) (Fixed) (Total:871.39 GB) (Free:448.15 GB) NTFS
Drive e: (Recover) (Fixed) (Total:40.03 GB) (Free:19.5 GB) NTFS
Drive g: (FarmingSimulator) (CDROM) (Total:1.91 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 59.6 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus · 01.05.2017, 19:29

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

7zip Packages

Java 8 Update 121 (64-bit)

Java 8 Update 121

KMSpico
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

26.04.2017, 20:54	#13
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Chrome öffnet ständig Seite namens: x.24.jquery11.com Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken __________________ Logfiles bitte immer in CODE-Tags posten

Chrome öffnet ständig Seite namens: x.24.jquery11.com

Plagegeister aller Art und deren Bekämpfung: Chrome öffnet ständig Seite namens: x.24.jquery11.com